You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/installation.md
+10-27Lines changed: 10 additions & 27 deletions
Original file line number
Diff line number
Diff line change
@@ -160,27 +160,12 @@ The following command will start the EventStoreDB node using default HTTP port,
160
160
connect to it using one of the clients and the `esdb://localhost:2113?tls=false` connection string. You can also access the Admin UI by opening http://localhost:2113 in your browser.
161
161
162
162
```bash:no-line-numbers
163
-
docker run --name esdb-node -it -p 2113:2113 -p 1113:1113 \
As you might've noticed, both connection strings have a setting to disable the certificate validation (`ValidateServer=False` for `TCP` and `tlsVerifyCert=false` for `gRPC`). It would prevent the invalid certificate error since the cluster uses a private, auto-generated CA.
243
+
As you might've noticed, the connection string has a setting to disable the certificate validation (`tlsVerifyCert=false`). It would prevent the invalid certificate error since the cluster uses a private, auto-generated CA.
260
244
261
245
However, **we do not recommend using this setting in production**. Instead, you can either add the CA certificate to the trusted root CA store or instruct your application to use such a certificate. See the [security section](security.md#certificate-installation-on-a-client-environment) for detailed instructions.
262
246
@@ -266,7 +250,6 @@ Depending on how your EventStoreDB instance is configured, some features might n
| Connection for TCP clients | External TCP is disabled by default. You need to enable it explicitly by using the `EnableExternalTcp` option. |
270
253
| Connection without SSL or TLS | EventStoreDB 20.6+ is secure by default. Your clients need to establish a secure connection, unless you use the `Insecure` option. |
271
254
| Authentication and ACLs | When using the `Insecure` option for the server, all security is disabled. The `Users` menu item is also disabled in the Admin UI. |
272
255
| Projections | Running projections is disabled by default and the `Projections` menu item is disabled in the Admin UI. You need to enable projections explicitly by using the `RunProjections` option. |
Copy file name to clipboardExpand all lines: docs/networking.md
+4-76Lines changed: 4 additions & 76 deletions
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,7 @@ title: Networking
6
6
7
7
EventStoreDB provides two interfaces:
8
8
- HTTP(S) for gRPC communication and REST APIs
9
-
- TCP for cluster replication (internal) and legacy clients (external)
9
+
- TCP for cluster replication (internal)
10
10
11
11
Nodes in the cluster replicate with each other using the TCP protocol, but use gRPC for [discovering other cluster nodes](cluster.md#discovering-cluster-members).
12
12
@@ -136,7 +136,7 @@ This is configured with `Kestrel.Limits.Http2.InitialStreamWindowSize` in the se
136
136
137
137
## TCP configuration
138
138
139
-
The TCP protocol is used internally for cluster nodes to replicate with each other. It happens over the [internal](#internal) TCP communication. In addition, you can enable [external](#external) TCP if you use the TCP client library in your applications.
139
+
The TCP protocol is used internally for cluster nodes to replicate with each other. It happens over the [internal](#internal) TCP communication.
140
140
141
141
### Internal
142
142
@@ -172,32 +172,6 @@ By default, EventStoreDB uses port `1112` for internal TCP. You can change this
172
172
Please note that the `IntTcpPort` parameter has been deprecated as of version 23.10.0 and will be removed in future versions. It is recommended to use the `ReplicationPort` parameter instead.
173
173
:::
174
174
175
-
### External
176
-
177
-
By default, TCP protocol is not exposed externally. If you use a TCP client library in your applications, you need to enable external TCP explicitly using the setting below.
When enabled, the external TCP will be exposed on the `NodeIp` address (described [here](#http-configuration)) using port `1113`. You can change the external TCP port using the `NodeTcpPort` setting.
Please note that the `ExtTcpPort` parameter has been deprecated as of version 23.10.0 and will be removed in future versions. It is recommended to use the `NodeTcpPort` parameter instead.
199
-
:::
200
-
201
175
### Security
202
176
203
177
When the node is secured (by default), all the TCP traffic will use TLS. You can disable TLS for TCP internally and externally using the settings described below.
