docs/doc/source/dist_cloud/kubernetes/distributed-cloud-ports-reference.rst

.. sac1584464416105
.. _distributed-cloud-ports-reference:

=================================
Distributed Cloud Ports Reference
=================================

A number of ports must be available for various |prod-dc| components to
function correctly.


.. _distributed-cloud-ports-reference-table-mxl-qhh-blb:


.. table:: Table 1. |prod-dc| port requirements
    :widths: auto

    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | Protocol | Port  | Description                | Initiator                                        | Destination                         | Notes                                   |
    +==========+=======+============================+==================================================+=====================================+=========================================+
    | tcp      | 22    | ssh                        | System Controller                                | Subclouds                           |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | udp      | 123   | ntp                        | Not used between System Controller and Subclouds |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | udp      | 161   | snmp                       | Not used between System Controller and Subclouds |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | udp      | 2222  | SM                         | Not used between System Controller and Subclouds |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | udp      | 2223  | SM                         | Not used between System Controller and Subclouds |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 4546  | stx-nfv                    | System Controller                                | Subclouds                           | vim-restapi                             |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 5001  | keystone-api               | System Controller                                | Subclouds                           |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 5492  | patching-api               | System Controller                                | Subclouds                           |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 6386  | sysinv-api                 | System Controller                                | Subclouds                           |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 6443  | K8s API server             | Subclouds                                        | System Controller                   |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 7778  | stx-ha                     | Not used between System Controller and Subclouds |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 8443  | horizon https              | Not used between System Controller and Subclouds |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 8080  | horizon http               | Not used between System Controller and Subclouds | Not required if using https         |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 8119  | stx-distcloud              | Not used between System Controller and Subclouds | dcmanager-api                       |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 15491 | stx-update                 | Not used between System Controller and Subclouds | only required for system controller |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 18003 | stx-fault                  | System Controller                                | Subclouds                           |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | icmp     | icmp  |                            |                                                  |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 9312  | barbican                   | Not used between System Controller and Subclouds |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | udp      | 319   | PTP                        | Not used between System Controller and Subclouds |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | udp      | 320   | PTP                        | Not used between System Controller and Subclouds |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp/udp  | 636   | LDAPS                      | Subcloud                                         | Windows AD server                   |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | udp      | 389   | LDAP                       | Subcloud                                         | Windows AD server                   | Not required if using LDAPs             |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp/udp  | 30555 | OIDC Client                | Subcloud                                         |                                     | Used by remote user when authenticating |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp/udp  | 30556 | DEC OIDC Provider          | Subcloud                                         |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 8220  | Dist. cloud                | System Controller                                | Subclouds                           | dcdbsync-api                            |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 31001 | Elastic \(using NodePort\) | Subcloud                                         | DC                                  |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 9001  | Docker registry            | Subcloud                                         | DC                                  |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 9002  | Registry token server      | Subcloud                                         | DC                                  |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | udp      | 162   | snmp trap                  | Subcloud                                         | DC                                  |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 8443  | https                      | Not used between System Controller and Subclouds |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 31090-| Kafka Brokers (NodePort)   | Subcloud                                         | System Controller                   |                                         |
    |          | 31099 |                            |                                                  |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 31090-| Kafka Brokers (NodePort)   | Subcloud                                         | System Controller                   |                                         |
    |          | 31099 |                            |                                                  |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 32000 | Kubernetes dashboard       |                                                  |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 30001-| VIM                        | Not used between System Controller and Subcloud  |                                     |                                         |
    |          | 30004 |                            |                                                  |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+
    | tcp      | 32323 | vim-webserver              | Not used between System Controller and Subcloud  |                                     |                                         |
    +----------+-------+----------------------------+--------------------------------------------------+-------------------------------------+-----------------------------------------+