Ports Used by Components of CDH

All ports listed are TCP.

In the following table, the Access Requirement column for each port is usually either "Internal" or "External." In this context, "Internal" means that the port is used only for communication among the components; "External" means that the port can be used for either internal or external communication.

Component Service Qualifier Port Access Requirement Configuration Comment

Hadoop HDFS

DataNode

 

50010

External

dfs.datanode.address

DataNode HTTP server port

 

DataNode

Secure

1004

External

dfs.datanode.address

 

 

DataNode

 

50075

External

dfs.datanode.http.address

 

 

DataNode

 

50475

External

dfs.datanode.https.address

 

 

DataNode

Secure

1006

External

dfs.datanode.http.address

 

 

DataNode

 

50020

External

dfs.datanode.ipc.address

 

 

NameNode

 

8020

External

fs.default.name
or
fs.defaultFS
fs.default.name
is deprecated (but still works)

 

NameNode

 

8022

External

dfs.namenode.
servicerpc-address

Optional port used by HDFS daemons to avoid sharing the RPC port used by clients (8020). Cloudera recommends using port 8022.

 

NameNode

 

50070

External

dfs.http.address
or
dfs.namenode.http-address
dfs.http.address
is deprecated (but still works)

 

NameNode

Secure

50470

External

dfs.https.address
or
dfs.namenode.https-address
dfs.https.address
is deprecated (but still works)

 

Secondary NameNode

 

50090

Internal

dfs.secondary.http.address
or
dfs.namenode.
secondary.
http-address
dfs.secondary.http.address
is deprecated (but still works)

 

Secondary NameNode

Secure

50495

Internal

dfs.secondary.https.address

 

 

JournalNode

 

8485

Internal

dfs.namenode.
shared.edits.dir

 

 

JournalNode

 

8480

Internal

dfs.journalnode.
http-address

 

 

JournalNode

 

8481

Internal

dfs.journalnode.
https-address

 

 

Failover Controller

 

8019

Internal

 

Used for NameNode HA

 

NFS gateway

 

2049

External

 

nfs port (nfs3.server.port

 

NFS gateway

 

4242

External

 

mountd port (nfs3.mountd.port

 

NFS gateway

 

111

External

 

portmapper
or
rpcbind
port
  NFS gateway   50079 External
nfs.http.port
CDH 5.4.0 and higher. The NFS gateway daemon uses this port to serve metrics. The port is configurable on versions 5.10 and higher.
  NFS gateway Secure 50579 External
nfs.https.port
CDH 5.4.0 and higher. The NFS gateway daemon uses this port to serve metrics. The port is configurable on versions 5.10 and higher.

 

HttpFS

 

14000

External    

 

HttpFS

 

14001

External    

Hadoop YARN (MRv2)

ResourceManager

 

8032

External

yarn.
resourcemanager.
address

 

 

ResourceManager

 

8030

Internal

yarn.
resourcemanager.
scheduler.address

 

 

ResourceManager

 

8031

Internal

yarn.
resourcemanager.
resource-tracker.
address

 

 

ResourceManager

 

8033

External

yarn.
resourcemanager.
admin.address

 

 

ResourceManager

 

8088

External

yarn.
resourcemanager.
webapp.address

 

 

ResourceManager

 

8090

External

yarn.
resourcemanager.
webapp.https.address

 

 

NodeManager

 

8040

Internal

yarn.
nodemanager.
localizer.
address

 

 

NodeManager

 

8041

Internal

yarn.
nodemanager.
address

 

 

NodeManager

 

8042

External

yarn.
nodemanager.
webapp.address

 

 

NodeManager

 

8044

External

yarn.
nodemanager.
webapp.https.address

 

 

JobHistory Server

 

10020

Internal

mapreduce.
jobhistory.
address

 

 

JobHistory Server

 

10033

Internal

mapreduce.
jobhistory.admin.
address

 

 

Shuffle HTTP

 

13562

Internal

mapreduce.shuffle.port

 

 

JobHistory Server

 

19888

External

mapreduce.
jobhistory.
webapp.address

 

 

JobHistory Server

 

19890

External

mapreduce.
jobhistory.
webapp.https.address

 

 

ApplicationMaster

   

External

 

The ApplicationMaster serves an HTTP service using an ephemeral port that cannot be restricted. This port is never accessed directly from outside the cluster by clients. All requests to the ApplicationMaster web server is routed using the YARN ResourceManager (proxy service). Locking down access to ephemeral port ranges within the cluster's network might restrict your access to the ApplicationMaster UI and its logs, along with the ability to look at running applications.

Flume

Flume Agent

 

41414

External

   

Hadoop KMS

Key Management Server

 

16000

External

kms_http_port

CDH 5.2.1 and higher. Applies to both Java KeyStore KMS and Key Trustee KMS.

 

Key Management Server

 

16001

Localhost

kms_admin_port

CDH 5.2.1 and higher. Applies to both Java KeyStore KMS and Key Trustee KMS.

