Skip to main content

Nagios Monitoring Setup

Nagios Setup
#############

Pre-requisites Setup:

Apache
------
# sudo yum install httpd

# sudo systemctl start httpd.service

# sudo systemctl status httpd.service

# sudo systemctl enable httpd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

Take your servers public ip in the browser, and it will show the apache default page:


PHP
----

# sudo yum install php php-mysql

# sudo systemctl restart httpd.service

Now create a file in /var/www/html/info.php

vi info.php

phpinfo();
?>

http://ip/info.php

This will load the php configuration details

Nagios
------
Install Build Dependencies in nagios server

# sudo yum install gcc glibc glibc-common gd gd-devel make net-snmp openssl-devel xinetd unzip

Create Nagios User and Group in nagios server
---------------------------------------------

# sudo useradd nagios
# sudo groupadd nagcmd
# sudo usermod -a -G nagcmd nagios

Install Nagios Core in nagios server
------------------------------------

# curl -L -O https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.1.1.tar.gz
# tar xvf nagios-*.tar.gz
# cd nagios-*
# ./configure --with-command-group=nagcmd
# make all
# sudo make install
# sudo make install-commandmode
# sudo make install-init
# sudo make install-config
# sudo make install-webconf

we must add the web server user, apache, to the nagcmd group:

# sudo usermod -G nagcmd apache


Install Nagios Plugins in nagios server
---------------------------------------

# curl -L -O http://nagios-plugins.org/download/nagios-plugins-2.1.1.tar.gz
# tar xvf nagios-plugins-*.tar.gz
# cd nagios-plugins-*
# ./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-openssl
# make
# sudo make install

Install the NRPE in nagios server
---------------------------------

# curl -L -O http://downloads.sourceforge.net/project/nagios/nrpe-2.x/nrpe-2.15/nrpe-2.15.tar.gz
# tar xvf nrpe-*.tar.gz
# cd nrpe-*
# ./configure --enable-command-args --with-nagios-user=nagios --with-nagios-group=nagios --with-ssl=/usr/bin/openssl --with-ssl-lib=/usr/lib/x86_64-linux-gnu
# make all
# sudo make install
# sudo make install-xinetd
# sudo make install-daemon-config

# sudo vi /etc/xinetd.d/nrpe
only_from       = 127.0.0.1 nagios-server-pub-ip

# systemctl restart xinetd
# systemctl status xinetd


Configure Nagios in nagios server
---------------------------------

# sudo vi /usr/local/nagios/etc/nagios.cfg

Now find and uncomment this line by deleting the #:

#cfg_dir=/usr/local/nagios/etc/servers

wq!

# sudo mkdir /usr/local/nagios/etc/servers

# sudo vi /usr/local/nagios/etc/objects/contacts.cfg

Find the email directive, and replace its value (the highlighted part) with your own email address:

Configure check_nrpe Command in nagios server
---------------------------------------------

# sudo vi /usr/local/nagios/etc/objects/commands.cfg

Add the following to the end of the file:

define command{
        command_name check_nrpe
        command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}

Configure Apache in nagios server
----------------------------------

Use htpasswd to create an admin user, called “nagiosadmin”, that can access the Nagios web interface:

# sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
New password:

Enter a password at the prompt. Remember this login, as you will need it to access the Nagios web interface.

Nagios is ready to be started. Let’s do that, and restart Apache:

# sudo systemctl daemon-reload
# sudo systemctl start nagios.service
# sudo systemctl restart httpd.service
# sudo systemctl status httpd.service

To enable Nagios to start on server boot, run this command:

sudo chkconfig nagios on

http://nagios_server_public_ip/nagios

Installing NPRE in hosts that needs to be monitored.(dn1)
-------------------------------------------------------------------

As this is an ubuntu server the commands are as follows:

sudo useradd nagios
sudo apt-get update
sudo apt-get install build-essential libgd2-xpm-dev openssl libssl-dev unzip
curl -L -O http://nagios-plugins.org/download/nagios-plugins-2.2.1.tar.gz
tar zxf nagios-plugins-*.tar.gz
cd nagios-plugins-*
./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-openssl
make
sudo make install
cd ~
curl -L -O https://github.com/NagiosEnterprises/nrpe/releases/download/nrpe-3.2.1/nrpe-3.2.1.tar.gz
tar zxf nrpe-*.tar.gz
cd nrpe-*
./configure --enable-command-args --with-nagios-user=nagios --with-nagios-group=nagios --with-ssl=/usr/bin/openssl --with-ssl-lib=/usr/lib/x86_64-linux-gnu
make all
sudo make install
sudo make install-config
sudo make install-init

Next, let’s update the NRPE configuration file:

sudo vi /usr/local/nagios/etc/nrpe.cfg

allowed_hosts=127.0.0.1,::1,Nagios_server_priv_ip

wq!

Now you can start NRPE:

sudo systemctl start nrpe.service

Ensure that the service is running by checking its status:

sudo systemctl status nrpe.service

-------------------------------------------
For adding each checks in the monitored servers
-------------------------------------------

sudo vi /usr/local/nagios/etc/nrpe.cfg

...
server_address=monitored_server_private_ip
...
command[check_vda1]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -p /dev/vda1
...

sudo systemctl restart nrpe.service

-------------------------------------------
To monitor your hosts with Nagios, you’ll add configuration files for each host specifying what you want to monitor. You can then view those hosts in the Nagios web interface.

On your Nagios server, create a new configuration file for each of the remote hosts that you want to monitor in /usr/local/nagios/etc/servers/. Replace the highlighted word, monitored_server_host_name with the name of your host:

sudo nano /usr/local/nagios/etc/servers/your_monitored_server_host_name.cfg

In Nagios server
----------------

cd /usr/local/nagios/etc/servers

touch dn1.cfg


vi dn1.cfg

define host {
        use                             linux-server
        host_name                       dn1
        alias                           DN1
        address                         Private/Pub IP
        max_check_attempts              5
        check_period                    24x7
        notification_interval           30
        notification_period             24x7
}

wq!

The above will only add the host to the nagios , now we will add some services to monitor for dn1.

vi dn1.cfg

define service {
        use                             generic-service
        host_name                       dn1
        service_description             CPU load
        check_command                   check_nrpe!check_load
}

define service {
        use                             generic-service
        host_name                       your_monitored_server_host_name
        service_description             /dev/vda1 free space
        check_command                   check_nrpe!check_vda1
}

wq!

sudo systemctl restart nagios

Now take the below url in your favourite browser:

http://nagios_server_ip/nagios


That is all cheers!!

Note:
-------
If in any case if you got an error like below, use the below url instead of the curl -L -O and do the ./configure in any other location than you are getting this error. So you need to untar the nrpe-3.2.1 to some other location that you are getting this error.

Error:
-------
Makefile:48: recipe for target 'nrpe' failed
make[1]: *** [nrpe] Error 1
make[1]: Leaving directory '/home/ubuntu/nrpe-3.2.1/src'
Makefile:65: recipe for target 'all' failed
make: *** [all] Error 2


Fix:
-----
wget --no-check-certificate -O nrpe.tar.gz https://github.com/NagiosEnterprises/nrpe/archive/nrpe-3.2.1.tar.gz

Comments

Popular posts from this blog

K8s External Secrets integration between AWS EKS and Secrets Manager(SM) using IAM Role.

What is K8s External Secrets and how it will make your life easier? Before saying about External Secrets we will say about k8s secrets and how it will work. In k8s secrets we will create key value pairs of the secrets and set this as either pod env variables or mount them as volumes to pods. For more details about k8s secrets you can check my blog http://jinojoseph.blogspot.com/2020/08/k8s-secrets-explained.html   So in this case if developers wants to change the ENV variables , then we have to edit the k8s manifest yaml file, then we have to apply the new files to the deployment. This is a tiresome process and also chances of applying to the wrong context is high if you have multiple k8s clusters for dev / stage and Prod deployments. So in-order to make this easy , we can add all the secrets that is needed in the deployment, in the AWS Secret Manager and with the help of External secrets we can fetch and create those secrets in the k8s cluster. So what is K8s external Secret? It i...

Password reset too simplistic/systematic issue

Some time when we try to reset the password of our user in linux it will show as simple and systematic as below: BAD PASSWORD: it is too simplistic/systematic no matter how hard password you give it will show the same. Solution: ######### Check if your password is Ok with the below command, jino@ndz~$ echo 'D7y8HK#56r89lj&8*&^%&^%#56rlKJ!789l' | cracklib-check D7y8HK#56r89lj&8*&^%&^%#56rlKJ!789l: it is too simplistic/systematic Now Create a password with the below command : jino@ndz~$ echo $(tr -dc '[:graph:]' 7\xi%!W[y*S}g-H7W~gbEB4cv,9:E:K; You can see that this password will be ok with the cracklib-check. jino@ndz~$ echo '7\xi%!W[y*S}g-H7W~gbEB4cv,9:E:K;' | cracklib-check                 7\xi%!W[y*S}g-H7W~gbEB4cv,9:E:K;: OK Thats all, Thanks.

Setting /etc/hosts entries during the initial deployment of an Application using k8s yaml file

Some times we have to enter specific hosts file entries to the container running inside the POD of a kubernetes deployment during the initial deployment stage itself. If these entries are not in place, the application env variables mentioned in the yaml file , as hostnames , will not resolve to the IP address and the application will not start properly. So to make sure the /etc/hosts file entries are already there after the spin up of the POD you can add the below entries in your yaml file. cat > api-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: spec:   template:     metadata:     spec:       volumes:       containers:       - image: registryserver.jinojoseph.com:5000/jinojosephimage:v1.13         lifecycle:           postStart:             exec:               command:...