Firewall recommendations for Performance Monitoring tool
The IBM Spectrum Scale™ system uses the following ports for the Performance Monitoring tool to work.
Port Number | Protocol | Service Name | Components that are involved in communication |
---|---|---|---|
4739 | TCP and UDP | Performance Monitoring tool | Intra-cluster. This port needs to be accessible by all sensor nodes that are sending performance monitoring data. |
8123 | TCP | Object Metric collection | Intra-cluster |
8124 | TCP | Object Metric collection | Intra-cluster |
8125 | UDP | Object Metric collection | Intra-cluster |
8126 | TCP | Object Metric collection | Intra-cluster |
8127 | TCP | Object Metric collection | Intra-cluster |
9084 | TCP | Performance Monitoring Tool | Starting from IBM Spectrum Scale version 5.0.0, this port is limited to the loopback network interface by default. If the performance data should be available to other nodes, bind the query interface to 0.0.0.0, and limit access of this port to those nodes that should be able to access the collector's query interface. |
9085 | TCP | Performance Monitoring Tool | Intra-cluster. This port needs to be open to all nodes where the performance collector is running. This port is used for internal communication between the collectors. |
9094 | TCP | Performance Monitoring Tool | In IBM Spectrum Scale version 5.0.0 and later, this port is limited to the loopback network interface by default. If the performance data should be available to other nodes, bind the query interface to 0.0.0.0, and limit access of this port to those nodes that should be able to access the collector's query interface. |
Important:
- The 4739 port needs to be open when a collector is installed.
- The 9085 port needs to be open when there are two or more collectors.
- If the 9084 port is closed, accessing the collector to debug or to connect external tools or, even another instance of the GUI, remotely is not possible, except from the node where the GUI and the collector are installed.