openqrm_-_nagios
Inhaltsverzeichnis
openQRM - Nagios
Server (openQRM-Rechner)
# aptitude install nagios-nrpe-plugin
- Plugins
- Monitoring
- Nagios3
- Config
- Automatic Nagios Configuration
Hier muss "enable automatic mapping of the openQRM Network" stehen!
Es sollte nicht aktiviert sein!
Konfiguration
meine Spezial-Scripte rein pfeifen:
# tar xf check_nagios.tar -C /usr/lib/nagios/plugins/
gepackt wurden Ralf seine Speziel-Scripte so:
# cd /usr/lib/nagios/plugins/ && tar cf /tmp/rbf_check_nagios.tar check_*.*
Die Original-Kommandos wurden alle in "C" geschrieben und deshalb enthalten die Dateinamen keine Endung. Ralf seine Scripte haben alle eine Script-spezifische Endung.
Globale Konfiguration:
# vi /etc/nagios3/nagios.cfg
Kommando-Konfigurationen:
# ls /etc/nagios-plugins/config/
Unsere Ergänzungen:
# vi /etc/nagios3/conf.d/generic_www-server_nagios.cfg
# check int perf
define command{
command_name check_perf_int
command_line /usr/lib/nagios/plugins/check_perf.py $ARG1$ $ARG2$ $ARG3$ $ARG4$ $ARG5$ $ARG6$ $ARG7$
}
#------------------------------------------------------------------------------#
# A list of your web servers
define hostgroup {
hostgroup_name www-server
alias WWW servers
members
}
#------------------------------------------------------------------------------#
# Generic host definition template - This is NOT a real host, just a template!
define host{
name www-server ; The name of this host template
notifications_enabled 1 ; Host notifications are enabled
event_handler_enabled 1 ; Host event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
failure_prediction_enabled 1 ; Failure prediction is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information across program restarts
retain_nonstatus_information 1 ; Retain non-status information across program restarts
check_command check-host-alive
max_check_attempts 10
notification_interval 0
notification_period 24x7
notification_options d,u,r
contact_groups redbusadmin
host_groups www-server
register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL HOST, JUST A TEMPLATE!
