If you have configured a firewall for a host or a security group for an Elastic Compute Service (ECS) instance, you must add the IP addresses and port numbers of Cloud Monitor servers to the whitelist of the firewall. This way, the Cloud Monitor agent installed on your host can communicate with the Cloud Monitor servers.
Procedure
You can only manage the Cloud Monitor agent by using an administrator account (the root user for Linux or the Administrator user for Windows). However, using an administrator account may introduce certain risks, such as system stability or data security issues. Proceed with caution.
Obtain the IP addresses and ports that are used by Cloud Monitor servers to receive heartbeat data and monitoring data. Log on to the host where the Cloud Monitor agent resides as a root user, and add the IP addresses and port numbers of Cloud Monitor servers to the outbound whitelist of the firewall.
IP address | Method to obtain IP addresses | Port number | Description |
IP addresses used to receive heartbeat data | Run the | 8080 and 3128 | You can use one of the methods to obtain the IP addresses. |
Run the | |||
IP addresses used to receive monitoring data | If data is reported over a virtual private cloud (VPC), run the following command to obtain the IP addresses for data reporting: Note You must add CIDR block 100.100.0.0/16 and port numbers 0 to 65535 to the whitelist of the firewall. The specified IP addresses are used to obtain instance-related information such as regionId. | 80 and 443 | <regionid>: the region ID of an Alibaba Cloud host. Run the following command on your host to obtain the region ID of the host: |
If data is reported over the Internet, run the following command to obtain the IP addresses for data reporting: Note If data is reported over the Internet, you can set the |
If your host is not provided by Alibaba Cloud, you can use port 443 to report data over the Internet and monitor the heartbeats of the Cloud Monitor agent.