Ports

Description of ports used for Opsview Monitor

Overview

Since Opsview Monitor is based on microservices there are a lot of network ports in use across all the different components to pass the required data around. These will need to be configured in any network or host firewalls.

The below configuration examples assume an installation based upon opsview_deploy-02-small.yml has been set up as per the Advanced Automated Installation guide.

Collectors to the Orchestrator

These ports need to be opened from the Collector to the Orchestrator:

PortComponent
15985datastore-access
35673messagequeue-access
45673messagequeue-management-access
12378registry-access

Collector Clusters

All collectors within the same cluster need to be able to communicate over the following ports:

PortComponent
8183cache-manager-access
15985datastore-access
25672messagequeue-internode-communication
25984datastore-management-access
35673messagequeue-access
45673messagequeue-management-access
4369erlang-clustering-port

Collectors in different Clusters do not communicate.

Remote Databases

These ports need to be opened from the Orchestrator to the remote database instance:

PortComponent
13307database-access

These ports need to be opened from the remote database instance to the Orchestrator:

PortComponent
15985datastore-access
35673messagequeue-access
45673messagequeue-management-access
12378registry-access

Remote Timeseries Server

These ports need to be opened from the Orchestrator to the Timeseries server (assuming all Timeseries components are on the same server):

PortComponent
11601timeseries-access

These ports need to be opened from the Timeseries server to the Orchestrator:

PortComponent
15985datastore-access
35673messagequeue-access
45673messagequeue-management-access
12378registry-access

List of All Ports

In the table below we list the TCP and UDP ports that are used by Opsview Monitor in the default setup:

Database

Listening Port

Protocol

Loopback Only

Component

Location

Description

Connection From

13306

TCP

opsview-loadbalancer

Orchestrator

Load balances traffic for intra-host communication

Loadbalancer on local server

13307

TCP

opsview-loadbalancer

Database servers

Inter-host communication with TLS encryption optional

Primary and collector servers, routed to 3306 on local server

3306

TCP

mysqld

Database servers

Actual database port. Should not be used directly, but via Opsview Loadbalancer

Loadbalancer on local server

Datastore

Listening Port

Protocol

Loopback Only

Component

Location

Description

Connection From

15984

TCP

opsview-loadbalancer

Primary server

Load balances traffic for intra-host communication

Collector Servers

15986

TCP

opsview-loadbalancer

Collector servers

Load balances traffic for intra-host communication

Collector servers within the same cluster

15985

TCP

opsview-loadbalancer

Datastore servers

Inter-host communication with TLS encryption optional

Collector servers within the same cluster

5984

TCP

opsview-datastore

Datastore servers

Actual datastore port. Should not be used directly, but via Opsview Loadbalancer

Loadbalancer on local server

25984

TCP

opsview-datastore

Datastore servers

Datastore dist bind port. See http://docs.couchdb.org/en/stable/cluster/setup.html#firewall

Other Datastore servers when HA is set up

Loadbalancer

Listening Port

Protocol

Loopback Only

Component

Location

Description

Connection From

9000

TCP

opsview-loadbalancer

Primary and collector servers

Loadbalancer port. Should not be used directly. Required by Opsview - Components - Loadbalancer Opspack

Opsview Collector on localhost

Messagequeue

Listening Port

Protocol

Loopback Only

Component

Location

Description

Connection From

35672

TCP

opsview-loadbalancer

Primary server

Load balances traffic for intra-host communication

Collector servers

35675

TCP

opsview-loadbalancer

Collector servers

Load balances traffic for intra-host communication

Collector servers within the same cluster

35673

TCP

opsview-loadbalancer

Messagequeue servers

Inter-host communication with TLS encryption optional

Loadbalancer on any server

5672

TCP

opsview-messagequeue

Messagequeue servers

Actual messagequeue port. Should not be used directly, but via Opsview Loadbalancer

Loadbalancer on same server

45672

TCP

opsview-loadbalancer

Primary server

Load balances traffic for intra-host communication (Messagequeue management)

