Ports Used by Cloudera Runtime Components
Cloudera Runtime components use a number of ports for associated services.
All ports listed are TCP.
In the following tables, Internal means that the port is used only for communication among the components; External means that the port can be used for either internal or external communication.
Component | Service | Port | Configuration | Comment |
---|---|---|---|---|
Apache Atlas | Non-SSL | 31000 | atlas.server.http.port |
|
SSL | 31443 | atlas.server.https.port |
This port is used only when Atlas is in SSL mode. | |
Apache Hadoop HDFS | DataNode | 9866 |
|
DataNode server address and port for data transfer |
9864 |
dfs.datanode.http.address
|
DataNode HTTP server port | ||
9865 |
dfs.datanode.https.address
|
DataNode HTTPS server port | ||
9867 |
dfs.datanode.ipc.address
|
DataNode IPC server port | ||
NameNode | 8020 |
|
|
|
8022 |
|
Optional port used by HDFS daemons to avoid sharing the RPC port used by clients (8020). Cloudera recommends using port 8022. |
||
9870 |
|
|
||
9871 |
|
|
||
NFS gateway | 2049 |
|
||
4242 |
|
|||
111 |
|
|||
50079 |
nfs.http.port
|
The NFS gateway daemon uses this port to serve metrics. The port is configurable on versions 5.10 and higher. | ||
50579 |
nfs.https.port
|
The NFS gateway daemon uses this port to serve metrics. The port is configurable on versions 5.10 and higher. | ||
HttpFS | 14000 | HttpFS server port | ||
14001 | HttpFS admin port | |||
Apache Hadoop YARN (MRv2) | ResourceManager | 8032 |
yarn. resourcemanager. address
|
|
8033 |
yarn. resourcemanager. admin.address
|
|||
8088 |
yarn. resourcemanager. webapp.address
|
|||
8090 |
yarn. resourcemanager. webapp.https.address
|
|||
NodeManager | 8042 |
yarn. nodemanager. webapp.address
|
||
8044 |
yarn. nodemanager. webapp.https.address
|
|||
JobHistory Server | 19888 |
mapreduce. jobhistory. webapp.address
|
||
19890 |
mapreduce. jobhistory. webapp.https.address
|
|||
ApplicationMaster |
The ApplicationMaster serves an HTTP service using an ephemeral port that cannot be restricted. This port is never accessed directly from outside the cluster by clients. All requests to the ApplicationMaster web server is routed using the YARN ResourceManager (proxy service). Locking down access to ephemeral port ranges within the cluster's network might restrict your access to the ApplicationMaster UI and its logs, along with the ability to look at running applications. |
|||
Apache Flume |
Flume Agent |
41414 | ||
Apache Hadoop KMS | Key Management Server | 16000 |
|
Applies to both Java KeyStore KMS and Key Trustee KMS. |
Apache HBase | Master | 16000 |
hbase.master. port
|
IPC |
16010 |
hbase.master. info.port
|
HTTP |
||
RegionServer | 16020 |
hbase. regionserver. port
|
IPC |
|
16030 |
hbase. regionserver. info.port
|
HTTP |
||
REST |
20550 |
hbase.rest.port
|
The default REST port in HBase is 8080. Because this is a commonly used port, Cloudera Manager sets the default to 20550 instead. |
|
REST UI |
8085 | |||
Thrift Server | 9090 |
Pass |
||
Thrift Server | 9095 | |||
9090 |
Pass |
|||
Lily HBase Indexer | 11060 | |||
Apache Hive | Metastore | 9083 | ||
HiveServer2 | 10000 |
|
The Beeline command interpreter requires that you specify this port on the command line. If you use Oracle database, you must manually reserve this port. |
|
HiveServer2 Web User Interface (UI) | 10002 |
|
||
Hue | Server | 8888 | ||
Load Balancer | 8889 | |||
Apache Impala | Impala Daemon | 21000 | Used to transmit commands and receive results by
impala-shell and version 1.2 of the Cloudera ODBC driver. |
|
21050 | Used to transmit commands and receive results by applications, such as Business Intelligence tools, using JDBC, the Beeswax query editor in Hue, and version 2.0 or higher of the Cloudera ODBC driver. | |||
