由于我方与某运营商有合作关系他们出机器,但机器是归我们管理,由于配置主动监控进不了他们机器,所以有这个被动监控需求。在无聊的值班日把nagios分布式监控给搞定了,也算是一种收获吧,很喜欢街上空荡荡的感觉,但却不得不为自己的温饱问题感到担忧...
进入主题
一、在分布式机器上安装和nagios主监控机一样配置好,在界面上呈现出相关监控信息后
二、开始安装NSCA模块
下载地址
http://nchc.dl.sourceforge.net/sourceforge/nagios/nsca-2.7.2.tar.gz
安装步骤
./configure && make all
这样就安装完毕了,下面是客户端相关配置
cd nsca-2.7.2
1)拷贝相关文件至nagios目录下,注意权限问题
send_nsca
send_nsca.cfg
权限有问题会导致分布式监控提交不了监控信息
cp sample-config/send_nsca.cfg /usr/local/nagios/etc/
cp src/send_nsca /usr/local/nagios/bin/
2) /usr/local/nagios/etc/send_nsca.cfg文件的password选项与主监控机的一致
password=xxx
3)nagios.cfg配置该配置文件中不加入send_nsca.cfg
nagios_user=nagios
nagios_group=nagios
#上面根据实际情况更改
ocsp_command=submit_check_result
use_syslog=0#这个写入message刷信息我觉得烦把他禁了
enable_notifications=0 #把分布式机器上的nagios通知功能禁用
obsess_over_services=1 #设置为obsess
4)/usr/local/nagios/etc/commands.cfg配置文件与原来监控机配置一致的基础上添加
define command{
command_name submit_check_result
command_line /usr/local/nagios/libexec/submit_check_result $HOSTNAME$ '$SERVICEDESC$' $SERVICESTATE$ '$SERVICEOUTPUT$'
}
5)/usr/local/nagios/libexec/submit_check_result脚本内容
#!/bin/sh
# Arguments:
# $1 = host_name (Short name of host that the service is
# associated with)
# $2 = svc_description (Description of the service)
# $3 = state_string (A string representing the status of
# the given service - "OK", "WARNING", "CRITICAL"
# or "UNKNOWN")
# $4 = plugin_output (A text string that should be used
# as the plugin output for the service checks)
#
# Convert the state string to the corresponding return code
return_code=-1
case "$3" in
OK)
return_code=0
;;
WARNING)
return_code=1
;;
CRITICAL)
return_code=2
;;
UNKNOWN)
return_code=-1
;;
esac
# pipe the service check info into the send_nsca program, which
# in turn transmits the data to the nsca daemon on the central
# monitoring server
/usr/bin/printf "%s\t%s\t%s\t%s\n" "$1" "$2" "$return_code" "$4" | /usr/local/nagios/bin/send_nsca central_server -c /usr/local/nagios/etc/send_nsca.cfg
#########################################
#注意脚本中的central_server为主监控机的IP
#########################################
6)若保留该词,则需更改/etc/hosts文件
xx.xx.xx.xx central_server
当客户端正常工作你可以看到进程会不断变化
[root@TJSJHL241-189 nsca-2.7.2]# ps -ef|grep nsca
nagios 31772 31770 0 11:37 ? 00:00:00 /usr/local/nagios/bin/send_nsca central_server -c /usr/local/nagios/etc/send_nsca.cfg
root 31774 17037 0 11:37 pts/0 00:00:00 grep nsca
[root@TJSJHL241-189 nsca-2.7.2]# ps -ef|grep nsca
nagios 31786 31784 0 11:37 ? 00:00:00 /usr/local/nagios/bin/send_nsca central_server -c /usr/local/nagios/etc/send_nsca.cfg
root 31788 17037 0 11:37 pts/0 00:00:00 grep nsca
[root@TJSJHL241-189 nsca-2.7.2]# ps -ef|grep nsca
nagios 31792 31790 0 11:37 ? 00:00:00 /usr/local/nagios/bin/send_nsca central_server -c /usr/local/nagios/etc/send_nsca.cfg
root 31794 17037 0 11:37 pts/0 00:00:00 grep nsca
自己也可以做个test文件测试客户端到服务端的连通性比如test文件内容为
"rrw-2-1" TestMessage 0 This is a test message.
