Hey! These docs are for version 6.3, which is no longer officially supported. Click here for the latest version, 6.7!


## Overview

Since Opsview Monitor is based on microservices there are a lot of network ports in use across all the different components to pass the required data around. These will need to be configured in any network or host firewalls.

The below configuration examples assume an installation based upon `opsview_deploy-02-small.yml` has been set up as per the [Advanced Automated Installation](πŸ”—ο»Ώ) guide.

### Collectors to the Orchestrator

These ports need to be opened from the Collector to the Orchestrator:

PortComponent
15985datastore-access
35673messagequeue-access
45673messagequeue-management-access
12378registry-access

### Collector Clusters

All collectors within the same cluster need to be able to communicate over a variety of ports. For this reason, all nodes within the cluster need to be on the same logical network with no firewalls between them (due to messages that are broadcast between them).

### Remote Databases

These ports need to be opened from the Orchestrator to the remote database instance:

PortComponent
13307database-access

These ports need to be opened from the remote database instance to the Orchestrator:

PortComponent
15985datastore-access
35673messagequeue-access
45673messagequeue-management-access
12378registry-access

### Remote Timeseries Server

These ports need to be opened from the Orchestrator to the Timeseries server (assuming all Timeseries components are on the same server):

PortComponent
11601timeseries-access

These ports need to be opened from the Timeseries server to the Orchestrator:

PortComponent
15985datastore-access
35673messagequeue-access
45673messagequeue-management-access
12378registry-access

## List of All Ports

In the table below we list the TCP and UDP ports that are used by Opsview Monitor in the default setup:

### Database

Listening PortProtocolLoopback OnlyComponentLocationDescriptionConnection From
13306TCPβœ“opsview-loadbalancerOrchestrator serverLoad balances traffic for intra-host communicationLoadbalancer on local server
13307TCPβœ—opsview-loadbalancerDatabase serversInter-host communication with TLS encryption optionalPrimary and collector servers, routed to 3306 on local server
3306TCPβœ“mysqldDatabase serversActual database port. Should not be used directly, but via Opsview LoadbalancerLoadbalancer on local server

### Datastore

Listening PortProtocolLoopback OnlyComponentLocationDescriptionConnection From
15984TCPβœ“opsview-loadbalancerPrimary serverLoad balances traffic for intra-host communicationCollector Servers
15986TCPβœ“opsview-loadbalancerCollector serversLoad balances traffic for intra-host communicationCollector servers within the same cluster
15985TCPβœ—opsview-loadbalancerDatastore serversInter-host communication with TLS encryption optionalCollector servers within the same cluster
5984TCPβœ—opsview-datastoreDatastore serversActual datastore port. Should not be used directly, but via Opsview LoadbalancerLoadbalancer on local server
25984TCPβœ—opsview-datastoreDatastore serversDatastore dist bind port. See http://docs.couchdb.org/en/stable/cluster/setup.html#firewallOther Datastore servers when HA is set up

### Loadbalancer

Listening PortProtocolLoopback OnlyComponentLocationDescriptionConnection From
9000TCPβœ“opsview-loadbalancerPrimary and collector serversLoadbalancer port. Should not be used directly. Required by Opsview - Components - Loadbalancer OpspackOpsview Collector on localhost

### Messagequeue

Listening PortProtocolLoopback OnlyComponentLocationDescriptionConnection From
35672TCPβœ“opsview-loadbalancerPrimary serverLoad balances traffic for intra-host communicationCollector servers
35675TCPβœ“opsview-loadbalancerCollector serversLoad balances traffic for intra-host communicationCollector servers within the same cluster
35673TCPβœ—opsview-loadbalancerMessagequeue serversInter-host communication with TLS encryption optionalLoadbalancer on any server
5672TCPβœ—opsview-messagequeueMessagequeue serversActual messagequeue port. Should not be used directly, but via Opsview LoadbalancerLoadbalancer on same server
45672TCPβœ“opsview-loadbalancerPrimary serverLoad balances traffic for intra-host communication (Messagequeue management)Collector servers
45675TCPβœ“opsview-loadbalancerCollector serversLoad balances traffic for intra-host communication (Messagequeue management)Collector servers within the same cluster
45673TCPβœ—opsview-loadbalancerMessagequeue serversInter-host communication with TLS encryption optional (Messagequeue management)Loadbalancer on any server
15672TCPβœ—opsview-messagequeueMessagequeue serversActual messagequeue management port. Should not be used directly, but via Opsview LoadbalancerLoadbalancer on same server
25672TCPβœ—opsview-messagequeueMessagequeue serversMessagequeue dist bind port. See https://www.rabbitmq.com/networking.html#portsOther Messagequeue servers when HA is set up