25000 | Impala web interface for administrators to monitor and troubleshoot. | |||
StateStore Daemon | 25010 | StateStore web interface for administrators to monitor and troubleshoot. | ||
Catalog Daemon | 25020 | Catalog service web interface for administrators to monitor and troubleshoot. | ||
Apache Kafka | Kafka Broker | 9092 | port | The primary communication port used by producers and consumers; also used for inter-broker communication. |
9093 | ssl_port | A secured communication port used by producers and consumers; also used for inter-broker communication. | ||
Kafka Connect | 38083 | rest.port | Kafka Connect Rest Port | |
38085 | secure.rest.port | Kafka Connect Secure Rest Port | ||
Apache Kudu | Master | 7051 | Kudu Master RPC port | |
8051 | Kudu Master HTTP server port | |||
TabletServer | 7050 |
Kudu TabletServer RPC port |
||
8050 |
Kudu TabletServer HTTP server port |
|||
Apache Oozie | Oozie Server | 11000 |
|
HTTP |
11443 |
HTTPS |
|||
Apache Ranger | Non-SSL | 6080 | ranger.service.http.port |
|
SSL | 6182 | ranger.service.https.port |
This port is used only when Ranger is in SSL mode. | |
Admin Unix Auth Service Port | 5151 | ranger.unixauth.service.port |
||
Apache Solr | Solr Server | 8983 | HTTP port for all Solr-specific actions, update/query. | |
Solr Server | 8985 | HTTPS port for all Solr-specific actions, update/query. | ||
Apache Spark |
Shuffle service |
7377 | spark.shuffle.service.port |
|
History Server |
18081 | spark.history.ui.port |
||
History Server with TLS |
18488 |
spark.ssl.historyServer.port
|
||
Apache Sqoop |
Metastore |
16000 |
sqoop. metastore. server.port
|
|
Apache ZooKeeper |
Server (with CDH or Cloudera Manager) |
2181 |
clientPort |
Client port |
Cruise Control | Cruise Control Server | 8899 | webserver.http.port | This is the main port that enables access to the Cruise Control Server |
Livy | Livy Server Web UI | 8998 | livy.server.port |
|
Livy Thrift Server | 10090 | livy.server.thrift.port |
||
Schema Registry | Schema Registry Server | 7788 | schema.registry.port | REST endpoint for Schema Registry. |
7789 | schema.registry.adminPort | Page for monitoring the Schema Registry service to determine for example the health state and CPU usage. | ||
7790 | schema.registry.ssl.port | When SSL is enabled, REST endpoint for Schema Registry. | ||
7791 | schema.registry.ssl.adminPort | When SSL is enabled, the page for monitoring the Schema Registry service to determine for example the health state and CPU usage. | ||
Streams Messaging Manager | Streams Messaging Manager Rest Admin Server | 8585 | streams.messaging.manager.port | Streams Messaging Manager Port |
8587 | streams.messaging.manager.ssl.port | Streams Messaging Manager Port (SSL) | ||
8586 | streams.messaging.manager.adminPort | Streams Messaging Manager Admin Port | ||
8588 | streams.messaging.manager.ssl.adminPort | Streams Messaging Manager Admin Port (SSL) | ||
Streams Messaging Manager UI Server | 9991 | streams.messaging.manager.ui.port | The port on which server accepts connections. This port is used for both secured and unsecured connections. | |
Streams Replication Manager | SRM Service | 6670 | streams.replication.manager.service.port | SRM Service port. |
6671 | streams.replication.manager.service.ssl.port | SRM Service port. when SSL is enabled. |
Component | Service | Port | Configuration | Comment |
---|---|---|---|---|
Apache Hadoop HDFS | Secondary NameNode | 9868 | dfs.secondary.http.address or
dfs.namenode. secondary. http-address |
|
9869 |
dfs.secondary.https.address
|
|||
JournalNode | 8485 |
dfs.namenode. shared.edits.dir
|
||
8480 |
|
|||
8481 |
|
|||
Failover Controller |
8019 |
Used for NameNode HA |
||
