Details
-
New Feature
-
Status: Open
-
Major
-
Resolution: Unresolved
-
Slider 0.90.2
-
None
-
None
Description
At present the allowed.ports is applied to AM as well as containers
While this may be a valid use case for certain deployments, there are other use cases as well
1. The "allowed.ports" should be only applied to certain port(s) for components that are marked as
{ALLOCATED_PORT} {PER_CONTAINER}etc. The components expose certain end points to clients outside the firewall. Only those end points should be controlled by allowed.ports. All other ports used by AM and containers internal apps should use any available port outside the allowed.ports range since in this case, the AM and containers are within same firewall zone. This will reduce unnecessary usage of ports that are open to firewall
2. Somewhat related to #1, the allowed.port is a global setting right now. It would be really useful to have a option to specify it per component. E.g. if different components are serving different customers; it would be great to have a port range specific to a component