Ask Your Question

Openstack services and port

asked 2013-10-29 04:02:59 -0500

sngirame gravatar image


Is there any documentation for default ports on which openstack services listen.

I tried searching for the answer for nova & found that Nova api listens on 8773 (for EC2 API) and 8774 (for openstack API).what about other sub components services?

edit retag flag offensive close merge delete

4 answers

Sort by ยป oldest newest most voted

answered 2013-10-30 09:58:16 -0500

sngirame gravatar image

updated 2014-04-18 09:29:29 -0500

smaffulli gravatar image

I was able to derive this information after lot of googling :)

OpenStack Service      Port

Nova-api                    8773 (for EC2 API)
                                8774 (for openstack API)
                                8775 (metadata port)
                                3333 (when accessing S3 API)
nova-novncproxy     6080
                                5800/5900 (VNC)
cinder                      8776
glance                  9191 (glance registry)
                                9292 (glance api)
keystone                    5000 (public port)
                                35357 (admin port)
http                            80
Mysql                   3306
AMQP                    5672
edit flag offensive delete link more

answered 2014-04-17 22:36:36 -0500

fifieldt gravatar image
edit flag offensive delete link more

answered 2013-10-29 06:45:10 -0500

I got this in iptables:

-A INPUT --jump mysql
-A mysql -p tcp -m tcp --dport 5672 --jump ACCEPT
-A mysql -p tcp -m multiport --dports 3306 --jump ACCEPT
-A INPUT --jump keystone
-A keystone -p tcp -m multiport --dports 5000,35357 --jump ACCEPT
-A INPUT --jump swift-proxy
-A swift-proxy -p tcp -m multiport --dports 8080 --jump ACCEPT
-A INPUT --jump memcached
-A memcached -p tcp -m multiport --dports 11211 --jump ACCEPT
-A INPUT --jump glance
-A glance -p tcp -m multiport --dports 9292,9191 --jump ACCEPT
-A INPUT --jump cinder
-A cinder -p tcp -m multiport --dports 3260,8776 --jump ACCEPT
-A INPUT --jump neutron
-A neutron -p tcp -m multiport --dports 9696 --jump ACCEPT
-A INPUT --jump dashboard
-A dashboard -p tcp -m multiport --dports 80,443 --jump ACCEPT
-A INPUT --jump novnc
-A novnc -m state --state NEW -m tcp -p tcp --dport 6082 --jump ACCEPT
-A INPUT --jump nova
-A nova -p tcp -m multiport --dports 5900:5999,8773,8774,8775 --jump ACCEPT
-A novnc -p tcp -m multiport --dports 6080,6081,6082 --jump ACCEPT
-A INPUT --jump swift-node
-A swift-node -p tcp -m multiport --dports 6000,6001,6002,873 --jump ACCEPT
-A INPUT --jump heat
-A heat -p tcp -m multiport --dports 8000,8003,8004 --jump ACCEPT
-A INPUT --jump ceilometer
-A ceilometer -p tcp -m multiport --dports 8777 --jump ACCEPT

/etc/keystone/default_catalog.templates might also be helpfull:

catalog.RegionOne.identity.publicURL = http://<%= node[:ip][:keystone] %>:$(public_port)s/v2.0
catalog.RegionOne.identity.adminURL = http://<%= node[:ip][:keystone] %>:$(admin_port)s/v2.0
catalog.RegionOne.identity.internalURL = http://<%= node[:ip][:keystone] %>:$(public_port)s/v2.0 = keystone

catalog.RegionOne.compute.publicURL = http://<%= node[:ip][:nova] %>:$(compute_port)s/v2/$(tenant_id)s
catalog.RegionOne.compute.adminURL = http://<%= node[:ip][:nova] %>:$(compute_port)s/v2/$(tenant_id)s
catalog.RegionOne.compute.internalURL = http://<%= node[:ip][:nova]%>:$(compute_port)s/v2/$(tenant_id)s = nova

catalog.RegionOne.volume.publicURL = http://<%= node[:ip][:cinder] %>:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.adminURL = http://<%= node[:ip][:cinder] %>:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.internalURL = http://<%= node[:ip][:cinder] %>:8776/v1/$(tenant_id)s = cinder

catalog.RegionOne.ec2.publicURL = http://<%= node[:ip][:nova] %>:8773/services/Cloud
catalog.RegionOne.ec2.adminURL = http://<%= node[:ip][:nova] %>:8773/services/Admin
catalog.RegionOne.ec2.internalURL = http://<%= node[:ip][:nova] %>:8773/services/Cloud = ec2

catalog.RegionOne.image.publicURL = http://<%= node[:ip][:glance] %>:9292
catalog.RegionOne.image.adminURL = http://<%= node[:ip][:glance] %>:9292
catalog.RegionOne.image.internalURL = http://<%= node[:ip][:glance] %>:9292 = glance

catalog.RegionOne.object_store.publicURL = http://<%= node[:ip][:swift] %>:8080/v1/AUTH_%(tenant_id)s
catalog.RegionOne.object_store.internalURL = http://<%= node[:ip][:swift] %>:8080/v1/AUTH_%(tenant_id)s
catalog.RegionOne.object_store.adminURL = http://<%= node[:ip][:swift] %>:8080 = swift

catalog.RegionOne.s3.publicURL = http://<%= node[:ip][:swift] %>:8080
catalog.RegionOne.s3.internalURL = http://<%= node[:ip][:swift] %>:8080
catalog.RegionOne.s3.adminURL = http://<%= node[:ip][:swift] %>:8080
catalog.RegionOne.s3 ...
edit flag offensive delete link more


What about nova sub components like nova scheduler, nova conductor etc. , do they run on any default port?

sngirame gravatar imagesngirame ( 2013-10-29 08:03:41 -0500 )edit

I don't think anything actually connects to the scheduler or conductor, they communicate with other components by putting messages onto (or taking messages off) the message queue provided by an AMQP supporting broker such as Qpid or RabbitMQ and connecting to the database directly.

sgordon gravatar imagesgordon ( 2013-10-29 16:51:26 -0500 )edit

answered 2015-09-10 01:49:38 -0500

Radhakrishnan Rk gravatar image
edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2013-10-29 04:02:59 -0500

Seen: 29,421 times

Last updated: Sep 10 '15