[gentoo-doc-cvs] cvs commit: nagios-guide.xml - gentoo-doc-cvs

From:	Sven Vermeulen <swift@××××××××××××.org>
To:	gentoo-doc-cvs@l.g.o
Subject:	[gentoo-doc-cvs] cvs commit: nagios-guide.xml
Date:	Mon, 07 Jul 2008 18:05:06
Message-Id:	`E1KFv59-0007NN-Ii@stork.gentoo.org`

1

swift       08/07/07 18:04:59

2

3

  Added:                nagios-guide.xml

4

  Log:

5

  Starting of nagios guide draft

6

7

Revision  Changes    Path

8

1.1                  xml/htdocs/doc/en/nagios-guide.xml

9

10

file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/nagios-guide.xml?rev=1.1&view=markup

11

plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/nagios-guide.xml?rev=1.1&content-type=text/plain

12

13

Index: nagios-guide.xml

14

===================================================================

15

<?xml version="1.0" encoding="UTF-8"?>

16

<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/nagios-guide.xml,v 1.1 2008/07/07 18:04:59 swift Exp $ -->

17

<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">

18

19

<guide disclaimer="draft">

20

<title>Gentoo System Monitoring with Nagios</title>

21

22

<author title="Author">

23

  <mail link="swift@g.o">Sven Vermeulen</mail>

24

</author>

25

26

<abstract>

27

For system and network monitoring, the Nagios tool is a popular choice amongst

28

various free software users. This guide helps you discover Nagios and how you

29

can integrate it with your existing Gentoo infrastructure.

30

</abstract>

31

32

<license/>

33

34

<version>0.1</version>

35

<date>2008-07-06</date>

36

37

<chapter>

38

<title>Introduction</title>

39

<section>

40

<title>System Monitoring</title>

41

<body>

42

43

<p>

44

Single system users usually don't need a tool to help them identify the state of

45

their system. However, when you have a couple of systems to administer, you will

46

require an overview of your systems' health: do the partitions still have

47

sufficient free space, is your CPU not overloaded, how many people are logged

48

on, are your systems up to date with the latest security fixes, etc.

49

</p>

50

51

<p>

52

System monitoring tools, such as the Nagios software we discuss here, offer an

53

easy way of dealing with the majority of metrics you want to know about your

54

system. In larger environments, often called &quot;enterprise

55

environments&quot;, the tools aggregate the metrics of the various systems onto

56

a single location, allowing for centralized monitoring management.

57

</p>

58

59

</body>

60

</section>

61

<section>

62

<title>About Nagios</title>

63

<body>

64

65

<p>

66

The <uri link="http://www.nagios.org">Nagios</uri> software is a popular

67

software tool for host, service and network monitoring for Unix (although it can

68

also capture metrics from the Microsoft Windows operating system family). It

69

supports:

70

</p>

71

72

<ul>

73

  <li>

74

    obtaining metrics for local system resources, such as diskspace, CPU usage,

75

    memory consumption, ...

76

  </li>

77

  <li>

78

    discovering service availability (such as SSH, SMTP and other protocols),

79

  </li>

80

  <li>

81

    assuming network outages (when a group of systems that are known to be

82

    available on a network are all unreachable),

83

  </li>

84

</ul>

85

86

<p>

87

and more.

88

</p>

89

90

<p>

91

Basically, the Nagios software consists of a core tool (which manages the

92

metrics), a web server module (which manages displaying the metrics) and a set

93

of plugins (which obtain and send the metrics to the core tool).

94

</p>

95

96

</body>

97

</section>

98

<section>

99

<title>About this Document</title>

100

<body>

101

102

<p>

103

The primary purpose of this document is to introduce you, Gentoo users, to the

104

Nagios software and how you can integrate it within your Gentoo environment. The

105

guide is not meant to describe Nagios in great detail - I leave this up to the

106

documentation editors of Nagios itself.

107

</p>

108

109

</body>

110

</section>

111

</chapter>

112

<chapter>

113

<title>Setting Up Nagios</title>

114

<section>

115

<title>Installing Nagios</title>

116

<body>

117

118

<p>

119

Before you start installing Nagios, draw out and decide which system will become

120

your master Nagios system (i.e. where the Nagios software is fully installed

121

upon and where all metrics are stored) and what kind of metrics you want to

122

obtain. You will not install Nagios on every system you want to monitor, but

123

rather install Nagios on the master system and the TODO on the systems you want

124

to receive metrics from.

