Port Configuration

As described in the Architecture section, ODAS is accessed via four public access points:

  1. Web UI and REST API
  2. Planner API
  3. Worker API
  4. Presto/JDBC API

Each of these access points is available via a specific port.

Modifying the Ports

As explained in the Configuration section, the ports are specified in the ODAS configuration YAML file in the ports section. For reference, it is reproduced here:

ports:
    # Ports that must be exposed for clients connecting to ODAS. These ports need to
    # be accessible from where the client is connecting from.

    # This is the port for the ODAS REST API and Web UI. This needs to be accessible for
    # clients connecting from the browser.
    REST: 8083

    # The planner and worker API ports. These ports are required for all clients (e.g.
    # spark or python users) to access metadata and data.
    PLANNER_API: 12050
    WORKER_API: 13050

    # This is the port to access the presto API endpoint for users connecting via JDBC.
    PRESTO_API: 14050

To update the ports using okctl, update the configuration file (e.g. odas.yaml) and run:

$ okctl update --config odas.yaml

The port changes will be applied.

EKS and AKS

On managed Kubernetes clusters (e.g. EKS or AKS, or a Kubernetes cluster that uses the AWS/Azure provider), ODAS will provision Kubernetes Service objects of type LoadBalancer. This has the effect that all services will be provisioned an AWS Network Load Balancer (in AWS) or Azure Basic Load Balancer (in Azure). When changing ports, the Kubernetes Cloud Provider synchronizes those values to the respective load balancer, which can take a few minutes to take effect.

Service types: NodePort vs LoadBalancer

Kubernetes has two types of Service objects that ODAS utilizes for public access points:

  1. NodePort, which exposes a common port across all nodes in the cluster at the host level.
  2. LoadBalancer, which provisions a load balancer object in the respective Cloud provider (e.g. NLB in AWS).

When viewing a service, you will see there are three values defined for each port. For example, for the cdas-rest-server service on AKS/EKS:

$ kubectl get svc cdas-rest-server -oyaml
...
type: LoadBalancer
ports:
- name: webui
  nodePort: 31792
  port: 443
  protocol: TCP
  targetPort: 8083

Each of these values has a different meaning:

  • targetPort is the value of the port that is open on each of the targeted pods.
  • nodePort is the value of the port that is open on each of the nodes themselves.
  • port is the value on which this service is exposed.

The port by which you would access a particular access point is different depending on the Service type:

  • If the Service is of type LoadBalancer, then the service can be accessed on the port value.
  • If the Service is of type NodePort, then the service can be accessed on the nodePort value.

NOTE: okctl handles this distinction for you and you do not generally need to take into account.