FCP Product Network Planning
Product network planning is categorized by product, and each product has its own node network configuration.
FCP-Core
The following describes the network configuration for FCP-Core nodes.
Core Node
core: the primary node where thefastoneservice is deployedrole: roleport: port on the core nodesource: access sources that must be allowed for the corresponding port on the core nodeusage: purpose
| role | port | source | usage |
|---|---|---|---|
| core | |||
| 22 | user-defined | ssh: remote connection service | |
| 80 | user-defined | web http: web transport service and service health probing | |
| 443 | user-defined | web https: encrypted web transport service | |
| 9000 | all cluster head nodes | fastone api: fastone application service and service health probing | |
| 2000 | user-defined | remote access: manages remote connections and service health probing | |
| 8000 | user-defined | dm upload/download service and service health probing | |
| 8443 | user-defined | https communication port used for dm downloads | |
| 50121 | all cluster nodes | cluster access to the deploy container and service health probing | |
| 6819 | all cluster nodes | slurmdbd: slurm resource information service | |
| 123 | all cluster nodes | ntp: time synchronization service | |
| udp 123 | all cluster nodes | ntp: time synchronization service | |
| 389 | all cluster nodes | ldap: user authentication service |
- Additional notes
- The SMTP server must allow access from the core node so mail notifications can be sent.
- The storage server must allow access from the core node.
Static Nodes
core: the primary node where thefastoneservice is deployedrole: roleport: port on the static nodesource: access sources that must be allowed for the corresponding port on the static nodeusage: purpose
| role | port | source | usage |
|---|---|---|---|
| head | |||
| 22 | core | ssh: remote connection between nodes and service health probing | |
| 6817 | core | slurmctld: slurm job scheduling control process and service health probing | |
| 7000 | core | vali: internal fastone job scheduling and service health probing | |
| 50023 | core | fs-scale: fastone autoscaling component and service health probing | |
| 25057-25058 | core | loki: fastone node configuration component and service health probing | |
| 8010 | core | slurm exporter: fastone slurm monitoring component and service health probing | |
| 9100 | core | node exporter: fastone basic node monitoring component and service health probing | |
| all | mutual access between cluster nodes | Cluster applications such as slurm may use dynamic ports | |
| login | |||
| 22 | core | ssh: remote connection between nodes and service health probing | |
| 2000 | all sources that need cluster access | remote access: remote connection management service | |
| 25057-25058 | core | loki: fastone node configuration component and service health probing | |
| 9100 | core | node exporter: fastone basic node monitoring component and service health probing | |
| all | mutual access between cluster nodes | Cluster applications such as slurm may use dynamic ports | |
| compute | |||
| 22 | core | ssh: remote connection between nodes and service health probing | |
| 25057-25058 | core | loki: fastone node configuration component and service health probing | |
| 9400 | core | gpu exporter: Linux GPU monitoring component and service health probing | |
| 6818 | core | slurmd: slurm runtime service responsible for managing and allocating compute resources, plus service health probing | |
| 9100 | core | node exporter: fastone basic node monitoring component and service health probing | |
| all | mutual access between cluster nodes | Cluster applications such as slurm may use dynamic ports |
- Additional notes
- The storage server must allow access from all cluster nodes.
FCP-Suite
The following describes the network configuration for FCP-Suite nodes.