}
###############################################################################
# contacts.cfg
###############################################################################
#------------------------------------------------------------------------------#
###############################################################################
###############################################################################
#
# CONTACTS
#
###############################################################################
###############################################################################
# In this simple config file, a single contact will receive all alerts.
define contact{
contact_name redbusadmin
alias redbusadmin
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,u,c,r
host_notification_options d,r
service_notification_commands notify-service-by-email
host_notification_commands notify-host-by-email
email redbusadmin
}
###############################################################################
###############################################################################
#
# CONTACT GROUPS
#
###############################################################################
###############################################################################
# We only have one contact in this simple configuration file, so there is
# no need to create more than one contact group.
define contactgroup{
contactgroup_name redbusadmin
alias Webserver Administrators
members redbusadmin
}
#------------------------------------------------------------------------------#
###############################################################################
###############################################################################
#
# CONTACTS
#
###############################################################################
###############################################################################
# In this simple config file, a single contact will receive all alerts.
define contact{
contact_name redbusadminmail
alias redbusadminmail
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,u,c,r
host_notification_options d,r
service_notification_commands notify-service-by-email
host_notification_commands notify-host-by-email
email redbusadminmail
}
###############################################################################
###############################################################################
#
# CONTACT GROUPS
#
###############################################################################
###############################################################################
# We only have one contact in this simple configuration file, so there is
# no need to create more than one contact group.
define contactgroup{
contactgroup_name redbusadminmail
alias Webserver Mail Administrators
members redbusadminmail
}
#------------------------------------------------------------------------------#
###############################################################################
###############################################################################
#
# CONTACTS
#
###############################################################################
###############################################################################
# In this simple config file, a single contact will receive all alerts.
define contact{
contact_name winadminfstl
alias winadminfstl
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,u,c,r
host_notification_options d,r
service_notification_commands notify-service-by-email
host_notification_commands notify-host-by-email
email winadminfstl
}
###############################################################################
###############################################################################
#
# CONTACT GROUPS
#
###############################################################################
###############################################################################
# We only have one contact in this simple configuration file, so there is
# no need to create more than one contact group.
define contactgroup{
contactgroup_name winadminfstl
alias 1st Level
members winadminfstl
}
/opt/bin/nrpe_server_generator.sh
#!/bin/bash
#
# /opt/bin/nrpe_server_generator.sh generic-service testrechner01 192.168.3.208 admins
#
# vi /usr/share/openqrm/web/action/resource-monitor.php
# $COMMAND="nrpe_server_generator.sh"." ".$resource_fields['resource_template']." ".$resource_fields['resource_hname']." ".$resource_fields['resource_ipadresse']." ".$resource_fields['resource_contactgroups'];
# VM eth2: ip addr add 10.10.2.38/24 dev eth2 ; ifconfig eth2 up ; ip route add default via 10.10.2.3
#
CFGDIR="/etc/nagios3/conf.d/"
USETEMPLATE="${1}"
HNAME="${2}"
IPADRESSE="${3}"
CONTACTGROUPS="${4}"
#------------------------------------------------------------------------------#
. /usr/share/openqrm/etc/openqrm-server.conf
. /opt/etc/zimmer_ip.cfg
if [ -n "${IPADRESSE}" ] ; then
# SELECT ip_address,ip_subnet,ip_gateway,ip_dns1,ip_dns2,ip_domain
WEBIPADR="$(echo "
SELECT ip_address
FROM ${ZIPTABLES}
WHERE ip_hostname='${HNAME}'
;
" | mysql -N -h ${OPENQRM_DATABASE_SERVER} -u${OPENQRM_DATABASE_USER} -p${OPENQRM_DATABASE_PASSWORD} ${OPENQRM_DATABASE_NAME}
)"
if [ -z "${WEBIPADR}" ] ; then
WEBIPADR="${IPADRESSE}"
fi
#echo "WEBIPADR='${WEBIPADR}'"
