From Technical Knowledge to IT Service Management

Posts Tagged ‘config’

Nagios – Configuration

On March 28, 2008   /   Linux, Nagios, Supervision   /   Leave a comment

Pré-requis
Serveur Apache + PHP avec Nagios installé

>>> I. Configuration principale

Nous l’avions vu dans la premeire partie, le configuration de Nagios est rassemblée dans un dossier unique situé sous etc/
Le fichier de configuration principal est etc/nagios.cfg étroitement lié aux CGIs, ces deux fichiers constituent le coeur de la configuration Nagios et liste egalement les autres fichiers de configuration qui seront utilisés:
Voici la liste des principaux fichiers de configuration:
cgi.cfg
commands.cfg
contactgroups.cfg
contacts.cfg
hostgroups.cfg
hosts.cfg
htpasswd.users
nagios.cfg
resource.cfg
servicegroups.cfg
services.cfg
timeperiods.cfg

Le fichier main.cfg reprend les elements pricnipaux

# NAGIOS USER
# This determines the effective user that Nagios should run as.
# You can either supply a username or a UID.
nagios_user=nagios

# NAGIOS GROUP
# This determines the effective group that Nagios should run as.
# You can either supply a group name or a GID.
nagios_group=nagios

ou par exemple:

# EXTERNAL COMMAND FILE
# This is the file that Nagios checks for external command requests.
# It is also where the command CGI will write commands that are submitted
# by users, so it must be writeable by the user that the web server
# is running as (usually ‘nobody’).  Permissions should be set at the
# directory level instead of on the file, as the file is deleted every
# time its contents are processed.

command_file=/usr/local/nagios/var/rw/nagios.cmd

De meme le fichier cgi.cfg regroupe les informations essentielles àà l’interface web ainsi que celles liées à la sécurité de l’interface.

# PHYSICAL HTML PATH
# This is the path where the HTML files for Nagios reside.  This
# value is used to locate the logo images needed by the statusmap
# and statuswrl CGIs.
physical_html_path=/usr/local/nagios/share

# URL HTML PATH
# This is the path portion of the URL that corresponds to the
# physical location of the Nagios HTML files (as defined above).
# This value is used by the CGIs to locate the online documentation
# and graphics.  If you access the Nagios pages with an URL like
# http://www.myhost.com/nagios, this value should be ‘/nagios’
# (without the quotes).
url_html_path=/nagios

# SYSTEM/PROCESS COMMAND ACCESS
# This option is a comma-delimited list of all usernames that
# can issue shutdown and restart commands to Nagios via the
# command CGI (cmd.cgi).  Users in this list can also change
# the program mode to active or standby. By default, *no one*
# has access to this unless you choose to not use authorization.
# You may use an asterisk (*) to authorize any user who has
# authenticated to the web server.
authorized_for_system_commands=nagiosadmin

# GLOBAL HOST/SERVICE VIEW ACCESS
# These two options are comma-delimited lists of all usernames that
# can view information for all hosts and services that are being
# monitored.  By default, users can only view information
# for hosts or services that they are contacts for (unless you
# you choose to not use authorization). You may use an asterisk (*)
# to authorize any user who has authenticated to the web server.
authorized_for_all_services=nagiosadmin,guest,nagios,guest
authorized_for_all_hosts=nagiosadmin,guest,nagios,guest

# user who has authenticated to the web server.
authorized_for_all_service_commands=nagiosadmin
authorized_for_all_host_commands=nagiosadmin

>>> II. Configuration des serveurs

L’execution du ./configure avant compilation crée les fichiers samples. Ces derniers sont disponibles apres la compilation en executant la commande suivante: make install-config
Je ne vais pas decrire le contenu des fichiers ici, parmi les fichiers samples générés, prenons celui du localhost (ci dessous) Il en resulte une multitude de définition d’objets: periode de temps, nom de serveur, service, groupe de serveur, contact. Chacun des paragraphes ci dessous va definir une entité, qui elle meme appartiendra ou sera liée à une autre entité. Un serveur appartiendra à un groupe de serveur. Un serveur sera lié à un contact ou un groupe de contact qui lui meme contiendra des contacts. La syntaxe est relativement simple, ladocumentation nagios et l’example ci dessous suffiront pour débuter

