Membership Ports Access

abezard-cl · June 21, 2021, 5:11pm

Hello everyone!

There is one point I’m not sure about that I was hoping you could clarify regarding the different services’ membership ports: I believe those ports supposed to be opened to all the temporal services? for example the matching service’s membership port needs to be opened to the frontend/history/worker and matching (so itself) services right? Or can it be opened only to the first three?

We’re working on setting up temporal with HA and I’m trying to properly scope my network access permissions for the different services

Thanks!

tihomir · June 23, 2021, 4:46am

Hi @abezard-cl

I think that this post from Samar has the information you need.

Let me know if you have further questions.

samar · June 23, 2021, 4:59pm

Yes I would allow each service to communicate with each other. There is one port for membership communication used by all services to discover each other and a separate port to make rpc calls.

Topic		Replies	Views
Matching service in temporal server single binary Server Deployment general-impl	2	95	March 8, 2024
Enable TLS for membership port traffic and worker grpc traffic Community Support general-impl	3	124	March 28, 2024
Temporal External IP calling Community Support deployment	4	722	August 26, 2021
AWS ECS Fargate Service Discovery Community Support go-sdk , aws , production	1	568	August 24, 2022
How rpServiceResolver works? Community Support	1	248	July 4, 2023

Membership Ports Access

Related Topics