fi
#------------------------------------------------------------------------------#
cat << EOF > ${CFGDIR}/${HNAME}.cfg
###############################################################################
# WINDOWS.CFG - SAMPLE CONFIG FILE FOR MONITORING A WINDOWS MACHINE
#
# Last Modified: 2010-07-09
#
# NOTES: This config file assumes that you are using the sample configuration
# files that get installed with the Nagios quickstart guide.
#
###############################################################################
###############################################################################
###############################################################################
#
# HOST DEFINITIONS
#
###############################################################################
###############################################################################
# Define a host for the Windows machine we'll be monitoring
# Change the host_name, alias, and address to fit your situation
define host{
use ${USETEMPLATE} ; Inherit default values from a template
host_name ${HNAME} ; The name we're giving to this host
alias ${HNAME} ; longer name associated with the host
address ${IPADRESSE} ; IP address of the host
}
###############################################################################
###############################################################################
#
# HOST GROUP DEFINITIONS
#
###############################################################################
###############################################################################
# Define a hostgroup for Windows machines
# All hosts that use the windows-server template will automatically be a member of this group
# Define a hostgroup for Windows machines
# All hosts that use the windows-server template will automatically be a member of this group
###############################################################################
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
###############################################################################
# Create a service for monitoring the version of NRPE that is installed
# Change the host_name to match the name of the host you defined above
define service{
use generic-service
host_name ${HNAME}
service_description Anzahl der User
check_command check_nrpe_1arg!check_users
contact_groups ${CONTACTGROUPS}
}
define service{
use generic-service
host_name ${HNAME}
service_description CPU Load
check_command check_nrpe_1arg!check_load
contact_groups ${CONTACTGROUPS}
}
define service{
use generic-service
host_name ${HNAME}
service_description Disk Root
check_command check_nrpe_1arg!check_root
contact_groups ${CONTACTGROUPS}
}
EOF
# Der Generator, der die Variable "DYNAMISCHECHECKER" erstellt,
# kann nur auf dem Client ausgeführt werden!
#
# Da wir hier nur mit einem ROOT-Volumen arbeiten, macht das nix.
# Für den einen Fall packen wir ein Statische CFG-Sektion rein.
# (siehe Sektion über diesem Kommentar)
#
#echo "${DYNAMISCHECHECKER}" | while read DISK MNTPT WARN CRIT CHECKNM
#do
#echo "
#define service{
# use generic-service
# host_name ${HNAME}
# service_description Disk ${MNTPT}
# check_command check_nrpe_1arg!${CHECKNM}
# contact_groups ${CONTACTGROUPS}
#}
#"
#done >> ${CFGDIR}/${HNAME}.cfg
cat << EOF >> ${CFGDIR}/${HNAME}.cfg
define service{
use generic-service
host_name ${HNAME}
service_description NTP Check
check_command check_nrpe_1arg!check_ntp
contact_groups ${CONTACTGROUPS}
}
#define service{
# use generic-service
# host_name ${HNAME}
# service_description NTP Check Time
# check_command check_ntp_time!${IPADRESSE}
# contact_groups ${CONTACTGROUPS}
#}
#define service{
# use generic-service
# host_name ${HNAME}
# service_description NTP Check NTPDate
# check_command check_ntp.sh!${IPADRESSE}
# contact_groups ${CONTACTGROUPS}
#}
define service{
use generic-service
host_name ${HNAME}
service_description Ping Check
check_command check_ping_web!${WEBIPADR}!200.0,40%!900.0,80%!10!60
contact_groups ${CONTACTGROUPS}
}
#define service{
# use generic-service
# host_name ${HNAME}
# service_description MAIL Queue Postfix
# check_command check_nrpe_1arg!check_mailq_postfix
# contact_groups ${CONTACTGROUPS}mail
# }
define service{
use generic-service
host_name ${HNAME}
service_description MAIL Queue Nullmailer
check_command check_nrpe_1arg!check_mailq_nullmailer
contact_groups ${CONTACTGROUPS}mail
}
define service{
use generic-service
host_name ${HNAME}
service_description Procs HTTPD
check_command check_nrpe_1arg!check_procs_www
contact_groups ${CONTACTGROUPS}mail
}
define service{
use generic-service
host_name ${HNAME}
service_description SERVER Perf Check INT
check_command check_perf_int!${WEBIPADR}!/check/!n!perfcheck.php!280!400!80000
contact_groups winadminfstl
}
EOF
/etc/init.d/nagios3 restart
/opt/bin/nrpe_cfg_generator.sh
#!/bin/bash
OPENQRM_SERVER_BASE_DIR=$(dirname $0)/../../../..
OPENQRM_SERVER_BASE_DIR=$(pushd $OPENQRM_SERVER_BASE_DIR > /dev/null && echo $PWD && popd > /dev/null)
. $OPENQRM_SERVER_BASE_DIR/openqrm/include/openqrm-functions
if [ -f $OPENQRM_RESOURCE_PARAMETER_FILE ]; then
. $OPENQRM_RESOURCE_PARAMETER_FILE
OPENQRM_SERVER_IP=$resource_openqrmserver
elif [ -f $OPENQRM_SERVER_BASE_DIR/openqrm/etc/openqrm-server.conf ]; then
. $OPENQRM_SERVER_BASE_DIR/openqrm/etc/openqrm-server.conf
. $OPENQRM_SERVER_BASE_DIR/openqrm/include/openqrm-server-functions
openqrm_server_get_config
OPENQRM_SERVER_IP=$OPENQRM_SERVER_IP_ADDRESS
resource_id=0
resource_openqrmserver=$OPENQRM_SERVER_IP_ADDRESS
openqrm_web_protocol=$OPENQRM_WEB_PROTOCOL
fi
OPENQRM_POSTENCODE="$OPENQRM_SERVER_BASE_DIR/openqrm/sbin/openqrm-postencode"
# let only root run this script
WHOAMI=`whoami`
if [ "$WHOAMI" != "root" ]; then
echo "ERROR: Please run this script as root!"
