Ports

Overview Copied

Since Opsview Monitor is based on microservices there are a lot of network ports in use across all the different components to pass the required data around. These will need to be configured in any network or host firewalls.

The below configuration examples assume an installation based upon opsview_deploy-02-small.yml has been set up as per the Advanced Automated Installation guide.

Collectors to the Orchestrator Copied

These ports need to be opened from the Collector to the Orchestrator (not required if using SSH tunnels):

Port Component
15985 datastore-access
35673 messagequeue-access
45673 messagequeue-management-access
12378 registry-access

Collector clusters Copied

All collectors within the same cluster need to be able to communicate over the following ports:

Port Component
4369 erlang-clustering-port
5666 infrastructure-agent
8183 cache-manager-access
15985 datastore-access
25672 messagequeue-internode-communication
25984 datastore-management-access
35673 messagequeue-access
45673 messagequeue-management-access

Collectors in different Clusters do not communicate.

Remote databases Copied

These ports need to be opened from the Orchestrator to the remote database instance:

Port Component
13307 database-access

These ports need to be opened from the remote database instance to the Orchestrator:

Port Component
15985 datastore-access
35673 messagequeue-access
45673 messagequeue-management-access
12378 registry-access

Remote Timeseries server Copied

These ports need to be opened from the Orchestrator to the Timeseries server (assuming all Timeseries components are on the same server):

Port Component
11601 timeseries-access

These ports need to be opened from the Timeseries server to the Orchestrator:

Port Component
15985 datastore-access
35673 messagequeue-access
45673 messagequeue-management-access
12378 registry-access

List of all ports Copied

In the table below we list the TCP and UDP ports that are used by Opsview Monitor in the default setup:

Database Copied

Listening Port Protocol Loopback Only Component Location Description Connection From
13306 TCP opsview-loadbalancer Orchestrator Load balances traffic for intra-host communication Loadbalancer on local server
13307 TCP opsview-loadbalancer Database servers Inter-host communication with TLS encryption optional Primary and collector servers, routed to 3306 on local server
3306 TCP mysqld Database servers Actual database port. Should not be used directly, but via Opsview Loadbalancer Loadbalancer on local server

Datastore Copied

Listening Port Protocol Loopback Only Component Location Description Connection From
15984 TCP opsview-loadbalancer Primary server Load balances traffic for intra-host communication Collector Servers
15986 TCP opsview-loadbalancer Collector servers Load balances traffic for intra-host communication Collector servers within the same cluster
15985 TCP opsview-loadbalancer Datastore servers Inter-host communication with TLS encryption optional Collector servers within the same cluster
5984 TCP opsview-datastore Datastore servers Actual datastore port. Should not be used directly, but via Opsview Loadbalancer Loadbalancer on local server
25984 TCP opsview-datastore Datastore servers Datastore dist bind port. See Apache CouchDB. Other Datastore servers when HA is set up

Loadbalancer Copied

Listening Port Protocol Loopback Only Component Location Description Connection From
9000 TCP opsview-loadbalancer Primary and collector servers Loadbalancer port. Should not be used directly. Required by Opsview - Components - Loadbalancer Opspack Opsview Collector on localhost

Messagequeue Copied

Listening Port Protocol Loopback Only Component Location Description Connection From
35672 TCP opsview-loadbalancer Primary server Load balances traffic for intra-host communication Collector servers
35675 TCP opsview-loadbalancer Collector servers Load balances traffic for intra-host communication Collector servers within the same cluster
35673 TCP opsview-loadbalancer Messagequeue servers Inter-host communication with TLS encryption optional Loadbalancer on any server
5672 TCP opsview-messagequeue Messagequeue servers Actual messagequeue port. Should not be used directly, but via Opsview Loadbalancer Loadbalancer on same server
45672 TCP opsview-loadbalancer Primary server Load balances traffic for intra-host communication (Messagequeue management) Collector servers
45675 TCP opsview-loadbalancer Collector servers Load balances traffic for intra-host communication (Messagequeue management) Collector servers within the same cluster
45673 TCP opsview-loadbalancer Messagequeue servers Inter-host communication with TLS encryption optional (Messagequeue management) Loadbalancer on any server
15672 TCP opsview-messagequeue Messagequeue servers Actual messagequeue management port. Should not be used directly, but via Opsview Loadbalancer Loadbalancer on same server
25672 TCP opsview-messagequeue Messagequeue servers Messagequeue dist bind port. See Networking and RabbitMQ Other Messagequeue servers when HA is set up

Registry Copied

Listening Port Protocol Loopback Only Component Location Description Connection From
12379 TCP opsview-loadbalancer Primary and collector servers Load balances traffic for intra-host communication All Opsview servers, routed to 12378 on Registry servers
12378 TCP opsview-loadbalancer Registry servers Inter-host communication with TLS encryption optional Loadbalancer on any Opsview any server, routed to 12379 on localhost
2379 TCP opsview-registry Registry servers Actual registry port. Should not be used directly, but via Opsview Loadbalancer Loadbalancer on local server
2380 TCP opsview-registry Registry servers Used for HA registry clustering Other Registry servers

Cache Manager Copied

Listening Port Protocol Loopback Only Component Location Description Connection From
8183 TCP opsview-cachemanager Primary and collector servers Used to cache session and other disposable data with a short shelf life All Opsview servers, routed to 12378 on Registry servers

Timeseries Copied

Listening Port Protocol Loopback Only Component Location Description Connection From
11600 TCP opsview-loadbalancer Primary and collector servers Load balances traffic for intra-host communication Primary Server, routed to 11601 on Timeseries servers
11601 TCP opsview-loadbalancer Timeseries servers Inter-host communication with TLS encryption optional Loadbalancer on Primary Server, routed to 1600 on local server
1600 TCP opsview-timeseries Timeseries servers Actual timeseries port. Should not be used directly, but via Opsview Loadbalancer Loadbalancer on local server
1620 TCP opsview-timeseries-enqueuer Timeseries servers Timeseries enqueuer port opsview-timeseries component
1640..43 TCP opsview-timeseries-rrd
opsview-timeseries-influxdb
Timeseries servers Timeseries write ports opsview-timeseries-enqueuer component
1660 TCP opsview-timeseries-rrd
opsview-timeseries-influxdb
Timeseries servers Timeseries query ports opsview-timeseries-enqueuer component

Web UI Copied

Listening Port Protocol Loopback Only Component Location Description Connection From
80 TCP NGINX Primary server HTTP port for the web UI User Web Browser
443 TCP NGINX Primary server HTTPS port for the web UI User Web Browser
3000 TCP opsview-web-app Primary server May be configured to listen on specific interfaces by changing the $bind_address in opsview.conf NGINX proxy on localhost

Other Copied

Listening Port Protocol Loopback Only Component Location Description Connection From
5666 TCP infrastructure-agent All servers Opsview Collectors should be able to access it for scanning and monitoring Opsview Collectors
8181 TCP opsview-orchestrator Primary server Orchestrator port. Should not be used directly, but via Opsview Web UI opsview-web-app component
4369 TCP opsview-datastore
opsview-messagequeue
Datastore and Messagequeue servers Erlang port used for peer service discovery. See Opsview Message Queue HA and Opsview Datastore HA opsview-loadbalancer
opsview-datastore
opsview-messagequeue when HA is set up
6343
2055
9066
TCP
UDP
UDP
opsview-flow-collector Collector servers You may need to check your sFlow/NetFlow source device configuration for which ports to open Any device submitting *flow data
["Opsview On-premises"] ["User Guide", "Technical Reference", "Compatibility Matrix"]

Was this topic helpful?