To ensure that the file storage cluster can provide services normally, the source and destination need to have the ports and protocols listed in the table below open. Unless otherwise specified, the transmission protocol for the following ports is TCP.
| Source port | Target port | Required protocol and port | Purpose of use |
|---|---|---|---|
| The file management IP of file controllers and the file management VIP of the file storage management cluster | The management VIP of the ACOS (AVE) cluster | 10206 | The meta proxy service provided by zbs-chunkd in ACOS (AVE) is a dependency of the sfs-cloud-provider service of AFS. |
| The file management IP of file controllers | AOC IP | 80 | The file controller uses this port to call the AOC API to upload the island. |
| The file management IP of file controllers | NTP server IP configured in AOC | UDP: 123 | The file controller uses this port to access the NTP server for time synchronization. |
| The file management IP of file controllers | Observability VM management IP | 80 | The obs-agent in the file controller uses this port to call the OVM API and upload the collected data. |
| 443 |
This port needs to be open when used with Observability version 1.4.2 or later. The obs-agent in the file controller uses this port to call the OVM API and upload the collected data. |
||
| AOC IP | The file management IP of file controllers and the file management VIP of the file storage management cluster | 6443 | AOC and its sfs-operator service use this port to access the apiserver service in the file storage cluster. |
| ICMP |
This protocol needs to be open when the file storage cluster is deployed on an ACOS (AVE) cluster earlier than version 6.2.0. The sfs-operator service on AOC uses this protocol to check whether the file management IP of the file controller, and the file management VIP, are already in use. | ||
| AOC IP | The file management IP of file controllers | 22 | The CAPP service on AOC uses this port to establish an SSH tunnel that proxies the containerd service socket in the file controller. |
| 20003 | The sfs-operator service on AOC uses this port to access the NTPM service in the file controller. | ||
| 8685 | The bundle-application-operator service on AOC uses this port to access the obs-agent service in the file controller. |
