【1】nagios从零学习使用 - 软件安装
本节目标:学习使用nagios监控软件的安装
记录一下这几天监控软件nagios安装过程,测试拓扑图如下(二台vm虚拟机、一台win7物理机,都在vm8这个网中):
nagios主要是安装nagios、cacti,使用nagios的数据,cacti做图。
dnsmail主要是装bind、sendmail、nrpe。
一、nagios安装
1、环境设置、依赖包。
cacti\cacti\所需要的所有包
yum install -y php-snmp net-snmp-utilsperl-Net-Daemon perl-PlRPC httpd mysql mysql-server php php-mysql php-devel net-snmp gcc glibcglibc-common gd gd-devel xinetd openssl-devel rrdtool mysql-devel
若是官方有些包没法安装,手动建立dag.repo,定义非官方库:
vi /etc/yum.repos.d/dag.repo [dag] name=Dag RPM Repository for Red Hat Enterprise Linux baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag gpgcheck=1 enabled=1 然后再导入非官方库的GPG: rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
禁止防火墙与selinux
Chkconfig iptables off Vi /etc/sysconfig/selinux SELINUX=disabled
php安装后,报date()时区错误。
把/etc/php.ini中;date.timezone ;去掉,后面加上PRC
date.timezone = PRC
2、nagios、plugin、nrpe安装
useradd -m nagios
passwd nagios
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd apache
nagios安装
./configure --with-command-group=nagcmd
make all
make install
make install-init
make install-config
make install-commandmode
make install-webconf
添加nagiosadmin用户,pass:zerostudy
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
vi /etc/httpd/conf/httpd.conf修改httpd.conf文件添加认证访问,最后面添加以下内容。
ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"
<Directory "/usr/local/nagios/sbin">
AuthType Basic
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
</Directory>
Alias /nagios "/usr/local/nagios/share"
<Directory "/usr/local/nagios/share">
AuthType Basic
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName "nagios Access"
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
</Directory>
修改cgi.cfg文件(/usr/local/nagios/etc)
default_user_name=nagiosadmin
authorized_for_system_information=nagiosadmin
authorized_for_configuration_information=nagiosadmin
authorized_for_system_commands=nagiosadmin
authorized_for_all_services=nagiosadmin
authorized_for_all_hosts=nagiosadmin
authorized_for_all_service_commands=nagiosadmin
authorized_for_all_host_commands=nagiosadmin
开机启动:
chkconfig nagios on
service nagios start
检测配置文件是否有问题
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
安装插件 nagios-plugins-1.x
./configure --prefix=/usr/local/nagios
make && make install
监控主机只需要nrpe插件,安装方法如下:
./configure
make all
make install-plugin
检测客户机的nrpe插件是否正常(主机由于只需要插件,没有启动服务,所以检测本机是不成功的。完全安装也可以,需要xinted服务)
./check_nrpe -H 对方IP地址
若正常则会返回nrpe的版本
3、cacti安装
mv cacti-0.8.8b /var/www/html/cacti mysql root的密码/usr/bin/mysqladmin-u root password 'zerostudy' 创建cacti数据库 mysql > create database cacti; 创建一个cactiuser用户密码:zerostudy GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'zerostudy' 导入cacti.sql到cacti数据库 mysql>Use cacti mysql>source /var/www/html/cacti/cacti.sql 修改config.php与global.php文件(/var/www/html/cacti/include目录下面) config.php文件 /* make sure these values refect your actual database/host/user/password */ $database_type = "mysql"; $database_default = "cacti"; $database_hostname = "localhost"; $database_username = "cactiuser"; $database_password = "zerostudy"; $database_port = "3306"; Global.php /* Default database settings*/ $database_type = "mysql"; $database_default = "cacti"; $database_hostname = "localhost"; $database_username = "cactiuser"; $database_password = "zerostudy"; $database_port = "3306"; $database_ssl = false; 添加计划任务 crontab �Ce */5 * * * * php/var/www/html/cacti/poller.php > /dev/null 2>&1
界面初始化
http://192.168.198.254/cacti/ 开始用户与密码:admin
因为使用nagios做报警,cacti做图,所以setting、thod插件不安装,只安装npc插件。
mv npc /var/www/html/cacti/plugins
进入cacti安装npc并设置
安装ndoutils插件(重要)
./configure --prefix=/usr/local/nagios LDFLAGS=-L/usr/lib --enable-mysql --with-ndo2db-user=nagios --with-ndo2db-group=nagios make make install
[root@nagios db]# ./installdb -ucactiuser -pzerostudy -h localhost -d cacti
DBD::mysql::db do failed: Table 'cacti.nagios_dbversion' doesn't exist at ./installdb line 51.
** Creating tables for version 1.5.2
Using mysql.sql for installation...
** Updating table nagios_dbversion
Done!