HBase

Master

 

60000

External

hbase.master.
port

IPC

 

Master

 

60010

External

hbase.master.
info.port

HTTP

 

RegionServer

 

60020

External

hbase.
regionserver.
port

IPC

 

RegionServer

 

60030

External

hbase.
regionserver.
info.port

HTTP

 

HQuorumPeer

 

2181

Internal

hbase.
zookeeper.
property.
clientPort

HBase-managed ZooKeeper mode

 

HQuorumPeer

 

2888

Internal

hbase.
zookeeper.
peerport

HBase-managed ZooKeeper mode

 

HQuorumPeer

 

3888

Internal

hbase.
zookeeper.
leaderport

HBase-managed ZooKeeper mode

 

REST

Non- Cloudera Manager - managed

8080

External

hbase.rest.port

The default REST port in HBase is 8080. Because this is a commonly used port, Cloudera Manager sets the default to 20550 instead.

 

REST

Cloudera Manager - managed

20550

External

hbase.rest.port

The default REST port in HBase is 8080. Because this is a commonly used port, Cloudera Manager sets the default to 20550 instead.

 

REST UI

 

8085

External

 

 

 

Thrift Server

Thrift Server

9090

External

Pass -p <port> on CLI

 

 

Thrift Server

 

9095

External

 

 

 

 

Avro server

9090

External

Pass --port <port> on CLI

 

  hbase-solr-indexer Lily Indexer 11060 External    

Hive

Metastore

 

9083

External

 

 

 

HiveServer2

 

10000

External

hive.
server2.
thrift.port

The Beeline command interpreter requires that you specify this port on the command line.

If you use Oracle database, you must manually reserve this port. For more information, see Reserving Ports for HiveServer 2.

 

HiveServer2 Web User Interface (UI)

 

10002

External

hive.
server2.
webui.port
in
hive-site.xml

 

WebHCat Server

 

50111

External

templeton.port

 

Hue

Server

 

8888

External

 

 

Load Balancer

 

8889

External

 

 

Kafka

Broker

TCP Port

9092

External/Internal

port

The primary communication port used by producers and consumers; also used for inter-broker communication.

 

Broker

TLS/SSL Port

9093

External/Internal

ssl_port

A secured communication port used by producers and consumers; also used for inter-broker communication.

 

Broker

JMX Port

9393

Internal

jmx_port

Internal use only. Used for administration via JMX.

 

MirrorMaker

JMX Port

9394

Internal

jmx_port

Internal use only. Used to administer the producer and consumer of the MirrorMaker.

 

Broker

HTTP Metric Report Port

24042

Internal

kafka.http.metrics.port

Internal use only. This is the port via which the HTTP metric reporter listens. It is used to retrieve metrics through HTTP instead of JMX.

Kudu

Master

 

7051

External

 

Kudu Master RPC port

 

Master

 

8051

External

 

Kudu Master HTTP server port

 

TabletServer

 

7050

External

 

Kudu TabletServer RPC port

 

TabletServer

 

8050

External

Kudu TabletServer HTTP server port

Oozie

Oozie Server

 

11000

External

OOZIE_HTTP_PORT
in
oozie-env.sh

HTTP

 

Oozie Server

SSL

11443

External

 

HTTPS

Sentry

Sentry Server

 

8038

External

sentry.service.
server.rpc-port

 

 

Sentry Server

 

51000

External

sentry.service.
web.port

 

Solr Solr Server   8983 External   HTTP port for all Solr-specific actions, update/query.
  Solr Server   8984 Internal   Solr administrative use.
  Solr Server   8985 External   HTTPS port for all Solr-specific actions, update/query.

Spark

Default Master RPC port

 

7077

External

   
 

Default Worker RPC port

 

7078

External    
 

Default Master web UI port

 

18080

External

   
 

Default Worker web UI port

 

18081

External    
 

History Server

 

18088

External

history.port
 
  Shuffle service   7337 Internal    

Sqoop

Metastore

 

16000

External

sqoop.
metastore.
server.port

 

Sqoop 2

Sqoop 2 server

 

8005

Localhost

SQOOP_ADMIN_PORT environment variable

 
 

Sqoop 2 server

 

12000

External

 

 

 

Sqoop 2

 

12001

External

 

Admin port

ZooKeeper

Server (with CDH 5 or Cloudera Manager 5)

 

2181

External

clientPort

Client port

 

Server (with CDH 5 only)

 

2888

Internal

X in server.N
=host:X:Y

Peer

 

Server (with CDH 5 only)

 

3888

Internal

X in server.N
=host:X:Y

Peer

 

Server (with CDH 5 and Cloudera Manager 5)

 

3181

Internal

X in server.N
=host:X:Y

Peer

 

Server (with CDH 5 and Cloudera Manager 5)

 

4181

Internal

X in server.N
=host:X:Y

Peer

 

ZooKeeper JMX port

 

9010

Internal

 

ZooKeeper will also use another randomly selected port for RMI. To allow Cloudera Manager to monitor ZooKeeper, you must do one of the following:
  • Open up all ports when the connection originates from the Cloudera Manager Server
  • Do the following:
    1. Open a non-ephemeral port (such as 9011) in the firewall.
    2. Install Oracle Java 7u4 JDK or higher.
    3. Add the port configuration to the advanced configuration snippet, for example:
      -Dcom.sun.management.
      jmxremote.rmi.port=9011
    4. Restart ZooKeeper.