By default, Consul chooses the ports that its proxies use from the sparsely used block of 10001 to 10800.
You can change these ports, but note the following:
- You must uninstall and reinstall
apigee-mtls
with the new values. - Consul proxies cannot listen on the same ports as Apigee Services.
- Consul has only one port address space. This means that if proxy A on host A listens on port 15000, then proxy B on host B cannot listen on port 15000.
- Be sure that you review Apigee port requirements to ensure no collisions occur.
You can customize the ports that are used by the proxies to suit your particular configuration.
Generating a report on port usage
When customizing proxy port ranges, it may be useful to generate a report on the current port assignments. To do so, enter the following command:
apigee-service apigee-mtls report -f silent.conf > port_report.json
This generates a JSON file named port_report.json
that contains information
about current port usage for each host. You can name the file whatever you wish.
Report structure
Below is a sample showing the structure of the generated report.
{ "192.168.1.1": { "datacenter_member": "dc-1", "daemons": { "zookeeper-ingress": { "ingress": true, "name": "zk-2888-192-168-1-1", "listeners": [ { "purpose": "terminate service mesh for zk port 2888", "ip_address": "192.168.1.1", "port": 10001, } ] }, "consul-server": { . . . } } }, "192.168.1.2": { } . . . }
In the example above, the host "zk-2888-192-168-1-1"
is assigned port 10001
.
Customizing ports used by Apigess mTLS
To customize the ports used by Apigee mTLS:
- Uninstall
apigee-mtls
if it is already installed, as shown below:/opt/apigee/apigee-service/bin/apigee-service apigee-mtls uninstall
For more information, see Uninstall Apigee mTLS.
On each node, open the silent configuration file. For more general information about this file, see Creating a configuration file.
If you wish, you can run the command shown in Generating a report on port usage before the apigee-mtls setup is complete, to see what your silent configuration file will generate.
Add or change the values of the properties that set the ports.
The following table lists the ports and provides the names of the properties that you use to customize the ports used by components with Apigee mTLS:
Node Default Range Description Apigee mTLS 10700 to 10799 Each host with an apigee-mtls
installation requires a single port in the specified range.You define the port by setting the minimum and maximum port number to the same value with the following properties:
SMI_PROXY_MINIMUM_EGRESS_PROXY_PORT SMI_PROXY_MAXIMUM_EGRESS_PROXY_PORT
Cassandra 10100 to 10199 Each host with an apigee-cassandra
installation requires two ports in the specified range.You define a custom range by setting the minimum and maximum port numbers with the following properties:
SMI_PROXY_MINIMUM_CASSANDRA_PROXY_PORT SMI_PROXY_MAXIMUM_CASSANDRA_PROXY_PORT
Message Processor 10500 to 10599 Each host with an apigee-message-processor
installation requires two ports in the specified range.You define a custom range by setting the minimum and maximum port numbers with the following properties:
SMI_PROXY_MINIMUM_MESSAGEPROCESSOR_PROXY_PORT SMI_PROXY_MAXIMUM_MESSAGEPROCESSOR_PROXY_PORT
OpenLDAP 10200 to 10299 Each host with an apigee-ldap
installation requires one port in the specified range.You define the port by setting the minimum and maximum port number to the same value with the following properties:
SMI_PROXY_MINIMUM_LDAP_PROXY_PORT SMI_PROXY_MAXIMUM_LDAP_PROXY_PORT
Postgres 10300 to 10399 Each host with an apigee-postgres
installation requires three ports in the specified range.You define a custom range by setting the minimum and maximum port numbers with the following properties:
SMI_PROXY_MINIMUM_POSTGRES_PROXY_PORT SMI_PROXY_MAXIMUM_POSTGRES_PROXY_PORT
QPid 10400 to 10499 Each host with an apigee-qpid
installation requires two ports in the specified range.You define a custom range by setting the minimum and maximum port numbers with the following properties:
SMI_PROXY_MINIMUM_QPID_PROXY_PORT SMI_PROXY_MAXIMUM_QPID_PROXY_PORT
Router 10600 to 10699 Each host with an apigee-router
installation requires two ports in the specified range.You define a custom range by setting the minimum and maximum port numbers with the following properties:
RT_PROXY_PORT_MIN RT_PROXY_PORT_MAX
ZooKeeper 10001 to 10099 Each host with an apigee-zookeeper
installation requires three ports in the specified range.You define a custom range by setting the minimum and maximum port numbers with the following properties:
SMI_PROXY_MINIMUM_ZOOKEEPER_PROXY_PORT SMI_PROXY_MAXIMUM_ZOOKEEPER_PROXY_PORT
The following example defines custom values for the Cassandra ports:
SMI_PROXY_MINIMUM_CASSANDRA_PROXY_PORT=10142 SMI_PROXY_MAXIMUM_CASSANDRA_PROXY_PORT=10143
- Save the configuration file.
- Install
apigee-mtls
as described in Install Apigee mTLS. - Configure the
apigee-mtls
component by using the following command:/opt/apigee/apigee-service/bin/apigee-service apigee-mtls setup -f config_file
- Repeat these steps for each node in your cluster so that all configuration files are the same across all nodes.