As you know, when a tentacle is in listening mode, it is a TCP server. The Octopus Server establishes a connection to it during a deployment, runbook run, or any other task.
This is in contrast to polling mode, where the Octopus Server is the TCP server and the tentacle establishes the connection.
Regardless of the communication mode, when a tentacle is registered with Octopus it establishes a two-way trust by exchanging certificate thumbprints. A tentacle will not accept commands from a server it doesn’t trust. A server will send commands to a tentacle it doesn’t trust.
The important thing to note is the server thumbprint, along with will all the tentacle thumbprints it trusts (including connection information) is stored in the Octopus Deploy database. When you are running Octopus Deploy in HA mode, all the nodes are sharing the same database.
When you add an additional node to an HA cluster it will read the database and use the same thumbprint and other connection information as before to establish the connection.
That will raise the question, how does each node load balance deployments? For that, I’d refer you to our documentation: How High Availability Works - Octopus Deploy
I hope that helps!