Deployment configuration take into account topics such as restricted access, node communication, swap configuration, and connection timeouts.
When configuring the Couchbase Server deployment, pay attention to the following:
- Restricted access to Moxi ports
- Make sure that only trusted machines (including the other nodes in the cluster) can access the ports that Moxi uses.
- Restricted access to web console (port 8091)
- The web console is password protected. However, we recommend that you restrict access to port 8091; an abuser could do potentially harmful operations (like remove a node) from the web console.
- Node to node communication on ports
- All nodes in the cluster should be able to communicate with each other on 11210 and 8091
- Swap configuration
- Swap should be configured on Couchbase Server. This prevents the operating system from killing Couchbase Server should the system RAM be exhausted. Having swap provides more options on how to manage such a situation.
- See Swap space for a recommendation about setting up a swap space on Linux.
- Idle connection timeouts
- Some firewall or proxy software will drop TCP connections if they are idle for a certain amount of time (e.g. 20 minutes). If the software does not allow you to change that timeout, send a command from the client periodically to keep the connection alive.
- Port Exhaustion on Windows
- The TCP/IP port allocation on Windows by default includes a restricted number of ports available for client communication.