Access and Port Requirements for Installation

Note: These port accesses have been checked and approved for Kubernetes 1.31.0 and Flannel 0.27.4 versions. Ports may vary in different Kubernetes and Flannel versions.

Internet Access Requirements

Internet access to the following addresses is required during installation:

archive.ubuntu.com / cdn.redhat.com
*.docker.com
*.docker.io
*.k8s.io
*.amazonaws.com (please refer to Kubernetes documentation for the reason for this access)
*.mongodb.org
artifacts.elastic.co

Kubernetes Cluster Port Requirements

The following network diagram example explains which connection ports need to be configured to enable worker nodes’ access to master nodes within a Kubernetes cluster. To ensure healthy communication between both public and private network zones within the Kubernetes cluster, certain connection ports need to be opened.

Worker Node → Master Node Port Permissions

The connection ports specified in the diagram are necessary for Kubernetes Worker Nodes to communicate seamlessly with Master Nodes. These ports must be open from all Worker Nodes to Master Nodes for the cluster to function correctly.

Worker → Master Port Requirements

Port	Protocol	Description	Required
6443	HTTPS	Kubernetes API Server	✅
10250	HTTPS	Kubelet API	✅
10259	HTTPS	Kube-scheduler	✅
10257	HTTPS	Kube-controller-manager	✅
2379-2380	TCP	etcd client/server	✅
8472	UDP	Flannel VXLAN	✅
51820/51821	UDP	Flannel Wireguard	⚠️

Master Node → Worker Node Port Permissions

Connections from Kubernetes Master/Control Plane servers to Worker servers are necessary for communication between Kubernetes cluster components. These ports must be open from all Master Nodes to Worker Nodes for the cluster to function correctly.

Master → Worker Port Requirements

Port	Protocol	Description	Required
10250	HTTPS	Kubelet API	✅
30000-32767	TCP/UDP	NodePort Services	✅
8472	UDP	Flannel VXLAN	✅
51820/51821	UDP	Flannel Wireguard	⚠️

Master Node ↔ Master Node Port Permissions

Connections between Kubernetes Master servers are necessary for communication between Kubernetes cluster components. These ports must be open between all Master Nodes for the cluster to function correctly.

Master ↔ Master Port Requirements

Port	Protocol	Description	Required
6443	HTTPS	Kubernetes API Server	✅
2379-2380	TCP	etcd client/server	✅
10250	HTTPS	Kubelet API	✅
10259	HTTPS	Kube-scheduler	✅
10257	HTTPS	Kube-controller-manager	✅
8472	UDP	Flannel VXLAN	✅

Note: All default ports can be changed, but in this case, operations and permissions should be done carefully.

Kubernetes High Availability (HA) Cluster

When setting up a Kubernetes High Availability (High Access) Cluster:

Load Balancer VIP Access

On Kubernetes Master/Control Plane and Worker servers, necessary permissions should be defined to access the Load Balancer’s VIP over port 6443. This VIP performs load balancing by routing to Master nodes’ 6443 ports.

Load Balancer VIP

VIP → Master Node 1:6443
VIP → Master Node 2:6443
VIP → Master Node 3:6443

HAProxy Example

HAProxy example is available for Load Balancer configuration.

Apinizer Port Requirements

Kubernetes uses ports in the 30000-32767 range for external access by default. Although specific default ports are used for Apinizer, these can be customized optionally.

For Worker Servers

Manager Port

Port: 32080
Protocol: HTTP
Description: Apinizer Manager access

Worker Port

Port: 30080 or 30090
Protocol: HTTP
Description: Apinizer Worker (API Gateway) access

For MongoDB Servers

MongoDB Port

Port: 27017
Protocol: TCP
Description: MongoDB access (inter-node communication for Replica Set)

For Elasticsearch Servers

Elasticsearch HTTP

Port: 9200
Protocol: HTTP
Description: Elasticsearch HTTP API access

Elasticsearch Transport

Port: 9300
Protocol: TCP
Description: Elasticsearch cluster communication

Special Cases

Note: If applications such as Ingress Controller, Metric Server, Rancher, Lens, etc. will be used or if Kubernetes will be installed in a cloud environment, port requirements should be checked externally.

Port Requirements Summary

Basic Ports

Kubernetes API

6443: Kubernetes API Server
10250: Kubelet API
10259: Kube-scheduler
10257: Kube-controller-manager

Network Plugin

8472: Flannel VXLAN
51820/51821: Flannel Wireguard (optional)

Apinizer

32080: Manager
30080/30090: Worker

Database

27017: MongoDB
9200: Elasticsearch HTTP
9300: Elasticsearch Transport

Next Steps

Network Connection Matrix

Learn port requirements between Apinizer components

Network Topology and Port Requirements

Get detailed information about port permissions

Installation Topologies

Review installation topologies

Kubernetes Installation

Review Kubernetes installation steps

Başlangıç

Apinizer'ı Anlamak

Access and Port Requirements for Installation

Internet Access Requirements

Kubernetes Cluster Port Requirements

Worker Node → Master Node Port Permissions

Master Node → Worker Node Port Permissions

Master Node ↔ Master Node Port Permissions

Kubernetes High Availability (HA) Cluster

Load Balancer VIP Access

Load Balancer VIP

HAProxy Example

Apinizer Port Requirements

For Worker Servers

Manager Port

Worker Port

For MongoDB Servers

MongoDB Port

For Elasticsearch Servers

Elasticsearch HTTP

Elasticsearch Transport

Special Cases

Port Requirements Summary

Basic Ports

Kubernetes API

Network Plugin

Apinizer

Database

Next Steps

Network Connection Matrix

Network Topology and Port Requirements

Installation Topologies

Kubernetes Installation

Başlangıç

Apinizer'ı Anlamak

​Internet Access Requirements

​Kubernetes Cluster Port Requirements

​Worker Node → Master Node Port Permissions

​Master Node → Worker Node Port Permissions

​Master Node ↔ Master Node Port Permissions

​Kubernetes High Availability (HA) Cluster

​Load Balancer VIP Access

Load Balancer VIP

HAProxy Example

​Apinizer Port Requirements

​For Worker Servers

Manager Port

Worker Port

​For MongoDB Servers

MongoDB Port

​For Elasticsearch Servers

Elasticsearch HTTP

Elasticsearch Transport

​Special Cases

​Port Requirements Summary

​Basic Ports

Kubernetes API

Network Plugin

Apinizer

Database

​Next Steps

Network Connection Matrix

Network Topology and Port Requirements

Installation Topologies

Kubernetes Installation

Internet Access Requirements

Kubernetes Cluster Port Requirements

Worker Node → Master Node Port Permissions

Master Node → Worker Node Port Permissions

Master Node ↔ Master Node Port Permissions

Kubernetes High Availability (HA) Cluster

Load Balancer VIP Access

Apinizer Port Requirements

For Worker Servers

For MongoDB Servers

For Elasticsearch Servers

Special Cases

Port Requirements Summary

Basic Ports

Next Steps