This article describes the inbound and outbound network access required for Image Artist deployments.
Outbound internet access from the Image Artist server is assumed.
Outbound internet access from the Image Artist server is assumed.
Inbound Access to the Image Artist Server
These firewall rules apply to inbound traffic destined for the Image Artist server.
Port | Protocol(s) | When Required | Purpose |
| 22 | SSH | Always | Administrative access |
| 443 | HTTPS | Always | Web application and client connectivity |
| 80 | HTTP | Only when using older Harmony clients | Client connectivity (older Harmony clients only) |
| 9500 | HTTPS | Only when using local MinIO storage | Image data transfer to local MinIO |
| 9501, 9001 | HTTPS | Optional | MinIO administrative web console |
Note: Port 9500 is not required when Image Artist is configured to use AWS S3, NetApp StorageGRID, or Google Cloud Storage.
Outbound Access from Clients
When external object storage is used, image data flows directly from upload client machines to the storage service, not through the Image Artist server.
These rules apply to outbound HTTPS traffic initiated by Image Artist upload clients, such as the ImA Loader, gemma-client, or Harmony (v5.3 onward).
Destination | Protocol | When Required | Purpose |
AWS S3 endpoint (for example, s3.amazonaws.com or a regional endpoint) | HTTPS | When using AWS S3 storage | Direct image data upload and download |
Customer-defined NetApp StorageGRID endpoint | HTTPS | When using NetApp StorageGRID | Direct image data upload and download |
Google Cloud Storage HTTPS endpoint | HTTPS | When using Google Cloud Storage | Direct image data upload and download |
Comments
0 comments
Article is closed for comments.