DevOps Port Reference

Published on
Authors

After 7+ years of wrestling with network configurations, firewall rules, and those dreaded 3 AM “why isn’t this connecting?” incidents, I’ve learned one thing: having the right port numbers at your fingertips isn’t just convenient—it’s survival.

The Port Cheat Sheet You Didn’t Know You Needed

Recently, I stumbled across this beautifully organized DevOps port reference guide on Twitter, and honestly, it made my engineer heart skip a beat. Not because it’s revolutionary (we’ve all memorized these ports by now, right?), but because it’s the kind of resource that would have saved me countless hours of Googling during my early career disasters.

Let me walk you through why this simple reference card is actually a masterpiece of practical engineering wisdom.

Web Services: The Foundation of Everything

Port 80 (HTTP) and Port 443 (HTTPS/SSL) - These are the bread and butter of web traffic. If you’ve been in DevOps for more than five minutes, you’ve configured these ports so many times you could do it in your sleep. But here’s the thing about HTTP on port 80: in 2025, if you’re still serving production traffic over unencrypted HTTP, we need to have a serious conversation about security basics.

Port 8080 (HTTP Alternative) - This is your best friend during development and when you need to run multiple web services on the same machine. I’ve lost count of how many times I’ve spun up a quick test server on 8080 while troubleshooting production issues on 443.

Port 8443 (HTTPS Alternative) - The secure cousin of 8080. Perfect for when you’re running multiple SSL-enabled services or need to test certificate configurations without touching your main web server.

Port 3000 (Node.js/React Dev) - If you’ve worked with modern JavaScript frameworks, this port is practically tattooed on your brain. Create React App, Express.js development servers, and countless Node.js applications default to this port. It’s become so ubiquitous that seeing :3000 in a URL immediately tells you you’re looking at a development environment.

Database Ports: Where Data Lives and Breathes

The database section of this reference hits different when you’ve spent years managing multi-database environments:

MySQL/MariaDB (3306) - The workhorse of relational databases. After managing MySQL clusters for years, I can tell you that properly securing this port is crucial. Too many breaches happen because someone left 3306 exposed to the internet with weak authentication.

PostgreSQL (5432) - My personal favorite for complex applications. PostgreSQL’s advanced features make it worth the slight learning curve over MySQL, and port 5432 has become second nature when setting up enterprise applications.

MongoDB (27017) - The poster child of NoSQL databases. I’ve seen this port in everything from small startups to massive enterprise deployments. Pro tip: MongoDB’s default configuration used to be notoriously insecure, so always, always configure authentication and encryption.

Redis (6379) - Lightning-fast in-memory data structure store. Whether you’re using it for caching, session storage, or pub/sub messaging, Redis on 6379 has probably improved the performance of every major application you’ve worked on.

MS SQL Server (1433) - The enterprise favorite. If you’re working in a Windows-heavy environment or dealing with legacy enterprise systems, you’ll become very familiar with this port.

Container Orchestration: The Modern Infrastructure Reality

The container section really resonates with my experience managing Kubernetes clusters:

Docker Daemon TLS (2376) - Secure Docker daemon communication. In production environments, you should never expose the Docker daemon over unencrypted connections. Port 2376 with TLS is non-negotiable for security.

Kubernetes API (6443) - The control plane heartbeat of your Kubernetes cluster. Every kubectl command, every deployment, every scaling operation goes through this port. Understanding how to properly secure and monitor traffic on 6443 is essential for any serious Kubernetes deployment.

Kubelet API (10250) - The agent that runs on each node in your Kubernetes cluster. I’ve spent many late nights debugging node issues by connecting directly to the kubelet API on this port.

etcd Client (2379) - The distributed key-value store that serves as Kubernetes’ brain. Losing data on this port means losing your entire cluster state. I’ve learned to treat etcd with the respect (and backup strategy) it deserves.

Docker Registry (5000) - Your private container image repository. Whether you’re using Docker Hub, AWS ECR, or running your own registry, understanding how image pulls and pushes work on this port is crucial for container workflows.

Monitoring: Because You Can’t Fix What You Can’t See

After years of on-call rotations and production incidents, I can’t overstate the importance of proper monitoring:

Prometheus (9090) - The de facto standard for metrics collection in modern infrastructure. If you’re not using Prometheus to monitor your applications and infrastructure, you’re flying blind.

Grafana (3000) - Beautiful, customizable dashboards that make sense of your Prometheus metrics. I’ve built countless dashboards on Grafana, and it never gets old seeing clean visualizations of system health.

Node Exporter (9100) - System-level metrics for your servers. Every Linux box in your infrastructure should be running Node Exporter to feed system metrics to Prometheus.