###############################################################################
# LOCALHOST.CFG – SAMPLE OBJECT CONFIG FILE FOR MONITORING THIS MACHINE
#
# Last Modified: 11-27-2006
#
# NOTE: This config file is intended to servce as an *extremely* simple
#       example of how you can create your object configuration file(s).
#
###############################################################################

###############################################################################
###############################################################################
#
# TIME PERIODS
#
###############################################################################
###############################################################################

# This defines a timeperiod where all times are valid for checks,
# notifications, etc.  The classic “24×7″ support nightmare. :-)

define timeperiod{
timeperiod_name 24×7
alias           24 Hours A Day, 7 Days A Week
sunday          00:00-24:00
monday          00:00-24:00
tuesday         00:00-24:00
wednesday       00:00-24:00
thursday        00:00-24:00
friday          00:00-24:00
saturday        00:00-24:00
}

# ‘workhours’ timeperiod definition
define timeperiod{
timeperiod_name workhours
alias           “Normal” Working Hours
monday          09:00-17:00
tuesday         09:00-17:00
wednesday       09:00-17:00
thursday        09:00-17:00
friday          09:00-17:00
}

# ‘nonworkhours’ timeperiod definition
define timeperiod{
timeperiod_name nonworkhours
alias           Non-Work Hours
sunday          00:00-24:00
monday          00:00-09:00,17:00-24:00
tuesday         00:00-09:00,17:00-24:00
wednesday       00:00-09:00,17:00-24:00
thursday        00:00-09:00,17:00-24:00
friday          00:00-09:00,17:00-24:00
saturday        00:00-24:00
}

# ‘none’ timeperiod definition
define timeperiod{
timeperiod_name none
alias           No Time Is A Good Time
}

###############################################################################
###############################################################################
#
# COMMANDS
#
###############################################################################
###############################################################################

# NOTE: Sample command definitions can now be found in the sample commands.cfg
#       file

###############################################################################
###############################################################################
#
# CONTACTS
#
###############################################################################
###############################################################################

# In this simple config file, a single contact will receive all alerts.
# This assumes that you have an account (or email alias) called
# “nagios-admin” on the local host.

define contact{
contact_name                    nagios-admin
alias                           Nagios Admin
service_notification_period     24×7
host_notification_period        24×7
service_notification_options    w,u,c,r
host_notification_options       d,r
service_notification_commands   notify-by-email
host_notification_commands      host-notify-by-email
email                           nagios-admin@localhost
}

###############################################################################
###############################################################################
#
# CONTACT GROUPS
#
###############################################################################
###############################################################################

# We only have one contact in this simple configuration file, so there is
# no need to create more than one contact group.

define contactgroup{
contactgroup_name       admins
alias                   Nagios Administrators
members                 nagios-admin
}

###############################################################################
###############################################################################
#
# HOSTS
#
###############################################################################
###############################################################################

# Generic host definition template – This is NOT a real host, just a template!

define host{
name                            generic-host    ; The name of this host template
notifications_enabled           1               ; Host notifications are enabled
event_handler_enabled           1               ; Host event handler is enabled
flap_detection_enabled          1               ; Flap detection is enabled
failure_prediction_enabled      1               ; Failure prediction is enabled
process_perf_data               1               ; Process performance data
retain_status_information       1               ; Retain status information across program restarts
retain_nonstatus_information    1               ; Retain non-status information across program restarts
notification_period             24×7            ; Send host notifications at any time
register                        0               ; DONT REGISTER THIS DEFINITION – ITS NOT A REAL HOST, JUST A TEMPLATE!
}

# Linux host definition template – This is NOT a real host, just a template!

define host{
name                            linux-server    ; The name of this host template
use                             generic-host    ; This template inherits other values from the generic-host template
check_period                    24×7            ; By default, Linux hosts are checked round the clock
max_check_attempts              10              ; Check each Linux host 10 times (max)
check_command                   check-host-alive ; Default command to check Linux hosts
notification_period             workhours       ; Linux admins hate to be woken up, so we only notify during the day
; Note that the notification_period variable is being overridden from
; the value that is inherited from the generic-host template!
notification_interval           120             ; Resend notification every 2 hours
notification_options            d,u,r           ; Only send notifications for specific host states
contact_groups                  admins          ; Notifications get sent to the admins by default
register                        0               ; DONT REGISTER THIS DEFINITION – ITS NOT A REAL HOST, JUST A TEMPLATE!
}

