Setup the appropriate firewall rules. You will need to open various ports on each instance of the appliance. To do this, use the tools provided by the cloud provider to create a new security group for your Cloud Remote cluster; then, associate each appliance in the cluster with that security group. Use the tables below for guidance on what port rules should be added to that security group.

Port rules for a single node Cloud Remote deployment:

PortProtocolSourceUsage
22TCPLimit to address space of users needing SSH access for debugging and changing default portsSSH
443TCPLimit to address space of users needing access to the Cloud Remote web UI for setup and scalingHTTPS (Cloud Remote web UI)
5671TCPLimit to address of the CloudCenter Suite cluster's local AMQP serviceAMQP
15671TCPLimit to address space of users needing web access for debugging the remote AMQP serviceHTTPS (AMQP Management)

The Cloud Remote web UI  and AMQP ports listed above are the defaults used by Cloud Remote. You may change these port numbers using the Change Ports shell script (see Cloud Remote (Conditional) > Custom Port Numbers (Conditional)) once the appliance is fully configured and communicating with the CloudCenter Suite cluster. If you plan to modify any of these three port numbers, update the firewall rules accordingly.

For a multi-node Cloud Remote cluster deployment, these additional port rules should be added to the same security group used for the single node configuration:

PortProtocolSource
2377TCP<cr_sec_group> *
25672TCP<cr_sec_group>
7946UDP<cr_sec_group>
4369TCP<cr_sec_group>
9010TCP<cr_sec_group>
4789UDP<cr_sec_group>

 * <cr_sec_group> represents the security group that all Cloud Remote nodes are joined to.

  • No labels
Terms & Conditions Privacy Statement Cookies Trademarks