Core Node
core: the primary node where thefastoneservice is deployedrole: roleport: port on the core nodesource: access sources that must be allowed for the corresponding port on the core nodeusage: purpose
| role | port | source | usage |
|---|---|---|---|
| core | |||
| 22 | user-defined | ssh: remote connection service | |
| 80 | user-defined & monitor | web http: web transport service and service health probing | |
| 443 | user-defined | web https: encrypted web transport service | |
| 9000 | all cluster head nodes & monitor | fastone api: fastone application service and service health probing | |
| 2000 | user-defined & monitor | remote access: manages remote connections and service health probing | |
| 8000 | user-defined & monitor | dm upload/download service and service health probing | |
| 8443 | user-defined | https communication port used for dm downloads | |
| 50121 | all cluster nodes & monitor | cluster access to the deploy container and service health probing | |
| 6819 | all cluster nodes & monitor | slurmdbd: slurm resource information service | |
| 123 | all cluster nodes | ntp: time synchronization service | |
| udp 123 | all cluster nodes | ntp: time synchronization service | |
| 389 | all cluster nodes & monitor | ldap: user authentication service | |
| 3306 | monitor | slurm db: database used by slurm | |
| 4396 | monitor | storage manager: storage service and service health probing | |
| 9981 | monitor | process manager: audit service and service health probing | |
| 5432 | monitor | postgres db: database and service health probing | |
| 8030 | monitor | cs exporter: cluster node monitoring | |
| 9300 | monitor | cluster scheduler: job scheduling service and service health probing | |
| 9200 | monitor | fastone-admin: service used to monitor and manage fastone applications, plus service health probing | |
| 6000 | monitor | fastone-notification: fastone notification service and service health probing | |
| 35729 | monitor | fastone-notification: fastone notification service and service health probing |
- Additional notes
- The SMTP server must allow access from the core node so mail notifications can be sent.
- The storage server must allow access from the core node.
Monitor Node
core: the primary node where thefastoneservice is deployedrole: roleport: port on the static nodesource: access sources that must be allowed for the corresponding port on the static nodeusage: purposemonitor: monitor node IP
| role | port | source | usage |
|---|---|---|---|
| monitor | |||
| 22 | user-defined | ssh: remote connection service | |
| 9090 | core | prometheus ui: Prometheus monitoring console | |
| 3000 | core | grafana: monitoring data visualization service | |
| 3002 | core | grafana alert: Grafana alerting component |
- Additional notes
- The SMTP server must allow access from the monitor node so mail notifications can be sent.
Static Nodes
core: the primary node where thefastoneservice is deployedrole: roleport: port on the static nodesource: access sources that must be allowed for the corresponding port on the static nodeusage: purpose
Linux
| role | port | source | usage |
|---|---|---|---|
| head | |||
| 22 | core & monitor | ssh: remote connection between nodes and service health probing | |
| 5900-5999 | core & user network | vnc: remote desktop access | |
| 6817 | core & monitor | slurmctld: slurm job scheduling control process and service health probing | |
| 7000 | core & monitor | vali: internal fastone job scheduling and service health probing | |
| 50023 | core & monitor | fs-scale: fastone autoscaling component and service health probing | |
| 25057-25058 | core & monitor | loki: fastone node configuration component and service health probing | |
| 8010 | monitor | slurm exporter: fastone slurm monitoring component and service health probing | |
| 9100 | monitor | node exporter: fastone basic node monitoring component and service health probing | |
| all | mutual access between cluster nodes | Cluster applications such as slurm may use dynamic ports | |
| login | |||
| 22 | core | ssh: remote connection between nodes and service health probing | |
| 2000 | all sources that need cluster access | remote access: remote connection management service | |
| 25057-25058 | core & monitor | loki: fastone node configuration component and service health probing | |
| 9100 | monitor | node exporter: fastone basic node monitoring component and service health probing | |
| all | mutual access between cluster nodes | Cluster applications such as slurm may use dynamic ports | |
| compute | |||
| 22 | core | ssh: remote connection between nodes and service health probing | |
| 25057-25058 | core & monitor | loki: fastone node configuration component and service health probing | |
| 9400 | monitor | gpu exporter: Linux GPU monitoring component and service health probing | |
| 6818 | monitor | slurmd: slurm runtime service responsible for managing and allocating compute resources, plus service health probing | |
| 9100 | monitor | node exporter: fastone basic node monitoring component and service health probing | |
| all | mutual access between cluster nodes | Cluster applications such as slurm may use dynamic ports |
Windows
| role | port | source | usage |
|---|---|---|---|
| compute | |||
| 22 | core | ssh: remote connection between nodes and service health probing | |
| 25057-25058 | core & monitor | loki: fastone node configuration component and service health probing | |
| 3389 | core & user network | rdp: remote desktop access | |
| 9182 | core & user network | wmi exporter: monitoring component | |
| all | mutual access between cluster nodes | Intra-cluster application communication |
- Additional notes
- The storage server must allow access from all cluster nodes.