Before you deploy nodes and build up clusters, it is important to get familiar with all the networking requirements that vRealize Operations has. These requirements must be met to ensure not only successful deployment, but also successful operational continuity of the nodes and full VMware support in case of issues.
Most of the requirements are pretty standard industry requirements for any piece of software, such as having IP and FQDN forward and reverse DNS lookup resolution for all nodes. Others are more specific to the product, such as using one IP subnet and layer 2 network, or having 5 ms or less latency between all analytic cluster nodes.
It is worth mentioning that, although introduced a while ago, Internet Protocol version 6 (IPv6) is still not widely used in the public space. If you are one of those enthusiasts that have implemented IPv6 in your environment and are using it, vRealize Operations supports the protocol. Although the product supports IPv6 implementation, with certain limitations, my recommendation to you is to stick to IPv4 until a necessity comes that requires you to move to IPv6.
vRealize Operations uses several network ports to communicate with VMware vCenter ServerĀ®, VMware Horizon View, and vRealize Operations components between node instances. You must ensure the following ports are opened across firewalls, between the corresponding servers, or vRealize Operations components:
Source server |
Destination server |
Port |
Protocol |
Description |
End user workstation |
All cluster nodes |
22 |
TCP |
Enables SSH access to the vRealize Operations vApp |
End user web browser |
All cluster nodes |
80 |
TCP |
Redirects to port 443 |
End user web browser |
All cluster nodes |
443 |
TCP |
Used to access the vRealize Operations admin portal and the vRealize Operations product user interface |
End user web browser |
Remote collector |
443 |
TCP |
Remote collector admin user interface |
vCenter Server |
All cluster nodes |
443, 22 |
TCP |
Used for the collection of metric data |
Remote collector |
All cluster nodes |
443 |
TCP |
Cluster nodes CASA |
Remote collector |
All cluster nodes |
6061, 10000-10010, 20000-20010 |
TCP |
GemFire locator and data |
Remote collector |
vCenter Servers |
443, 10443, 8443, 9443 |
TCP |
Data collection and access to vCenter inventory service |
Remote collector |
DNS servers |
53 |
TCP/UDP |
Name resolution |
Remote collector |
NTP servers |
123 |
UDP |
Time synchronization |
All cluster nodes |
Remote collector |
443 |
TCP |
Remote collector CASA and admin user interface |
All cluster nodes |
SMTP |
25 |
TCP |
Alert notifications |
All cluster nodes |
LDAP |
389 |
TCP |
Lightweight Directory Access Protocol (LDAP) |
All cluster nodes |
All cluster nodes |
25, 161, 5432, 10000-10010 |
TCP |
All cluster nodes should be on the same LAN with no firewall or NAT between them |
Master |
Master replica |
5432, 5433, 7001, 9042 |
TCP |
Replication of vital cluster information |
All cluster nodes and remote collectors |
LDAP servers |
389,686,3368,3369 |
TCP |
Required for LDAP authentication |
Endpoint operations manager agent |
All cluster nodes and remote collectors |
443 |
TCP |
Collection of endpoint operations data from agents |
All nodes containing the central DB |
All nodes containing the central DB |
1235 |
TCP |
Used by all nodes to transmit resource data and key-value data for the Central database instance |
All nodes collecting data from Horizon View |
View connections servers |
3091-3095, 3099-3101 |
TCP |
Used to access data from VMware Horizon View |
For a full list of vRealize Operations, 6.6 networking requirements and limitations, make sure to check the VMware official product documentation.
It is also very important to be aware of the following latency requirements:
- Network latency between Analytics nodes should be <5 ms
- Network latency between remote collectors and Analytics nodes should be <200 ms
- Network bandwidth should be >= 1 GBps between analytics nodes
- Storage latency should be <10-15 ms per virtual disk of vRealize Operations nodes