Setup ports for external connections

To allow Apiary connect to external applications such as Hive, it is necessary to open one of the following ports:

• 5672 - for insecure connections (we do not recommend using it). To ensure a secure connection, you can use such tools as Elastic Load Balancing (AWS) or Google Cloud Load Balancing (GCE).
• 5671 - for secure connections. In this case, it is necessary to configure TLS. TLS requires domain name and valid certificate instead of self-signed. For example, you can use Let's encrypt service or any other provider that can issue you a valid certificate.

For correct work of Apiary, it is necessary to open ports 80 and 443 using your network equipment or the Load Balancer of your cloud provider, f.e. Elastic Load Balancing (AWS) or Google Cloud Load Balancing (GCE).

Additionally, you may need to open all ports you use:

• in your network equipment, f.e. by adding these ports to Security Group (AWS) or to Compute Engine firewall rules (GCE);
• in Firewall of your OS (if incoming connections are not allowed by default).

Change default ports

To change default Apiary ports:

1. Open the console of the virtual machine;

2. Open the /opt/hw-fh/config/user.ini file using the command (root privileges required):

   nano /opt/hw-fh/config/user.ini
   

3. Add the following parameters to the file and specify new IP, and port, f.e.:

   • for HTTP ports:

   [main]
   f.deck.ip.expose = 127.0.0.0
   f.deck.port.expose = 10001
   

   • for HTTPS ports:

   [main]
   f.deck.https.ip.expose = 0.0.0.0
   f.deck.https.port.expose = 443
   

4. Save the /opt/hw-fh/config/user.ini file;

5. To apply changes, run the command:

   /opt/hw-fh/bin/reconfig
   

See also

• System Requirements and Installation Apiary
• Getting started: Create Projects in Apiary
• SSL certificates in Apiary
• Configure LDAP authentication
• Create connection between Apiary and Hive projects