Apache Hadoop YARN (MRv2) | ResourceManager | 8030 |
|
|
8031 |
yarn. resourcemanager. resource-tracker. address
|
|||
NodeManager | 8040 |
yarn. nodemanager. localizer. address
|
||
8041 |
yarn. nodemanager. address
|
|||
JobHistory Server | 10020 |
mapreduce. jobhistory. address
|
||
10033 |
mapreduce. jobhistory.admin. address
|
|||
Shuffle HTTP |
13562 | mapreduce.shuffle.port |
||
Queue Manager | 8082 | queuemanager_webapp_port | ||
Config Store/Service | 8080 | Set this configuration in the config.yml file for the service. | Reconfiguring this in a production environment is not recommended. | |
Queue Manager Config-Service | 8081 | adminConnectorsPort | Set this configuration in the config.yml file for the service. | |
Apache Hadoop KMS | Key Management Server | 16001 |
|
Applies to both Java KeyStore KMS and Key Trustee KMS. |
Apache HBase | HQuorumPeer | 2181 |
hbase. zookeeper. property. clientPort
|
HBase-managed ZooKeeper mode |
2888 |
hbase. zookeeper. peerport
|
HBase-managed ZooKeeper mode |
||
3888 |
hbase. zookeeper. leaderport
|
HBase-managed ZooKeeper mode |
||
Apache Impala | Impala Daemon | 22000 | Internal use only. Impala daemons use this port to communicate with each other. | |
23000 | Internal use only. Impala daemons listen on this port for updates from the statestore daemon. | |||
StateStore Daemon | 24000 | Internal use only. The statestore daemon listens on this port for registration/unregistration requests. | ||
Catalog Daemon | 23020 | Internal use only. The catalog daemon listens on this port for updates from the statestore daemon. | ||
26000 | Internal use only. The catalog service uses this port to communicate with the Impala daemons. | |||
Apache Kafka | Kafka Broker | 9092 | port | The primary communication port used by producers and consumers; also used for inter-broker communication. |
9093 | ssl_port | A secured communication port used by producers and consumers; also used for inter-broker communication. | ||
9393 | jmx_port | Internal use only. Used for administration via JMX. | ||
9394 | kafka.http.metrics.port | Internal use only. This is the port via which the HTTP metric reporter listens. It is used to retrieve metrics through HTTP instead of JMX. | ||
Kafka Connect | 38084 | metrics.jetty.server.port | Metrics Jetty Server Port | |
Kafka MirrorMaker | 24042 | jmx_port | Internal use only. Used to administer the producer and consumer of the MirrorMaker. | |
Apache Solr | Solr Server | 8993 | Infra-Solr HTTP port | |
Solr Server | 8995 | Infra-Solr HTTPS port | ||
Apache ZooKeeper |
Server (with CDH only) |
2888 |
X in server.N =host:X:Y
|
Peer |
Server (with CDH only) |
3888 |
X in server.N =host:X:Y
|
Peer | |
Server (with CDH and Cloudera Manager) |
3181 |
X in server.N =host:X:Y
|
Peer | |
Server (with CDH and Cloudera Manager) |
4181 |
X in server.N =host:X:Y
|
Peer | |
ZooKeeper JMX port | 9010 | ZooKeeper will also use another randomly selected port for
RMI. To allow Cloudera Manager to monitor ZooKeeper, you must do one of the
following:
|
||
Apache Zeppelin | Zeppelin Server | 8885 | zeppelin.server.port | |
Zeppelin Server (SSL) | 8886 | zeppelin.server.ssl.port | ||
Streams Messaging Manager | Streams Messaging Manager Rest Admin Server | 6670 | streams.replication.manager.port | Streams Replication Manager rest port |
6671 | streams.replication.manager.port | Streams Replication Manager rest port on SSL | ||
7180 | cm.metrics.port | Cloudera Manager's HTTP port. | ||
7183 | cm.metrics.port | Cloudera Manager's HTTPS port | ||
9997 | cm.metrics.service.monitor.port | Cloudera Manager Service Monitor port | ||
38083 | kafka.connect.port | Kafka Connect port | ||
3306 | streams.messaging.manager.storage.connector.port | Streams Messaging Manager database port |