OOM NodePort List
Please fill in the protocol (http/https/ws... to determine if it will cross the ingress port) and the reason for the port being open (hybrid deployment needs access?, external access client (kibana/gui...)) in the table below in prep of removing some nodeports in the run up to using an Ingress controller |
Sync with Casablanca Unprotected Interfaces
TODO: add protocol to each port - to determine suitability for HTTP/HTTPS or multi-protocol proxy for ingress
NodePorts are used to allow client applications, that run outside of Kubernetes, access to ONAP components deployed by OOM.
A NodePort maps an externally reachable port to an internal port of an ONAP microservice.
It should be noted that the use of NodePorts is temporary. An alternative solution is currently being scoped for the Dublin Release.
But for now, this page is used to track NodePort assignments.
All ONAP project teams that have microservices that need to provide external access for clients, must update this wiki page to reserve NodePorts and prevent ONAP deployment failures due to NodePort conflicts.
If a service is only accessed by other services within the same kubernetes deployment (ie. databases, backend services with no external northbound APIs) then please DO NOT reserve
a NodePort as they are a very limited resource. The service name and its Internal Port (<service name>.port) should be used instead (ie. vid.8443)
To reserve a NodePort search the table below for the text "FREE_PORT".
If it is determined that an existing reservation is no longer required, please add the text "FREE_PORT" to indicate its availability.
Developer Checklist
Verify unused nodeports
Before using a particular nodeport - verify there is no conflict by deploying the entire system and checking services or the tables below.
Get the nodeport of a particular service
# human readable list
kubectl get services --all-namespaces | grep robot
# machine readable number
kubectl get --namespace onap -o jsonpath="{.spec.ports[0].nodePort}" services robot)Node Port Reservations 302 prefix
Component (sortable) | Pod | Service name | Protocol http/https/ws... | Node Port | Internal Port | Reason for exposure outside of the internal DNS service name access |
|---|---|---|---|---|---|---|
vid | vid | 30200 | 8443 | |||
FREE_PORT | 30201 | 8843 | ||||
sdnc / ccsdk | ccsdk/oran/a1-policy-management-service | http | 30093 | 9080 | Used ito access A1 Policy Managment service API - used in different ONAP & OSC deployments - including external rApp/client/portal access | |
sdnc | sdnc | 30202 | 8282 | http port, removed in El Alto. Instead, users should use https node port 30267 | ||
sdnc | sdnc-dgbuilder | 30203 | 3000 | |||
sdc | sdc-be | 30204 | 8443 | |||
sdc | sdc-be | 30205 | 8080 | |||
sdc | sdc-fe | 30206 | 8181 | |||
sdc | sdc-fe | 30207 | 9443 | |||
appc | appc | 30208 | 8282 | removed in Frankfurt | ||
robot | robot | 30209 | 88 | u:p test:test | ||
aai | aai-modelloader | 30210 | 8080 | |||
appc | appc | 30211 | 9090 | |||
portal | portal-sdk | 30212 | 8443 | |||
portal | portal-app | 30225 | 8443 | |||
policy | policy brmsgw | 30216 | 9989 | |||
policy | drools (dup?) | 30217 | 6969 | |||
policy | pap | 30218 | 9091 | |||
policy | pap | 30219 | 8443 | |||
aai | aai-sparky-be | 30220 | 9517 | |||
policy | drools (dup?) | 30221 | 9696 | |||
dcae | DCAEGEN2 | hv-ves xdcae-hv-ves-collector | 30222 | 6061 | ||
dcae | DCAEGEN2 | 30223 | Reserved for future DCAEapp (12/30 - dcae-datafile-collector usage on this port is removed since El-Alto) | |||
so | so-monitor | 30224 | 9091 | |||
portal | portal-app (ssl) | 30225 | 8443 | |||
dmaap | message-router | 30226 | 3905 | |||
dmaap | message-router | 30227 | 3904 | |||
appc | appc-dgbuilder | 30228 | 3000 | CAUTION2: There might me blanks in following data. | ||
aai | aai-modelloader | 30229 | 8443 | CAUTION2: There might me blanks in following data. | ||
appc | appc | 30230 | 8443 | |||
appc | appc | 30231 | 1830 | |||
aai | aai | 30232 | 8080 | |||
aai | aai | 30233 | 8443 | |||
pomba | pomba-kibana | https | 30234 | 5601 | ||
dcae | xdcae-ves-collector | 30235 | 8080 | |||
policy | nexus | 30236 | 8081 | |||
policy | policy-apex-pdp | 30237 | 12345 | |||
aai | aai-graphgraph | 30238 | 8453 | |||
aai | aai-spike | 30239 | 9518 | |||
pomba | pomba-context-builder | 30240 | 9530 | |||
dmaap | dmaap-bc | 30241 | 8080 |