Listening Tentacles require no special configuration for Octopus High Availability. Polling Tentacles and Kubernetes agents, however, poll a server at regular intervals to check if there are any tasks waiting for the Tentacle to perform. In a High Availability scenario Polling Tentacles must poll all of the Octopus Server nodes in your configuration. To configure the Kubernetes agent with Octopus High Availability, see Kubernetes agent HA Cluster Support.
Connecting Polling Tentacles
Whilst a Tentacle could poll a load balancer in an Octopus High Availability cluster, there is a risk, depending on your load balancer configuration, that the Tentacle will not poll all servers in a timely manner.
We recommend two options when configuring Polling Tentacles to connect to your Octopus High Availability cluster:
- Using a unique address, and the same listening port (
10943
by default) for each node. - Using the same address and a unique port for each node.
These are discussed further in the next sections.
Using a unique address
In this scenario, no load balancer is required. Instead, each Octopus node would be configured to listen on the same port (10943
by default) for inbound traffic. In addition, each node would be able to be reached directly by your Polling Tentacle on a unique address for the node.
For each node in your HA cluster:
- Ensure the communication port Octopus listens on (
10943
by default) is open, including any firewall. - Register the node with the Poll Server command line option. Specify the unique address for the node, including the listening port. For example, in a three-node cluster:
- Node1 would use address: Octo1.domain.com:10943
- Node2 would use address: Octo2.domain.com:10943
- Node3 would use address: Octo3.domain.com:10943
The important thing to remember is that each node should be using a unique address and the same port.
Tip:
A Polling Tentacle will connect to the Octopus Rest API over ports 80 or 443 when it is registering itself with the Octopus Server. After that, it will connect over port 10943
(by default) with the Octopus Server node.
It’s important to ensure that any firewalls also allow port 80 or 443 for the initial Tentacle registration.
Using a unique port
In this scenario, a type of Network Address Translation (NAT) is leveraged by using the same address and unique ports, usually routed through a load balancer or other network device. Each Octopus node would be configured to listen on a different port (starting at 10943
by default) for inbound traffic.
The advantage of using unique ports is that the Polling Tentacle doesn’t need to know each node’s address, only the port. The address translation is handled by the load balancer. This allows each node to have a private IP address, with no public access from outside your network required.
Imagine a three-node HA cluster. For each one, we expose a different port to listen on using the Octopus.Server configure command:
- Node1 - Port
10943
- Node2 - Port
10944
- Node3 - Port
10945
Next on the load balancer, create Network Address Translation (NAT) rules and point them to each node in your HA Cluster:
- Open port
10943
and route traffic to Node1 in your HA Cluster - Open port
10944
and route traffic to Node2 in your HA Cluster - Open port
10945
and route traffic to Node3 in your HA Cluster - Continue for any additional nodes in your HA cluster.
If you configured your nodes to use a different listening port, replace 10943
-10945
with your port range.
The important thing to remember is that each node should be using the same address and a different port.
Registering Polling Tentacles
There are two options to add Octopus Servers to a Polling Tentacle, via the command-line or via editing the Tentacle.config file directly.
Command line:
Configuring a Polling Tentacle via the command-line is the preferred option with the command executed once per server; an example command using the default instance can be seen below:
C:\Program Files\Octopus Deploy\Tentacle>Tentacle poll-server --server=https://your-octopus-url --apikey=API-YOUR-KEY
For more information on this command please refer to the Tentacle Poll Server command line options.
Tentacle.config:
Alternatively you can edit Tentacle.config directly to add each Octopus Server (this is interpreted as a JSON array of servers). This method is not recommended as the Tentacle service for each server will need to be restarted to accept incoming connections via this method.
<set key="Tentacle.Communication.TrustedOctopusServers">
[
{"Thumbprint":"77751F90F9EEDCEE0C0CD84F7A3CC726AD123FA6","CommunicationStyle":2,"Address":"https://10.0.255.160:10943","Squid":null,"SubscriptionId":"poll://g3662re9njtelsyfhm7t/"},
{"Thumbprint":"77751F90F9EEDCEE0C0CD84F7A3CC726AD123FA6","CommunicationStyle":2,"Address":"https://10.0.255.161:10943","Squid":null,"SubscriptionId":"poll://g3662re9njtelsyfhm7t/"},
{"Thumbprint":"77751F90F9EEDCEE0C0CD84F7A3CC726AD123FA6","CommunicationStyle":2,"Address":"https://10.0.255.162:10943","Squid":null,"SubscriptionId":"poll://g3662re9njtelsyfhm7t/"}
]
</set>
Notice there is an address entry for each Octopus Server in the High Availability configuration.
Help us continuously improve
Please let us know if you have any feedback about this page.
Page updated on Sunday, January 1, 2023