Zenoss Core - Remote Collector Firewall Requirements
From Zenoss Wiki
This is the approved revision of this page, as well as being the most recent.
If you're interested in running a distributed (aka remote) collector in your Zenoss Core installation, there are firewall requirements which will need to be opened for everything to function properly. This document is intended to capture those requirements making it easier for you to know what needs to be configured/opened.
The entity on the left is the one initiating the connection, while the entities across the top are what are being connected to.
Users | ZenHub/Master/UI | Remote Collector | |
---|---|---|---|
Users | N/A | HTTP:8080 HTTP:8090 |
HTTP:8091* |
ZenHub/Master/UI | None | N/A | HTTP:8091* SSH:22 (With Trusted keys) |
Remote Collector | None | ZeoDB:8100 MySQL:3306 ZenHub:8789 |
N/A |
- I found that using the distrubuted collectors ZenPack, the render URL is created to the remote collector on port 8091. What's more, clients actually make calls (when clicking on device graphs) to the render URL. IMHO this is a bug, but none the less, the client makes the calls. That requirement can be avoided by using HTTP-8090 to the ZenHub and let it proxy those requests over the persistence ZenHub connection that the collector will open to the ZenHub at startup