SaaS Network Communications and Ports

The network ports for Palette in SaaS mode and on-prem are listed below.

SaaS Network Diagram with ports

Management Platform

PortDirectionPurpose
HTTPS (tcp/443)INBrowser/API access to Management Platform
SSH (tcp/22)INTroubleshooting via SSH (optional)
NATS (tcp/4222)INAgent running inside connecting to Management Platform

Workload Cluster

PortDirectionPurpose
HTTPS (tcp/6443)INKubernetes API Server
SSH (tcp/22)INTroubleshooting via SSH (optional)
NATS (tcp/4222)OUTRegistry (packs, integrations), Pack containers, Application Updates

On-Prem Network Communications and Ports

The following diagram maps the network connections between the Palette components and deployed Kubernetes clusters.

On-prem network diagram

Management Platform

PortDirectionPurpose
HTTPS (tcp/443)INBrowser/API access to Management Platform
SSH (tcp/22)INTroubleshooting via SSH (optional)
NATS (tcp/4222)INMessage Bus for workload clusters
HTTPS (tcp/443)OUTvSphere vCenter API, Registry (packs, integrations), Pack containers, app updates.
HTTPS (tcp/6443)OUTWorkload K8s cluster API Server

Workload Cluster

PortDirectionPurpose
HTTPS (tcp/6443)INKubernetes API Server
SSH (tcp/22)INTroubleshooting via SSH (optional)
NATS (tcp/4222)OUTAgent communication via Message Bus
HTTPS (tcp/443)OUTvSphere vCenter API, Registry (packs, integrations), Pack containers, Application updates.