{"id":21868,"date":"2025-09-24T18:02:06","date_gmt":"2025-09-24T18:02:06","guid":{"rendered":"https:\/\/codegen.com\/blog\/?p=21868"},"modified":"2025-09-24T18:34:27","modified_gmt":"2025-09-24T18:34:27","slug":"codegen-on-prem-deployment","status":"publish","type":"post","link":"https:\/\/codegen.com\/blog\/codegen-on-prem-deployment\/","title":{"rendered":"Codegen On-Prem Deployment: Bring the OS for Code Agents In House"},"content":{"rendered":"\n<p>If your organization can\u2019t move code or logs outside its network, you shouldn\u2019t have to sit out the agent era.<\/p>\n\n\n\n<p>Today we\u2019re introducing Codegen on-prem \u2014 the same <a href=\"https:\/\/codegen.com\/blog\/introducing-codegen-3-the-operating-system-for-code-agents\/\">operating system for code agents<\/a> that powers our cloud, packaged for your Kubernetes. Install with Helm, keep all code and telemetry inside your environment, use your model API keys, and enforce your policies.<\/p>\n\n\n\n<p>So how does on-prem deployment work, who benefits most from it, and what makes Codegen\u2019s approach the right fit for modern engineering teams?<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-is-on-premises-deployment\">What is on-premises deployment?\u00a0<\/h2>\n\n\n\n<p>On-premises deployment means the stack runs inside your own facilities or data centers, not in a vendor\u2019s cloud. You procure the hardware and network, install and operate the software, and keep code and data within your physical and legal boundary.&nbsp;<\/p>\n\n\n\n<p><strong>The upside is full control<\/strong>. You can customize the environment end-to-end, enforce your security policies, and meet strict regulatory requirements with direct access to the systems that hold your IP. <strong>The trade-off is ownership of the entire lifecycle<\/strong> \u2014 capacity planning, purchasing, installation, patching, upgrades, monitoring, and security all sit with your team.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-who-benefits-from-on-prem\">Who benefits from on-prem<\/h2>\n\n\n\n<p>On-prem is a fit when code and telemetry must stay in-region or on site; when audits, industry rules, or internal policies prohibit external processing; or when the network itself is constrained (strict egress, private services, even fully air-gapped).&nbsp;<\/p>\n\n\n\n<p>In short: if \u201ckeep it in house\u201d is non-negotiable, on-prem is the straightforward path.&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Data residency \/ sovereignty: <\/strong>code and telemetry must remain in-region or in-house.<\/li>\n\n\n\n<li><strong>Regulatory and audit pressure: <\/strong>finance, healthcare, public sector, or any org with rigorous approvals.<\/li>\n\n\n\n<li><strong>IP sensitivity: <\/strong>proprietary models, unreleased features, or high-value codebases.<\/li>\n\n\n\n<li><strong>Network constraints:<\/strong> private services, strict egress, or air-gapped environments.<\/li>\n\n\n\n<li><strong>Operational integration:<\/strong> reuse of existing IAM, KMS\/HSM, SIEM, proxies, and deployment processes.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-how-codegen-on-prem-delivers\">How Codegen on-prem delivers<\/h2>\n\n\n\n<p>Codegen is an OS for code agents: it gives agents a safe runtime, orchestrates concurrent work, <a href=\"https:\/\/codegen.com\/blog\/mcp-for-claude-cline-and-cursor\/\">connects them to the tools engineers use<\/a> daily, and records what happened with enough detail to trust the outcome.&nbsp;<\/p>\n\n\n\n<p><strong>On-prem is a Kubernetes-native platform<\/strong>. You install with Helm charts, manage configuration in values.yaml, and use the same GitOps and CI\/CD workflows you already rely on.&nbsp;<\/p>\n\n\n\n<p><strong>Data stays put<\/strong>. Repositories, artifacts, logs, prompts, and agent trajectories live in your environment. If you need to route traffic through proxies or pin egress to specific destinations, you do that with your network policy and admission controls, not ours. And because model choice is yours, you bring your own API keys for the LLMs you use.&nbsp;<\/p>\n\n\n\n<p><strong>Keys are managed locally and rotated on your schedule<\/strong>, with request routing that respects your security boundaries. If you prefer customer-managed keys (BYOK\/CMEK) backed by your HSM or cloud KMS, that\u2019s supported too \u2014 along with clear docs on what the keys protect and where they live.