exit 6
fi
OPENQRM_NRPE_INI="$OPENQRM_SERVER_BASE_DIR/openqrm/plugins/nagios3/etc/nrpe_cfg_generator.ini"
if [ -r $OPENQRM_NRPE_INI ] ; then
. $OPENQRM_NRPE_INI
else
echo "Die Datei $OPENQRM_NRPE_INI fehlt, ABBRUCH!!!"
exit 1
fi
mkdir -p /opt/etc
# /dev/sda3 / 15% 10% check_root
# /dev/sda4 /home 15% 10% check_home
DYNAMISCHECHECKER="$(mount | egrep '^/dev/' | awk '{print $1,$3}' | while read DISK MNTP REST
do
echo -n "${DISK} ${MNTP} ${CHECK_DISK_W} ${CHECK_DISK_C} "
echo "${MNTP}" | tr -d '/' | sed -e 's/.*/check_&/' -e 's/check_$/check_root/'
done)"
#------------------------------------------------------------------------------#
cat << EOF > ${KONFIG}
#############################################################################
# Sample NRPE Config File
# Written by: Ethan Galstad (nagios@nagios.org)
#
# Last Modified: 11-23-2007
#
# NOTES:
# This is a sample configuration file for the NRPE daemon. It needs to be
# located on the remote host that is running the NRPE daemon, not the host
# from which the check_nrpe client is being executed.
#############################################################################
# LOG FACILITY
# The syslog facility that should be used for logging purposes.
log_facility=daemon
# PID FILE
# The name of the file in which the NRPE daemon should write it's process ID
# number. The file is only written if the NRPE daemon is started by the root
# user and is running in standalone mode.
pid_file=${PIDFILE}
# PORT NUMBER
# Port number we should wait for connections on.
# NOTE: This must be a non-priviledged port (i.e. > 1024).
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
server_port=${SERVERPORT}
# SERVER ADDRESS
# Address that nrpe should bind to in case there are more than one interface
# and you do not want nrpe to bind on all interfaces.
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
server_address=${IPADRESSE}
# NRPE USER
# This determines the effective user that the NRPE daemon should run as.
# You can either supply a username or a UID.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
nrpe_user=nagios
# NRPE GROUP
# This determines the effective group that the NRPE daemon should run as.
# You can either supply a group name or a GID.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
nrpe_group=nagios
# ALLOWED HOST ADDRESSES
# This is an optional comma-delimited list of IP address or hostnames
# that are allowed to talk to the NRPE daemon.
#
# Note: The daemon only does rudimentary checking of the client's IP
# address. I would highly recommend adding entries in your /etc/hosts.allow
# file to allow only the specified host to connect to the port
# you are running this daemon on.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
allowed_hosts=${ALLOWEDHOSTS}
# COMMAND ARGUMENT PROCESSING
# This option determines whether or not the NRPE daemon will allow clients
# to specify arguments to commands that are executed. This option only works
# if the daemon was configured with the --enable-command-args configure script
# option.
#
# *** ENABLING THIS OPTION IS A SECURITY RISK! ***
# Read the SECURITY file for information on some of the security implications
# of enabling this variable.
#
# Values: 0=do not allow arguments, 1=allow command arguments
dont_blame_nrpe=1
# COMMAND PREFIX
# This option allows you to prefix all commands with a user-defined string.
# A space is automatically added between the specified prefix string and the
# command line from the command definition.
#
# *** THIS EXAMPLE MAY POSE A POTENTIAL SECURITY RISK, SO USE WITH CAUTION! ***
# Usage scenario:
# Execute restricted commmands using sudo. For this to work, you need to add
# the nagios user to your /etc/sudoers. An example entry for alllowing
# execution of the plugins from might be:
#
# nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/
#
# This lets the nagios user run all commands in that directory (and only them)
# without asking for a password. If you do this, make sure you don't give
# random users write access to that directory or its contents!
# command_prefix=/usr/bin/sudo
# DEBUGGING OPTION
# This option determines whether or not debugging messages are logged to the
# syslog facility.
# Values: 0=debugging off, 1=debugging on
debug=0