# Since this is a simple configuration file, we only monitor one host – the
# local host (this machine).

define host{
use                     linux-server            ; Name of host template to use
; This host definition will inherit all variables that are defined
; in (or inherited by) the linux-server host template definition.
host_name               localhost
alias                   localhost
address                 127.0.0.1
}

###############################################################################
###############################################################################
#
# HOST GROUPS
#
###############################################################################
###############################################################################

# We only have one host in our simple config file, so there is no need to
# create more than one hostgroup.

define hostgroup{
hostgroup_name  test
alias           Test Servers
members         localhost
}

###############################################################################
###############################################################################
#
# SERVICES
#
###############################################################################
###############################################################################

# Generic service definition template – This is NOT a real service, just a template!

define service{
name                            generic-service         ; The ‘name’ of this service template
active_checks_enabled           1                       ; Active service checks are enabled
passive_checks_enabled          1                       ; Passive service checks are enabled/accepted
parallelize_check               1                       ; Active service checks should be parallelized (disabling this can lead to major performance problems)
obsess_over_service             1                       ; We should obsess over this service (if necessary)
check_freshness                 0                       ; Default is to NOT check service ‘freshness’
notifications_enabled           1                       ; Service notifications are enabled
event_handler_enabled           1                       ; Service event handler is enabled
flap_detection_enabled          1                       ; Flap detection is enabled
failure_prediction_enabled      1                       ; Failure prediction is enabled
process_perf_data               1                       ; Process performance data
retain_status_information       1                       ; Retain status information across program restarts
retain_nonstatus_information    1                       ; Retain non-status information across program restarts
is_volatile                     0                       ; The service is not volatile
register                        0                       ; DONT REGISTER THIS DEFINITION – ITS NOT A REAL SERVICE, JUST A TEMPLATE!
}

# Local service definition template – This is NOT a real service, just a template!

define service{
name                            local-service           ; The name of this service template
use                             generic-service         ; Inherit default values from the generic-service definition
check_period                    24×7                    ; The service can be checked at any time of the day
max_check_attempts              4                       ; Re-check the service up to 4 times in order to determine its final (hard) state
normal_check_interval           5                       ; Check the service every 5 minutes under normal conditions
retry_check_interval            1                       ; Re-check the service every minute until a hard state can be determined
contact_groups                  admins                  ; Notifications get sent out to everyone in the ‘admins’ group
notification_options            w,u,c,r                 ; Send notifications about warning, unknown, critical, and recovery events
notification_interval           60                      ; Re-notify about service problems every hour
notification_period             24×7                    ; Notifications can be sent out at any time
register                        0                       ; DONT REGISTER THIS DEFINITION – ITS NOT A REAL SERVICE, JUST A TEMPLATE!
}

# Define a service to “ping” the local machine

define service{
use                             local-service         ; Name of service template to use
host_name                       localhost
service_description             PING
check_command                   check_ping!100.0,20%!500.0,60%
}

# Define a service to check the disk space of the root partition
# on the local machine.  Warning if < 20% free, critical if
# < 10% free space on partition.

define service{
use                             local-service         ; Name of service template to use
host_name                       localhost
service_description             Root Partition
check_command                   check_local_disk!20%!10%!/
}

# Define a service to check the number of currently logged in
# users on the local machine.  Warning if > 20 users, critical
# if > 50 users.

define service{
use                             local-service         ; Name of service template to use
host_name                       localhost
service_description             Current Users
check_command                   check_local_users!20!50
}

# Define a service to check the number of currently running procs
# on the local machine.  Warning if > 250 processes, critical if
# > 400 users.

define service{
use                             local-service         ; Name of service template to use
host_name                       localhost
service_description             Total Processes
check_command                   check_local_procs!250!400!RSZDT
}

# Define a service to check the load on the local machine.

define service{
use                             local-service         ; Name of service template to use
host_name                       localhost
service_description             Current Load
check_command                   check_local_load!5.0,4.0,3.0!10.0,6.0,4.0
}

Back to Top

Nagios – Installation

On March 26, 2008   /   Linux, Nagios, Supervision   /   Leave a comment

>>> I. Mise en place du daemon Nagios

Pré-requis
Un serveur web Apache + PHP

Télécharger le package nagios (le plus recent)
> http://www.nagios.org/download
$ wget -O /tmp/nagios-3.0.1.tar.gz http://downloads.sourceforge.net/nagios/nagios-3.0.1.tar.gz

Se connecter sur le serveur cible (avec root)