<\/p>\n\n\n\n<p><strong>Security posture is opinionated but transparent<\/strong>. Pods run under restricted policies with minimal capabilities and node isolation where practical. Policies are enforced at admission and at runtime using mechanisms you can audit (e.g., OPA\/Gatekeeper for egress allowlists, trusted registries, and image provenance; RBAC for least-privilege).&nbsp;<\/p>\n\n\n\n<p>The point is simple: you control the guardrails, and the platform fits into them cleanly.<\/p>\n\n\n\n<p><strong>Observability is first-class. <\/strong>Codegen ships OpenTelemetry traces, metrics, and logs across agents, sandboxes, integrations, and check suites. We include ready-to-import \u201cgolden signal\u201d dashboards and practical alert suggestions so SREs can see load, latency, and error profiles without reverse-engineering the system.&nbsp;<\/p>\n\n\n\n<p><strong>Networking is explicit.<\/strong> We document ingress and egress patterns, DNS and proxy requirements, and the steps to run with zero outbound in air-gapped environments. If you mirror images to a private registry and provide pull secrets and pinned digests, the platform runs fully disconnected.<\/p>\n\n\n\n<p>For more information check out our official <a href=\"https:\/\/docs.codegen.com\/settings\/on-prem-deployment\">on-prem documentation<\/a>.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-you-should-expect-out-of-the-box\">What you should expect out of the box<\/h2>\n\n\n\n<p><strong>Kubernetes-native deployment with Helm<\/strong><\/p>\n\n\n\n<p>Install, upgrade, and roll back with Helm charts. Manage values.yaml, pin images, verify signatures, and plug into GitOps and your CI\/CD without special tooling.<\/p>\n\n\n\n<p><strong>Complete data sovereignty<\/strong><\/p>\n\n\n\n<p>Your repositories, artifacts, logs, prompts, and agent trajectories never leave your infrastructure. Enforce residency and org policies at the network and workload layers.<\/p>\n\n\n\n<p><strong>Your own API keys for AI models<\/strong><\/p>\n\n\n\n<p>Bring your providers and manage model API keys locally. Route traffic through your proxies, rotate on your schedule, and scope access by policy.&nbsp;<\/p>\n\n\n\n<p><strong>Enterprise-grade support and SLAs<\/strong><\/p>\n\n\n\n<p>On-Prem is an enterprise-only offering with SLAs and hands-on help for hardening, sizing, and performance. Runbooks and escalation paths are included.<\/p>\n\n\n\n<p><strong>Flexible infrastructure support<\/strong><\/p>\n\n\n\n<p>Self-managed Kubernetes, OpenShift, Rancher, EKS-Anywhere \u2014 supported. Air-gapped and restricted networks are first-class: private registry mirroring, pull secrets, and offline licensing.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-getting-started\">Getting started<\/h2>\n\n\n\n<p>Ready to see how Codegen can fit into your <a href=\"https:\/\/codegen.com\/blog\/reimagining-developer-workflows-for-the-ai-era\/\">engineering workflow<\/a>?&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/clickup.com\/brain\/agents\/codegen\">Book a demo<\/a> to watch it in action or <a href=\"https:\/\/codegen.com\/contact\">contact our team<\/a> to discuss deployment plans and pricing. We\u2019ll help you explore the best path, cloud or on-prem, to bring AI agents safely into production.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If your organization can\u2019t move code or logs outside its network, you shouldn\u2019t have to sit out the agent era. Today we\u2019re introducing Codegen on-prem \u2014 the same operating system for code agents that powers our cloud, packaged for your Kubernetes. Install with Helm, keep all code and telemetry inside your environment, use your model [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[7],"tags":[],"class_list":["post-21868","post","type-post","status-publish","format-standard","hentry","category-product-and-features"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Codegen On-Prem Deployment: Bring the OS for Code Agents In House | The Codegen Blog<\/title>\n<meta name=\"description\" content=\"Codegen on-prem deployment lets you run AI agents inside your own infrastructure while maintaining full data control and enterprise-grade security.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/codegen.com\/blog\/codegen-on-prem-deployment\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Codegen On-Prem Deployment: Bring the OS for Code Agents In House\" \/>\n<meta property=\"og:description\" content=\"Codegen on-prem deployment lets you run AI agents inside your own infrastructure while maintaining full data control and enterprise-grade security.