# COMMAND TIMEOUT
# This specifies the maximum number of seconds that the NRPE daemon will
# allow plugins to finish executing before killing them off.
command_timeout=60
# CONNECTION TIMEOUT
# This specifies the maximum number of seconds that the NRPE daemon will
# wait for a connection to be established before exiting. This is sometimes
# seen where a network problem stops the SSL being established even though
# all network sessions are connected. This causes the nrpe daemons to
# accumulate, eating system resources. Do not set this too low.
connection_timeout=300
# WEEK RANDOM SEED OPTION
# This directive allows you to use SSL even if your system does not have
# a /dev/random or /dev/urandom (on purpose or because the necessary patches
# were not applied). The random number generator will be seeded from a file
# which is either a file pointed to by the environment valiable $RANDFILE
# or $HOME/.rnd. If neither exists, the pseudo random number generator will
# be initialized and a warning will be issued.
# Values: 0=only seed from /dev/[u]random, 1=also seed from weak randomness
#allow_weak_random_seed=1
# INCLUDE CONFIG FILE
# This directive allows you to include definitions from an external config file.
#include=<somefile.cfg>
# INCLUDE CONFIG DIRECTORY
# This directive allows you to include definitions from config files (with a
# .cfg extension) in one or more directories (with recursion).
#include_dir=<somedirectory>
#include_dir=<someotherdirectory>
# COMMAND DEFINITIONS
# Command definitions that this daemon will run. Definitions
# are in the following format:
#
# command[<command_name>]=<command_line>
#
# When the daemon receives a request to return the results of <command_name>
# it will execute the command specified by the <command_line> argument.
#
# Unlike Nagios, the command line cannot contain macros - it must be
# typed exactly as it should be executed.
#
# Note: Any plugins that are used in the command lines must reside
# on the machine that this daemon is running on! The examples below
# assume that you have plugins installed in a ${PREFIX}/libexec
# directory. Also note that you will have to modify the definitions below
# to match the argument format the plugins expect. Remember, these are
# examples only!
# The following examples use hardcoded command arguments...
command[check_users]=${PREFIX}/check_users -w "${CHECK_USERS_W}" -c "${CHECK_USERS_C}"
command[check_load]=${PREFIX}/check_load -w "${CHECK_LOAD_W}" -c "${CHECK_LOAD_C}"
EOF
#------------------------------------------------------------------------------#
echo "${DYNAMISCHECHECKER}" | awk -v prefix="${PREFIX}" '{print "command["$5"]="prefix"/check_disk -w",$3,"-c",$4,"-r",$1}' >> ${KONFIG}
#------------------------------------------------------------------------------#
cat << EOF >> ${KONFIG}
command[check_swap]=${PREFIX}/check_swap -w "${CHECK_SWAP_W}" -c "${CHECK_SWAP_C}"
command[check_zombie_procs]=${PREFIX}/check_procs -w "${CHECK_ZOMBIE_PROCS_W}" -c "${CHECK_ZOMBIE_PROCS_C}" -s "${CHECK_ZOMBIE_PROCS_S}"
command[check_total_procs]=${PREFIX}/check_procs -w "${CHECK_TOTAL_PROCS_W}" -c "${CHECK_TOTAL_PROCS_C}"
command[check_ntp]=${PREFIX}/check_ntp -H "${CHECK_NTP_H}" -w "${CHECK_NTP_W}" -c "${CHECK_NTP_C}"
#command[check_mysql_perf]=${PREFIX}/check_mysql_perf -H "${CHECK_MYSQL_PERF_H}" -P "${CHECK_MYSQL_PERF_PORT}" -u "${CHECK_MYSQL_PERF_USR}" -p "${CHECK_MYSQL_PERF_PORT}" -w "${CHECK_MYSQL_PERF_W}" -c "${CHECK_MYSQL_PERF_C}" -m "${CHECK_MYSQL_PERF_M}"
