/
OOM NodePort List

OOM NodePort List

Mar 24, 2021

Please fill in the protocol (http/https/ws... to determine if it will cross the ingress port) and the reason for the port being open (hybrid deployment needs access?, external access client (kibana/gui...)) in the table below in prep of removing some nodeports in the run up to using an Ingress controller

Sync with Casablanca Unprotected Interfaces

TODO: add protocol to each port - to determine suitability for HTTP/HTTPS or multi-protocol proxy for ingress

NodePorts are used to allow client applications, that run outside of Kubernetes, access to ONAP components deployed by OOM.

A NodePort maps an externally reachable port to an internal port of an ONAP microservice.

It should be noted that the use of NodePorts is temporary. An alternative solution is currently being scoped for the Dublin Release.

But for now, this page is used to track NodePort assignments.

 

All ONAP project teams that have microservices that need to provide external access for clients, must update this wiki page to reserve NodePorts and prevent ONAP deployment failures due to NodePort conflicts.

If a service is only accessed by other services within the same kubernetes deployment (ie. databases, backend services with no external northbound APIs) then please DO NOT reserve

a NodePort as they are a very limited resource. The service name and its Internal Port (<service name>.port) should be used instead (ie. vid.8443)

 

To reserve a NodePort search the table below for the text "FREE_PORT".

If it is determined that an existing reservation is no longer required, please add the text "FREE_PORT" to indicate its availability.

 

Developer Checklist

Verify unused nodeports

Before using a particular nodeport - verify there is no conflict by deploying the entire system and checking services or the tables below.

Get the nodeport of a particular service

# human readable list kubectl get services --all-namespaces | grep robot # machine readable number kubectl get --namespace onap -o jsonpath="{.spec.ports[0].nodePort}" services robot)

 

Node Port Reservations 302 prefix

Component

(sortable)

Pod

Service name

Protocol

http/https/ws...

Node Port

Internal Port

Reason for exposure outside of the internal DNS service name access

Component

(sortable)

Pod

Service name

Protocol

http/https/ws...

Node Port

Internal Port

Reason for exposure outside of the internal DNS service name access

vid

 

vid

 

30200

8443

 

FREE_PORT

 

 

 

30201

8843

 

sdnc / ccsdk

 

ccsdk/oran/a1-policy-management-service

http
https

30093
30094

9080
9081

Used ito access A1 Policy Managment service API - used in different ONAP & OSC deployments - including external rApp/client/portal access
See ONAP/3GPP & ORAN Alignment: A1 Adapter extensions (Guilin)

sdnc

 

sdnc

 

30202

8282

http port, removed in El Alto.  Instead, users should use https node port 30267

sdnc

 

sdnc-dgbuilder

 

30203

3000

 

sdc

 

sdc-be

 

30204

8443

 

sdc

 

sdc-be

 

30205

8080

 

sdc

 

sdc-fe

 

30206

8181

 

sdc

 

sdc-fe

 

30207

9443

 

appc

 

appc

 

30208

8282

removed in Frankfurt

robot

 

robot

 

30209

88

u:p test:test

aai

 

aai-modelloader

 

30210

8080

 

appc

 

appc

 

30211

9090

 

portal

 

portal-sdk

 

30212

8443

 

portal

 

portal-app

 

30225

8443

 

policy

 

policy brmsgw

 

30216

9989

 

policy

 

drools (dup?)

 

30217

6969

 

policy

 

pap

 

30218

9091

 

policy

 

pap

 

30219

8443

 

aai

 

aai-sparky-be

 

30220

9517

 

policy

 

drools (dup?)

 

30221

9696

 

dcae

DCAEGEN2

hv-ves

xdcae-hv-ves-collector

 

30222

6061

 

dcae

 

DCAEGEN2

 

30223

 

Reserved for future DCAEapp

(12/30 - dcae-datafile-collector usage on this port is removed since El-Alto)

so

 

so-monitor

 

30224

9091

 

portal

 

portal-app (ssl)

 

30225

8443

https://gerrit.onap.org/r/#/c/69859/

https://lf-onap.atlassian.net/browse/OOM-1455

dmaap

 

message-router

 

30226

3905

 

dmaap

 

message-router

 

30227

3904

 

appc

 

appc-dgbuilder

 

30228

3000

CAUTION2: There might me blanks in following data.

aai

 

aai-modelloader

 

30229

8443

CAUTION2: There might me blanks in following data.

appc

 

appc

 

30230

8443

 

appc

 

appc

 

30231

1830

 

aai

 

aai

 

30232

8080

 

aai

 

aai

 

30233

8443

 

pomba

 

pomba-kibana

https

30234

5601

 

dcae

 

xdcae-ves-collector

 

30235

8080

 

policy

 

nexus

 

30236

8081

 

policy

 

policy-apex-pdp

 

30237

12345

 

aai

 

aai-graphgraph

 

30238

8453

https://lf-onap.atlassian.net/browse/AAI-2596

aai

 

aai-spike

 

30239

9518

 

pomba

 

pomba-context-builder

 

30240

9530

 

dmaap

 

dmaap-bc

 

30241

8080

 

dmaap

 

dmaap-bc

 

30242

8443

 

aaf

 

aaf-sms

 

30243

10443

 

aaf

 

aaf-sms-db

 

30244

8200

CAUTION2: There might me blanks in following data.

sdnc

 

sdnc

 

30246

8280

Appears to be no longer needed - investigating

dcae

 

dcae datafile collector

 

30245

8100

 

aaf

 

aaf-service

 

30247

8100