五、nagios服务器的安装和配置

1.创建nagios帐号和组

useradd -m nagios

passwd nagios

输入nagios的密码(这里我设的密码为nagios)

 

groupadd nagcmd

usermod -a -G nagcmd nagios

usermod -a -G nagcmd daemon

# daemon为运行apache的帐号。

2.安装nagios

cd /tmp

tar xzf nagios-3.0.5.tar.gz

cd nagios-3.0.5

./configure –with-command-group=nagcmd –with-gd-lib=/usr/local/libgd/lib/ –with-gd-inc=/usr/local/libgd/include/

make all

# 使用make install来安装主程序,CGI和HTML文件

make install

# 使用make install-init在/etc/rc.d/init.d安装启动脚本

make install-init

# 使用make install-cofig来安装示例配置文件,安装的路径是/usr/local/nagios/etc.

make install-config

# 使用make install-commandmode来配置目录权限

make install-commandmode

 

注:nagios目录功能的简要说明:

 

bin Nagios执行程序所在目录,nagios文件即为主程序 

etc Nagios配置文件位置 

sbin Nagios Cgi文件所在目录,也就是执行外部命令所需文件所在的目录 

Share Nagios网页文件所在的目录 

var Nagios日志文件、spid 等文件所在的目录 

var/archives 日志归档目录 

var/rw 用来存放外部命令文件

3.配置apache

将下面行加入apache配置文件httpd.conf的alias模块,并注释掉原先的“ScriptAlias…………”行。

---------------------------------------

ScriptAlias /nagios/cgi-bin “/usr/local/nagios/sbin”

 

# SSLRequireSSL

Options ExecCGI

AllowOverride None

Order allow,deny

Allow from all

# Order deny,allow

# Deny from all

# Allow from 127.0.0.1

AuthName “Nagios Access”

AuthType Basic

AuthUserFile /usr/local/nagios/etc/htpasswd.users

Require valid-user

 

Alias /nagios “/usr/local/nagios/share”

 

# SSLRequireSSL

Options None

AllowOverride None

Order allow,deny

Allow from all

# Order deny,allow

# Deny from all

# Allow from 127.0.0.1

AuthName “Nagios Access”

AuthType Basic

AuthUserFile /usr/local/nagios/etc/htpasswd.users

Require valid-user

---------------------------------------

4. 创建apache目录验证文件

/usr/local/apache/bin/htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

New password: (输入密码)

Re-type new password: (再输入一次密码)

Adding password for user nagiosadmin

5.重启apache

/usr/local/apache2/bin/apachectl -k restart

6.配置nagios配置文件

vi /usr/local/nagios/etc/objects/contacts.cfg

# 将里面的email地址改为接收监控邮件的email地址。

7.安装nagios插件

tar xzf nagios-plugins-1.4.11.tar.gz

cd nagios-plugins-1.4.11

./configure –with-nagios-user=nagios –with-nagios-group=nagios

make

make install

8.启动nagios

# 配置机器启动时自动启动Nagios

chkconfig nagios on

# 检查Nagios配置文件

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

# 启动Nnagios

service nagios start

9.SELinux及防火墙设置

1).关闭SELinux

vi /etc/selinux/config

# 将下面行设为disabled

SELINUX=disabled

# 重启系统

 

2).如果开启防火墙,应该允许访问apache(一般为80端口)并允许nagios去抓取被监控机信息(一般nrpe为5666端口)。

10.测试nagios页面是否正常

在浏览器地址栏输入:http://localhost/nagios/

输入用户名及密码登录。

11.安装nrpe插件,用来监控linux机器

tar xzvf nrpe-2.12.tar.gz

cd nrpe-2.12

./configure

make all

# 在Nagios服务器端只要安装nrpe监控插件就行

make install-plugin

12.在/usr/local/nagios/etc/objects/commands.cfg中定义check_nrpe命令

vi /usr/local/nagios/etc/objects/commands.cfg

############################################################

#

# 2008.11.18 add by Stone

# NRPE COMMAND

#

############################################################

# ‘check_nrpe ‘ command definition

define command{

command_name check_nrpe

command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$

}

 

六、Linux被监控端的安装和设置

1.创建nagios帐号

useradd -m nagios

passwd nagios

输入nagios的密码,需要输入两次(这里我设的密码为nagios)

2.安装nagios-plugins

tar -zxvf nagios-plugins-1.4.13.tar.gz

cd nagios-plugins-1.4.13

./configure

make

make install

# Nagios-plugins默认安装到/usr/local/nagios

chown nagios.nagios /usr/local/nagios/

chown -R nagios.nagios /usr/local/nagios/libexec/

3.安装nrpe插件

tar xzvf nrpe-2.12.tar.gz

cd nrpe-2.12

./configure

make all

# 安装nrpe守护进程

make install-daemon

# 安装nrpe配置文件

make install-daemon-config

4.修改nrpe配置文件,允许Nagios服务器监控

vi /usr/local/nagios/etc/nrpe.cfg

# 此处设置nagios服务器的IP,多台机器用逗号隔开

allowed_hosts=127.0.0.1,172.0.0.44

5.启动nrpe

# 以独立守护进程启动nrpe,也可以使用xinetd启动nrpe,具体清查看nrpe官方文档。

/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d

# 开机自动启动nrpe

vi /etc/rc.d/rc.local

# 加入下面行

/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d

6.检查nrpe是否安装正常

# 查看启动端口

[root@wiki ~]# netstat -tunlp

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 27387/nrpe

#如果有防火墙应该开放5666端口:

iptables -A INPUT -p tcp --dport 5666 -j ACCEPT

7.我们需要在/usr/local/nagios/etc/nrpe.cfg中定义我们用到的监控本地资源的命令。

下面的命令是默认定义的:

command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10

command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20

command[check_hda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda1

command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs -w 5 -c 10 -s Z

command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c 200

下面的命令是自己定义的:

# 监控交换分区的使用情况,使用超过20%时为警告状态,超过10%时为严重状态

command[check_swap]=/usr/local/nagios/libexec/check_swap -w 20% -c 10%

# 监控根分区磁盘使用情况

command[check_disk_root]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /

8.重启nrpe

#使用下面命令查看nrpe的pid号

ps -ef|grep nrpe

#使用kill命令结束nrpe进程

kill -9

#启动nrpe

/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg –d