Overview
This document describes ports to be used by components of FineReport projects deployed via FineOps and server ports to be opened.
Note:Port Occupancy
An O&M project includes many components, and some of them require port mapping to the server, occupying server ports for operation.
Before deployment, ensure the port to be mapped automatically (default port) is not in use. If it is already in use, use a free port.
Standalone
Note:1. Ensure the configuration of ports on the main application server meets requirements if you have not prepared a component server.
2. Ensure the port number of the ops_agent component on all servers is the same if you have prepared multiple servers.
| Server | Component | Default Port | Description |
|---|---|---|---|
| Main application server | fr | 8080 | Project-occupied port |
| 12100 | Port for the crash handling tool | ||
| ops_agent | 9070 | Component-occupied port | |
| filebeat | / | No ports occupied | |
| Component server | nginx | 80 | Component-occupied port Note: |
| mysql | 3306 | Component-occupied port | |
| elasticsearch | 9200 | Component-occupied port | |
| ops_agent | 9070 | Component-occupied port |
Note:| Type | Reason |
|---|---|
| Ports not available to non-root users | If using a non-root user for installation, do not use ports below 1024. In a Linux environment, non-root users can only use ports 1024 and above. |
| Ports deemed insecure by Google Chrome | Google Chrome identifies the following ports as insecure ports with potential security threats. Do not use the following ports, as doing so will prevent Google Chrome from accessing FineOps. 1, 7, 9, 11, 13, 15, 17, 19, 20, 21, 22, 23, 25, 37, 42, 43, 53, 69, 77, 79, 87, 95, 101, 102, 103, 104, 109, 110, 111, 113, 115, 117, 119, 123, 135, 137, 139, 143, 161, 179, 389, 465, 512, 513, 514, 515, 526, 530, 531, 532, 540, 548, 554, 556, 563, 587, 601, 636, 989, 990, 993, 995, 1719, 1720, 1723, 2049, 3659, 4045, 5061, 6000, 6566, 6665, 6666, 6667, 6668, 6669, 6697, and 10080 Note: |
Cluster
Note:1. Each main application server is deployed with relevant components. You must check the port configuration of each main application server and ensure port consistency.
2. If you have prepared multiple component servers, ensure the port configuration of all component servers is consistent and meets the requirements since the components are randomly assigned during installation.
2. Ensure the port number of the ops_agent component on all servers is the same.
| Server | Component | Default Port | Description |
|---|---|---|---|
| Main application server | fr | 8080 | Project-occupied port |
| 12100 | Port for the crash handling tool | ||
7800 7830 7840 7850 7870 | Port for TCP communication in the cluster | ||
| ops_agent | 9070 | Component-occupied port | |
| filebeat | / | No ports occupied | |
| Component server | nginx | 80 | Component-occupied port Note: |
| redis | 6379 | Component-occupied port | |
| mysql | 3306 | Component-occupied port | |
| minio | 9000 9006 | Port occupied by the client and the server | |
| elasticsearch | 9200 | Component-occupied port | |
| ops_agent | 9070 | Component-occupied port |
Note:When opting for custom ports instead of the default ones listed in the table above, steer clear of the following ports.
| Type | Reason |
|---|---|
| Ports not available to non-root users | If using a non-root user for installation, do not use ports below 1024. In a Linux environment, non-root users can only use ports 1024 and above. |
| Ports deemed insecure by Google Chrome | Google Chrome identifies the following ports as insecure ports with potential security threats. Do not use the following ports, as doing so will prevent Google Chrome from accessing FineOps. 1, 7, 9, 11, 13, 15, 17, 19, 20, 21, 22, 23, 25, 37, 42, 43, 53, 69, 77, 79, 87, 95, 101, 102, 103, 104, 109, 110, 111, 113, 115, 117, 119, 123, 135, 137, 139, 143, 161, 179, 389, 465, 512, 513, 514, 515, 526, 530, 531, 532, 540, 548, 554, 556, 563, 587, 601, 636, 989, 990, 993, 995, 1719, 1720, 1723, 2049, 3659, 4045, 5061, 6000, 6566, 6665, 6666, 6667, 6668, 6669, 6697, and 10080 Note: |
Networking
To ensure normal access to O&M projects and smooth deployment and monitoring of O&M projects via FineOps, certain server ports must be opened for use.
Extranet and FineOps
| Description | Extranet | Relation | FineOps |
|---|---|---|---|
| For the admin to access FineOps | O&M personnel (unlimited IP address) | Access -> | FineOps nginx
|
| For reading or writing data | Business database | <- Access -> | FineOps nginx
|
| For FineOps to pull images from the cloud repository | <- Access | registry: 5000 |
O&M Project
Ensure the ports mentioned in the "Port Occupancy" section are interconnected.
FineOps and O&M Project
| Description | FineOps | Relation | O&M Project |
|---|---|---|---|
| Basic O&M | FineOps nginx
| <- Access | Each application node of the project: 8080 |
| Transmitting the server and component indicator information of the project to FineOps | FineOps nginx
| <- Access | The ops-agent component on every server of this project (on project nodes and cluster component nodes): 9070 |
Tracing | FineOps skywalking_oap: 11800 and 12800 | <- Access | Each application node of the project: 8080 |
| Tracing | FineOps skywalking_oap: 11800 and 12800 | <- Access | FineOps nginx
|
| Pulling components from the image repository of FineOps for project deployment | registry: 5000 | <- Access | The project node and the cluster component node on every server |