Security Requirements
Contributors
Download PDF of this page
The security requirements include:
-
Provide an allow list for firewalls.
-
The access control list (ACL) for API’s RBAC and Active IQ Unified Manager.
Source | Destination URL/IP Addresses | Connectivity | Protocol | Port | Description |
---|---|---|---|---|---|
Kubernetes nodes |
github.com |
Outbound |
HTTP, HTTPS |
80,443 |
NetApp Service Engine platform configuration management |
Kubernetes nodes |
rest.zuora.com |
Outbound |
HTTP, HTTPS |
80,443 |
NetApp cloud billing |
Kubernetes nodes |
auth.docker.io |
Outbound |
HTTP, HTTPS |
80,443 |
Docker registry auth |
Kubernetes nodes |
registry-1.docker.io |
Outbound |
HTTP, HTTPS |
80,443 |
Docker Hub images; general Docker images including NetApp Service Engine pods |
Kubernetes nodes |
production.cloudflare.docker.com |
Outbound |
HTTP, HTTPS |
80,443 |
Docker Hub images; general Docker images including NetApp Service Engine pods |
Kubernetes nodes |
quay.io |
Outbound |
HTTP, HTTPS |
80,443 |
Quay images - Prometheus Pods |
Kubernetes nodes |
cdn.quay.io |
Outbound |
HTTP, HTTPS |
80,443 |
Quay images - Prometheus Pods |
Kubernetes nodes |
k8s.gcr.io |
Outbound |
HTTP, HTTPS |
80,443 |
Google images - Kubernetes Cluster Pods |
Kubernetes nodes |
storage.googleapis.com |
Outbound |
HTTP, HTTPS |
80,443 |
Google images - Kubernetes Cluster Pods |
Kubernetes nodes |
kubernetes-charts.storage.googleapis.com |
Outbound |
HTTP, HTTPS |
80,443 |
Helm repository |
All CentOS VMs |
rackspace.com |
Outbound |
HTTP, HTTPS |
80,443 |
CentOS yum package mirror |
OpsRamp Gateway |
netapp.api.opsramp.com |
Outbound |
HTTPS |
443 |
Cloud monitoring and NetApp Support tunnel connectivity |
OpsRamp Gateway |
140.239.76.0/24 |
Outbound |
HTTPS |
443 |
Cloud monitoring and NetApp Support tunnel connectivity |