Security considerations
Ports need to be open for DLM Engine, Knox, Atlas, and DataNodes.
Have the following ports available and open on each cluster:
| Default Port Number | Purpose | Comments | Required to be open? |
| 25968 | Port for DLM Engine (Beacon) service on hosts |
Accessibility is required from all clusters. “Beacon” is the internal name for the DLM Engine. You will see the name Beacon in some paths, commands, etc. |
Yes |
| 8020 | NameNode host | Yes | |
| 50010 | All DataNode hosts | Yes | |
| 8080 | Ambari server host | Yes | |
| 10000 | HiveServer2 host | Binary mode port (Thrift) | Yes |
| 10001 | HiveServer2 host | HTTP mode port | Yes |
| 9083 | Hive metastore | Yes | |
| 2181 | ZooKeeper hosts | Yes | |
| 6080 | Ranger port | Yes | |
| 21000/21443 | Atlas endpoint for Web UI and rest endpoint | Default non-SSL: 21000, SSL: 21443 | Yes |
| 8050 | YARN port | Yes |