Networking and ports for platform services

If tenants are allowed to use platform services, networking for the grid must be configured such that platform services messages can be delivered to their destinations.

If platform services are enabled for a tenant account, the tenant can create endpoints that serve as a destination for CloudMirror replication, event notifications, or search integration messages from its S3 buckets. These messages are sent from Storage Nodes that run the ADC service to the endpoint that the tenant has configured in the Tenant Management Interface or Tenant Management API.

This means that Storage Nodes must be placed on a network whose default gateway allows access to the external destinations represented by the endpoints. Endpoints can be a locally-hosted Elasticsearch cluster, a local application that supports receiving Simple Notification Service (SNS) messages, or a locally-hosted S3 bucket on the same or another instance of StorageGRID Webscale. An endpoint might also be hosted externally, such as on Amazon Web Services.

In all cases, you must configure your Grid Network or Client Network so that these messages can reach their destinations.

By default, platform services messages are sent on the following ports:

  • 443: For endpoint URIs that begin with "https"
  • 80: For endpoint URIs that begin with "http"

Tenants can specify that a different port be used by specifying it when they create or edit an endpoint.

If a StorageGRID Webscale deployment is used as the destination for CloudMirror replication, replication messages are received by an API Gateway Node on port 8082. Ensure that this port is accessible through your enterprise network.

For information on enabling platform services when you create or update a tenant account, see the Administrator Guide. For more information on platform services, including information on how tenants create endpoints, see the Tenant Administrator Guide.