openshift-docs/modules/microshift-config-nodeport-limits.adoc

// Module included in the following assemblies:
//
// * microshift/using-config-tools.adoc

:_mod-docs-content-type: CONCEPT
[id="microshift-nodeport-range-limits_{context}"]
= Extending the port range for NodePort services

The `serviceNodePortRange` setting extends the port range available to NodePort services. This option is useful when specific standard ports under the `30000-32767` range need to be exposed. For example, if your device needs to expose the `1883/tcp` MQ Telemetry Transport (MQTT) port on the network because client devices cannot use a different port.

[IMPORTANT]
====
NodePorts can overlap with system ports, causing a malfunction of the system or {microshift-short}.
====

Consider the following when configuring the NodePort service ranges:

* Do not create any NodePort service without an explicit `nodePort` selection. When an explicit `nodePort` is not specified, the port is assigned randomly by the `kube-apiserver` and cannot be predicted.

* Do not create any NodePort service for any system service port, {microshift-short} port, or other services you expose on your device `HostNetwork`.

* Table one specifies ports to avoid when extending the port range:
+
.Ports to avoid.
[cols="2",options="header"]
|===
|Port
|Description

|22/tcp
|SSH port

|80/tcp
|OpenShift Router HTTP endpoint

|443/tcp
|OpenShift Router HTTPS endpoint

|1936/tcp
|Metrics service for the openshift-router, not exposed today

|2379/tcp
|etcd port

|2380/tcp
|etcd port

|6443
|kubernetes API

|8445/tcp
|openshift-route-controller-manager

|9537/tcp
|cri-o metrics

|10250/tcp
|kubelet

|10248/tcp
|kubelet healthz port

|10259/tcp
|kube scheduler
|===