[root@TJSJHL241-189 etc]# /usr/local/nagios/bin/send_nsca central_server -c /usr/local/nagios/etc/send_nsca.cfg < test
0 data packet(s) sent to host successfully.
只要看到sent to host successfully就可以了
当时一直很苦恼为什么我的成功了但发的却是0,最后我就先不考虑这问题先去配置下了,后来发现,主监控与分布式监控的内容是一致的,嘿嘿,如有人知道的话不妨不说,在此谢过了
7)下面观察下services.cfg的配置
define service{
hostgroup_name rrw-game,rrw-res
service_description CPU
check_command check_nrpe_cpu
contact_groups yunwei
check_period 24x7
max_check_attempts 4
normal_check_interval 10
retry_check_interval 60
notifications_enabled 1
notification_options u,c,r
check_freshness 1
freshness_threshold 600 #此项应为实际总检测时间的2倍,监控端与被监控端设置一致,不然会出现Warning: The results of service 'http' on host 'rrw-1-2' are stale by 0d 0h 0m 16s (threshold=0d 0h 0m 20s). I'm forcing an immediate check of the service.信息
}
这是分布式上的多出的两选项
check_freshness 1
freshness_threshold 20#此处为正常检测间隔的2x
可以观察下nagios.cfg
check_freshness 1 此选项黑认是为1的
分布式机器差不多了,启动nagios即可
三、主监控机配置
下载nsca模块
1)安装如上相同
make all 之后
cp sample-config/nsca.cfg /usr/local/nagios/etc/
cp src/nsca /usr/local/nagios/bin/
vi /usr/local/nagios/etc/nsca.cfg更改下面配置
nsca_user=nagios
nsca_group=nagios
password=xxx
此处我就不交由xinetd啥的管理了,自已直接运行
/usr/local/nagios/bin/nsca -d -c /usr/local/nagios/etc/nsca.cfg
2)rc.local添加开机自启动
/usr/local/nagios/bin/nsca -d -c /usr/local/nagios/etc/nsca.cfg
3)services添加
nsca 5667/tcp # NSCA
4)iptables开放5667端口
iptables -I RH-Firewall-1-INPUT -p tcp -m tcp --dport 5667 -j ACCEPT
service iptables save
5)新建一个目录放置分布式机器的相关配置文件hosts.cfg hostgroups.cfg与分布式机器配置一致
services.cfg先拷贝分布式机器的配置文件,完成后的配置参考如下
define service{
hostgroup_name rrw-game,rrw-res
service_description CPU
check_command check_nrpe_cpu
contact_groups yunwei
check_period 24x7
max_check_attempts 4
normal_check_interval 10
retry_check_interval 60
notifications_enabled 1
notification_options u,c,r
active_checks_enabled 0
check_freshness 0#注意此处如果为1,主监控会主动刷新吧,不等分布式机器递交信息过来就会刷新设置为1时会等分布式机器递交结果过来再刷新
freshness_threshold 20
passive_checks_enabled 1 # We want only passive checking
flap_detection_enabled 0
is_volatile 0
}
6)启动相关服务nsca nagios
/usr/local/nagios/bin/nsca -d -c /usr/local/nagios/etc/nsca.cfg
/usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg
四、主监控与分布式机器
主监控与分布式机器添加新监控点时两个监控机器都得同时添加
说明,参照文档时有提把下面添加到commands.cfg文件,同时在服务里调用些命令,目前我这边倒是像没有使用到,不知道运行一段时间会不会出问题,有待观察,嘿嘿,看这块有没有必要需要,具体请参照下面的文档吧
define command{
command_name check_dummy
command_line $USER1$/check_dummy $ARG1$
}
如有新加机器,需要重启服务端的nsca
/usr/local/nagios/bin/nsca -d -c /usr/local/nagios/etc/nsca.cfg
杀掉进程,重新开启
参考文档:
nsca模块里的README
http://nagios.sourceforge.net/download/contrib/documentation/misc/NSCA_Setup.pdf
http://www.packtpub.com/article/passive-checks-nsca-nagios-service-check-acceptor