command[check_procs_www]=${PREFIX}/check_procs -w 270 -c 295 -a httpd2-prefork
# The following examples allow user-supplied arguments and can
# only be used if the NRPE daemon was compiled with support for
# command arguments *AND* the dont_blame_nrpe directive in this
# config file is set to '1'. This poses a potential security risk, so
# make sure you read the SECURITY file before doing this.
#command[check_users]=${PREFIX}/check_users -w $ARG1$ -c $ARG2$
#command[check_load]=${PREFIX}/check_load -w $ARG1$ -c $ARG2$
#command[check_disk]=${PREFIX}/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
#command[check_procs]=${PREFIX}/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
command[check_mailq_postfix]=${PREFIX}/check_mailq -w 200 -c 300 -M postfix
command[check_mailq_nullmailer]=${PREFIX}/check_mailq.pl -w 200 -c 300 -M nullmailer
EOF
#------------------------------------------------------------------------------#
/opt/etc/nrpe_cfg_generator.ini
PREFIX="/usr/lib/nagios/plugins"
CFGDIR="/etc/nagios"
KONFIG="${CFGDIR}/nrpe.cfg"
PIDFILE="/var/run/nrpe.pid"
HNAME="$(hostname -f | awk '{ print tolower($0) }')"
IPADRESSE="$(ifconfig -a | egrep 'inet Adresse:|inet addr' | awk '{print $2}' | awk -F':' '{print $2}' | egrep -v '^$' | head -1)"
SERVERPORT="5666"
ALLOWEDHOSTS="10.10.2.220,10.10.2.221,10.10.2.222,10.10.5.80,10.10.5.81,10.10.5.82"
CHECK_USERS_W="5"
CHECK_USERS_C="10"
CHECK_LOAD_W="15,10,5"
CHECK_LOAD_C="30,25,20"
CHECK_DISK_W="15%"
CHECK_DISK_C="10%"
CHECK_SWAP_W="30%"
CHECK_SWAP_C="20%"
CHECK_ZOMBIE_PROCS_W="5"
CHECK_ZOMBIE_PROCS_C="10"
CHECK_ZOMBIE_PROCS_S="Z"
CHECK_TOTAL_PROCS_W="150"
CHECK_TOTAL_PROCS_C="200"
#CHECK_NTP_H="127.0.0.1"
CHECK_NTP_H="10.10.5.80"
CHECK_NTP_W="1" # bitte nur ganzzahlige Werte verwenden
CHECK_NTP_C="5" # bitte nur ganzzahlige Werte verwenden
CHECK_MYSQL_PERF_H="127.0.0.1"
CHECK_MYSQL_PERF_PORT="3306"
CHECK_MYSQL_PERF_USR="bs"
CHECK_MYSQL_PERF_P=""
CHECK_MYSQL_PERF_W="160"
CHECK_MYSQL_PERF_C="198"
CHECK_MYSQL_PERF_M="threads-connected"
USETEMPLATE="www-server"
CONTACTGROUPS="redbusadmin"
TIMESERVER="10.10.5.80"
Plugin für den Client verpacken
Das Archiv, welches bei jedem Client-Start gesaugt und ausgepackt wird, heißt /usr/share/openqrm/plugins/nagios3/web/boot-service-nagios3.tgz. Hier liegt normalerweise nur das "Start-Stop-Script" drin, jetzt müssen die neuen Datei mit rein.
#!/bin/sh cd /opt/bin/ || exit 1 cd /opt/ tar cvzf boot-service-nagios3.tgz bin/nrpe_cfg_generator.sh etc/nrpe_cfg_generator.ini etc/init.d/nagios3 && cat boot-service-nagios3.tgz > /usr/share/openqrm/plugins/nagios3/web/boot-service-nagios3.tgz
Client (VM)
# aptitude -y install nagios-nrpe-server nagios-plugins-extra
Der Rest wird vom openQRM-Clienten erledigt.
/home/http/wiki/data/pages/openqrm_-_nagios.txt · Zuletzt geändert: von manfred