diff --git a/src/pages/docs/deprecations/index.md b/src/pages/docs/deprecations/index.md index 96f78f3023..c47c8479c3 100644 --- a/src/pages/docs/deprecations/index.md +++ b/src/pages/docs/deprecations/index.md @@ -53,7 +53,21 @@ We're removing support for TLS 1.0 and 1.1 to improve security. This affects bot Most customers won't be affected since TLS 1.2+ support is already widely adopted. For detailed information, timeline, and migration guidance, see our blog post: [Deprecating support for TLS 1.0 and 1.1](https://octopus.com/blog/deprecating-tls-1-0-and-1-1) -## No longer available December, 2025 +## Deprecations for 2026.1 + +### Dropping capability for Windows Server 2008 Workers and Targets in 2026.1 + +Microsoft [dropped extended support](https://learn.microsoft.com/en-us/lifecycle/products/windows-server-2008) for the Windows Server 2008 family in January 2020. This operating system is also the last Windows OS that does not support .NET Core, one of the languages used to build Octopus Deploy. The complexity required to support this legacy platform outweighs the value to our customers. + +It has been [noted for several years](https://octopus.com/docs/infrastructure/deployment-targets/tentacle/windows/requirements) that Octopus no longer actively tests against or supports Windows Server 2008. The planned change in `2026.1` will make this operating system requirement more definitive by introducing changes that may prevent standard deployment and runbook tasks from executing on this operating system. + +To provide ample time to act, from Octopus Server `2024.1`, workloads that run on Windows 2008 Servers will begin logging warnings. We urge you to upgrade your targets to a later version of Windows Server before `2026.1` to prepare for the removal of functionality. + +Further notes about this pending change can be found in the [2024.1 deprecation blog post](https://octopus.com/blog/2024-deprecated-features#windows-server-2008) + +**Note that this change was originally planned to take place in 2025.1 however this was instead pushed back until this later major release.** + +## Atlassian Bamboo EOL - December 2025 As of December 2025 the Octopus Deploy add-on for Bamboo has been removed from the Atlassian marketplace. If you are using the add-on in your Atlassian Data Center it will continue to work, the removal prevents new installations of the add-on. This is in response to Atlassian's end of life decision on Bamboo and Data Center. @@ -75,16 +89,6 @@ We announced the deprecation of ScriptCS back in 2022, with pathways for migrati ScriptCS is still supported in 2025.2 by setting the `OCTOPUS__FeatureToggles__UseDotnetScriptCSharpExecutorFeatureToggle` environment variable to false or at the project level using the variable `Octopus.Action.Script.CSharp.UseDotnetScript`. This is not recommended as support for ScriptCS will be removed in 2025.3. -### Dropping capability for Windows Server 2008 Workers and Targets in 2025.1 - -Microsoft [dropped extended support](https://learn.microsoft.com/en-us/lifecycle/products/windows-server-2008) for the Windows Server 2008 family in January 2020. This operating system is also the last Windows OS that does not support .NET Core, one of the languages used to build Octopus Deploy. The complexity required to support this legacy platform outweighs the value to our customers. - -It has been [noted for several years](https://octopus.com/docs/infrastructure/deployment-targets/tentacle/windows/requirements) that Octopus no longer actively tests against or supports Windows Server 2008. The planned change in `2025.1` will make this operating system requirement more definitive by introducing changes that may prevent standard deployment and runbook tasks from executing on this operating system. - -To provide ample time to act, from Octopus Server `2024.1`, workloads that run on Windows 2008 Servers will begin logging warnings. We urge you to upgrade your targets to a later version of Windows Server before `2025.1` to prepare for the removal of functionality. - -Further notes about this pending change can be found in the [2024.1 deprecation blog post](https://octopus.com/blog/2024-deprecated-features#windows-server-2008) - ## Deprecations for 2024.4 ### ScriptCS diff --git a/src/pages/docs/infrastructure/deployment-targets/tentacle/windows/index.mdx b/src/pages/docs/infrastructure/deployment-targets/tentacle/windows/index.mdx index 73998e27c5..7140b7e137 100644 --- a/src/pages/docs/infrastructure/deployment-targets/tentacle/windows/index.mdx +++ b/src/pages/docs/infrastructure/deployment-targets/tentacle/windows/index.mdx @@ -28,7 +28,7 @@ Before you install Tentacle, review the software and hardware requirements for: Tentacle for Windows is published as either a .NET Framework dependent executable or a self-contained executable. The framework-dependent Tentacle will require a compatible version of .NET Framework to be installed. The self-contained Tentacle bundles the .NET runtime with the application. To learn more about .NET publishing options, see the [Microsoft docs](https://learn.microsoft.com/en-us/dotnet/core/deploying/). - Once you have installed one type of Tentacle, future updates of Tentacle done via Octopus Server will respect the current publishing mode. + Once you have installed one type of Tentacle, future updates of Tentacle done via Octopus Server will respect the current publishing mode. ## Communication mode @@ -53,7 +53,7 @@ If the Tentacle isn't connecting, try the steps on the [troubleshooting page](/d To allow your Octopus Server to connect to the Tentacle, you'll need to allow access to TCP port **10933** on the Tentacle (or the port you selected during the installation wizard). -**Intermediary firewalls** +#### Intermediary firewalls** Don't forget to allow access in any intermediary firewalls between the Octopus Server and your Tentacle (not just the Windows Firewall). For