### Registry

Listening PortProtocolLoopback OnlyComponentLocationDescriptionConnection From
12379TCPβœ“opsview-loadbalancerPrimary and collector serversLoad balances traffic for intra-host communicationAll Opsview servers, routed to 12378 on Registry servers
12378TCPβœ—opsview-loadbalancerRegistry serversInter-host communication with TLS encryption optionalLoadbalancer on any Opsview any server, routed to 12379 on localhost
2379TCPβœ—opsview-registryRegistry serversActual registry port. Should not be used directly, but via Opsview LoadbalancerLoadbalancer on local server
2380TCPβœ—opsview-registryRegistry serversUsed for HA registry clusteringOther Registry servers

### Cache Manager

Listening PortProtocolLoopback OnlyComponentLocationDescriptionConnection From
8183TCPβœ—opsview-cachemanagerPrimary and collector serversUsed to cache session and other disposable data with a short shelf lifeAll Opsview servers, routed to 12378 on Registry servers

### Timeseries

Listening PortProtocolLoopback OnlyComponentLocationDescriptionConnection From
11600TCPβœ“opsview-loadbalancerPrimary and collector serversLoad balances traffic for intra-host communicationPrimary Server, routed to 11601 on Timeseries servers
11601TCPβœ—opsview-loadbalancerTimeseries serversInter-host communication with TLS encryption optionalLoadbalancer on Primary Server, routed to 1600 on local server
1600TCPβœ—opsview-timeseriesTimeseries serversActual timeseries port. Should not be used directly, but via Opsview LoadbalancerLoadbalancer on local server
1620TCPβœ—opsview-timeseries-enqueuerTimeseries serversTimeseries enqueuer portopsview-timeseries component
1640..43TCPβœ—opsview-timeseries-rrd opsview-timeseries-influxdbTimeseries serversTimeseries write portsopsview-timeseries-enqueuer component
1660TCPβœ—opsview-timeseries-rrd opsview-timeseries-influxdbTimeseries serversTimeseries query portsopsview-timeseries-enqueuer component

### Web UI

Listening PortProtocolLoopback OnlyComponentLocationDescriptionConnection From
80TCPβœ—NGINXPrimary serverHTTP port for the web UIUser Web Browser
443TCPβœ—NGINXPrimary serverHTTPS port for the web UIUser Web Browser
3000TCPβœ“opsview-web-appPrimary serverMay be configured to listen on specific interfaces by changing the $bind_address in opsview.confNGINX proxy on localhost

### Other

Listening PortProtocolLoopback OnlyComponentLocationDescriptionConnection From
5666TCPβœ—opsview-agentAll serversOpsview Collectors should be able to access it for monitoringOpsview Collectors
8181TCPβœ“opsview-orchestratorPrimary serverOrchestrator port. Should not be used directly, but via Opsview Web UIopsview-web-app component
4369Β TCPβœ“opsview-datastore opsview-messagequeueDatastore and Messagequeue serversErlang port used for peer service discovery. See Opsview Message Queue HA and Opsview Datastore HA- opsview-loadbalancer - opsview-datastore and opsview-messagequeue when HA is set up.
6343 2055 9066TCP UDP UDPβœ—opsview-flow-collectorCollector serversYou may need to check your sFlow/NetFlow source device configuration for which ports to openAny device submitting "*flow" data