Nagios监控linux服务器
平台及所用组件,
监控服务器:RHEL5(192.168.0.20)+nagios-3.0.5+ nagios-plugins-1.4.11+ nrpe_2.8.1
被监控端RHEL5 (192.168.0.21)+ nagios-plugins-1.4.11+ nrpe_2.8.1
内容简介
本文档介绍nagios监控linux服务器, 因为监控都是依靠插件去完成的,而监控linux主要使用NRPE插件,本文首先简单介绍一下NRPE监控基础,及监控过程,然后一步步的配置一个实例实现监控linux服务器
1.NRPE监控插件基础
NRPE总共由两部分组成:
check_nrpe插件,运行在监控主机上。
NRPE daemon,运行在远程的linux主机上(通常就是被监控机)
整个的监控过程:(如下图)
当Nagios需要监控某个远程linux主机的服务或者资源情况时:
1).nagios运行check_nrpe插件,我们要在nagios配置文件中告诉它要检查什么.
2).check_nrpe插件会通过SSL连接到远程的NRPE daemon.
3).NRPE daemon会运行相应的nagios插件来执行检查本地资源或服务.
4).NRPE daemon将检查的结果返回给check_nrpe插件,插件将其递交给nagios做处理.
注意:NRPE daemon需要nagios插件安装在远程被监控linux主机上,否则,daemon不能做任何的监控. 别外因为它们间的通信是加密的SSL,所以在编译安装时都要加上选项, ./configure --enable-ssl --with-ssl-lib=/lib/,否则也会出错.
2.配置监控端
1.安装nagios
rpm -qa |grep gd
rpm -ql gd-devel-2.0.28-5.4E.el4_6.1
cd nagios-3.0.5
./configure --prefix=/usr/local/nagios --with-command-group=nagcmd --with-gd-lib=/usr/lib --with-gd-inc=/usr/include
make all
make install
make install-init
make install-config
make install-commandmode
make install-webconf #可以自动配置httpd.conf
|
2.安装nagios-plugins
cd nagios-plugins-1.4.11
./configure --with-nagios-user=nagios --with-nagios-group=nagios --enable-redhat-pthread-workaround
make
make install
|
3.安装NRPE
cd nagios-nrpe_2.8.1
./configure #默认自动添加了openssl
#因为传送过程要加密,如果后面make报错,加如下参数
rpm -qa| grep ssl
openssl-devel-0.9.7a-43.17.el4_6.1
rpm -ql openssl-devel-0.9.7a-43.17.el4_6.1 | more
./configure --enable-ssl --with-ssl-lib=/lib/(当然前提要有openssl)
make all
make install-plugin
|
4.commands.cfg定义外部构件nrpe
vi /usr/local/nagios/etc/objects/commands.cfg
#添加
#check nrpe
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
|
5.配置要监控的linux主机
vi /usr/local/nagios/etc/nagios.cfg
#中间添加
cfg_file=/usr/local/nagios/etc/objects/mylinux.cfg
|
6.新建mylinux.cfg 设置监控内容
vi /usr/local/nagios/etc/objects/mylinux.cfg
define host{
use linux-server
host_name mylinux
alias mylinux
address 192.168.0.21(客户端IP既被监控的IP)
}
define service{
use generic-service
host_name mylinux
service_description check-swap
check_command check_nrpe!check_swap
}
define service{
use generic-service
host_name mylinux
service_description check-load
check_command check_nrpe!check_load
}
define service{
use generic-service
host_name mylinux
service_description check-disk
check_command check_nrpe!check_had1
define service{
use generic-service
host_name mylinux
service_description check-users
check_command check_nrpe!check_users
}
define service{
use generic-service
host_name mylinux
service_description otal_procs
check_command check_nrpe!check_total_procs
}
|
6.其它设置
chkconfig --add nagios #配置机器启动时自动启动Nagios
chkconfig nagios on
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg #检查Nagios配置文件
vi /etc/selinux/config #关闭SELinux
SELINUX=disabled
service iptables stop #关闭SELinux,或打开80,5666端口
service nagios start
|
3.配置被监控端
1.安装nagios-plugin
useradd nagios
passwd nagios
tar -zxvf nagios-plugins- 1.4.12 .tar.gz
cd nagios-plugins-1.4.12
./configure --with-nagios-user=nagios --with-nagios-group=nagios --enable-redhat-pthread-workaround
Make
make install
|
2.改变主目录权限
chown –R nagios.nagios /usr/local/nagios
[root@client nagios]# ll
drwxr-xr-x 2 nagios nagios 4096 Jun 1 00:07 libexec
drwxr-xr-x 3 nagios nagios 4096 Jun 1 00:07 share
|
3.安装客户端的nrpe
tar -zxvf nagios-nrpe_ 2.8.1 .orig.tar.gz
cd nagios-nrpe_2.8.1
./configure (会自动加载SSL)
#如果后面make报错,加如下参数
./configure --enable-ssl --with-ssl-lib=/usr/lib/(当然前提要有openssl)
make all
make install-plugin
make install-daemon
make install-daemon-config
|
4.配置nrpe信息
vi /usr/local/nagios/etc/nrpe.cfg
allowed_hosts=192.168.0.20,127.0.0.1,192.168.0.99
|
5.启动nrpe
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg –d
#或
vi /etc/rc.d/rc.local
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg –d
|
6.验证nrpe
netstat -an | grep 5666
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN
/usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
NRPE v2.8.1
#服务端测试
/usr/local/nagios/libexec/check_nrpe -H l92.168.0.21
NRPE v2.8.1
#常见错误
/usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
CHECK_NRPE: Error - Could not complete SSL handshake.
配置
allowed_hosts=192.168.0.20,127.0.0.1,192.168.0.99,然后kill进程再重启就OK了
2./usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
Connection refused by host
Nrpe进程没有启动
|
7.配置监控对像(关键)
由监控原理可知被监控端做监控然后传给监控服务器绘总,设置监控详细参数主要是设置被监控端的nrpe.cfg文件
可以看到里面监控对象
vi /usr/local/nagios/etc/nrpe.cfg
command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20
command[check_hda1]=/usr/local/nagios/libexec/check_disk -w 20 -c 10 -p /dev/hda1
command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c 200
command[check_swap]=/usr/local/nagios/libexec/check_swap -w 20% -c 10%
|
这一步是关键,如果nagios服务器想要监控客户机swap分区,但客户机nrpe.cfg文件没有swap监控对像,这时监控服务器就是报错(NRPE command ‘check_swap’no defined).如下图:其实平时自己写脚本,也是主要配这个地方
到此,就可以监控linux客户机的Disk,swap,users,memory了.
注:附件包含本次实验的所有软件包,配置文件