1 |
swift 08/07/07 18:04:59 |
2 |
|
3 |
Added: nagios-guide.xml |
4 |
Log: |
5 |
Starting of nagios guide draft |
6 |
|
7 |
Revision Changes Path |
8 |
1.1 xml/htdocs/doc/en/nagios-guide.xml |
9 |
|
10 |
file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/nagios-guide.xml?rev=1.1&view=markup |
11 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/nagios-guide.xml?rev=1.1&content-type=text/plain |
12 |
|
13 |
Index: nagios-guide.xml |
14 |
=================================================================== |
15 |
<?xml version="1.0" encoding="UTF-8"?> |
16 |
<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/nagios-guide.xml,v 1.1 2008/07/07 18:04:59 swift Exp $ --> |
17 |
<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> |
18 |
|
19 |
<guide disclaimer="draft"> |
20 |
<title>Gentoo System Monitoring with Nagios</title> |
21 |
|
22 |
<author title="Author"> |
23 |
<mail link="swift@g.o">Sven Vermeulen</mail> |
24 |
</author> |
25 |
|
26 |
<abstract> |
27 |
For system and network monitoring, the Nagios tool is a popular choice amongst |
28 |
various free software users. This guide helps you discover Nagios and how you |
29 |
can integrate it with your existing Gentoo infrastructure. |
30 |
</abstract> |
31 |
|
32 |
<license/> |
33 |
|
34 |
<version>0.1</version> |
35 |
<date>2008-07-06</date> |
36 |
|
37 |
<chapter> |
38 |
<title>Introduction</title> |
39 |
<section> |
40 |
<title>System Monitoring</title> |
41 |
<body> |
42 |
|
43 |
<p> |
44 |
Single system users usually don't need a tool to help them identify the state of |
45 |
their system. However, when you have a couple of systems to administer, you will |
46 |
require an overview of your systems' health: do the partitions still have |
47 |
sufficient free space, is your CPU not overloaded, how many people are logged |
48 |
on, are your systems up to date with the latest security fixes, etc. |
49 |
</p> |
50 |
|
51 |
<p> |
52 |
System monitoring tools, such as the Nagios software we discuss here, offer an |
53 |
easy way of dealing with the majority of metrics you want to know about your |
54 |
system. In larger environments, often called "enterprise |
55 |
environments", the tools aggregate the metrics of the various systems onto |
56 |
a single location, allowing for centralized monitoring management. |
57 |
</p> |
58 |
|
59 |
</body> |
60 |
</section> |
61 |
<section> |
62 |
<title>About Nagios</title> |
63 |
<body> |
64 |
|
65 |
<p> |
66 |
The <uri link="http://www.nagios.org">Nagios</uri> software is a popular |
67 |
software tool for host, service and network monitoring for Unix (although it can |
68 |
also capture metrics from the Microsoft Windows operating system family). It |
69 |
supports: |
70 |
</p> |
71 |
|
72 |
<ul> |
73 |
<li> |
74 |
obtaining metrics for local system resources, such as diskspace, CPU usage, |
75 |
memory consumption, ... |
76 |
</li> |
77 |
<li> |
78 |
discovering service availability (such as SSH, SMTP and other protocols), |
79 |
</li> |
80 |
<li> |
81 |
assuming network outages (when a group of systems that are known to be |
82 |
available on a network are all unreachable), |
83 |
</li> |
84 |
</ul> |
85 |
|
86 |
<p> |
87 |
and more. |
88 |
</p> |
89 |
|
90 |
<p> |
91 |
Basically, the Nagios software consists of a core tool (which manages the |
92 |
metrics), a web server module (which manages displaying the metrics) and a set |
93 |
of plugins (which obtain and send the metrics to the core tool). |
94 |
</p> |
95 |
|
96 |
</body> |
97 |
</section> |
98 |
<section> |
99 |
<title>About this Document</title> |
100 |
<body> |
101 |
|
102 |
<p> |
103 |
The primary purpose of this document is to introduce you, Gentoo users, to the |
104 |
Nagios software and how you can integrate it within your Gentoo environment. The |
105 |
guide is not meant to describe Nagios in great detail - I leave this up to the |
106 |
documentation editors of Nagios itself. |
107 |
</p> |
108 |
|
109 |
</body> |
110 |
</section> |
111 |
</chapter> |
112 |
<chapter> |
113 |
<title>Setting Up Nagios</title> |
114 |
<section> |
115 |
<title>Installing Nagios</title> |
116 |
<body> |
117 |
|
118 |
<p> |
119 |
Before you start installing Nagios, draw out and decide which system will become |
120 |
your master Nagios system (i.e. where the Nagios software is fully installed |
121 |
upon and where all metrics are stored) and what kind of metrics you want to |
122 |
obtain. You will not install Nagios on every system you want to monitor, but |
123 |
rather install Nagios on the master system and the TODO on the systems you want |
124 |
to receive metrics from. |
125 |
</p> |
126 |
|
127 |
<p> |
128 |
Install the Nagios software on your central server: |
129 |
</p> |
130 |
|
131 |
<warn> |
132 |
