Container Ports: Docker (2375/2376), Kubernetes (6443), etcd (2379)
Port reference for container platforms. Docker daemon 2375/2376, Kubernetes API 6443, etcd 2379/2380, Kubelet 10250, and Docker Swarm 2377.
Detailed Explanation
Container and Orchestration Ports
Containerized environments use several ports for management, orchestration, and inter-node communication.
Docker
| Port | Service | Security |
|---|---|---|
| 2375 | Docker daemon API | Unencrypted — NEVER expose publicly |
| 2376 | Docker daemon API (TLS) | Encrypted with client certificates |
| 2377 | Docker Swarm management | Cluster management traffic |
| 7946 | Docker Swarm node discovery | TCP/UDP for container network |
| 4789 | Docker overlay network | UDP VXLAN traffic |
Critical warning: Exposing port 2375 to the internet gives full root access to the host machine. Always use TLS (port 2376) with client certificate authentication.
Kubernetes
| Port | Service |
|---|---|
| 6443 | API server (kube-apiserver) |
| 2379 | etcd client API |
| 2380 | etcd peer communication |
| 10250 | Kubelet API |
| 10255 | Kubelet read-only API (deprecated) |
| 10257 | kube-controller-manager |
| 10259 | kube-scheduler |
| 30000-32767 | NodePort service range |
etcd
etcd is the key-value store that holds all Kubernetes cluster state:
- Port 2379: Client API for reading/writing cluster data
- Port 2380: Peer-to-peer communication for cluster consensus
Firewall Rules for Kubernetes
# Control plane
iptables -A INPUT -p tcp --dport 6443 -j ACCEPT # API server
iptables -A INPUT -p tcp --dport 2379:2380 -j ACCEPT # etcd
iptables -A INPUT -p tcp --dport 10250 -j ACCEPT # Kubelet
# Worker nodes
iptables -A INPUT -p tcp --dport 10250 -j ACCEPT # Kubelet
iptables -A INPUT -p tcp --dport 30000:32767 -j ACCEPT # NodePort
Use Case
Setting up a Kubernetes cluster with proper network policies, configuring firewall rules for the API server (6443), etcd (2379/2380), and Kubelet (10250) across control plane and worker nodes.
Try It — Port Number Reference
Related Topics
Common Development Ports: 3000, 5000, 8000, 8080, 8888
Development
Database Ports: MySQL, PostgreSQL, MongoDB, Redis, and More
Databases
Message Broker Ports: Kafka (9092), RabbitMQ (5672), MQTT (1883)
Message Brokers
Monitoring Ports: Prometheus (9090), Grafana (3000), Elasticsearch (9200)
Monitoring & Observability
Web Server Ports: HTTP (80), HTTPS (443), and Alternatives
Web Servers