# décompresser l’archive
$ tar zxvf nagios-x.y.tar.gz

# Création du groupe et user Nagios
$ groupadd nagios -g 600 (si vous souhaitez définir un gid precis)
$ groupadd nagcmd -g 601 (ce groupe servira pour les users qui font tourner Apache et Nagios)
$ useradd nagios -u 600 -g Nagios (le user nagios aura le uid 600 et pour groupe principal nagios)
$ /usr/sbin/usermod -G nagcmd apache (ajoute le user apache au groupe nagcmd)
$ /usr/sbin/usermod -G nagcmd nagios (ajoute le user nagios au groupe nagcmd)

# Vérification
$ id nagios
> uid=600(nagios) gid=600(nagios) groups=600(nagios),601(nagcmd)

# Création de l’environnement
$ mkdir /usr/local/nagios
$ chown nagios.nagios /usr/local/nagios

# Configuration pour compiler nagios
./configure –prefix=prefix                    (par défaut /usr/local/nagios)
–with-cgiurl=cgiurl            (par default /nagios/cgi-bin)
–with-htmurl=htmurl            (par defaut /nagios)
–with-nagios-user=someuser        (par defaut nagios)
–with-nagios-group=somegroup    (par defaut nagios)
–with-command-group=cmdgroup    (par defaut nagios)

exemple:
./configure –prefix=/usr/local/nagios
–with-cgiurl=/usr/local/nagios/cgi-bin
–with-htmurl=/usr/local/nagios/share
–with-nagios-user=nagios
–with-nagios-group=nagios
–with-command-group=nagcmd

# Compilation, installation
$ make all
$ make install

# Mise en place script init
$ make install-init

# Description du repertoire Nagios suite à l’installation

Sub-Directory     Contents
bin/             executables Nagios
etc/             Fichiers de configuration: Main, resource, object, CGI
sbin/             CGIs
share/             Fichiers HTML (Interface web et fichiers d’aide)
var/             Repertoire pour les fichiers logs, les statuts, etc…
var/archives     Repertoire pour les archives
var/rw             Repertoire pour le fichier de commande externe

# Installation des plugins

$ wget -O plugins-nagios.tar.gz http://downloads.sourceforge.net/nagios/ndoutils-1.4b7.tar.gz
> decompresser le fichier et placer tous les shells/binaires dans libexec. L’ensemble de ces plugins permettront de realiser les checks et de superviser ce qui doit l’etre.
Installing The Plugins

>>> II. Configuration de la partie Web

# Configuration du serveur Web Apache

> editer le httpd.conf

# Supplemental configuration
#
# The configuration files in the conf/extra/ directory can be
# included to add extra features or to modify the default configuration of
# the server, or you may simply copy their contents here and change as
# necessary.

# Nagios Config
Include conf/nagios.conf

# Server-pool management (MPM specific)
#Include conf/extra/httpd-mpm.conf

# Multi-language error messages
#Include conf/extra/httpd-multilang-errordoc.conf

> dans le reperoire de configuration de apache conf/, créer le fichier nagios.conf

ScriptAlias /nagios/cgi-bin /usr/local/nagios/sbin

<Directory “/usr/local/nagios/sbin”>
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
AuthName “Nagios Access”
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
</Directory>

Alias /nagios /usr/local/nagios/share

<Directory “/usr/local/nagios/share”>
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName “Nagios Access”
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
</Directory>

<Directory “/usr/local/nagios/var”>
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName “Nagios Access”
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
</Directory>

# Definition des users

Les commandes suivantes vont permettre de créer les users qui auront acces au site virtuel Nagios defini ci dessus.

# Creation du fichier htpasswd.users pour acces a Nagios
$ htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
$ htpasswd /usr/local/nagios/etc/htpasswd.users technicien

# editer le fichier cgi.cfg dans le repertoire etc/ de nagios
use_authentication=1

Par défaut la configuration vous suffira pour debuter, par la suite, je vous conseille de lire plus en detail les informations relatives aux CGIs, qui vous seront certainnemenbt utiles.

# relancer Apache
$ /etc/init.d/httpd restart

# Verification
> http://servername/nagios/

Nagios est maintenant installé et fonctionne correctement.
Il n’y a pour le moment rien de configuer pour son utilisation: superviser des serveurs et des services. Ce point fera l’objet d’un nouveau post (tres bientot)

Back to Top