The following are the common configurations that should be configured in the IaaS.
chmod 0600
Port# | Port Description | Suggestions for Access Restrictions |
---|---|---|
Common Ports |
|
|
22 | SSH port. Clients will use this port to ssh into the EC2 instance | Open to outside access |
Cartridge Security Group |
|
|
80 | Apache http port. Cartridge instances would use this port to expose applications (http) | Restricted internal access |
443 | Apache https port. Cartridge instances would use this port to expose applications (https) | Restricted internal access |
3306 | MySQL port. MySQL Cartridge instances would use this port to expose MySQL service | Restricted internal access |
9443 | Default https. Default https port of a Stratos server | Restricted internal access |
9763 | Default http. Default http port of a Stratos server | Restricted internal access |
Apache Stratos Security Group |
|
|
8280 | Stratos Elastic Load Balancer (ELB) http proxy port. One of two http ports of Stratos ELB and clients would access service cluster nodes via this port | Open to outside access |
8243 | Stratos ELB https proxy port. One of two https ports of ELB and clients would access service cluster nodes via this port | Open to outside access |
8290 | Stratos ELB http proxy port. One of two http ports of ELB and clients would access service cluster nodes via this port | Open to outside access |
8253 | Stratos ELB https proxy port. One of two https ports of Stratos ELB and clients would access service cluster nodes via this port | Open to outside access |
9445 | SC https port. Clients would access Stratos Controller via this port | Open to outside access |
5001 | SC clustering port. Tribes clustering port of Stratos Controller | Restricted internal access |
4000 | Stratos ELB clustering port. Tribes clustering port of Stratos ELB | Restricted internal access |
9447 | CartridgeAgentService https port | Restricted internal access |
7714 | Business Activity Monitor (BAM) port | Restricted internal access |
9163 | BAM cassandra port | Restricted internal access |
9446 | Management console port of BAM server | Open to outside access |
8291 | GitBlit http port | Open to outside access |
8443 | GitBlit https port | Open to outside access |