Jenkins › Jenkins users

Jenkins Server and Ports

Classic

List

Threaded

2 messages Options

David Weintraub

Jenkins Server and Ports

Our new Jenkins server has had all of its ports locked down. I mean
practically every single one. I had to create a ticket to our techs to
open the required ports.

Unfortunately, I'm not 100% sure what I should ask for. I bet other
people have been in this position too. So, what ports would you
recommend must remain open on a Jenkins server. Here's a few I listed:

Port 8080 and 8001: These are the default ports Jenkins uses. The 8001
is a control port.
Port 2368: Subversion's svnserve port. We normally use http:, but it's
nice to have the option. I can use svnserve with different permissions
than httpd. and it's a bit faster.

Port 25: SMTP Mail Server

Ports 53, 389, 636, 2368, and 2369: These are required for Active
Directory (maybe others might be required too). If you can't use
Active Directory, you might be able to use LDAP over port 389 or port
2368, or LDAPS over 636 or 2369.

Port 123: This is for the Network Time Protocol (NTP). Useful to sync
the clocks between Jenkins, your users, and the source repositories.

Port 4560: Used by Log4J

Port: 8000-8999: For future services. Maybe Sventon, JNLP used by
Jenkins for slave control, etc.

Any other ports you feel might be important? For example, maybe I
should have something for a SQL database.

--
David Weintraub
[hidden email]

Remove Ads

Les Mikesell

Re: Jenkins Server and Ports

On Wed, Feb 22, 2012 at 1:37 PM, David Weintraub <[hidden email]> wrote:

> Our new Jenkins server has had all of its ports locked down. I mean
> practically every single one. I had to create a ticket to our techs to
> open the required ports.
>
> Unfortunately, I'm not 100% sure what I should ask for. I bet other
> people have been in this position too. So, what ports would you
> recommend must remain open on a Jenkins server. Here's a few I listed:
>
> Port 8080 and 8001: These are the default ports Jenkins uses. The 8001
> is a control port.
> Port 2368: Subversion's svnserve port. We normally use http:, but it's
> nice to have the option. I can use svnserve with different permissions
> than httpd. and it's a bit faster.
>
> Port 25: SMTP Mail Server
>
> Ports 53, 389, 636, 2368, and 2369: These are required for Active
> Directory (maybe others might be required too). If you can't use
> Active Directory, you might be able to use LDAP over port 389 or port
> 2368, or LDAPS over 636 or 2369.
>
> Port 123: This is for the Network Time Protocol (NTP). Useful to sync
> the clocks between Jenkins, your users, and the source repositories.
>
> Port 4560: Used by Log4J
>
> Port: 8000-8999: For future services. Maybe Sventon, JNLP used by
> Jenkins for slave control, etc.
>
> Any other ports you feel might be important? For example, maybe I
> should have something for a SQL database.

I always run it via apache's ajp proxy (as /jenkins) so you only need
port 80 open from most locations and it can co-exist with other web
services on that port. If it is a linux box, you'll want port 22 for
ssh but maybe that goes without saying. And ssh outbound to the
slaves if you start them that way.

--
Les Mikesell
[hidden email]