由于公司使用Nginx作为web监控服务器,但是Nagios依赖PHP环境和perl环境。由于Nginx不支持Perl的CGI,这里就需要先来搭建Perl环境,经过试验使用spawn-fcgi+fcgiwrap为最佳的选择。
安装spawn-fcgi
# wget http://download.lighttpd.net/spawn-fcgi/releases-1.6.x/spawn-fcgi-1.6.3.tar.gz -P /usr/src
# tar xf spawn-fcgi-1.6.3.tar.gz
# cd /usr/local/src/spawn-fcgi-1.6.3
# ./configure
# make && make install
安装fcgi库
# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/fcgi-2.4.0-10.el6.x86_64.rpm -P /usr/src
# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/fcgi-devel-2.4.0-10.el6.x86_64.rpm -P /usr/src
# rpm -ivh fcgi-2.4.0-10.el6.x86_64.rpm fcgi-devel-2.4.0-10.el6.x86_64.rpm
【注:以上fcgi软件的rpm为RHEL6对应版本的,如果是5系列请安装RHEL5对应版本的fcgi库,RHEL5软件下载地址如下:
fcgi: http://flexbox.sourceforge.net/centos/5/x86_64/fcgi-2.4.0-10.el5.x86_64.rpm
fcgi-devel:http://flexbox.sourceforge.net/centos/5/x86_64/fcgi-devel-2.4.0-10.el5.x86_64.rpm
】
安装fcgiwrap
fcgiwrap wiki --> http://nginx.localdomain.pl/wiki/FcgiWrap
最新版本为gnosek-fcgiwrap-1.1.0-0-g333ff99.tar.gz
# cd gnosek-fcgiwrap-333ff99/
# autoreconf -i
# ./configure
# make && make install
nginx.conf相关nagios配置
location ~ \.php$ {
root/usr/local/nagios/share/;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /web_url$fastcgi_script_name;
include fastcgi_params;
}
location ~.*\.(cgi|pl)?$ {
gzip off;
root /usr/local/nagios/sbin;
rewrite ^/nagios/cgi-bin/(.*)\.cgi /$1.cgi break;
fastcgi_pass 127.0.0.1:10000;
fastcgi_param SCRIPT_FILENAME/usr/local/nagios/sbin$fastcgi_script_name;
fastcgi_index index.cgi;
fastcgi_read_timeout 60;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
auth_basic "Nagios Access";
auth_basic_user_file /usr/local/nagios/etc/.nagiospasswd;
}
location /nagios {
index index.php;
auth_basic "Nagios Access";
auth_basic_user_file /usr/local/nagios/etc/.nagiospasswd;
alias /usr/local/nagios/share;
}
建立nagios链接
# ln -s /usr/local/nagios/share/www/nagios
配置Nagios Nginxweb认证
# htpasswd -c /usr/local/nagios/etc/.nagiospasswd nagiosadmin
【注:
1、htpasswd这个工具由Apache安装包所提供,如果没有,可安装httpd-tools这个软件包
2、如果想添加非nagiosadmin的用户则需要修改配置文件cgi.cfg,在cgi配置文件中添加指定用户,以逗号隔开,如下我想加入admin用户并且赋予它所有的权限:
# grep -Ev '^#|^$'/usr/local/nagios/etc/cgi.cfg | grep authorized
authorized_for_system_information=nagiosadmin,admin
authorized_for_configuration_information=nagiosadmin,admin
authorized_for_system_commands=nagiosadmin,admin
authorized_for_all_services=nagiosadmin,admin
authorized_for_all_hosts=nagiosadmin,admin
authorized_for_all_service_commands=nagiosadmin,admin
authorized_for_all_host_commands=nagiosadmin,admin
】
创建一个shell脚本来用spawn-fcgi 启动fcgiwrap实例
# cat /usr/local/bin/fcgiwrap_phpcgi.sh
#!/bin/bash
/usr/local/bin/spawn-fcgi-f /usr/bin/php-cgi -a 127.0.0.1 -p 9000 -C 10 -u daemon -g daemon
/usr/local/bin/spawn-fcgi-f /usr/local/sbin/fcgiwrap -a 127.0.0.1 -p 10000 -F 10 -u daemon -g daemon
# chmod +x /usr/local/bin/fcgiwrap_phpcgi.sh
参数含义如下:
-f <fcgiapp> 指定调用FastCGI的进程的执行程序位置
-a <addr> 绑定到地址addr
-p <port> 绑定到端口port
-s <path> 绑定到unixsocket的路径path
-C < children> 指定产生的FastCGI的进程数(仅用于PHP)
-F <children> 指定产生的FastCGI的进程数
-P <path> 指定产生的进程的PID文件路径
-u和-g FastCGI使用什么身份(-u用户-g用户组)运行,这里使用nginx的用户和组daemon运行
编写启动脚本
# cat /etc/init.d/fcgiwrap_phpcgi
#!/bin/bash # fcgiwrap_phpcgi - this script starts and stops the fcgiwrap && php-cgi instance # # chkconfig: - 96 28 # description: fcgiwrap_phpcgi # processname: fcgiwrap_phpcgi C_SCRIPT=/usr/local/bin/fcgiwrap_phpcgi.sh RETVAL=0 case "$1" in start) echo "Starting cgi" $C_SCRIPT RETVAL=$? ;; stop) echo "Stopping cgi" killall -9 fcgiwrap killall -9 php-cgi RETVAL=$? ;; restart) echo "Restarting cgi" killall -9 fcgiwrap killall -9 php-cgi $C_SCRIPT RETVAL=$? ;; *) echo "Usage: fcgiwrap_phpcgi {start|stop|restart}" exit 1 ;; esac exit $RETVAL # <span style="color: #0000ff;">chkconfig --add fcgiwrap_phpcgi</span> # <span style="color: #0000ff;">chkconfig fcgiwrap_phpcgi on</span> # <span style="color: #0000ff;">service fcgiwrap_phpcgi start</span>
# chmod +x /etc/init.d/fcgiwrap_phpcgi
# chkconfig --add fcgiwrap_phpcgi
# chkconfig --level 2345 fcgiwrap_phpcgi on
# service fcgiwrap_phpcgi restart
# netstat -tulnp | grep -E '9000|10000'
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 17588/php-cgi
tcp 0 0 127.0.0.1:10000 0.0.0.0:* LISTEN 17600/fcgiwrap
参考文档:
http://salogs.com/2009/09/nagios%E5%B9%B3%E5%8F%B0%E4%BB%8Eapache%E8%BF%81%E7%A7%BB%E5%88%B0nginx/