Sisense Required Ports for Linux

Previous Step:

Sisense uses certain ports to communicate with machines on the Internet and within your Sisense namespace. Below is a description of the ports that you may need to allow in your deployment.

Note:

In cluster deployments, open all traffic between the nodes (TCP and UDP).


Outbound Rules for Sisense

Ports Description
80, 443

Allow outbound TCP connections from the workers to these ports to allow worker node updates and reloads.

Additionally, outbound communication on port 443 to https://l.sisense.com for licensing.

2049

Allow outbound TCP and UDP connections to this port to allow mounting file storage as volumes.

This is only relevant when using NFS and only for the NFS server.

3260 Allow outbound TCP and UDP connections to this port for communication to block storage.
8071 Allow outbound connections to the Sisense external monitoring system.
10250

Allow inbound TCP and UDP connections to this port for the Kubernetes dashboard and commands such as kubectl logs and kubectl exec.

For EKS, AES and GKE need to be open towards the K8S control.

Inbound Rules for Sisense

The following ports should be opened to your network so you will be able to access the Sisense application, SSH and Kubernetes dashboard:

Ports Description
TCP 443/30845 HTTPS/HTTP WEB (SSL/non-SSL mode). These ports should be open to allow your users to access Sisense.
TCP 22 SSH. This port should be opened when your Administrator needs to deploy or upgrade Sisense.
TCP 6443 This port should be opened when your Administrator needs to access the Kubernetes dashboard.

Cluster Mode

When deploying multiple nodes, the following ports should be opened between each node:

Ports Description
TCP 2379 - 2380 etcd
TCP 10248 - 10259 Kubernetes
TCP 9100 Node exporter

Cluster Network Plugin

Sisense support two cluster network plugins, Calico and Weave. The default network plugin used by Sisense is Calico.

Calico and Weave secure the communication between your nodes. The following ports should be opened:

Calico

Ports Description
TCP 9099 Calico
TCP 179 Calico - bird

Weave

Ports Description
TCP 6783 Weave's control and data
UDP 6783/6784 Weave's control and data
UDP 4789 VXLAN
TCP 111 rpcbind
TCP 179 bird

Cluster Shared File System Implementation

Sisense supports Rook-Ceph for shared storage. Depending on which you use, the following ports should be opened:

Note:

Rook-Ceph is no longer supported as the shared storage layer for new deployments of Sisense Fusion. This Rook-Ceph documentation is intended only for existing Sisense instances configured to use Rook-Ceph. If you’re a new Sisense customer or an existing customer installing a new Sisense deployment, you should use one of the supported alternatives such as FSx (for AWS) or NFS (for non-AWS).

Rook-Ceph

Ports Description
TCP 9443 https-webhook
TCP 6789-6790 Ceph messenger protocol v1
TCP 3300 Ceph messenger protocol v2
TCP 6800 - 7300 Ceph RADOS ports for OSDs, MDSes
TCP 9283 Ceph Manager Prometheus Metrics
TCP 9070 port for CSIAddons

FSx

Ports Description
TCP 988 NFS

NFS

Outbound NFS should for the nodes.

Ports Description
TCP 2049 NFS

Load Balancer

If you are using an external load balancer, make sure that the load balancer supports WebSockets.

If you are using Amazon AWS with load balancing, ALB supports WebSockets, ELB does not.

Note:

The Classic Load Balancer in AWS does not support WebSockets.


Next Steps