Nagios 3 is currently still ~arch masked, so you first need to unmask it. |
133 |
</warn> |
134 |
|
135 |
<pre caption="Installing Nagios"> |
136 |
# <i>emerge nagios</i> |
137 |
</pre> |
138 |
|
139 |
<p> |
140 |
Follow the instructions the ebuild displays at the end of the installation (i.e. |
141 |
adding <c>nagios</c> to your active runlevel, configuring web server read access |
142 |
and more). |
143 |
</p> |
144 |
|
145 |
<p> |
146 |
Really. Read it. |
147 |
</p> |
148 |
|
149 |
<!-- TODO directory structure: plugins and so forth --> |
150 |
|
151 |
</body> |
152 |
</section> |
153 |
<section> |
154 |
<title>Restricting Access to the Nagios Web Interface</title> |
155 |
<body> |
156 |
|
157 |
<p> |
158 |
The Nagios web interface allows for executing commands on the various systems |
159 |
monitored by the Nagios plugins. For this purpose (and also because the metrics |
160 |
can have sensitive information) it is best to restrict access to the interface. |
161 |
</p> |
162 |
|
163 |
<p> |
164 |
For this purpose, we introduce two access restrictions: one on IP level (from |
165 |
what systems can a user connect to the interface) and a basic authentication one |
166 |
(using the username / password scheme). |
167 |
</p> |
168 |
|
169 |
<p> |
170 |
First, edit <path>/etc/apache2/modules/99_nagios3.conf</path> and edit the |
171 |
<c>allow from</c> definitions: |
172 |
</p> |
173 |
|
174 |
<pre caption="Allow from definitions"> |
175 |
<comment>(Example allowing access from the local host and the local network)</comment> |
176 |
Order allow,deny |
177 |
Allow from 127.0.0.1 192.168.1.1/24 |
178 |
</pre> |
179 |
|
180 |
<p> |
181 |
Next, create an Apache authorization table where you define the users who have |
182 |
access to the interface as well as their authorizations. The authentication |
183 |
definition file is called <path>.htaccess</path> and contains where the |
184 |
authentication information itself is stored. |
185 |
</p> |
186 |
|
187 |
<pre caption="Example .htaccess file"> |
188 |
AuthName "Nagios Access" |
189 |
AuthType Basic |
190 |
AuthUserFile /etc/nagios/auth.users |
191 |
Require valid-user |
192 |
</pre> |
193 |
|
194 |
<p> |
195 |
Place this file inside the <path>/usr/share/nagios/htdocs</path> and |
196 |
<path>/usr/lib/nagios/cgi-bin</path> directories. |
197 |
</p> |
198 |
|
199 |
<p> |
200 |
Create the <path>/etc/nagios/auth.users</path> file with the necessary user |
201 |
credentials. By default, the Gentoo nagios ebuild defines a single user called |
202 |
<c>nagiosadmin</c>. Let's create that user first: |
203 |
</p> |
204 |
|
205 |
<pre caption="Creating the nagiosadmin user"> |
206 |
# <i>htpasswd2 -c /etc/nagios/auth.users nagiosadmin</i> |
207 |
</pre> |
208 |
|
209 |
</body> |
210 |
</section> |
211 |
<section> |
212 |
<title>Accessing Nagios</title> |
213 |
<body> |
214 |
|
215 |
<p> |
216 |
Once Nagios and its dependencies are installed, fire up Apache and Nagios: |
217 |
</p> |
218 |
|
219 |
<pre caption="Starting the services"> |
220 |
# <i>/etc/init.d/nagios start</i> |
221 |
# <i>/etc/init.d/apache2 start</i> |
222 |
</pre> |
223 |
|
224 |
<p> |
225 |
Next, fire up your browser and connect to <uri |
226 |
link="http://localhost/nagios">http://localhost/nagios</uri>. Log on as the |
227 |
<c>nagiosadmin</c> user and navigate to the <e>Host Detail</e> page. You should |
228 |
be able to see the monitoring states for the local system. |
229 |
</p> |
230 |
|
231 |
</body> |
232 |
</section> |
233 |
<section> |
234 |
<title>Installing Client Daemons</title> |
235 |
<body> |
236 |
|
237 |
<p> |
238 |
TODO Inform what to install on systems that will not run the nagios interface, |
239 |
both for active (performs checks and communicates with the main nagios system) |
240 |
and passive (polled by main nagios system through check_ssh). |
241 |
</p> |
242 |
|
243 |
</body> |
244 |
</section> |
245 |
</chapter> |
246 |
<chapter> |
247 |
<title>Adding Gentoo Support</title> |
248 |
<section> |
249 |
<title>System Security Checks</title> |
250 |
<body> |
251 |
|
252 |
<p> |
253 |
TODO integrate glsa-check plugin, cf. wschlich stuff? |
254 |
</p> |
255 |
|
256 |
</body> |
257 |
</section> |
258 |
</chapter> |
259 |
<chapter> |
260 |
<title>More Resources</title> |
261 |
<section> |
262 |
<title>Nagios Resources</title> |
263 |
<body> |
264 |
|
265 |
<p> |
266 |
TODO check plugins (nagiosexchange.org) |
267 |
</p> |
268 |
|
269 |
<p> |
270 |
TODO additional nagios packages |
271 |
</p> |
272 |
|
273 |
</body> |
274 |
</section> |
275 |
</chapter> |
276 |
<!-- TODO additional chapter "Extending the Nagios Installation", |
277 |
dixit dertobi123 |
278 |
--> |
279 |
</guide> |
280 |
|
281 |
|
282 |
|
283 |
|
284 |
-- |
285 |
gentoo-doc-cvs@l.g.o mailing list |