The number of ports that IBM® Cloud
Manager with OpenStack uses depends
upon the various components and which network interfaces allow access
to them.
The following tables list the default ports that might
apply to your IBM Cloud
Manager with OpenStack environment,
depending upon your configuration. You can change these values to
customize them for your environment as well.
Table 1. Port usage for IBM Cloud
Manager with OpenStack controller
nodes
| Port |
Firewall rule |
Notes |
| 22 |
sshd |
SSH access that uses the customer network can
be enabled. |
| 67 |
DHCP server |
|
| 68 |
DHCP server |
|
| 80 |
openstack-dashboard-server |
Provides access to the Horizon dashboard. |
| 443 |
openstack-dashboard-server |
Provides https access to the Horizon dashboard. |
| 69 |
tftp server |
TFTP UDP port, used by Ironic via PXE |
| 2224 |
pcsd |
|
| 3260 |
openstack-block-storage-volume-iscsi-port |
|
| 4369 |
rabbitmq-cluster-epmd |
Provides access to ports used when a RabbitMQ
cluster is configured. |
| 5000 |
openstack-identity-api |
|
| 5405 |
pacemaker and corosync |
|
| 5671 |
openstack-messaging-server |
|
| 6080 |
openstack-compute-novnc |
|
| 7869 |
ego lim |
Provides access to the load information manager
in IBM Platform Resource Scheduler. |
| 7870 |
ego vemkd |
Provides access to the VEM kernel daemon in
IBM Platform Resource Scheduler. |
| 7871 |
ego pem |
Provides access to the process execution manager
in IBM Platform Resource Scheduler. |
| 8000 |
openstack-orchestration-api-cfn |
|
| 8003 |
openstack-orchestration-api-cloudwatch |
|
| 8004 |
openstack-orchestration-api |
|
| 8774 |
openstack-compute-api |
|
| 8776 |
openstack-block-storage-api |
|
| 8777 |
openstack-telemetry-api |
|
| 9191 |
openstack-image-registry |
|
| 9292 |
openstack-image-api |
|
| 6385 |
openstack-ironic-api |
|
| 9696 |
openstack-network-api |
|
| 25672 |
rabbitmq-cluster-dist |
Provides access to ports used when a RabbitMQ
cluster is configured. |
| 27017 |
openstack-database-nosql |
DB2® NoSQL
wire protocol listener for access to ceilodb2 database |
| 35357 |
openstack-identity-admin |
|
| 50001 |
openstack-database-server |
|
| 50010 - 50017 |
db2-hadr |
Provides access to ports used when DB2 HADR
is configured. |
Table 2. Port Usage - IBM Cloud
Manager - Self Service
| Port |
Firewall rule |
Notes |
| 7777 |
sce |
OSGi console, access from localhost only |
| 8080 |
sce |
IBM Cloud
Manager - Self Service user
interface |
| 18443 |
sce |
IBM Cloud
Manager - Self Service user
interface back-end |
Table 3. Port usage
- Compute nodes
| Port |
Firewall rule |
Notes |
| 22 |
ssh |
SSH port. This port must be accessible from
the Chef server. |
| 5900 - 5999 |
vnc-server |
Only applicable to KVM/QEMU or PowerKVM compute
nodes. |
Table 4. Port usage
- Chef server
| Port |
Notes |
| 14443 |
The secure (HTTPS) port for accessing the Chef server. The
port number is configurable. |
| 1480 |
The non-secure (HTTP) port for accessing the Chef server. The
port number is configurable. |
| 8443 |
The secure (HTTPS) port for accessing the IBM Cloud
Manager - Deployer. The
port number is configurable. |