Skip to content
Kong Summit 2022: Where API Innovation Runs Wild  —Learn More →
Kong Logo | Kong Docs Logo
search
  • We're Hiring!
  • Docs
    • Kong Gateway
    • Konnect Cloud
    • Kong Mesh
    • Plugin Hub
    • decK
    • Kubernetes Ingress Controller
    • Insomnia
    • Kuma

    • Kong Konnect Platform

    • Docs contribution guidelines
  • Plugin Hub
  • Support
  • Community
  • Kong Academy
Request Demo
  • Kong Gateway
  • Konnect Cloud
  • Kong Mesh
  • Plugin Hub
  • decK
  • Kubernetes Ingress Controller
  • Insomnia
  • Kuma

  • Kong Konnect Platform

  • Docs contribution guidelines
    • Using the Konnect Docs
    • Key Concepts and Terms
    • Access a Konnect Account
      • Manage a Konnect Account or Plan
      • Change to a Different Plan
      • Manage Payment Methods and Invoices
      • Manage Users and Roles
      • Set up SSO with Okta
    • Account and Org Deactivation
    • License Management
    • Port and Network Requirements
    • Network Resiliency and Availability
    • Migrate from Kong Gateway to Konnect Cloud
      • Set up a Runtime
      • Configure a Service
      • Implement and Test the Service
    • Manage Konnect Cloud with decK
    • Manage Services
      • Manage Service Documentation
      • Publish a Service to Dev Portal
      • Docker
      • Kubernetes
      • Linux
      • Runtime Parameter Reference
    • Upgrade a Runtime to a New Version
    • Renew Certificates
      • Developer Registration
      • Manage Developer Access
      • Auto Approve Dev and App Registrations
      • Application Overview
      • Create, Edit, and Delete an Application
      • Enable App Registration
      • Disable App Registration
      • Manage Application Registration Requests
      • Manage Application Connections
      • Register an Application with a Service
      • Generate Credentials for an Application
      • Appearance
      • Public Portal
      • Add a Custom Domain
    • Generating Vitals Reports
    • Configure a Plugin on a Service
    • Configure a Plugin on a Route
    • Configure Global or Consumer Plugins
    • Proxy Traffic
      • Konnect API Reference

github-edit-pageEdit this page

report-issueReport an issue

enterprise-switcher-iconSwitch to OSS

On this page
  • Konnect Cloud ports
  • Runtime ports
  • Hostnames to add to allow lists
Konnect Cloud
  • Home
  • Konnect Cloud
  • Deployment

Ports and Network Requirements

Konnect Cloud ports

The Konnect Cloud control plane uses the following port:

Port Protocol Description
:443 TCP
HTTPS
Cluster communication port for configuration and telemetry data. The Konnect Cloud control plane uses this port to listen for runtime node connections and to communicate with the runtime nodes.

Kong’s hosted control plane expects traffic on this port, so the cluster port can’t be customized.

The cluster communication port must be accessible by all the data planes within the same cluster. This port is protected by mTLS to ensure end-to-end security and integrity.

Runtime ports

By default, Kong Gateway listens on the following ports:

Port Protocol Description
:8000 HTTP Takes incoming HTTP traffic from Consumers, and forwards it to upstream Services.
:8443 HTTPS Takes incoming HTTPS traffic from Consumers, and forwards it to upstream Services.
:8001 HTTP Admin API. Listens for calls from the command line over HTTP.
:8444 HTTPS Admin API. Listens for calls from the command line over HTTPS.
:8002 HTTP Kong Manager (GUI). Listens for HTTP traffic.
:8445 HTTPS Kong Manager (GUI). Listens for HTTPS traffic.
:8003 HTTP Dev Portal. Listens for HTTP traffic, assuming Dev Portal is enabled.
:8446 HTTPS Dev Portal. Listens for HTTPS traffic, assuming Dev Portal is enabled.
:8004 HTTP Dev Portal /files traffic over HTTP, assuming the Dev Portal is enabled.
:8447 HTTPS Dev Portal /files traffic over HTTPS, assuming the Dev Portal is enabled.
:8005 HTTP Hybrid mode only. Control Plane listens for traffic from Data Planes.
:8006 HTTP Hybrid mode only. Control Plane listens for Vitals telemetry data from Data Planes.

Self-managed ports can be fully customized. Set them in kong.conf.

For Kubernetes or Docker deployments, map ports as needed. For example, if you want to expose the Admin API through port 3001, map 3001:8001.

Hostnames to add to allow lists

The Konnect Cloud control plane uses the following hostnames:

  • cp.konnect.konghq.com: configuration
  • tp.konnect.konghq.com: telemetry

You can find your specific instance hostnames through Runtime manager. Start configuring a new runtime, choose the Linux or Kubernetes tab, and note the hostnames in the codeblock.

Thank you for your feedback.
Was this page useful?
  • Kong
    THE CLOUD CONNECTIVITY COMPANY

    Kong powers reliable digital connections across APIs, hybrid and multi-cloud environments.

    • Company
    • Customers
    • Events
    • Investors
    • Careers Hiring!
    • Partners
    • Press
    • Contact
  • Products
    • Kong Konnect
    • Kong Gateway
    • Kong Mesh
    • Get Started
    • Pricing
  • Resources
    • eBooks
    • Webinars
    • Briefs
    • Blog
    • API Gateway
    • Microservices
  • Open Source
    • Install Kong Gateway
    • Kong Community
    • Kubernetes Ingress
    • Kuma
    • Insomnia
  • Solutions
    • Decentralize
    • Secure & Govern
    • Create a Dev Platform
    • API Gateway
    • Kubernetes
    • Service Mesh
Star
  • Terms•Privacy
© Kong Inc. 2022