Networking
This topic describes the network usage and requirements for both system instances and services.
|
Note: You can configure the network settings for each service when you install the system. You cannot change these settings after the system is up and running. |
|
Note: If your networking environment changes such that the system can no longer function with its current networking configuration, you need to reinstall the system. See Handling network changes. |
Instance IP address requirements
All instance IP addresses must be static. This includes both internal and external network IP addresses, if applicable to your system.
|
Important: If the IP address of any instance changes, see . |
Network types
Each system service can bind to one type of network, either internal or external, for receiving incoming traffic. If your network infrastructure supports having two networks, you many want to isolate the traffic for most system services to a secured internal network that has limited access. You can then leave only the Admin-App on your external network for user access.
You can use either a single network type for all services or a mix of both types. If you want to use both types, every instance in your system must be addressable by two IP addresses; one on your internal network, and one on your external network. If you use only one network type, each instance needs only one IP address.
Allowing access to external resources
Regardless of whether you're using a single network type or a mix of types, you need to configure your network environment to ensure that all instances have outgoing access to the external resources you want to use, such as:
•The data sources where your data is stored
•Identity providers for user authentication
•Email servers that you want to use for sending email notifications
Ports
Each service binds to a number of ports for receiving incoming traffic.
|
Note: Port values can be reconfigured during system installation, so your system may not use the default values. You cannot change service port values once the system is up and running. To view the ports that your system is using, view the Monitoring page for each service your system runs (Monitoring > Services > service-name) |
System-external ports
The following table contains information about the service ports that users use to interact with the system.
On every instance in the system, each of these ports:
•Must be accessible from any network that requires administrative or search access to the system
•Must be accessible from every other instance in the system
| Default Port Value | Service | Purpose |
|---|---|---|
|
8000 |
Admin-App |
Access to administrative interfaces: •Administration App •Administrative REST API •Administrative CLI |
System-internal ports
This table lists the ports used for intra-system communication by the services. On every instance in the system, each of these ports:
•Must be accessible from every other instance in the system
•Should not be accessible from outside the system
You can find more information on how these ports are used in the documentation for the third-party software underlying each service. See Service list.
| Default Port Value | Service | Purpose |
|---|---|---|
|
5601 |
Dashboard |
Primary port for communicating with the Dashboard service. |
| 7000 | Database |
TCP port for commands and data. |
| 7199 | Database |
Port for JMX connections to Database service. |
| 9042 | Database |
Primary port for communicating with the Database service. |
| 8020 | Clustered-File-System |
Port used for file system metadata operations. |
| 8480 | Clustered-File-System | HTTP port JournalNodes. |
|
8481 |
Clustered-File-System | HTTPs port for JournalNodes. |
| 8485 | Clustered-File-System |
Port for the JournalNode RPC server. |
| 9000 | Clustered-File-System |
Port used for file system metadata operations. |
|
50010 |
Clustered-File-System | Port for DataNode data transfers. |
| 50020 | Clustered-File-System |
Port for DataNode IPC server. |
| 50070 | Clustered-File-System | Port for the web UI used to view the current status of the service and explore the clustered file system. |
|
50090 |
Clustered-File-System | Secondary HTTP port for NameNodes. |
| 50091 | Clustered-File-System | Secondary HTTPs port for NameNodes. |
| 50075 | Clustered-File-System | Port for the web UI used to access the status and logs for DataNodes. |
| 50470 | Clustered-File-System | HTTPS port for NameNodes. |
| 50475 | Clustered-File-System | HTTPS port for DataNodes. |
| 5003 | Index | Debug port used by the Index service. |
| 8983 | Index |
Primary port used to communicate with the Index service. |
| 10000 | Index |
Port used by the Index service for graceful shutdowns |
| 7203 | Message Queue |
Port for JMX connections to Message Queue service. |
| 9092 | Message Queue |
Primary port for communicating with Message Queue service. |
| 9600 | Logging |
Primary port for communicating with Logging service. |
| 9200 | Metrics |
Port used to communicate with the Metrics service cluster. |
| 9201 | Metrics |
Port used to communicate with an individual Metrics service node. |
| 9301 | Metrics |
Port that nodes in the Metrics service cluster should use when communicating with each other. |
| 8081 | Scheduling | Primary port for communicating with the Scheduling service. |
| 5007 | Sentinel |
Debug port used by Sentinel service. |
| 8007 | Sentinel |
Port used by the Sentinel service for graceful shutdowns. |
| 8889 | Sentinel |
Primary port for communicating with Sentinel. |
| 18889 | Sentinel |
Sentinel service internal communication. |
| 5001 | Admin-App | Debug port for Admin-App service. |
| 8005 | Admin-App |
Port used by Admin-App for graceful shutdowns. |
| 18000 | Admin-App |
Admin-App internal communication. |
| 5555 | Watchdog | Port for JMX connections to Watchdog service. |
| 9091 | Network-Proxy | Primary port for communicating with Network-Proxy. |
| 8080 | Service-Deployment | Primary port for communicating with Service-Deployment. |
| 18080 | Service-Deployment |
Service-Deployment internal communication |
| 5050 | Cluster-Coordination | Primary port for communicating with Cluster-Coordination. |
| 15050 | Cluster-Coordination |
Cluster-Coordination internal communication |
| 5051 | Cluster-Worker | Primary port for communicating with Cluster-Worker. |
| 2181 | Synchronization |
Synchronization service client port. |
| 2888 | Synchronization |
Synchronization service internal communication. |
| 3888 | Synchronization |
Synchronization service leader election. |
| 31000-34000 | Cluster-Coordination, Cluster-Worker | High ports used by both Mesos and Docker. |
Trademarks, Legal disclaimer, Third-party software in this documentation
© 2017 Hitachi Vantara Corporation. All rights reserved.