diff --git a/public/docs/img/installation/octopus-install-diagram.png b/public/docs/img/installation/octopus-install-diagram.png index c7e70933a3..4f45b51059 100644 Binary files a/public/docs/img/installation/octopus-install-diagram.png and b/public/docs/img/installation/octopus-install-diagram.png differ diff --git a/src/pages/docs/best-practices/self-hosted-octopus/high-availability.mdx b/src/pages/docs/best-practices/self-hosted-octopus/high-availability.mdx index e5a5a2a22f..176f197018 100644 --- a/src/pages/docs/best-practices/self-hosted-octopus/high-availability.mdx +++ b/src/pages/docs/best-practices/self-hosted-octopus/high-availability.mdx @@ -301,7 +301,7 @@ Follow these steps if you elect to host Octopus Deploy on Windows Servers. 1. Once the setup wizard is complete, you'll be taken to the Octopus Manager. Now is a good time to [retrieving the master key](/docs/security/data-encryption#your-master-key). That master key is required to add additional nodes to your High Availability Cluster. 1. Run the following script to configure the BLOB storage. -```PowerShell +```powershell Octopus.Server.exe path --clusterShared \\OctoShared\OctopusData ``` @@ -365,7 +365,7 @@ Once the files are copied over, you can update your Octopus Deploy instance to p - Run `robocopy` or `rsync` one final time to pick up any new files since the last sync. - Run the following PowerShell script to update Octopus to point to the new directory. -```PowerShell +```powershell Set-Location "C:\Program Files\Octopus Deploy\Octopus" $filePath = "YOUR ROOT DIRECTORY" @@ -403,7 +403,7 @@ We recommend writing scripts to automate this process. Once the load balancer is configured to expose each Octopus Server node, you must register them with each polling tentacle. You can use this PowerShell script as a basis for your automation. The script should add any new nodes you've created. If you added two nodes to your High Availability cluster, your script would look like this. -```PowerShell +```powershell C:\Program Files\Octopus Deploy\Tentacle>Tentacle poll-server --server=Octo2.domain.com:10943 --apikey=YOUR_API_KEY C:\Program Files\Octopus Deploy\Tentacle>Tentacle poll-server --server=Octo3.domain.com:10943 --apikey=YOUR_API_KEY ``` diff --git a/src/pages/docs/installation/index.mdx b/src/pages/docs/installation/index.mdx index c11c22330d..77eae92f6c 100644 --- a/src/pages/docs/installation/index.mdx +++ b/src/pages/docs/installation/index.mdx @@ -25,13 +25,19 @@ There are three components to an Octopus Deploy instance: - **SQL Server Database** Most data used by the Octopus Server nodes is stored in this database. SQL Server 2016+ or Azure SQL is required. - **Files or BLOB Storage** Some larger files - like [packages](/docs/packaging-applications/package-repositories), artifacts, and deployment task logs - aren't suitable to be stored in the database and are stored on the file system instead. This can be a local folder, a network file share, or a cloud provider's storage. -All inbound traffic to Octopus Deploy is via: +Relevant ports include: -- HTTP/HTTPS (ports 80/443) -- Polling tentacles (port 10943) -- gRPC (port 8443) +- **Inbound** port 443/80 (http/https): Web Traffic UI / CLI / API / MCP Server + - **Inbound** port 8080: Container Host - service / load balancer to container + - **Inbound** port 443/80 (http/https): Windows Host - load balancer to Windows Server +- **Inbound** port 10943: Polling tentacles (Octopus Deploy agents) running on application hosts or runners (workers). +- **Inbound** port 8443 (gRPC): Octopus Deploy Argo CD Gateway +- **Outbound** port 10933: Listening tentacles (Octopus Deploy agents) running on application hosts or runners (workers). +- **Outbound** port 22 (SSH): For application hosts or runners (workers). -For production instances of Octopus Deploy, it is best to configure a [load balancer](/docs/installation/load-balancers) to route traffic to your instance. Leveraging a load balancer offers numerous benefits, such as redirecting users to a maintenance page while the instance is down for upgrading, as well as making it much easier to configure High Availability later. +When running Octopus Deploy as a container it is required to configure a load balancer or service to facilitate user web traffic to the user. All web traffic going to the container must be routed to port 8080. + +When running Octopus Deploy on a Windows Server, the [load balancer](/docs/installation/load-balancers) is optional, but highly recommended for production instances. For Windows Server hosts, leveraging a load balancer offers numerous benefits, including redirecting users to a maintenance page while the instance is down for upgrading, as well has making it easier to configure High Availability later. All web traffic going to Windows Servers can remain on the standard 443 or 80 ports. Or, another port can be selected. :::figure ![Octopus Deploy Self-Hosted Reference Diagram](/docs/img/installation/octopus-install-diagram.png)