Collector servers

45675

TCP

opsview-loadbalancer

Collector servers

Load balances traffic for intra-host communication (Messagequeue management)

Collector servers within the same cluster

45673

TCP

opsview-loadbalancer

Messagequeue servers

Inter-host communication with TLS encryption optional (Messagequeue management)

Loadbalancer on any server

15672

TCP

opsview-messagequeue

Messagequeue servers

Actual messagequeue management port. Should not be used directly, but via Opsview Loadbalancer

Loadbalancer on same server

25672

TCP

opsview-messagequeue

Messagequeue servers

Messagequeue dist bind port. See https://www.rabbitmq.com/networking.html#ports

Other Messagequeue servers when HA is set up

Registry

Listening Port

Protocol

Loopback Only

Component

Location

Description

Connection From

12379

TCP

opsview-loadbalancer

Primary and collector servers

Load balances traffic for intra-host communication

All Opsview servers, routed to 12378 on Registry servers

12378

TCP

opsview-loadbalancer

Registry servers

Inter-host communication with TLS encryption optional

Loadbalancer on any Opsview any server, routed to 12379 on localhost

2379

TCP

opsview-registry

Registry servers

Actual registry port. Should not be used directly, but via Opsview Loadbalancer

Loadbalancer on local server

2380

TCP

opsview-registry

Registry servers

Used for HA registry clustering

Other Registry servers

Cache Manager

Listening Port

Protocol

Loopback Only

Component

Location

Description

Connection From

8183

TCP

opsview-cachemanager

Primary and collector servers

Used to cache session and other disposable data with a short shelf life

All Opsview servers, routed to 12378 on Registry servers

Timeseries

Listening Port

Protocol

Loopback Only

Component

Location

Description

Connection From

11600

TCP

opsview-loadbalancer

Primary and collector servers

Load balances traffic for intra-host communication

Primary Server, routed to 11601 on Timeseries servers

11601

TCP

opsview-loadbalancer

Timeseries servers

Inter-host communication with TLS encryption optional

Loadbalancer on Primary Server, routed to 1600 on local server

1600

TCP

opsview-timeseries

Timeseries servers

Actual timeseries port. Should not be used directly, but via Opsview Loadbalancer

Loadbalancer on local server

1620

TCP

opsview-timeseries-enqueuer

Timeseries servers

Timeseries enqueuer port

opsview-timeseries component

1640..43

TCP

opsview-timeseries-rrd
opsview-timeseries-influxdb

Timeseries servers

Timeseries write ports

opsview-timeseries-enqueuer component

1660

TCP

opsview-timeseries-rrd
opsview-timeseries-influxdb

Timeseries servers

Timeseries query ports

opsview-timeseries-enqueuer component

Web UI

Listening Port

Protocol

Loopback Only

Component

Location

Description

Connection From

80

TCP

NGINX

Primary server

HTTP port for the web UI

User Web Browser

443

TCP

NGINX

Primary server

HTTPS port for the web UI

User Web Browser

3000

TCP

opsview-web-app

Primary server

May be configured to listen on specific interfaces by changing the $bind_address in opsview.conf

NGINX proxy on localhost

Other

Listening Port

Protocol

Loopback Only

Component

Location

Description

Connection From

5666

TCP

opsview-agent

All servers

Opsview Collectors should be able to access it for monitoring

Opsview Collectors

8181

TCP

opsview-orchestrator

Primary server

Orchestrator port. Should not be used directly, but via Opsview Web UI

opsview-web-app component

4369 

TCP

opsview-datastore
opsview-messagequeue

Datastore and Messagequeue servers

Erlang port used for peer service discovery. See Opsview Message Queue HA and Opsview Datastore HA

  • opsview-loadbalancer
  • opsview-datastore and opsview-messagequeue when HA is set up.

6343
2055
9066

TCP
UDP
UDP

opsview-flow-collector

Collector servers

You may need to check your sFlow/NetFlow source device configuration for which ports to open

Any device submitting "*flow" data