Prerequisites and Considerations
There are both prerequisites and a number of topics for you to consider when implementing Votiro Cloud into your environment. See sections for more details:
Network connectivity requirements enabling secure outbound and inbound communications with Votiro Cloud are detailed in the tables below.
|Port Number||Transport Protocol|
Exchange / Edge
|Port Number||Transport Protocol|
Additional Port Connectivity Requirements when Connecting to External Storage
When there’s a firewall between the cluster to the external NFS-based storage or the connection is somehow restricted on the customer’s end, the following ports should be opened/allowed when trying to connect to the external storage:
|n||Port 111 TCP\UDP – PortMapper (mandatory).|
|n||Port 2049 TCP\UDP – NFS service (mandatory).|
|n||Port 635 TCP\UDP – Mount daemon (mandatory only when working with NetApp).|
|n||Port 4045 TCP\UDP – NFS lock manager (mandatory only when working with NetApp).|
|n||Port 4046 TCP\UDP – NFS status (mandatory only when working with NetApp).|
|n||Port 4049 TCP\UDP – NFS quota daemon (mandatory only when working with NetApp).|
Internal Communication Settings
For internal communications between nodes of each machine inside the VLAN, the following settings are required:
|TCP||During init, node 1 will communicate with node 2 and 3 and will update keys, username, etc.|
|TCP||Required when enabling "Release" function from management console (email integration)|
|389||TCP (LDAP)||LDAP - Active Directory integration|
|636||TCP (LDAPS)||LDAPS - Secure Active Directory integration|
|2379-2380||TCP||etcd server-client API (used by kube-apiserver, etcd)|
|6443||TCP||Kubernetes API server|
|10255||TCP||Worker node read-only Kubelet API|
|24007-24008||TCP||GlusterFS (daemon+management) (note it is 24007-24008)|
|49152-49154||TCP||GlusterFS (for each brick in a volume)|
|123||UDP||Require to enable Network Time Protocol (NTP) (See Syncing with an NTP Server)|
|514||UDP||On-prem Syslog integration|
|8472||UDP||Flannel overlay network (K8s requirement)|
External Communication Settings
For external communications, the following settings are required:
When using an NTP server, as a pre-requisite you must sync with it using port 123/udp.
In addition to the virtual appliance machines' internal storage, you can use an external storage server. Votiro Cloud can be configured to communicate with your storage server, using a mount from the external storage to the virtual appliance machines.
When external storage is configured it is used as the main storage area. Storage will contain a set of original and processed files.
The mount created results in the true storage type, such as SAN and NAS, being transparent, leading to Votiro Cloud supporting all External Storage types.
For instructions on how to configure External Storage, see How to Configure the Votiro Cloud Cluster with External Storage.
For instructions on how to configure External Storage, contact Votiro's Support team.
The internal storage requirement remains at
Votiro Cloud automatically supports load balancing using a basic internal load balancer.
Note : An external hardware-based load balancer is required in your production environment to balance between the nodes of your VM.
If the number of nodes reduces to two, Votiro Cloud will continue working for a maximum of two hours before processing stops.
This consideration is relevant when your Votiro Cloud installation includes an online environment.
To enable secure communication with your Votiro appliance, the proxy server ACL must include permission for the Votiro registry in the Azure URL.