Port reference
Review the ports that are used by kgateway.
Kgateway deploys containers that listen on certain ports for incoming traffic. In the following sections, you can review the pods and services that make up kgateway, and the ports that these pods and services listen on. ,
Installation
The kgateway installation process uses a Helm chart to create the necessary custom resource definitions (CRDs), deployments, services, pods, etc. The services and pods listen on specific ports to enable communication between the components that make up kgateway.
Components
A standard installation of kgateway includes the following components:
- Kgateway control plane
- Creates an Envoy configuration from multiple custom resources.
- Serves Envoy configurations using xDS.
- Validates Proxy configurations for the gateway proxy.
- Kgateway data plane (gateway proxy)
- Receives and loads configuration from kgateway xDS.
- Proxies incoming traffic.
Pods and ports
The components are instantiated by using pods and services. The following table lists the deployed pods and ports in use by each pod.
Control plane ports
| Pod | Port | Usage |
|---|---|---|
| kgateway | 9976 | REST xDS |
| kgateway | 9977 | xDS Server |
Gateway proxy ports
The following ports are reserved by Kgateway and cannot be used when configuring your gateway proxy.
| Port | Description |
|---|---|
| 19000 | The Envoy admin port. Gateway proxies expose an admin interface on this port that you can use to access important proxy information, such as the config dump, heap dump, healthchecks, and memory allocation. |
| 15000 | The agentgateway admin port. Agentgateway proxies expose several endpoints on this port that you can use to access important proxy information, such as the config dump (15000/config_dump) and a read-only user interface (15000/ui). |
| 8082 | The readiness port. This port can be used to determine if the gateway proxy is ready to receive traffic. |
| 9091 | The Prometheus scraping port. Gateway proxies expose all metrics on this port so that Prometheus can scrape them. |
Note that if you configure one of these ports, the gateway proxy still deploys. However, you see error messages, such as the following in the logs.
err="failed to apply object apps/v1, Kind=Deployment example-gateway: failed to create typed patch object
(gwtest/example-gateway; apps/v1, Kind=Deployment): .spec.template.spec.containers[name=\"kgateway-proxy\"].
ports: duplicate entries for key [containerPort=9091,protocol=\"TCP\"]"