tia Core® products running in a container allows to separate management endpoints from usage endpoints.
The parameter management.server.port allows to configure the actuator on a different port. This can improve security and separation of concerns.
Example:
Szenario | Ports | Endpoints |
|---|---|---|
no management Port | 8080 | /contentserver |
| 8080 8099 | /contentserver /actuator/* |
The Example with a management port shows that the Content Server endpoint is running on port 8080 user and SAP will use this endpoint on Port 8080 the firewall allows access. On 8080 it is not possible to get system information from the /actuator endpoint it is simply not available on this port.
Port 8090 has the /actuator/* endpoint available the monitoring system can access on this port the server status (/actuator/health) and Prometheus monitoring Endpoint /actuator/prometheus but it monitoring system cannot access the endpoint with critical company information (/contentserver) , because it is running on another Port.