spectrocloud · karl-cardenas-coding · Oct 26, 2023 · Oct 26, 2023 · Oct 26, 2023 · Oct 26, 2023
@@ -4,6 +4,8 @@ title: "Network Communication and Ports"
 description: "Port-Direction-Purpose Management Platform and Workload Clusters"
 icon: ""
 hide_table_of_contents: false
+# toc_min_heading_level: 2
+toc_max_heading_level: 2
 sidebar_position: 20
 ---
 
@@ -12,38 +14,67 @@ Depending on what version of Palette you are using, the internal architecture an
 
 
 
-<Tabs queryString="networking-ports">
-<TabItem label="gRPC" value="gRPC" que>
-
 ## SaaS Network Communications and Ports
 
+<Tabs groupId="architecture">
+<TabItem label="gRPC" value="gRPC">
 
 
 
 The following ports must be reachable from a network perspective for Palette SaaS to function correctly.
 
-![SaaS Network Diagram with ports](/architecture_networking-ports_saas-network-diagram.png "title=SaaS Network Diagram with ports")
+![SaaS Network Diagram with ports](/architecture_networking-ports_saas-network-diagram-grpc.png "title=SaaS Network Diagram with ports")
 
 
+</TabItem>
 
-#### SaaS Managed
+<TabItem label="NATS" value="nats">
 
+The following ports must be reachable from a network perspective for Palette SaaS to function correctly.
 
-![SaaS network diagram displaying the network paths for edge](/architecture_networking-ports_saas-network-diagram-edge.png)
+![SaaS Network Diagram with ports](/architecture_networking-ports_saas-network-diagram-nats.png "title=SaaS Network Diagram with ports")
 
 
+</TabItem>
 
+</Tabs>
 
-:::caution
 
-NATS is deprecated and will be removed in a future release. Starting with Palette 4.0.0, gRPC is used for all communication between the management platform and the workload cluster.
+### SaaS Managed With Edge
 
-:::
+<Tabs groupId="architecture">
+<TabItem label="gRPC" value="gRPC">
 
 
+
+![SaaS network diagram displaying the network paths for edge](/architecture_networking-ports_saas-network-diagram-edge-grpc.png)
+
+
+
+
+
+</TabItem>
+
+<TabItem label="NATS" value="nats">
+
+
+
+![SaaS network diagram displaying the network paths for edge](/architecture_networking-ports_saas-network-diagram-edge-nats.png)
+
+</TabItem>
+</Tabs>
+
+
+
+## Network Ports
+
 The following ports must be reachable from a network perspective for Palette to operate properly.
 
-## Management Platform
+<Tabs groupId="architecture">
+<TabItem label="gRPC" value="gRPC">
+
+
+### Management Platform
 
 |Port            |Direction|Purpose                   |    
 |:---------------|:---------|:-----------------------|
@@ -52,7 +83,7 @@ The following ports must be reachable from a network perspective for Palette to
 |NATS (tcp/4222) |INBOUND        |Agent running inside connecting to management platform [Deprecated]|
 
 
-## Workload Cluster
+### Workload Cluster
 
 
 |Port            |Direction | Purpose|
@@ -61,47 +92,34 @@ The following ports must be reachable from a network perspective for Palette to
 |HTTPS (tcp/443) |OUTBOUND | gRPC, Registry (packs, integrations), Pack containers, Application Updates|
 |NATS (tcp/4222) |OUTBOUND |Registry (packs, integrations), Pack containers, Application Updates [Deprecated]|
 
-:::info
-
-You can expose inbound port 22 for SSH if you would like to access your cluster nodes for troubleshooting remotely. This is entirely optional and not required for Palette to operate appropriately.
-
-:::
-
-
-## Self-Hosted Network Communications and Ports
-
-The following ports must be reachable from a network perspective for Palette self-hosted to function correctly.
-
-
-![On-prem network diagram](/architecture_networking-ports_network-diagram.png "#title="network diagram")
 
 
 
+</TabItem>
 
-:::caution
-
-NATS is deprecated and will be removed in a future release. Starting with Palette 4.0.0, gRPC is used for all communication between the management platform and the workload cluster.
+<TabItem label="NATS" value="nats">
 
-:::
 
-## Management Platform
+### Management Platform
 
 |Port            |Direction|Purpose                   |    
 |:---------------|:---------|:-----------------------|
-|HTTPS (tcp/443) |INBOUND        |Browser/API access to management platform, gRPC|
-|NATS (tcp/4222) |INBOUND        |Message Bus for workload clusters [Deprecated]|
-|HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API,  Registry (packs, integrations), Pack containers, app updates, gRPC|
-|HTTPS (tcp/6443)|OUTBOUND       |Workload K8s cluster API Server|
+|HTTPS (tcp/443) |INBOUND        |Browser/API access to management platform|
+|NATS (tcp/4222) |INBOUND        |Agent running inside connecting to management platform|
 
 
-## Workload Cluster
+### Workload Cluster
 
 
-|Port |Direction | Purpose|
+|Port            |Direction | Purpose|
 |:---------------|:---------|:--------------|
 |HTTPS (tcp/443) |OUTBOUND | API access to management platform|
-|NATS (tcp/4222) |OUTBOUND       |Agent communication via message bus. [Deprecated] |
-|HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API, gRPC, Registry (packs, integrations), Pack containers, Application updates|
+|NATS (tcp/4222) |OUTBOUND       |Registry (packs, integrations), Pack containers, Application Updates|
+|NATS (tcp/4222) |OUTBOUND       |Registry (packs, integrations), Pack containers, Application Updates|
+
+
+</TabItem>
+</Tabs>
 
