Author: Riya Ray
Date: April 25, 2024
Audience: Everyone
Environment: Self-hosted Traditional & Kubernetes / KOTS
General Ports:
Port Number | Protocol | Source | Destinations - The rule applies to | Used By / Functionality |
---|---|---|---|---|
443 |
HTTPS |
Anywhere |
Every node |
Used by Replicated. The Jama Connect port is used to access Jama Connect for SSL/TLS communication (HTTPS). It can be disabled, or the port number can be reconfigured. |
22 |
SSH |
Anywhere |
Every node |
Allows admins to make remote connections to the application server. |
8800 |
TCP |
Anywhere |
Every node |
The Admin Console port allows admins to access the Admin Console, which is used to configure, install, and upgrade Jama Connect. |
80 |
HTTP |
Anywhere |
Every node |
Jama Connect port is used to access Jama Connect for clear text communication (HTTP). It can be disabled, or the port number can be reconfigured. |
3306 (MySQL) |
|
|
|
The application server must be allowed to communicate remotely with the database server over the listening port. |
1433 (MS SQL Server) |
|
|
|
The application server must be allowed to communicate remotely with the database server over the listening port. |
9880 |
|
|
|
Replicated Integration API |
2003/ 2004/ 2443/ 32770/ 32769/ 32768/ |
TCP |
|
|
Registry Replicated ( |
8125 |
UDP |
|
|
Registry Replicated ( |
3000/ 9873 |
TCP |
|
|
Registry Replicated ( |
8080/ 18080/ 9090 |
TCP |
|
|
JamaCore container → ( |
9092/ 9200/ 9300 |
TCP |
|
|
ElasticSearch container → ( |
9443 |
TCP |
|
|
JamaNginx container → ( |
9091/ 7500/ 7501/ 9200/ 9300/ 32772/ 32771 |
TCP |
|
|
Search container → ( |
9093/ 7600 |
TCP |
|
|
Diff container → ( |
8888/ 8889 |
TCP |
|
|
SAML container → ( |
8801 |
TCP |
|
|
OAuth container → ( |
Non-SSL: 143 |
IMAP |
|
|
Mail Server settings |
Ports specific to Kubernetes/ KOTS:
Port Number | Protocol | Source | Destinations - The rule applies to | Used By / Functionality |
---|---|---|---|---|
6443 | TCP | Anywhere | Any Node | Primary Node |
Allows admins and Kubernetes nodes to access the Kubernetes API server.
|
2379 - 2380 | TCP | Any Node | Primary Nodeo |
Allows the Kubernetes nodes to access the etcd server client API.
|
10250 | TCP | Any Node | Every Node | Allows the Kubernetes nodes to access the Kubelet API. |
6783 | TCP | Any Node | Every Node | Allows Kubernetes (Weave Net) to create a virtual network connecting services inside the cluster. |
6783 - 6784 | TCP | Any Node | Every Node | Allows Kubernetes (Weave Net) to create a virtual network connecting services inside the cluster. |
Please feel free to leave feedback in the comments below.
Related to
Comments
0 comments
Please sign in to leave a comment.