Port reference
Review the ports that are used by kgateway.
Kgateway deploys containers that listen on certain ports for incoming traffic. In the following sections, you can review the pods and services that make up kgateway, and the ports that these pods and services listen on. ,
Installation
The Gloo Gateway installation process uses a Helm chart to create the necessary custom resource definitions (CRDs), deployments, services, pods, etc. The services and pods listen on specific ports to enable communication between the components that make up Gloo Gateway.
Components
A standard installation of Gloo Gateway includes the following components:
- Gloo Gateway control plane
- Creates an Envoy configuration from multiple custom resources.
- Serves Envoy configurations using xDS.
- Validates Proxy configurations for the gateway proxy.
- Gloo Gateway data plane (gateway proxy)
- Receives and loads configuration from kgateway xDS.
- Proxies incoming traffic.
Pods and ports
The components are instantiated by using pods and services. The following table lists the deployed pods and ports in use by each pod.
Control plane ports
| Pod | Port | Usage |
|---|---|---|
| gloo-gateway | 9976 | REST xDS |
| gloo-gateway | 9977 | xDS Server |
Gateway proxy ports
The following ports are reserved by Gloo Gateway and cannot be used when configuring your gateway proxy.
| Port | Description |
|---|---|
| 19000 | The Envoy admin port. Gateway proxies expose an admin interface on this port that you can use to access important proxy information, such as the config dump, heap dump, healthchecks, and memory allocation. |
| 15000 | The agentgateway admin port. Agentgateway proxies expose several endpoints on this port that you can use to access important proxy information, such as the config dump (15000/config_dump) and a read-only user interface (15000/ui). |
| 8082 | The readiness port. This port can be used to determine if the gateway proxy is ready to receive traffic. |
| 9091 | The Prometheus scraping port. Gateway proxies expose all metrics on this port so that Prometheus can scrape them. |
Note that if you configure one of these ports, the gateway proxy still deploys. However, you see error messages, such as the following in the logs.
err="failed to apply object apps/v1, Kind=Deployment example-gateway: failed to create typed patch object
(gwtest/example-gateway; apps/v1, Kind=Deployment): .spec.template.spec.containers[name=\"kgateway-proxy\"].
ports: duplicate entries for key [containerPort=9091,protocol=\"TCP\"]"