You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
|**RegisterNewNode** "`<AuthenticationKey>`" | Register a self-hosted integration runtime node with the specified authentication key. | No |
102
-
|**EnableRemoteAccess** "`<port>`" ["`<thumbprint>`"]| Enable remote access on the current node to set up a high-availability cluster. Or enable setting credentials directly against the self-hosted IR without going through the Azure Data Factory service. You do the latter by using the **New-AzDataFactoryV2LinkedServiceEncryptedCredential** cmdlet from a remote machine in the same network. | No |
102
+
|**EnableRemoteAccess** "`<port>`" ["`<thumbprint>`"]| Enable remote access on the current node to set up a high-availability cluster. Or enable setting credentials directly against the self-hosted IR without going through Azure Data Factory. You do the latter by using the **New-AzDataFactoryV2LinkedServiceEncryptedCredential** cmdlet from a remote machine in the same network. | No |
103
103
|**EnableRemoteAccessInContainer** "`<port>`" ["`<thumbprint>`"]| Enable remote access to the current node when the node runs in a container. | No |
104
104
|**DisableRemoteAccess**| Disable remote access to the current node. Remote access is needed for multinode setup. The **New-AzDataFactoryV2LinkedServiceEncryptedCredential** PowerShell cmdlet still works even when remote access is disabled. This behavior is true as long as the cmdlet is executed on the same machine as the self-hosted IR node. | No |
105
105
|**Key** "`<AuthenticationKey>`" | Overwrite or update the previous authentication key. Be careful with this action. Your previous self-hosted IR node can go offline if the key is of a new integration runtime. | No |
@@ -218,7 +218,7 @@ When processor usage is high and available memory is low on the self-hosted IR,
218
218
219
219
#### Scale up
220
220
221
-
When the processor and available RAM aren't well utilized, but the execution of concurrent jobs reaches the processor and RAM limits, scale up by increasing the number of concurrent jobs that a node can run. You might also want to scale up when activities time out because the self-hosted IR is overloaded. As shown in the following image, you can increase the maximum capacity for a node:
221
+
When the processor and available RAM aren't well utilized, but the execution of concurrent jobs reaches a node's limits, scale up by increasing the number of concurrent jobs that a node can run. You might also want to scale up when activities time out because the self-hosted IR is overloaded. As shown in the following image, you can increase the maximum capacity for a node:
222
222
223
223
224
224
@@ -228,7 +228,7 @@ Here are the requirements for the TLS/SSL certificate that you use to secure com
228
228
229
229
- The certificate must be a publicly trusted X509 v3 certificate. We recommend that you use certificates that are issued by a public partner certification authority (CA).
230
230
- Each integration runtime node must trust this certificate.
231
-
- We don't recommend Subject Alternative Name (SAN) certificates because only the last SAN item is used. All others are SAN items ignored because of current limitations. For example, if you have a SAN certificate whose SANs are **node1.domain.contoso.com** and **node2.domain.contoso.com**, you can use this certificate only on a machine whose fully qualified domain name (FQDN) is **node2.domain.contoso.com**.
231
+
- We don't recommend Subject Alternative Name (SAN) certificates because only the last SAN item is used. All others SAN items are ignored. For example, if you have a SAN certificate whose SANs are **node1.domain.contoso.com** and **node2.domain.contoso.com**, you can use this certificate only on a machine whose fully qualified domain name (FQDN) is **node2.domain.contoso.com**.
232
232
- The certificate can use any key size supported by Windows Server 2012 R2 for SSL certificates.
233
233
- Certificates that use CNG keys aren't supported.
Copy file name to clipboardExpand all lines: includes/domain-and-outbound-port-requirements.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -14,5 +14,5 @@ ms.author: abnarain
14
14
|`*.frontend.clouddatahub.net`| 443 | Required by the self-hosted integration runtime to connect to the Data Factory service. |
15
15
|`download.microsoft.com`| 443 | Required by the self-hosted integration runtime for downloading the updates. If you have disabled auto-update, you can skip configuring this domain. |
16
16
|`*.core.windows.net`| 443 | Used by the self-hosted integration runtime to connect to the Azure storage account when you use the [staged copy](https://docs.microsoft.com/azure/data-factory/copy-activity-performance#staged-copy) feature. |
17
-
|`*.database.windows.net`| 1433 | Required only when you copy from or to Azure SQL Database or Azure SQL Data Warehouse. Otherwise, use of this domain is optional. Use the staged-copy feature to copy data to SQL Database or SQL Data Warehouse without opening port 1433. |
18
-
|`*.azuredatalakestore.net`<br>`login.microsoftonline.com/<tenant>/oauth2/token`| 443 | Required only when you copy from or to Azure Data Lake Store. Otherwise, use of these domains is optional. |
17
+
|`*.database.windows.net`| 1433 | Required only when you copy from or to Azure SQL Database or Azure SQL Data Warehouse and optional otherwise. Use the staged-copy feature to copy data to SQL Database or SQL Data Warehouse without opening port 1433. |
18
+
|`*.azuredatalakestore.net`<br>`login.microsoftonline.com/<tenant>/oauth2/token`| 443 | Required only when you copy from or to Azure Data Lake Store and optional otherwise. |
0 commit comments