Start typing to search.
Your search yielded no results.

Configuring ports

Configure ports so stack items can reach each other where they expect it.

In the config tab there is a subitem “Ports”. Here you can configure the ports for your stackitems.

Standard options

Protocol

Determines what network protocol a service will use.

HTTP

This protocol is implemented as a “layer 7” connection handler to manage incoming connections on port 80 and 443 (if HTTPS is enabled).

It supports HTTP 1.1 and HTTP/2 connections. You need to choose this protocol to enable SSL management (Certificates and Let’s Encrypt) via the Platform.

Incoming connections are enriched with additional headers such as X-Forwarded-For, X-Forwarded-Proto, X-REAL-IP, X-Country (Country ISO code).

Load balancing modes

SINGLE, RANDOM, COOKIE, SOURCE

TCP

This protocol is implemented as a “layer 4” connection handler and manages incoming connections on TCP level.

TCP connections are “Stateful” meaning that for each connection created, a socket is assigned to your application.

Your application needs to be scaled to handle al concurrent connections. Incoming connections can be load balanced over multiple application instances deployed on the Platform. Incoming connections are not enriched by the Platform and are directly forwarded to the application.

Load balancing modes

SINGLE, RANDOM, SOURCE

UDP

This protocol is implemented as a “layer 4” connection handler and manages incoming connections on TCP level. UDP connections are “Stateless” meaning that it does not require to establish a socket for each incoming connection to your application.

Incoming connections are not enriched by the Platform and are directly forwarded to the application.

In contrast to TCP, UDP can not be load balanced and connections are delivered to a single instance of your application. Your application will also be configured in “Routed” mode via Port Natting on the Platform gateway (TEP)

Load balancing modes

NONE

Service

The port a service will use inside it’s own container. The services are setup as network interfaces listening on 127.0.0.1

REMARK: Don’t use localhost in your configuration, always use 127.0.0.1 with the internal port.

Public

Whether or not to allow external access to a service.

Public Port

The external port your service will be available on, if it’s made public.

Advanced options

WebSocket

Use HTTP(S) to handle Websocket connections to be routed to the appointed websocket service. Allowing to connect in a secure way to the websocket service without exposing it directly over a less secure TCP port.

Since websockets are not compatible with HTTP/2, HTTP/2 will be disabledwhen this option is enabled.

SSL Mode

The SSL mode for a configured port defines the behaviour of SSL enabled ports, both publicly and internally. SSL modes that use SSL offloading on the gateway can only be chosen after having enabled HTTPS & SSL using the corresponding menu on the left.

DIRECT

No SSL offloading on the gateway. This is the default mode when no SSL certificates are attached to any of the application URLs. For a TCP port, this will allow you to expose the internally configured certificate publicly.

OFFLOAD

SSL offloading on the gateway with a valid certificate, the backend uses a plain TCP port without SSL. This mode is selected by default for an HTTP port when an SSL certificate is available for at least one application URL.

TRANSPARENT

SSL offloading on the gateway with a valid certificate, the backend uses a TCP port with SSL enabled. Use this to serve a valid certificate to the public while the backend service can use an invalid certificate (e.g. self-signed).

STRIP

No SSL offloading on the gateway, the backend uses a TCP port with SSL enabled. The public port will have no SSL enabled. Warning: This makes the public port insecure, protect this service with allowed IPs.

Load balancing mode

When multiple instances of a stack item are running, the load balancing handles the dispatching of the connections to the different instances based on the selected mode.

SINGLE

All connections are delivered to 1 single instance . When the instance becomes unavailable, a new instance is selected to handle all new connections.

RANDOM

Incoming connections are spread randomly over all running instances.

When selecting protocol HTTP, a cookie is injected in the request by the load balancer. An instance is chosen based on the cookie value. A new instance is selected when the previous instances becomes unavailable. An instance is chosen based on the source ip address of the requester.