@@ -210,15 +184,7 @@ When the node is secured (by default), all the TCP traffic will use TLS. You can
If your network setup requires any kind of IP address, DNS name and port translation for internal or external communication, you can use available [address translation](#network-address-translation) settings.
187
+
If your network setup requires any kind of IP address, DNS name and port translation for internal communication, you can use available [address translation](#network-address-translation) settings.
222
188
223
189
## Network address translation
224
190
@@ -268,14 +234,8 @@ Both internal and external TCP ports can be advertised using custom values:
Please note that the `IntTcpPortAdvertiseAs`and `ExtTcpPortAdvertiseAs` parameters have been deprecated as of version 23.10.0 and will be removed in future versions. It is recommended to use the `ReplicationTcpPortAdvertiseAs` and `NodeTcpPortAdvertiseAs` parameters instead, respectively.
238
+
Please note that the `IntTcpPortAdvertiseAs`parameter has been deprecated as of version 23.10.0 and will be removed in future versions. It is recommended to use the `ReplicationTcpPortAdvertiseAs` and `NodeTcpPortAdvertiseAs` parameters instead, respectively.
279
239
:::
280
240
281
241
If you want to change how the node TCP address is advertised internally, use the `ReplicationHostAdvertiseAs` setting (previously `IntHostAdvertiseAs` setting). You can use an IP address or a hostname.
@@ -290,8 +250,6 @@ If you want to change how the node TCP address is advertised internally, use the
290
250
Please note that the `IntHostAdvertiseAs` parameter has been deprecated as of version 23.10.0 and will be removed in future versions. It is recommended to use the `ReplicationHostAdvertiseAs` parameter instead.
291
251
:::
292
252
293
-
Externally, TCP is advertised using the address specified in the `NodeIp` or `NodeHostAdvertiseAs` (as for HTTP).
294
-
295
253
### Advertise to clients
296
254
297
255
In some cases, the cluster needs to advertise itself to clients using a completely different set of addresses and ports. Usually, you need to do it because addresses and ports configured for the HTTP protocol are not available as-is to the outside world. One of the examples is running a cluster in Docker Compose. In such environment, HTTP uses internal hostnames in the Docker network, which isn't accessible on the host. So, in order to connect to the cluster from the host machine, you need to use `localhost` and translated HTTP ports to reach the cluster nodes.
@@ -318,14 +276,6 @@ Specify the advertised HTTP(S) port (previously `AdvertiseHttpPortToClientAs` se
318
276
Please note that the `AdvertiseHttpPortToClientAs` parameter has been deprecated as of version 23.10.0 and will be removed in future versions. It is recommended to use the `AdvertiseNodePortToClientAs` parameter instead.
319
277
:::
320
278
321
-
Specify the advertised TCP port (only if external TCP is enabled):
EventStoreDB uses heartbeats over all TCP connections to discover dead clients and nodes. Heartbeat timeouts should not be too short, as short timeouts will produce false positives. At the same time, setting too long timeouts will prevent discovering dead nodes and clients in time.
Please note that the `IntTcpHeartbeatInterval` and `IntTcpHeartbeatTimeout` parameters have been deprecated as of version 23.10.0 and will be removed in future versions. It is recommended to use the `ReplicationHeartbeatInterval` and `ReplicationHeartbeatTimeout` parameters instead, respectively.
366
316
:::
367
317
368
-
Node/External TCP heartbeat (between client and server):
Please note that the `ExtTcpHeartbeatInterval` and `ExtTcpHeartbeatTimeout` parameters have been deprecated as of version 23.10.0 and will be removed in future versions. It is recommended to use the `NodeHeartbeatInterval` and `NodeHeartbeatTimeout` parameters instead, respectively.
388
-
:::
389
-
390
318
### gRPC heartbeats
391
319
392
320
For the gRPC heartbeats, EventStoreDB and its gRPC clients use the protocol feature called _Keepalive ping_. Read more about it on the [HTTP configuration page](#keep-alive-pings).
0 commit comments