# Port Forwarding Instructions

## Ports of Interest in TwinGraph

This is a list of ports of interest on the various containers running as part of TwinGraph. 

| PORT        | Description | Explanation |
| ----------- | ----------- | ----------- |
| 3000        | Gremlin Viz | This is the port that is exposed for the Gremlin Visualizer. |
| 3001        | Gremlin Viz | This is the port that stores data needed by the Gremlin Visualizer. |
| 8001        | Kube Dash   | This port exposes the Kubernetes dashboard, which can be used to debug, observe and audit the workflow. |
| 8182        | Gremlin Server  | This port connects to the Gremlin Server, with either Apache TinkerGraph database or Amazon Neptune. |
| 5555        | Flower Dash | This port exposes the Celery Flower dashboard, which is very useful in debugging individual nodes. |

These other ports are important to take note of in case of debugging the message passing backends:

| PORT        | Description | Explanation |
| ----------- | ----------- | ----------- |
| 6379        | Redis       | Redis uses this port for backend result store as well as for message passing. |
| 5672        | RabbitMQ    | The containerized RabbitMQ runs on this port. |

**Security Best Practice**: When opening connections from a remote host (i.e. Linux machine running TwinGraph) to local client, ensure that security best practices are followed and the remote machine is not open to unrestricted access to the public (0.0.0.0/0). If using AWS resources, please consult with your security team for any concerns and follow AWS guidelines [here](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-best-practices.html).

Specifically, if using AWS EC2, configure the Security Groups to only allow the VPC subnet or IP address of client to access and ssh into the remote machine. See [here](https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html) for more details.

## How to Forward Ports

Instructions on how to port forward can be found for Putty [here](https://sysnews.ma.ic.ac.uk/ssh/port-forwarding-for-Windows-using-PuTTY.html) (from Linux to Windows) or through standard ssh [here](https://www.ssh.com/academy/ssh/tunneling-example) (for Mac/Linux to Linux). Alternatively modern IDEs like VSCode have extensions for remote development where you can do this on the UI as shown [here](https://code.visualstudio.com/docs/remote/ssh#_forwarding-a-port-creating-ssh-tunnel).