I’m testing using a self hosted HCP worker. The documentation says to open port 9202 to the world. As part of our security processes we are unable to have this. Is there a list of the servers or ranges to open to please?
Cheers
Riddle
I’m testing using a self hosted HCP worker. The documentation says to open port 9202 to the world. As part of our security processes we are unable to have this. Is there a list of the servers or ranges to open to please?
Cheers
Riddle
Hi @r1ddl3 port 9202 on the worker should be available for clients to connect to in order to allow session creation. So depending on where your end-users are connecting from, you could whitelist those IP addresses/CIDR blocks on your firewall.
The worker makes outbound connections to the HCP control plane so port 9202 need not be opened to the HCP control plane.
Copying the network requirements from this link
The following ports should be available:
api
port (default 9200)cluster
port (default 9201)Good morning. I just wanted to validate a bit about your env, before answering. If you’re using HCP boundary, then you could just use HCP managed workers for ingress and then run a self-managed worker in your network for egress. Using this setup, you won’t have to open any ports on your network; since the egress self-managed worker will “phone home” which eliminates any need to open a port.