Currently, to use Event Stream functionality with Habitat to feed data to the Applications tab of Chef Automate communications from clients are sent to target port
4222 on the Chef Automate server.
All other communications from clients to Chef Automate leverage connectivity over the default port of
443 (or the port where
automate-load-balancer is bound) except for client communications from the Habitat Supervisor to Automate for Event Stream. This presents complications in environments where non-standard ports are restricted heavily by network security teams or where Chef Automate instances are located behind an application load balancer, requiring additional load balancer configurations to be deployed or enabled to allow client connectivity.
In an ideal scenario, the Event Stream capabilities from the Habitat Supervisor would communicate with the standard published external bindings for Chef Automate as other services do rather than requiring additional configurations to expose and enable secure communications to port
Connections to port
4222 also communicate directly with the
event-gateway service, bypassing the
automate-load-balancer service. This could potentially lead to scaling issues or accidental breakage to the
event-gateway communication data since it is connecting over a unique entry point.