Contact Free trial Login

Network Prerequisites

To ensure the performance and stability of Anypoint Platform Private Cloud Edition (Anypoint Platform PCE), every node in your Anypoint Platform PCE environment must meet the network requirements described in this topic.

Before you install Anypoint Platform PCE, your infrastructure team must review each of the following sections and verify that your environment meets the stated network requirements. If needed, contact your MuleSoft representative for assistance.

Verify Static IPs

All nodes in the cluster must have static private IPv4 assigned to them, and these must persist after restarts. If IP addresses are not persistent between reboots, the cluster can fail.

Verify VXLAN

The version of Kubernetes supported by Anypoint Platform PCE uses an overlay VXLAN and UDP transport to encapsulate traffic. There is direct communication between components of the cluster. The following table lists the ports used for inter-host communication. You must ensure that all of the following ports are configured correctly on all nodes.

Protocol Port/Range Purpose

TCP/UDP

53

Internal cluster DNS

TCP

2379, 2380, 4001, 7001

etcd distributed database

TCP

4242

Installer

TCP

6060

Health check

TCP

6443

Kubernetes API server

TCP

7496, 7373

Serf RPC agent

TCP

8080

Kubernetes API server

TCP

10248, 10249, 10250, 10255

Kubernetes Kubelet

TCP

5000

Docker registry

TCP

3008-3012, 3022-3025, 3080, 7496, 7575

Cluster control plane

TCP

7000, 7011, 7199, 9042, 9160

Cassandra

TCP

18080, 18443

Object store cluster

TCP

5431-5435, 5973

Database cluster

TCP

30000-32767

Internal services port range

TCP

61008-61010

Installer port ranges (only used during install)

TCP

61022-61024

Installer port ranges (only used during install)

UDP

8472

Overlay VXLAN network

TCP

32009

Ops Center Admin UI

You can use netcat or a similar utility to verify port configuration.

Enable Required Ports

  • You must enable TCP ports 53, 3011, and 3012 on all nodes to allow communication with the database cluster.

  • If you plan to use the GUI installer to install Anypoint Platform PCE, you must enable port 61009.

Verify NAT Traffic Requirements

In some situations, the Kubernetes overlay network uses NAT. NAT requires that nodes be able to send and receive packages with a source and destination different from the node’s internal IP.

Any software that monitors the network traffic must be tuned to allow this type of network interaction.

Verify SMTP Server Requirements

Your network must include an SMTP server to manage email alerts that are triggered by the platform. Anypoint Platform PCE must be connected to this SMTP server.

For additional information, refer to the instructions in Configure SMTP in Anypoint Private Cloud.

Verify External Identity Provider Configuration and Client Management

Your network must include an external identity provider that is compatible with LDAP, OpenIDConnect, or SAML. To configure an External Identity Provider for user SSO (LDAP, OpenIDConnect, and SAML) or for external client management as OpenID Connect, the cluster must be able to access the external identity provider endpoint.

For additional information, refer to the instructions in Configure an External Identity Provider in Anypoint Private Cloud.

Synchronize Clocks

Ensure that the clocks on all servers are synchronized. Unsynchronized clocks can cause problems with platform communications.