#vi /usr/local/nagios/etc/nagios.cfg添加以下内容 check_external_commands=1 command_check_interval=-1 event_broker_options=-1 broker_module=/usr/local/nagios/bin/ndomod.o config_file=/usr/local/nagios/etc/ndomod.cfg process_performance_data=1
cp config/ndomod.cfg-sample /usr/local/nagios/etc/ndomod.cfg [root@cacti include]# cat /usr/local/nagios/etc/ndomod.cfg |grep -v '^#'|sed /^$/d instance_name=default output_type=tcpsocket output=127.0.0.1 tcp_port=5668 use_ssl=0 output_buffer_items=5000 buffer_file=/usr/local/nagios/var/ndomod.tmp file_rotation_interval=14400 file_rotation_timeout=60 reconnect_interval=15 reconnect_warning_interval=15 data_processing_options=-1 config_output_options=2 cp config/ndo2db.cfg-sample /usr/local/nagios/etc/ndo2db.cfg [root@cacti config]# cat /usr/local/nagios/etc/ndo2db.cfg |grep -v '^#'|sed /^$/d lock_file=/usr/local/nagios/var/ndo2db.lock ndo2db_user=nagios ndo2db_group=nagcmd socket_type=tcp socket_name=/usr/local/nagios/var/ndo.sock tcp_port=5668 use_ssl=0 db_servertype=mysql db_host=localhost db_port=3306 db_name=cacti db_prefix=npc_ db_user=cactiuser db_pass=zerostudy max_timedevents_age=1440 max_systemcommands_age=10080 max_servicechecks_age=10080 max_hostchecks_age=10080 max_eventhandlers_age=44640 max_externalcommands_age=44640 debug_level=-1 debug_verbosity=1 debug_file=/usr/local/nagios/var/ndo2db.debug max_debug_file_size=1000000
重启nagios ndo2db
#!/bin/bash kill -9 `cat /usr/local/nagios/var/ndo2db.lock` rm -f /usr/local/nagios/var/ndo2db.lock /usr/local/nagios/bin/ndo2db -c /usr/local/nagios/etc/ndo2db.cfg service nagios restart
出现如下错误:
[1395231554] Caught SIGTERM, shutting down... [1395231554] Successfully shutdown... (PID=1949) [1395231555] Nagios 3.4.3 starting... (PID=9737) [1395231555] Local time is Wed Mar 19 20:19:15 CST 2014 [1395231555] LOG VERSION: 2.0 [1395231555] ndomod: NDOMOD 1.5.2 (06-08-2012) Copyright (c) 2009 Nagios Core Development Team and Community Contributors [1395231555] ndomod: Could not open data sink! I'll keep trying, but some output may get lost... [1395231555] Event broker module '/usr/local/nagios/bin/ndomod.o' initialized successfully. [1395231555] Finished daemonizing... (New PID=9738)
原因是/usr/local/nagios/etc/ndomod.cfg ndo2db.cfg 二个文件的权限问题,把他加上777权限即可。
tailf /var/log/messages报错没有long_output字段
原因表不完整。解决方法如下:
use cacti; ALTER TABLE `npc_hostchecks` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`; ALTER TABLE `npc_hoststatus` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`; ALTER TABLE `npc_servicechecks` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`; ALTER TABLE `npc_servicestatus` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`; ALTER TABLE `npc_statehistory` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`; ALTER TABLE `npc_eventhandlers` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`; ALTER TABLE `npc_systemcommands` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`; ALTER TABLE `npc_notifications` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`; exit;
二、dnsmail机的dns设置
cat /etc/named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
//include "/etc/named.rfc1912.zones";
//include "/etc/named.root.key";
zone "onepc.com" IN {
type master;
file "onepc.com.zone";
allow-update{none;};
};
zone "198.168.192.in-addr.arpa" IN {
type master;
file "192.168.198.0";
allow-update { none; };
};
区域是onepc.com
/var/named/onepc.cmo.zone
$TTL 1D
@ IN SOA dnsmail.onepc.com. root.onepc.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS dnsmail.onepc.com.
IN MX 10 mail.onepc.com.
@ IN A 192.168.198.253
dnsmail IN A 192.168.198.253
www IN CNAME dnsmail
ftp IN CNAME dnsmail
mail IN A 192.168.198.253
nagios IN A 192.168.198.254
$TTL 1D
@ IN SOA dnsmail.onepc.com. root.onepc.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS dnsmail.onepc.com.
253 IN PTR dnsmail.onepc.com.
254 IN PTR nagios.onepc.com.
253 IN PTR mail.onepc.com
253 IN PTR www.onepc.com
dns配置完成
安装sendmail
sendmail-8.14.4-8.el6.x86_64 sendmail-cf-8.14.4-8.el6.noarch dovecot-2.0.9-2.el6_1.1.x86_64 更改/etc/mail/sendmail.mc DAEMON_OPTIONS(`Port=smtp,Addr=192.168.198.253, Name=MTA')dnl 生成cf文件 m4 sendmail.mc > sendmail.cf vi /etc/dovecot/dovecot.conf 把protocols前面的#去掉 protocols = imap pop3 lmtp vi /etc/dovecot/conf.d/10-auth.conf disable_plaintext_auth = no vi /etc/dovecot/conf.d/10-mail.conf mail_location = mbox:~/mail:INBOX=/var/mail/%u vi /etc/mail/access Connect:localhost.localdomain RELAY Connect:localhost RELAY Connect:127.0.0.1 RELAY connect:192.168.198.0 RELAY makemap hash /etc/mail/access < /etc/mail/access vi /etc/mail/local-host-names mail.onepc.com dnsmail.onepc.com onepc.com
安装nrpe
客户机安装nrpe插件:(需要gcc、openssl-devel、xinetd)
添加nagios用户
Useradd nagios
Passwd nagios
编译nagios-plugins:
# ./configure --prefix=/usr/local/nagios
# make && make install
更改权限
# chown nagios.nagios /usr/local/nagios
# chown -R nagios.nagios /usr/local/nagios/libexec
编译nrpe软件:
./configure
make all
make install-plugin
make install-daemon
make install-daemon-config
make install-xinetd
修改/etc/xinetd.d/nrpe文件
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = 127.0.0.1 192.168.198.254
}
在only_from 后增加监控主机的IP地址。
编辑/etc/services 文件,在最后面增加NRPE服务
nrpe 5666/tcp #nrpe