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/codegen.com\/blog\/codegen-on-prem-deployment\/\" \/>\n<meta property=\"og:site_name\" content=\"The Codegen Blog\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-24T18:02:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-24T18:34:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/codegenblog.kinsta.cloud\/wp-content\/uploads\/2025\/09\/Codegen-On-Prem-Deployment-Bring-the-OS-for-Code-Agents-In-House.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2394\" \/>\n\t<meta property=\"og:image:height\" content=\"1256\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Codegen Technical Staff\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@codegen\" \/>\n<meta name=\"twitter:site\" content=\"@codegen\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Codegen Technical Staff\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/codegen-on-prem-deployment\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/codegen-on-prem-deployment\\\/\"},\"author\":{\"name\":\"Codegen Technical Staff\",\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/#\\\/schema\\\/person\\\/d11d8bf8745420c643fcb0f3213aa92f\"},\"headline\":\"Codegen On-Prem Deployment: Bring the OS for Code Agents In House\",\"datePublished\":\"2025-09-24T18:02:06+00:00\",\"dateModified\":\"2025-09-24T18:34:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/codegen-on-prem-deployment\\\/\"},\"wordCount\":836,\"publisher\":{\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/#organization\"},\"articleSection\":[\"Product &amp; Features\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/codegen-on-prem-deployment\\\/\",\"url\":\"https:\\\/\\\/codegen.com\\\/blog\\\/codegen-on-prem-deployment\\\/\",\"name\":\"Codegen On-Prem Deployment: Bring the OS for Code Agents In House | The Codegen Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/#website\"},\"datePublished\":\"2025-09-24T18:02:06+00:00\",\"dateModified\":\"2025-09-24T18:34:27+00:00\",\"description\":\"Codegen on-prem deployment lets you run AI agents inside your own infrastructure while maintaining full data control and enterprise-grade security.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/codegen-on-prem-deployment\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/codegen.com\\\/blog\\\/codegen-on-prem-deployment\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/codegen-on-prem-deployment\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/codegen.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Codegen On-Prem Deployment: Bring the OS for Code Agents In House\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/codegen.com\\\/blog\\\/\",\"name\":\"The Codegen Blog\",\"description\":\"What we\u2019re building, how we\u2019re building it, and what we\u2019re learning along the way.\",\"publisher\":{\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/codegen.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/#organization\",\"name\":\"Codegen\",\"url\":\"https:\\\/\\\/codegen.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/codegenblog.kinsta.cloud\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/Codegen_Lockup-Black-1024h-scaled.png\",\"contentUrl\":\"https:\\\/\\\/codegenblog.kinsta.cloud\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/Codegen_Lockup-Black-1024h-scaled.png\",\"width\":2560,\"height\":528,\"caption\":\"Codegen\"},\"image\":{\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/codegen\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/codegen.com\\\/blog\\\/#\\\/schema\\\/person\\\/d11d8bf8745420c643fcb0f3213aa92f\",\"name\":\"Codegen Technical Staff\",\"sameAs\":[\"https:\\\/\\\/codegenblog.kinsta.cloud\"],\"url\":\"https:\\\/\\\/codegen.com\\\/blog\\\/author\\\/cg-admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Codegen On-Prem Deployment: Bring the OS for Code Agents In House | The Codegen Blog","description":"Codegen on-prem deployment lets you run AI agents inside your own infrastructure while maintaining full data control and enterprise-grade security.