125

</p>

126

127

<p>

128

Install the Nagios software on your central server:

129

</p>

130

131

<warn>

132

Nagios 3 is currently still ~arch masked, so you first need to unmask it.

133

</warn>

134

135

<pre caption="Installing Nagios">

136

# <i>emerge nagios</i>

137

</pre>

138

139

<p>

140

Follow the instructions the ebuild displays at the end of the installation (i.e.

141

adding <c>nagios</c> to your active runlevel, configuring web server read access

142

and more).

143

</p>

144

145

<p>

146

Really. Read it.

147

</p>

148

149

<!-- TODO directory structure: plugins and so forth -->

150

151

</body>

152

</section>

153

<section>

154

<title>Restricting Access to the Nagios Web Interface</title>

155

<body>

156

157

<p>

158

The Nagios web interface allows for executing commands on the various systems

159

monitored by the Nagios plugins. For this purpose (and also because the metrics

160

can have sensitive information) it is best to restrict access to the interface.

161

</p>

162

163

<p>

164

For this purpose, we introduce two access restrictions: one on IP level (from

165

what systems can a user connect to the interface) and a basic authentication one

166

(using the username / password scheme).

167

</p>

168

169

<p>

170

First, edit <path>/etc/apache2/modules/99_nagios3.conf</path> and edit the

171

<c>allow from</c> definitions:

172

</p>

173

174

<pre caption="Allow from definitions">

175

<comment>(Example allowing access from the local host and the local network)</comment>

176

Order allow,deny

177

Allow from 127.0.0.1 192.168.1.1/24

178

</pre>

179

180

<p>

181

Next, create an Apache authorization table where you define the users who have

182

access to the interface as well as their authorizations. The authentication

183

definition file is called <path>.htaccess</path> and contains where the

184

authentication information itself is stored.

185

</p>

186

187

<pre caption="Example .htaccess file">

188

AuthName "Nagios Access"

189

AuthType Basic

190

AuthUserFile /etc/nagios/auth.users

191

Require valid-user

192

</pre>

193

194

<p>

195

Place this file inside the <path>/usr/share/nagios/htdocs</path> and

196

<path>/usr/lib/nagios/cgi-bin</path> directories.

197

</p>

198

199

<p>

200

Create the <path>/etc/nagios/auth.users</path> file with the necessary user

201

credentials. By default, the Gentoo nagios ebuild defines a single user called

202

<c>nagiosadmin</c>. Let's create that user first:

203

</p>

204

205

<pre caption="Creating the nagiosadmin user">

206

# <i>htpasswd2 -c /etc/nagios/auth.users nagiosadmin</i>

207

</pre>

208

209

</body>

210

</section>

211

<section>

212

<title>Accessing Nagios</title>

213

<body>

214

215

<p>

216

Once Nagios and its dependencies are installed, fire up Apache and Nagios:

217

</p>

218

219

<pre caption="Starting the services">

220

# <i>/etc/init.d/nagios start</i>

221

# <i>/etc/init.d/apache2 start</i>

222

</pre>

223

224

<p>

225

Next, fire up your browser and connect to <uri

226

link="http://localhost/nagios">http://localhost/nagios</uri>. Log on as the

227

<c>nagiosadmin</c> user and navigate to the <e>Host Detail</e> page. You should

228

be able to see the monitoring states for the local system.

229

</p>

230

231

</body>

232

</section>

233

<section>

234

<title>Installing Client Daemons</title>

235

<body>

236

237

<p>

238

TODO Inform what to install on systems that will not run the nagios interface,

239

both for active (performs checks and communicates with the main nagios system)

240

and passive (polled by main nagios system through check_ssh).

241

</p>

242

243

</body>

244

</section>

245

</chapter>

246

<chapter>

247

<title>Adding Gentoo Support</title>

248

<section>

249

<title>System Security Checks</title>

250

<body>

251

252

<p>

253

TODO integrate glsa-check plugin, cf. wschlich stuff?

