etcd Client
What is Port 2379?
Port 2379 is the default client API port for etcd, a distributed key-value store used for shared configuration, service discovery, and coordination of distributed systems. Developed by CoreOS (now part of Red Hat), etcd is written in Go and uses the Raft consensus algorithm for leader election and data replication. Most importantly, etcd is the primary data store for Kubernetes, storing all cluster state — deployments, pods, services, secrets, and configuration. Every Kubernetes API server communicates with etcd on port 2379 to read and write cluster state. Beyond Kubernetes, etcd is used by CoreDNS, Rook, and other cloud-native tools. etcd provides strong consistency, watch mechanisms for change notification, and transactional operations.
Common Uses
- Kubernetes cluster state storage
- Distributed configuration management
- Service discovery and registration
- Leader election for distributed systems
Technical Details
Copy-paste commands to check port 2379 (etcd Client) from your terminal
Test connectivity
nc -zv example.com 2379
curl -v --max-time 5 http://example.com:2379/
telnet example.com 2379
nmap -p 2379 -sV example.com
(echo > /dev/tcp/example.com/2379) 2>/dev/null && echo "open" || echo "closed"
Open port in firewall
sudo ufw allow 2379/tcp
sudo iptables -A INPUT -p tcp --dport 2379 -j ACCEPT
sudo firewall-cmd --permanent --add-port=2379/tcp && sudo firewall-cmd --reload
Security Considerations
etcd stores the entire Kubernetes cluster state, including secrets. Compromise of etcd means complete cluster compromise. Always enable mutual TLS (mTLS) for client connections. Restrict access to Kubernetes API servers only. Encrypt etcd data at rest. Regularly backup etcd data. Never expose port 2379 to the internet or untrusted networks.
Popular Ports Reference
The most commonly used and referenced network ports