Network Connectivity of the Kobiton Cart

May 11, 2022 20:18

Introduction

This article is to showcase the network connectivity and relevant information of Kobiton's private, local deployment option. The Kobiton Cart (or setup on customers rack) resides in the customer's facility that includes the GEM server along with the deviceConnect Server that further connects to the Kobiton server (iP OP server) residing in the Kobiton cloud instance.

Screen_Shot_2022-05-11_at_3.08.52_PM.png

Notes:

Servers are connected to the cooperation network using their RJ-45 port
Servers don’t depend on any inbound connectivity from the cloud so they can run in an isolated network that has no Internet connectivity

Legend

Screen_Shot_2022-05-11_at_3.21.09_PM.png

Annotations of the network port

1. On iP OP Server

Annotation Name	Port detail	Comment
A1	`https://:443`	The Portal Web UI connected from end-user machine
	`https://:3000`	The REST API and Appium server connected from end-user machine

	`https://:3003` `https://:3002`	deviceShare Personal, Virtual USB clients and Web UI from end-user machines
	`https://:8080`	The Report Web UI connected from end-user machine
	(gRPC) `https://:5080`	gRPC service connected from end-user machine for Manual session on a device
	`wss://:443`	Websocket service connected from end-user machine for Manual session on a device
	`https://4572`	Downloading and uploading binary files connected from end-user machine
	`https://4573`	Administration Web UI of MinIO
A2	(TLS) `tcp://:10000`	(Port number may be changed) The Virtual USB service connected from end-user machine
A3	`http://:8025`	Built-in Web UI for SMTP server. It’s used when customer doesn’t want to use their SMTP server
	`ws://:4002`	Websocket service connected from end-user machine for Manual session on a device
A4	(gRPC) `http://:3001`	Mics services
	gRPC) `http://:4000`	Device-oriented services
	(gRPC) `http://:6000`	App-oriented services
	`http://:8500`	Address-oriented services
	`http://:4574`	Downloading and uploading binary files
	`http://:3002`	(Port number may be changed) Device connectivity checking service.
A5	`tcp://:5432`	Postgres service, used for troubleshooting
	`tcp://:6379`	Redis service, used for troubleshooting
	`tcp://:9092`	Kafka service, used for troubleshooting
	`tcp://:2181`	ZooKeeper service, used for troubleshooting
X	`tcp://:22`	SSH service. For server administration

2. On deviceConnect Server

Annotation Name	Port detail	Comment
C1	(gRPC) `http://:10180`	Device-oriented services
	`tcp://:10000`	(Port number may be changed) The Virtual USB service
C2	`tcp://:10160`	Device-oriented services
	`https://:10170-10270`	(Port number may be changed) Forward proxy service to capture network traffic on the device
X	`tcp://:22`	SSH service. For server administration
	`tcp://:5900`	VNC service. For server administration

3. On GEM Server

Annotation Name	Port detail	Comment
B1	(DTLS) `udp://:32767-65535`	WebRTC video streaming from end-user machine for Manual session on a device
B2	`tcp://:10162`	Device-oriented services
X	`tcp://:22`	SSH service. For server administration

Whitelist rule for customers behind a firewall

For customers that prefers to deploying model behind a firewall (private network, isolated from the world wide web), your firewall needs to whitelist:

- TCP traffic on port 80/443 on these protocols: HTTP, HTTPS, Websocket and gRPC.

- If you also want to include usage of cloud devices (devices hosted by Kobiton): please whitelist UDP traffic on port 32768-65535 (with GEM).

for the following URLs:

portal.kobiton.com or IP address: 980 IN A 34.233.234.136
hub.kobiton.com or IP address: 3600 IN A 34.233.234.136
direct-hub.kobiton.com or IP address:
- 300 IN A 54.197.90.229 for kobiton-prod-direct-hub-1.kobiton.com
- 300 IN A 13.36.71.123 for kobiton-prod-direct-hub-2.kobiton.com