 :::info
 
@@ -110,60 +128,60 @@ You can expose inbound port 22 for SSH if you would like to access your cluster
 :::
 
 
+## Self-Hosted Network Communications and Ports
 
-</TabItem>
 
-<TabItem label="NATS" value="nats">
+<Tabs groupId="architecture">
+<TabItem label="gRPC" value="gRPC">
 
-## SaaS Network Communications and Ports
 
-The following ports must be reachable from a network perspective for Palette SaaS to function correctly.
+![On-prem network diagram](/architecture_networking-ports_on_prem_network-diagram-grpc.png "#title="network diagram")
 
+</TabItem>
 
-![SaaS Network Diagram with ports](/architecture_networking-ports_network-diagram_nats.png "title=SaaS Network Diagram with ports")
+<TabItem label="NATS" value="nats">
 
+![On-prem network diagram](/architecture_networking-ports_on_prem_network-diagram-nats.png "#title="network diagram")
 
 
-#### SaaS Managed
+</TabItem>
+</Tabs>
 
+The following ports must be reachable from a network perspective for Palette self-hosted to function correctly.
 
-![SaaS network diagram displaying the network paths for edge](/architecture_networking-ports_saas-network-diagram-edge_nats.png)
 
+<Tabs groupId="architecture">
+<TabItem label="gRPC" value="gRPC">
 
-The following ports must be reachable from a network perspective for Palette to operate properly.
 
-## Management Platform
+### Management Platform
 
 |Port            |Direction|Purpose                   |    
 |:---------------|:---------|:-----------------------|
-|HTTPS (tcp/443) |INBOUND        |Browser/API access to management platform|
-|NATS (tcp/4222) |INBOUND        |Agent running inside connecting to management platform|
+|HTTPS (tcp/443) |INBOUND        |Browser/API access to management platform, gRPC|
+|NATS (tcp/4222) |INBOUND        |Message Bus for workload clusters [Deprecated]|
+|HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API,  Registry (packs, integrations), Pack containers, app updates, gRPC|
+|HTTPS (tcp/6443)|OUTBOUND       |Workload K8s cluster API Server|
 
 
-## Workload Cluster
+### Workload Cluster
 
 
-|Port            |Direction | Purpose|
+|Port |Direction | Purpose|
 |:---------------|:---------|:--------------|
 |HTTPS (tcp/443) |OUTBOUND | API access to management platform|
-|NATS (tcp/4222) |OUTBOUND       |Registry (packs, integrations), Pack containers, Application Updates|
-|NATS (tcp/4222) |OUTBOUND       |Registry (packs, integrations), Pack containers, Application Updates|
-
-:::info
+|NATS (tcp/4222) |OUTBOUND       |Agent communication via message bus. [Deprecated] |
+|HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API, gRPC, Registry (packs, integrations), Pack containers, Application updates|
 
-You can expose inbound port 22 for SSH if you would like to access your cluster nodes for troubleshooting remotely. This is entirely optional and not required for Palette to operate appropriately.
 
-:::
 
+</TabItem>
 
-## Self-Hosted Network Communications and Ports
-
-The following ports must be reachable from a network perspective for Palette self-hosted to function correctly.
+<TabItem label="NATS" value="nats">
 
 
-![On-prem network diagram](/architecture_networking-ports_on_prem_network-diagram.png "#title="network diagram")
 
-## Management Platform
+### Management Platform
 
 |Port            |Direction|Purpose                   |    
 |:---------------|:---------|:-----------------------|
@@ -173,7 +191,7 @@ The following ports must be reachable from a network perspective for Palette sel
 |HTTPS (tcp/6443)|OUTBOUND       |Workload K8s cluster API Server|
 
 
-## Workload Cluster
+### Workload Cluster
 
 
 |Port |Direction | Purpose|
@@ -182,12 +200,22 @@ The following ports must be reachable from a network perspective for Palette sel
 |NATS (tcp/4222) |OUTBOUND       |Agent communication via message bus |
 |HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API, Registry (packs, integrations), Pack containers, Application updates.
-|HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API, Registry (packs, integrations), Pack containers, Application updates.
+|HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API, Registry (packs, integrations), Pack containers, Application updates
-|HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API, Registry (packs, integrations), Pack containers, Application updates.
+|HTTPS (tcp/443) |OUTBOUND       |vSphere vCenter API, Registry (packs, integrations), Pack containers, Application updates
 
+
+</TabItem>
+</Tabs>
+
+
 :::info
 
 You can expose inbound port 22 for SSH if you would like to access your cluster nodes for troubleshooting remotely. This is entirely optional and not required for Palette to operate appropriately.
 
 :::
 
-</TabItem>
-</Tabs>
+
+
+
+
+
+
+
 
@@ -13,7 +13,7 @@ tags: ["release-notes"]
 
 ## October 22, 2023 - Release 4.1.0
 
-Palette 4.1.0 introduces several new features and enhancements to the platform. New features, such as the automatic SSL control plane certificate renewal and node repavement warnings, are designed to continue to help you manage Kubernetes clusters with confidence. The new built-in notification system for our SaaS platform is another addition designed to help you stay up-to-date with announcements and changes by bringing the news directly to you. 
+Palette 4.1.0 introduces several new features and enhancements to the platform. New features, such as static IP address for Edge hosts, and node repavement warnings, are designed to continue to help you manage Kubernetes clusters with confidence. The new built-in notification system for our SaaS platform is another addition designed to help you stay up-to-date with announcements and changes by bringing the news directly to you. 
 
 Check out the following sections to learn about all the new features and improvements introduced in this release.