254

</p>

255

256

</body>

257

</section>

258

</chapter>

259

<chapter>

260

<title>More Resources</title>

261

<section>

262

<title>Nagios Resources</title>

263

<body>

264

265

<p>

266

TODO check plugins (nagiosexchange.org)

267

</p>

268

269

<p>

270

TODO additional nagios packages

271

</p>

272

273

</body>

274

</section>

275

</chapter>

276

<!-- TODO additional chapter "Extending the Nagios Installation",

277

     dixit dertobi123

278

-->

279

</guide>

--

285

gentoo-doc-cvs@l.g.o mailing list

1	swift 08/07/07 18:04:59
2
3	Added: nagios-guide.xml
4	Log:
5	Starting of nagios guide draft
6
7	Revision Changes Path
8	1.1 xml/htdocs/doc/en/nagios-guide.xml
9
10	file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/nagios-guide.xml?rev=1.1&view=markup
11	plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/nagios-guide.xml?rev=1.1&content-type=text/plain
12
13	Index: nagios-guide.xml
14	===================================================================
15	<?xml version="1.0" encoding="UTF-8"?>
16	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/nagios-guide.xml,v 1.1 2008/07/07 18:04:59 swift Exp $ -->
17	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
18
19	<guide disclaimer="draft">
20	<title>Gentoo System Monitoring with Nagios</title>
21
22	<author title="Author">
23	<mail link="swift@g.o">Sven Vermeulen</mail>
24	</author>
25
26	<abstract>
27	For system and network monitoring, the Nagios tool is a popular choice amongst
28	various free software users. This guide helps you discover Nagios and how you
29	can integrate it with your existing Gentoo infrastructure.
30	</abstract>
31
32	<license/>
33
34	<version>0.1</version>
35	<date>2008-07-06</date>
36
37	<chapter>
38	<title>Introduction</title>
39	<section>
40	<title>System Monitoring</title>
41	<body>
42
43	<p>
44	Single system users usually don't need a tool to help them identify the state of
45	their system. However, when you have a couple of systems to administer, you will
46	require an overview of your systems' health: do the partitions still have
47	sufficient free space, is your CPU not overloaded, how many people are logged
48	on, are your systems up to date with the latest security fixes, etc.
49	</p>
50
51	<p>
52	System monitoring tools, such as the Nagios software we discuss here, offer an
53	easy way of dealing with the majority of metrics you want to know about your
54	system. In larger environments, often called "enterprise
55	environments", the tools aggregate the metrics of the various systems onto
56	a single location, allowing for centralized monitoring management.
57	</p>
58
59	</body>
60	</section>
61	<section>
62	<title>About Nagios</title>
63	<body>
64
65	<p>
66	The <uri link="http://www.nagios.org">Nagios</uri> software is a popular
67	software tool for host, service and network monitoring for Unix (although it can
68	also capture metrics from the Microsoft Windows operating system family). It
69	supports:
70	</p>
71
72	<ul>
73	<li>
74	obtaining metrics for local system resources, such as diskspace, CPU usage,
75	memory consumption, ...
76	</li>
77	<li>
78	discovering service availability (such as SSH, SMTP and other protocols),
79	</li>
80	<li>
81	assuming network outages (when a group of systems that are known to be
82	available on a network are all unreachable),
83	</li>
84	</ul>
85
86	<p>
87	and more.
88	</p>
89
90	<p>
91	Basically, the Nagios software consists of a core tool (which manages the
92	metrics), a web server module (which manages displaying the metrics) and a set
93	of plugins (which obtain and send the metrics to the core tool).
94	</p>
95
96	</body>
97	</section>
98	<section>
99	<title>About this Document</title>
100	<body>
101
102	<p>
103	The primary purpose of this document is to introduce you, Gentoo users, to the
104	Nagios software and how you can integrate it within your Gentoo environment. The
105	guide is not meant to describe Nagios in great detail - I leave this up to the
106	documentation editors of Nagios itself.
107	</p>
108
109	</body>
110	</section>
111	</chapter>
112	<chapter>
113	<title>Setting Up Nagios</title>
114	<section>
115	<title>Installing Nagios</title>
116	<body>
117
118	<p>
119	Before you start installing Nagios, draw out and decide which system will become
120	your master Nagios system (i.e. where the Nagios software is fully installed
121	upon and where all metrics are stored) and what kind of metrics you want to