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/codegen.com\/blog\/codegen-on-prem-deployment\/","og_locale":"en_US","og_type":"article","og_title":"Codegen On-Prem Deployment: Bring the OS for Code Agents In House","og_description":"Codegen on-prem deployment lets you run AI agents inside your own infrastructure while maintaining full data control and enterprise-grade security.","og_url":"https:\/\/codegen.com\/blog\/codegen-on-prem-deployment\/","og_site_name":"The Codegen Blog","article_published_time":"2025-09-24T18:02:06+00:00","article_modified_time":"2025-09-24T18:34:27+00:00","og_image":[{"width":2394,"height":1256,"url":"https:\/\/codegenblog.kinsta.cloud\/wp-content\/uploads\/2025\/09\/Codegen-On-Prem-Deployment-Bring-the-OS-for-Code-Agents-In-House.jpg","type":"image\/jpeg"}],"author":"Codegen Technical Staff","twitter_card":"summary_large_image","twitter_creator":"@codegen","twitter_site":"@codegen","twitter_misc":{"Written by":"Codegen Technical Staff","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/codegen.com\/blog\/codegen-on-prem-deployment\/#article","isPartOf":{"@id":"https:\/\/codegen.com\/blog\/codegen-on-prem-deployment\/"},"author":{"name":"Codegen Technical Staff","@id":"https:\/\/codegen.com\/blog\/#\/schema\/person\/d11d8bf8745420c643fcb0f3213aa92f"},"headline":"Codegen On-Prem Deployment: Bring the OS for Code Agents In House","datePublished":"2025-09-24T18:02:06+00:00","dateModified":"2025-09-24T18:34:27+00:00","mainEntityOfPage":{"@id":"https:\/\/codegen.com\/blog\/codegen-on-prem-deployment\/"},"wordCount":836,"publisher":{"@id":"https:\/\/codegen.com\/blog\/#organization"},"articleSection":["Product &amp; Features"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/codegen.com\/blog\/codegen-on-prem-deployment\/","url":"https:\/\/codegen.com\/blog\/codegen-on-prem-deployment\/","name":"Codegen On-Prem Deployment: Bring the OS for Code Agents In House | The Codegen Blog","isPartOf":{"@id":"https:\/\/codegen.com\/blog\/#website"},"datePublished":"2025-09-24T18:02:06+00:00","dateModified":"2025-09-24T18:34:27+00:00","description":"Codegen on-prem deployment lets you run AI agents inside your own infrastructure while maintaining full data control and enterprise-grade security.","breadcrumb":{"@id":"https:\/\/codegen.com\/blog\/codegen-on-prem-deployment\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/codegen.com\/blog\/codegen-on-prem-deployment\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/codegen.com\/blog\/codegen-on-prem-deployment\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/codegen.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Codegen On-Prem Deployment: Bring the OS for Code Agents In House"}]},{"@type":"WebSite","@id":"https:\/\/codegen.com\/blog\/#website","url":"https:\/\/codegen.com\/blog\/","name":"The Codegen Blog","description":"What we\u2019re building, how we\u2019re building it, and what we\u2019re learning along the way.","publisher":{"@id":"https:\/\/codegen.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/codegen.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/codegen.com\/blog\/#organization","name":"Codegen","url":"https:\/\/codegen.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/codegen.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/codegenblog.kinsta.cloud\/wp-content\/uploads\/2025\/07\/Codegen_Lockup-Black-1024h-scaled.png","contentUrl":"https:\/\/codegenblog.kinsta.cloud\/wp-content\/uploads\/2025\/07\/Codegen_Lockup-Black-1024h-scaled.png","width":2560,"height":528,"caption":"Codegen"},"image":{"@id":"https:\/\/codegen.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/codegen"]},{"@type":"Person","@id":"https:\/\/codegen.com\/blog\/#\/schema\/person\/d11d8bf8745420c643fcb0f3213aa92f","name":"Codegen Technical Staff","sameAs":["https:\/\/codegenblog.kinsta.cloud"],"url":"https:\/\/codegen.com\/blog\/author\/cg-admin\/"}]}},"_links":{"self":[{"href":"https:\/\/codegen.com\/blog\/wp-json\/wp\/v2\/posts\/21868","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/codegen.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/codegen.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/codegen.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/codegen.com\/blog\/wp-json\/wp\/v2\/comments?post=21868"}],"version-history":[{"count":3,"href":"https:\/\/codegen.com\/blog\/wp-json\/wp\/v2\/posts\/21868\/revisions"}],"predecessor-version":[{"id":21873,"href":"https:\/\/codegen.com\/blog\/wp-json\/wp\/v2\/posts\/21868\/revisions\/21873"}],"wp:attachment":[{"href":"https:\/\/codegen.com\/blog\/wp-json\/wp\/v2\/media?parent=21868"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/codegen.com\/blog\/wp-json\/wp\/v2\/categories?post=21868"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/codegen.com\/blog\/wp-json\/wp\/v2\/tags?post=21868"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}