Commit 5ee4a08b authored by Valery Sizov's avatar Valery Sizov

Merge branch '7388-ensure-geo-documentation-contains-required-tcp-udp-ports-listed-docs'

parents 89f2a74f fb38f1bb
...@@ -89,6 +89,27 @@ Note that CentOS 6 and 7.0 ship with an old version of OpenSSH that do not ...@@ -89,6 +89,27 @@ Note that CentOS 6 and 7.0 ship with an old version of OpenSSH that do not
support a feature that Geo requires. See the [documentation on Geo SSH support a feature that Geo requires. See the [documentation on Geo SSH
access][fast-ssh-lookup] for more details. access][fast-ssh-lookup] for more details.
### Firewall rules
The following table lists basic ports that must be open between the primary and secondary nodes for Geo.
| Primary server | Server secondary | Protocol |
| -------------- | ---------------- | --------------- |
| 80 | 80 | HTTP |
| 443 | 443 | TCP or HTTPS |
| 22 | 22 | TCP |
| 5432 | | PostgreSQL |
See the full list of ports used by GitLab in [Package defaults](https://docs.gitlab.com/omnibus/package-information/defaults.html)
NOTE: **Note:**
[Web terminal](../../../ci/environments.md#web-terminals) support requires your load balancer to correctly handle WebSocket connections.
When using HTTP or HTTPS proxying, your load balancer must be configured to pass through the `Connection` and `Upgrade` hop-by-hop headers. See the [web terminal](../../integration/terminal.md) integration guide for more details.
NOTE: **Note:**
When using HTTPS protocol for port 443, you will need to add an SSL certificate to the load balancers.
If you wish to terminate SSL at the GitLab application server instead, use TCP protocol.
### LDAP ### LDAP
We recommend that if you use LDAP on your primary that you also set up a We recommend that if you use LDAP on your primary that you also set up a
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment