@dragfly
There are a number of ports that can be set via the nifi.properties file that you would need to make sure are open/reachable. Some of those you already identified in your question. The other ports may vary depending on the version of NiFi you are using since new capabilities/features get introduced from time to time.
This list includes below properties that would exist in nifi.properties file (depending on NiFi version):
Web properties:
nifi.web.http.port
nifi.web.http.port.forwarding
nifi.web.https.port
nifi.web.https.port.forwarding
Cluster Node properties:
nifi.cluster.node.protocol.port
nifi.cluster.load.balance.port
Site-To-Site properties:
nifi.remote.input.socket.port
NiFi clusters also have a dependency on zookeeper, so you'll need to make sure your NiFi nodes can reach your ZK hosts over the configured ZK ports configured in your ZK.
Then once you start building your dataflows, you may add components to the canvas the introduce additional ports you may need to open. For example, any processor or controller service that creates a listener for incoming request like ListenHTTP, ListenTCP, DistributedMapCacheServer, etc.
For egress the same applies for any external service(s) your NiFi dataflows will need to connect with.
If you found that this solution help you, please take a moment to login and click accept on this solution.
Thanks,
Matt
