5.3 Kubernetes

All ports use TCP protocol, unless otherwise noted.

Ports	Node	Description
2380	Master	Used by the etcd component which provides a distributed configuration database. All the master nodes should be able to access this port for the etcd cluster communication.
4001	Master	Used by the etcd component which provides a distributed configuration database. All cluster nodes should be able to access this port for the client connection.
5000	Master	Used by kube-registry component which handles the management of container image delivery. All cluster nodes should be able to access this port to communicate with the local container registry.
7443	Master	(Conditional) Used by the Kubernetes API server when you perform one of the following methods of installation: Use the provided scripts Install manually and on the same node as Fusion All cluster nodes should be able to access this port for internal communication.
8443	Master	(Conditional) Used by the Kubernetes API server when you manually install and the installation is not on the same node as Fusion. All cluster nodes should be able to access this port for internal communication.
8472	All nodes	Uses UDP protocol Used by the Flannel service component which manages the internal cluster networking. All cluster nodes should be able to access this port for internal communication.
10250	All nodes	Used by the Kubelet service which functions as a local node agent that watches pod specifications through the Kubernetes API server. All cluster nodes should be able to access this port for internal communications and worker node Kubelet API for exec and logs.
10251	All nodes	Used by Kube-scheduler component that watches for any new pod with no assigned node and assigns a node to the pod. All cluster nodes should be able to access this port for internal communication.
10252	All nodes	Used by kube-controller-manager component that runs controller processes which regulate the state of the cluster. All the cluster nodes should be able to access this port for internal communication.
10256	All nodes	Used by the Kube-proxy component, which is a network proxy that runs on each node, for exposing the services on each node. All the cluster nodes should be able to access this port for internal communication.