In order to give you better service, we use cookies. By continuing to use our website, you agree to the use of cookies as described in our Cookie Policy.

Skip to content
Join the Kong Summit Hackathon  —Start Hacking →
|
search
Konnect Cloud

Ports and Network Requirements

Konnect Cloud ports

The Konnect Cloud control plane uses the following port:

Port Protocol Description
:443 TCP
HTTPS		 Cluster communication port for configuration and telemetry data. The Konnect Cloud control plane uses this port to listen for runtime node connections and to communicate with the runtime nodes.

Kong’s hosted control plane expects traffic on this port, so the cluster port can’t be customized.

The cluster communication port must be accessible by all the data planes within the same cluster. This port is protected by mTLS to ensure end-to-end security and integrity.

Runtime ports

By default, Kong Gateway listens on the following ports:

Port Protocol Description
:8000 HTTP Takes incoming HTTP traffic from Consumers, and forwards it to upstream Services.
:8443 HTTPS Takes incoming HTTPS traffic from Consumers, and forwards it to upstream Services.
:8001 HTTP Admin API. Listens for calls from the command line over HTTP.
:8444 HTTPS Admin API. Listens for calls from the command line over HTTPS.
:8002 HTTP Kong Manager (GUI). Listens for HTTP traffic.
:8445 HTTPS Kong Manager (GUI). Listens for HTTPS traffic.
:8003 HTTP Dev Portal. Listens for HTTP traffic, assuming Dev Portal is enabled.
:8446 HTTPS Dev Portal. Listens for HTTPS traffic, assuming Dev Portal is enabled.
:8004 HTTP Dev Portal /files traffic over HTTP, assuming the Dev Portal is enabled.
:8447 HTTPS Dev Portal /files traffic over HTTPS, assuming the Dev Portal is enabled.
:8005 HTTP Hybrid mode only. Control Plane listens for traffic from Data Planes.
:8006 HTTP Hybrid mode only. Control Plane listens for Vitals telemetry data from Data Planes.

Self-hosted ports can be fully customized. Set them in kong.conf.

For Kubernetes or Docker deployments, map ports as needed. For example, if you want to expose the Admin API through port 3001, map 3001:8001.

Hostnames to add to allow lists

The Konnect Cloud control plane uses the following hostnames:

  • cp.konnect.konghq.com: configuration
  • tp.konnect.konghq.com: telemetry

You can find your specific instance hostnames through Runtime manager. Start configuring a new runtime, choose the Linux or Kubernetes tab, and note the hostnames in the codeblock.