Network ports

Ports that will be opened on cluster nodes depend on services that will run on the node and traffic types associated with them. Before enabling a specific service on a cluster node, you need to assign the respective traffic type to a network this node is connected to. Assigning a traffic type to a network configures a firewall on nodes connected to this network, opens specific ports on node network interfaces, and sets the necessary iptables rules.

The table below lists all the required ports and services associated with them:

Service Traffic type Port Description
Web control panel Admin panel1 TCP 8888 External access to the admin panel.
Self-service panel TCP 8800 External access to the self-service panel.
Management Internal management any available port Internal cluster management and transfers of node monitoring data to the admin panel.
Metadata service Storage any available port Internal communication between MDS services, as well as with chunks services and clients.
Chunk service any available port Internal communication with MDS services and clients.
Client any available port Internal communication with MDS and chunk services.
Backup Gateway Backup (ABGW) public TCP 40440, 44445 External data exchange with Acronis Cyber Protect agents and Acronis Cyber Protect Cloud.
Backup (ABGW) private any available port Internal management of and data exchange between multiple backup storage services.
iSCSI iSCSI TCP 3260 External data exchange with the iSCSI access point.
S3 S3 public TCP 80, 443 External data exchange with the S3 access point.
OSTOR private any available port Internal data exchange between multiple S3 services.
NFS NFS TCP/UDP 111, 892, 2049 External data exchange with the NFS access point.
OSTOR private any available port Internal data exchange between multiple NFS services.
Compute Compute API2   External access to standard OpenStack API endpoints:
TCP 5000 Identity API v3
TCP 6080 noVNC Websocket Proxy
TCP 8004 Orchestration Service API v1
TCP 8041 Gnocchi API (billing metering service)
TCP 8774 Compute API
TCP 8776 Block Storage API v3
TCP 8780 Placement API
TCP 9292 Image Service API v2
TCP 9313 Key Manager API v1
TCP 9513 Container Infrastructure Management API (Kubernetes service)
TCP 9696 Networking API v2
TCP 9888 Octavia API v2 (load balancer service)
VM private UDP 4789 Network traffic between VMs in compute virtual networks.
TCP 15900–16900 VNC console traffic.
VM backups TCP 49300–65535 External access to NBD endpoints.
SSH SSH TCP 22 Remote access to nodes via SSH.
SNMP SNMP3 UDP 161 External access to storage cluster monitoring statistics via the SNMP protocol.