Zenoss Core - Remote Collector Firewall Requirements
If you're interested in running a distributed (aka remote) collector in your Zenoss Core installation, there are firewall requirements which will need to be opened for everything to function properly. This document is intended to capture those requirements making it easier for you to know what needs to be configured/opened.
The entity on the left is the one initiating the connection, while the entities across the top are what are being connected to.
|ZenHub/Master/UI||None||N/A|| HTTP:8091* |
SSH:22 (With Trusted keys)
|Remote Collector||None|| ZeoDB:8100
- I found that using the distrubuted collectors ZenPack, the render URL is created to the remote collector on port 8091. What's more, clients actually make calls (when clicking on device graphs) to the render URL. IMHO this is a bug, but none the less, the client makes the calls. That requirement can be avoided by using HTTP-8090 to the ZenHub and let it proxy those requests over the persistence ZenHub connection that the collector will open to the ZenHub at startup