Membership Ports Access

abezard-cl · June 21, 2021, 5:11pm

Hello everyone!

There is one point I’m not sure about that I was hoping you could clarify regarding the different services’ membership ports: I believe those ports supposed to be opened to all the temporal services? for example the matching service’s membership port needs to be opened to the frontend/history/worker and matching (so itself) services right? Or can it be opened only to the first three?

We’re working on setting up temporal with HA and I’m trying to properly scope my network access permissions for the different services

Thanks!

tihomir · June 23, 2021, 4:46am

Hi @abezard-cl

I think that this post from Samar has the information you need.

Let me know if you have further questions.

samar · June 23, 2021, 4:59pm

Yes I would allow each service to communicate with each other. There is one port for membership communication used by all services to discover each other and a separate port to make rpc calls.

Topic		Replies	Views
Matching service in temporal server single binary Server Deployment general-impl	2	186	March 8, 2024
How to setup communication between all service instances running in differenet containers/machines Server Deployment general-impl	3	291	January 29, 2024
Communication between multiple instances of temporal server Community Support general-impl , best-practices	19	4159	August 4, 2020
Is port change necessary for multiple deployments on a single cluster Community Support	3	738	November 21, 2022
Temporal External IP calling Community Support deployment	4	816	August 26, 2021

Membership Ports Access

Related topics