Configuring firewall port access
Opening the required ports to allow communication between the nodes.
If you have a firewall running on the nodes in your Cassandra or DataStax Enterprise cluster, you must open up the following ports to allow communication between the nodes, including certain Cassandra ports. If this isn't done, when you start Cassandra (or Hadoop in DataStax Enterprise) on a node, the node will act as a standalone database server rather than joining the database cluster.
Public Facing Ports¶
|22||SSH (default)||See your OS documentation on sshd.|
DataStax Enterprise public ports
|8012||Hadoop Job Tracker client port. The Job Tracker listens on this port for job submissions and communications from task trackers; allows traffic from each Analytics node in a cluster.||cassandra.yaml|
|8983||Solr port and Demo applications website port (Portfolio, Search, Search log)|
|50030||Hadoop Job Tracker website port. The Job Tracker listens on this port for HTTP requests. If initiated from the OpsCenter, these requests are proxied through the opscenterd daemon; otherwise, they come directly from the browser. ||mapred-site.xml using the mapred.job.tracker.http.address property.|
|50060||Hadoop Task Tracker website port. Each Task Tracker listens on this port for HTTP requests coming directly from the browser and not proxied by the opscenterd daemon. ||mapred-site.xml using the mapred.task.tracker.http.address property.|
OpsCenter public ports
|8888||OpsCenter website. The opscenterd daemon listens on this port for HTTP requests coming directly from the browser. ||opscenterd.conf|
Cassandra inter-node ports
|1024 - 65355||JMX reconnection/loopback ports. Please read the description for port 7199.|
|7000||Cassandra inter-node cluster communication.||cassandra.yaml
|7001||Cassandra SSL inter-node cluster communication.||cassandra.yaml
|7199||Cassandra JMX monitoring port. After the initial
handshake, the JMX protocol requires that the client
reconnects on a randomly chosen port (1024+). Open this
port only if you want to remotely connect to the node
via JMX. Running nodetool or opscenter agent locally
does not require these ports to be open.
Note: Starting with Java 7u4, you can specify the port used by JMX rather than a randomly assigned port. The standard RMI (Remote Method Invocation) registry port for JMX is set by the com.sun.management.jmxremote.port property. Use the com.sun.management.jmxremote.rmi.port property to specify the port used by JMX.
See JMX options in Tuning Java resources.
|9160||Cassandra client port (Thrift). OpsCenter agents makes Thrift requests to their local node on this port. Additionally, the port can be used by the opscenterd daemon to make Thrift requests to each node in the cluster.||cassandra.yaml
DataStax Enterprise inter-node ports
|8984||Netty server port.||dse.yaml See Shard transport options for DSE Search/Solr communications.|
|9042||CQL native clients port.||cassandra.yaml|
|9290||Hadoop Job Tracker Thrift port. The Job Tracker listens on this port for Thrift requests coming from the opscenterd daemon.|
|10000||Hive server port.||Set with the -p option in the dse hive --service hiveserver command or configure in hive-site.xml.|
OpsCenter specific inter-node
|50031||OpsCenter HTTP proxy for Job Tracker. The opscenterd daemon listens on this port for incoming HTTP requests from the browser when viewing the Hadoop Job Tracker page directly. |
|61620||OpsCenter monitoring port. The opscenterd daemon listens on this port for TCP traffic coming from the agent. |
|61621||OpsCenter agent port. The agents listen on this port for SSL traffic initiated by OpsCenter. |