I have a fleet of servers w netdata agent, reporting to a netdata collector/master
all agents have the python and go plugins enabled
[plugins]
python.d = yes
go.d = yes
we have proprietary trading applications running on some of these rack servers, and I had ND running on them for at least a year, w no issues. but recently one of our app ports came up on port 27017 and i noticed netdata agent started trying to connect to it and query it for MongoDB data
it caused an issue due to heavy TCP load,
wondering if theres a way to prohibit ND from scanning and querying certain ports, like a range.
yea i realized its a reserved port, dont think theres a way to tell netdata to not scan port range 27000-28000 for example
i generated plugin conf files for go.d and python.d and disabled all modules that i dont need, ie
vi /etc/netdata/go.d.conf
# Enable/disable specific g.d.plugin module
# If you want to change any value, you need to uncomment out it first.
# IMPORTANT: Do not remove all spaces, just remove # symbol. There should be a space before module name.
modules:
activemq: no
apache: no
bind: yes
chrony: no
cockroachdb: no
consul: no
coredns: no
couchbase: no
couchdb: no
dnsdist: no
dnsmasq: no
dnsmasq_dhcp: no
dns_query: no
docker: no
docker_engine: no
dockerhub: no
etc
mongodb: no
brought up a dummy 27017 port to simulate my custom app proc (same as mongodb port)
restarted netdata agent,
Im still seeing the mongodb module querying my dummy 27017 port
ND quried my 27017 port ever 5 sec, causing our trading application to issue out tons of uncesseary requests and delay legitimate client TCP connections.
i turned off the ND agent and the TCP load went away right away. Just want to make sure that ND runs strictly on whitelisted ports and not surprise me by quering some service we dont even have if we spin up a business process on same port.
The next update will replace this file. Stable versions are unaffected (the bug will be fixed in the next stable release), but nightly builds will require you to manually copy the file to /etc/netdata/go.d/sd/ to preserve it.
I think the point is to create a data collection job for application X even if it doesn’t listen on the default port (it is always a configuration option and nothing stops you from starting multiple instances of an application).
Using an IANA-registered port for your custom app is a problem here (why would you do that? There are so many ports available), not discovery config.