Skip to content
Kong Summit 2022: Where API Innovation Runs Wild  —Learn More →
Kong Logo | Kong Docs Logo
search
  • We're Hiring!
  • Docs
    • Kong Gateway
    • Konnect Cloud
    • Kong Mesh
    • Plugin Hub
    • decK
    • Kubernetes Ingress Controller
    • Insomnia
    • Kuma

    • Kong Konnect Platform

    • Docs contribution guidelines
  • Plugin Hub
  • Support
  • Community
  • Kong Academy
Request Demo
  • Kong Gateway
  • Konnect Cloud
  • Kong Mesh
  • Plugin Hub
  • decK
  • Kubernetes Ingress Controller
  • Insomnia
  • Kuma

  • Kong Konnect Platform

  • Docs contribution guidelines
    • Overview of Konnect
    • Architecture
    • Network Resiliency and Availability
    • Port and Network Requirements
    • Compatibility
    • Release Notes
    • Overview
    • Access a Konnect Account
    • Set up a Runtime
    • Configure a Service
    • Implement and Test the Service
      • Publish and Consume Services
      • Register Applications
    • Import Kong Gateway Entities into Konnect Cloud
    • Overview
      • Konnect Services
      • Service Versions
      • Service Implementations
      • Manage Service Documentation
      • Overview
      • Configure a Plugin on a Service
      • Configure a Plugin on a Route
    • Overview
      • Overview
      • Manage Runtime Groups with UI
      • Manage Runtime Groups with decK
      • Install with Docker
      • Install on Kubernetes
      • Install on Linux
      • Upgrade a Runtime Instance to a New Version
      • Renew Certificates
      • Runtime Parameter Reference
      • Overview
      • Runtime Configuration
    • Troubleshoot
    • Overview
    • Access the Dev Portal
    • Sign Up for a Dev Portal Account
      • Manage Developer Access
      • Manage Application Registration Requests
      • Manage Application Connections
      • Auto Approve Dev and App Registrations
      • Application Overview
      • Enable and Disable App Registration
      • Create, Edit, and Delete an Application
      • Register an Application with a Service
      • Generate Credentials for an Application
    • Customize Dev Portal
    • Troubleshoot
    • Introduction to Vitals
    • Overview Dashboard
    • Analyze Services and Routes
    • Generate Reports
      • Manage a Konnect Account or Plan
      • Change to a Different Plan
      • Manage Payment Methods and Invoices
      • Overview
        • Overview
        • Manage Teams and Roles
        • Teams Reference
        • Roles Reference
      • Manage Users
      • Set up SSO with Okta
    • Account and Org Deactivation
    • Troubleshoot
    • Overview of Konnect
      • Access a Konnect Account
        • Manage a Konnect Account or Plan
        • Change to a Different Plan
        • Manage Payment Methods and Invoices
        • Manage Users and Roles
        • Set up SSO with Okta
      • Account and Org Deactivation
      • License Management
      • Port and Network Requirements
      • Network Resiliency and Availability
      • Migrate from Kong Gateway to Konnect Cloud
        • Set up a Runtime
        • Configure a Service
        • Implement and Test the Service
      • Manage Konnect Cloud with decK
      • Manage Services
        • Manage Service Documentation
        • Publish a Service to Dev Portal
        • Docker
        • Kubernetes
        • Linux
        • Runtime Parameter Reference
      • Upgrade a Runtime to a New Version
      • Renew Certificates
        • Developer Registration
        • Manage Developer Access
        • Auto Approve Dev and App Registrations
        • Application Overview
        • Create, Edit, and Delete an Application
        • Enable App Registration
        • Disable App Registration
        • Manage Application Registration Requests
        • Manage Application Connections
        • Register an Application with a Service
        • Generate Credentials for an Application
        • Appearance
        • Public Portal
        • Add a Custom Domain
      • Generating Vitals Reports
      • Configure a Plugin on a Service
      • Configure a Plugin on a Route
      • Configure Global or Consumer Plugins
    • Shared Config
      • Proxy Traffic

github-edit-pageEdit this page

report-issueReport an issue

enterprise-switcher-iconSwitch to OSS

On this page
  • Control plane ports
  • Runtime instance ports
  • Hostnames
Konnect Cloud
  • Home
  • Konnect Cloud

Ports and Network Requirements

Control plane ports

The Konnect Cloud control plane uses the following port:

Port Protocol Description
443 TCP
HTTPS
Cluster communication port for configuration and telemetry data. The Konnect Cloud control plane uses this port to listen for runtime node connections and to communicate with the runtime nodes.

Kong’s hosted control plane expects traffic on this port, so the cluster port can’t be customized.

The cluster communication port must be accessible by all the data planes within the same cluster. This port is protected by mTLS to ensure end-to-end security and integrity.

Runtime instance ports

By default, Kong Gateway listens on the following ports:

Port Protocol Description
8000 HTTP Takes incoming HTTP traffic from consumers, and forwards it to upstream services.
8443 HTTPS Takes incoming HTTPS traffic from consumers, and forwards it to upstream services.

Kong Gateway ports can be fully customized. Set them in kong.conf.

For Kubernetes or Docker deployments, map ports as needed. For example, if you want to use port 3001 for the proxy, map 3001:8000.

Hostnames

Add the following hostnames to the allowlist to give the Konnect control plane access through the firewall:

  • cloud.konghq.com: The Konnect platform.
  • us.api.konghq.com: The Konnect API. Necessary if you are using decK in your workflow, decK uses this API to access and apply configurations.
  • RUNTIME_GROUP_ID.us.cp0.konghq.com: Handles configuration for a runtime group. Runtime instances connect to this host to receive configuration updates. This hostname is unique to each organization and runtime group.
  • RUNTIME_GROUP_ID.us.tp0.konghq.com: Gathers telemetry data for a runtime group. This hostname is unique to each organization and runtime group.

You can find the configuration and telemetry hostnames through the Runtime Manager:

  1. Open a runtime group.
  2. Click Add runtime instance.
  3. Choose the Linux or Kubernetes tab and note the hostnames in the code block for the following parameters:

     cluster_control_plane = example.us.cp0.konghq.com:443
     cluster_server_name = example.us.cp0.konghq.com
     cluster_telemetry_endpoint = example.us.tp0.konghq.com:443
     cluster_telemetry_server_name = example.us.tp0.konghq.com
    
Thank you for your feedback.
Was this page useful?
  • Kong
    THE CLOUD CONNECTIVITY COMPANY

    Kong powers reliable digital connections across APIs, hybrid and multi-cloud environments.

    • Company
    • Customers
    • Events
    • Investors
    • Careers Hiring!
    • Partners
    • Press
    • Contact
  • Products
    • Kong Konnect
    • Kong Gateway
    • Kong Mesh
    • Get Started
    • Pricing
  • Resources
    • eBooks
    • Webinars
    • Briefs
    • Blog
    • API Gateway
    • Microservices
  • Open Source
    • Install Kong Gateway
    • Kong Community
    • Kubernetes Ingress
    • Kuma
    • Insomnia
  • Solutions
    • Decentralize
    • Secure & Govern
    • Create a Dev Platform
    • API Gateway
    • Kubernetes
    • Service Mesh
Star
  • Terms•Privacy
© Kong Inc. 2022