Kibana (5601) - Log analysis and visualization. When you’re troubleshooting complex issues across distributed systems, Kibana’s search and visualization capabilities are invaluable.

Elasticsearch (9200) - The search engine powering your log aggregation. Whether you’re using the ELK stack or newer alternatives, understanding how to query and optimize Elasticsearch on port 9200 is essential.

Message Queues: The Nervous System of Distributed Applications

Modern applications are built on asynchronous communication, and these ports are the highways:

RabbitMQ AMQP (5672) - Reliable message queuing with advanced routing capabilities. I’ve used RabbitMQ in everything from simple background job processing to complex event-driven architectures.

RabbitMQ UI (15672) - The management interface that lets you visualize queue depths, connection counts, and system health. Invaluable for debugging message flow issues.

Apache Kafka (9092) - High-throughput distributed streaming platform. If you’re dealing with real-time data processing or event streaming at scale, Kafka on 9092 is probably handling millions of messages.

Apache Zookeeper (2181) - Coordination service for distributed applications. While newer versions of Kafka are moving away from Zookeeper, it’s still central to many distributed systems.

CI/CD and Development Tools: The Automation Engine

Jenkins (8080) - The Swiss Army knife of CI/CD. Despite being older than some of the developers using it, Jenkins remains incredibly popular and powerful.

SonarQube (9000) - Code quality analysis that can save you from shipping bugs. Integrating SonarQube into your CI pipeline is one of the best investments you can make in code quality.

Nexus Repository (8081) - Artifact repository management. Whether you’re storing Maven artifacts, Docker images, or npm packages, Nexus provides a central repository solution.

HashiCorp Vault (8200) - Secrets management done right. In an era where credential leaks can destroy companies, Vault provides enterprise-grade secrets management.

Nomad (4646) - HashiCorp’s container orchestration alternative to Kubernetes. Simpler to operate but still powerful for many use cases.

The Most Common Network Ports: The Classics Never Go Out of Style

The bottom section highlighting the most common ports (22 for SSH, 21 for FTP, 53 for DNS, etc.) serves as a reminder that despite all our modern tooling, the fundamentals of networking remain unchanged:

  • SSH (22) - Your lifeline to remote systems
  • FTP (21) - Still hanging around despite security concerns
  • DNS (53) - The phonebook of the internet
  • SMTP (25) - Email delivery that still powers business communication
  • POP3 (110) - Email retrieval (though IMAP is preferred)
  • IMAP (143) - Modern email access
  • SNMP (161) - Network monitoring protocol
  • LDAP (389) - Directory services
  • HTTPS (443) - Encrypted web traffic (use this, not HTTP)
  • SMB (445) - Windows file sharing
  • IMAPS (993) - Secure IMAP
  • OpenVPN (1194) - VPN connectivity

Security Considerations: The Real-World Lessons

After years of managing production systems, here are the security lessons I’ve learned about these ports:

  1. Never expose database ports directly to the internet - Use VPNs, bastion hosts, or service meshes
  2. Always use TLS/SSL variants when available - Port 443 over 80, 2376 over 2375, etc.
  3. Implement proper network segmentation - Not every service needs to talk to every other service
  4. Monitor unusual traffic patterns - Unexpected connections to these ports often indicate security issues
  5. Keep default ports in mind for attackers - They know these ports too and will scan for them

The Evolution of Port Usage

What’s fascinating about this reference is how it captures the evolution of our industry. Seven years ago, I was primarily concerned with traditional web servers and databases. Now, container orchestration, service meshes, and cloud-native monitoring tools dominate our infrastructure.

The inclusion of modern tools like Kubernetes (6443), Prometheus (9090), and HashiCorp Vault (8200) alongside classics like SSH (22) and HTTP (80) perfectly illustrates how our toolchain has evolved while still building on fundamental networking principles.

The Bottom Line

This DevOps port reference isn’t just a convenient cheat sheet—it’s a snapshot of the modern infrastructure landscape. From traditional web services to cutting-edge container orchestration, from time-tested databases to modern monitoring solutions, these ports represent the building blocks of reliable, scalable systems.

Whether you’re a junior engineer just starting your DevOps journey or a seasoned professional like myself, having quick access to this information makes you more efficient and reduces the cognitive load of remembering dozens of port numbers.

In our industry where things change rapidly, it’s refreshing to have a solid reference for the fundamentals that remain constant. Save this reference, share it with your team, and let it serve as a foundation for building robust, well-connected systems.

After all, in DevOps, it’s not just about making things work—it’s about making them work reliably, securely, and at scale. And that all starts with getting the basics right, one port at a time.

Cheers,

Sim