example, if your Tentacle server is hosted in Amazon EC2, you'll also need to modify the AWS security group firewall to tell EC2 to allow the traffic. Similarly, if your Tentacle server is hosted in Microsoft Azure, you'll also need to add an Endpoint to tell Azure to allow the traffic. @@ -74,11 +74,12 @@ If the Tentacle isn't connecting, try the steps on the [troubleshooting page](/d To allow Tentacle to connect to your Octopus Server, you'll need to allow access to port **10943** on the Octopus Server (or the port you selected during the installation wizard - port 10943 is just the default). You will also need to allow Tentacle to access the HTTP Octopus Web Portal (typically port **80** or **443** - these bindings are selected when you [install the Octopus Server](/docs/installation)). If your network rules only allow port **80** and **443** to the Octopus Server, you can either: + - Change the server bindings to either HTTP or HTTPS and use the remaining port for polling Tentacle connections. - The listening port Octopus Server uses can be [changed from the command line](/docs/octopus-rest-api/octopus.server.exe-command-line/configure) using the `--commsListenPort` option. Even if you do use port **80** for Polling Tentacles, the communication is still secure. - Use a reverse proxy to redirect incoming connections to the Tentacle listening port on Octopus Server by differentiating the connection based on Hostname (TLS SNI) or IP Address - - The polling endpoint Tentacle uses can be [changed from the command line](/docs/infrastructure/deployment-targets/tentacle/polling-tentacles-over-port-443/#self-hosted) using the `--server-comms-address` option. + - The polling endpoint Tentacle uses can be [changed from the command line](/docs/infrastructure/deployment-targets/tentacle/polling-tentacles-over-port-443/#self-hosted) using the `--server-comms-address` option. - You can learn about this configuration on the [Polling Tentacles over standard HTTPS port](/docs/infrastructure/deployment-targets/tentacle/polling-tentacles-over-port-443) page. Note that the port (or address) used to poll Octopus for jobs is different from the port (or address) used by your team to access the Octopus Deploy web interface; @@ -91,14 +92,14 @@ Using polling mode, you won't typically need to make any firewall changes on the Don't forget to allow access not just in Windows Firewall, but also any intermediary firewalls between the Tentacle and your Octopus Server. For example, if your Octopus Server is hosted in Amazon EC2, you'll also need to modify the AWS security group firewall to tell EC2 to allow the traffic. Similarly if your Octopus Server is hosted in Microsoft Azure you'll also need to add an Endpoint to tell Azure to allow the traffic. ## Windows Server 2008 Limited Support -From Octopus Server release `2025.1` there will be [limited support](https://octopus.com/docs/deprecations#dropping-capability-for-windows-server-2008-workers-and-targets-in-20251) for executing workloads on targets or workers running Windows Server 2008. As the version of [Calamari](https://octopus.com/docs/octopus-rest-api/calamari) shipped with later version of Octopus Server will no longer be compatible with Windows Server 2008, the capability has been made available to pin the version of Calamari used on the target itself. +From Octopus Server release `2026.1` there will be [limited support](https://octopus.com/docs/deprecations#dropping-capability-for-windows-server-2008-workers-and-targets-in-20251) for executing workloads on targets or workers running Windows Server 2008. As the version of [Calamari](https://octopus.com/docs/octopus-rest-api/calamari) shipped with later version of Octopus Server will no longer be compatible with Windows Server 2008, the capability has been made available to pin the version of Calamari used on the target itself. To allow this: -1. Download the [most recent version of Calamari](https://download.octopusdeploy.com/calamari/Calamari.Legacy.zip) (verify with [sha256](https://download.octopusdeploy.com/calamari/Calamari.Legacy.sha256) or [md5](https://download.octopusdeploy.com/calamari/Calamari.Legacy.md5) checksum). This is version of Calamari is unlikely to be updated unless there are significant vulnerabilities discovered so it may be missing new capabilities that are released later than `2025.1`. -2. Extract the zip contents to a location on the Tentacle. +1. Download the [most recent version of Calamari](https://download.octopusdeploy.com/calamari/Calamari.Legacy.zip) (verify with [sha256](https://download.octopusdeploy.com/calamari/Calamari.Legacy.sha256) or [md5](https://download.octopusdeploy.com/calamari/Calamari.Legacy.md5) checksum). This is version of Calamari is unlikely to be updated unless there are significant vulnerabilities discovered so it may be missing new capabilities that are released later than `2026.1`. +2. Extract the zip contents to a location on the Tentacle. 3. Set an environment variable `CalamariDirectoryPath` with a value of the extracted location. This variable should be provided in a context that will be available to the Tentacle process. 4. Restart the Tentacle process to ensure that it has access to this new variable. -The next time a deployment is run, Octopus Server will ignore the embedded Calamari version and instead use the one available on the Tentacle. Warnings will continue to be logged to provide a clear signal that this limited support is considered a temporary stop-gap, as we are likely to drop support entirely for this workaround from `2026.1`. +The next time a deployment is run, Octopus Server will ignore the embedded Calamari version and instead use the one available on the Tentacle. Warnings will continue to be logged to provide a clear signal that this limited support is considered a temporary stop-gap, as we are likely to drop support entirely for this workaround from `2026.3`.