docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Clarify port to open for overlay networking (#1762) 

Signed-off-by: Alessandro Boch <aboch@docker.com>
This commit is contained in:
Alessandro Boch 2017-02-16 11:52:55 -08:00 committed by John Mulhausen
parent aeb51d3543
commit 46a9be7289
4 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
datacenter/ucp/1.1/installation/system-requirements.md
View File

@ -34,7 +34,7 @@ When installing UCP on a host, make sure the following ports are open:
| controllers, nodes | in | TCP 443 (configurable) | Web app and CLI client access to UCP. |
| controllers, nodes | in | TCP 2375 | Heartbeat for nodes, to ensure they are running. |
| controllers | in | TCP 2376 (configurable) | Swarm manager accepts requests from UCP controller. |
| controllers, nodes | in, out | TCP + UDP 4789 | Overlay networking. |
| controllers, nodes | in, out | UDP 4789 | Overlay networking. |
| controllers, nodes | in, out | TCP + UDP 7946 | Overlay networking. |
| controllers, nodes | in | TCP 12376 | Proxy for TLS, provides access to UCP, Swarm, and Engine. |
| controller | in | TCP 12379 | Internal node configuration, cluster configuration, and HA. |

2
datacenter/ucp/2.0/guides/installation/system-requirements.md
View File

@ -31,7 +31,7 @@ When installing UCP on a host, make sure the following ports are open:
| managers, workers | in | TCP 443 (configurable) | Port for the UCP web UI and API |
| managers | in | TCP 2376 (configurable) | Port for the Docker Swarm manager. Used for backwards compatibility |
| managers, workers | in | TCP 2377 (configurable) | Port for communication between swarm nodes |
| managers, workers | in, out | TCP, UDP 4789 | Port for overlay networking |
| managers, workers | in, out | UDP 4789 | Port for overlay networking |
| managers, workers | in, out | TCP, UDP 7946 | Port for overlay networking |
| managers, workers | in | TCP 12376 | Port for a TLS proxy that provides access to UCP, Docker Engine, and Docker Swarm |
| managers | in | TCP 12379 | Port for internal node configuration, cluster configuration, and HA |

4
engine/swarm/swarm-tutorial/index.md
View File

@ -111,10 +111,10 @@ The following ports must be available. On some systems, these ports are open by
* **TCP port 2377** for cluster management communications
* **TCP** and **UDP port 7946** for communication among nodes
* **TCP** and **UDP port 4789** for overlay network traffic
* **UDP port 4789** for overlay network traffic
If you are planning on creating an overlay network with encryption (`--opt encrypted`),
you will also need to ensure ip protocol 50 (ESP) traffic is allowed.
you will also need to ensure **ip protocol 50** (**ESP**) traffic is allowed.
## What's next?

5
swarm/plan-for-production.md
View File

@ -50,8 +50,8 @@ For more information on configuring Swarm for TLS, see the [Overview Docker Swar
### Network access control
Production networks are complex, and usually locked down so that only allowed
traffic can flow on the network. The list below shows the network ports that
the different components of a Swam cluster listen on. You should use these to
traffic can flow on the network. The list below shows the network ports and protocols
that the different components of a Swam cluster listen on. You should use these to
configure your firewalls and other network access control lists.
- **Swarm manager.**
@ -72,6 +72,7 @@ configure your firewalls and other network access control lists.
- **Inbound 7946/udp** Allows for discovering other container networks.
- **Inbound `<store-port>`/tcp** Network key-value store service port.
- **4789/udp** For the container overlay network.
- **ESP packets** For encrypted overlay networks.
If your firewalls and other network devices are connection state aware, they