122	obtain. You will not install Nagios on every system you want to monitor, but
123	rather install Nagios on the master system and the TODO on the systems you want
124	to receive metrics from.
125	</p>
126
127	<p>
128	Install the Nagios software on your central server:
129	</p>
130
131	<warn>
132	Nagios 3 is currently still ~arch masked, so you first need to unmask it.
133	</warn>
134
135	<pre caption="Installing Nagios">
136	# <i>emerge nagios</i>
137	</pre>
138
139	<p>
140	Follow the instructions the ebuild displays at the end of the installation (i.e.
141	adding <c>nagios</c> to your active runlevel, configuring web server read access
142	and more).
143	</p>
144
145	<p>
146	Really. Read it.
147	</p>
148
149	<!-- TODO directory structure: plugins and so forth -->
150
151	</body>
152	</section>
153	<section>
154	<title>Restricting Access to the Nagios Web Interface</title>
155	<body>
156
157	<p>
158	The Nagios web interface allows for executing commands on the various systems
159	monitored by the Nagios plugins. For this purpose (and also because the metrics
160	can have sensitive information) it is best to restrict access to the interface.
161	</p>
162
163	<p>
164	For this purpose, we introduce two access restrictions: one on IP level (from
165	what systems can a user connect to the interface) and a basic authentication one
166	(using the username / password scheme).
167	</p>
168
169	<p>
170	First, edit <path>/etc/apache2/modules/99_nagios3.conf</path> and edit the
171	<c>allow from</c> definitions:
172	</p>
173
174	<pre caption="Allow from definitions">
175	<comment>(Example allowing access from the local host and the local network)</comment>
176	Order allow,deny
177	Allow from 127.0.0.1 192.168.1.1/24
178	</pre>
179
180	<p>
181	Next, create an Apache authorization table where you define the users who have
182	access to the interface as well as their authorizations. The authentication
183	definition file is called <path>.htaccess</path> and contains where the
184	authentication information itself is stored.
185	</p>
186
187	<pre caption="Example .htaccess file">
188	AuthName "Nagios Access"
189	AuthType Basic
190	AuthUserFile /etc/nagios/auth.users
191	Require valid-user
192	</pre>
193
194	<p>
195	Place this file inside the <path>/usr/share/nagios/htdocs</path> and
196	<path>/usr/lib/nagios/cgi-bin</path> directories.
197	</p>
198
199	<p>
200	Create the <path>/etc/nagios/auth.users</path> file with the necessary user
201	credentials. By default, the Gentoo nagios ebuild defines a single user called
202	<c>nagiosadmin</c>. Let's create that user first:
203	</p>
204
205	<pre caption="Creating the nagiosadmin user">
206	# <i>htpasswd2 -c /etc/nagios/auth.users nagiosadmin</i>
207	</pre>
208
209	</body>
210	</section>
211	<section>
212	<title>Accessing Nagios</title>
213	<body>
214
215	<p>
216	Once Nagios and its dependencies are installed, fire up Apache and Nagios:
217	</p>
218
219	<pre caption="Starting the services">
220	# <i>/etc/init.d/nagios start</i>
221	# <i>/etc/init.d/apache2 start</i>
222	</pre>
223
224	<p>
225	Next, fire up your browser and connect to <uri
226	link="http://localhost/nagios">http://localhost/nagios</uri>. Log on as the
227	<c>nagiosadmin</c> user and navigate to the <e>Host Detail</e> page. You should
228	be able to see the monitoring states for the local system.
229	</p>
230
231	</body>
232	</section>
233	<section>
234	<title>Installing Client Daemons</title>
235	<body>
236
237	<p>
238	TODO Inform what to install on systems that will not run the nagios interface,
239	both for active (performs checks and communicates with the main nagios system)
240	and passive (polled by main nagios system through check_ssh).
241	</p>
242
243	</body>
244	</section>
245	</chapter>
246	<chapter>
247	<title>Adding Gentoo Support</title>
248	<section>
249	<title>System Security Checks</title>
250	<body>
251
252	<p>
253	TODO integrate glsa-check plugin, cf. wschlich stuff?
254	</p>
255
256	</body>
257	</section>
258	</chapter>
259	<chapter>
260	<title>More Resources</title>
261	<section>
262	<title>Nagios Resources</title>
263	<body>
264
265	<p>
266	TODO check plugins (nagiosexchange.org)
267	</p>
268
269	<p>
270	TODO additional nagios packages
271	</p>
272
273	</body>
274	</section>
275	</chapter>
276	<!-- TODO additional chapter "Extending the Nagios Installation",
277	dixit dertobi123
278	-->
279	</guide>
280
281
282
283
284	--
285	gentoo-doc-cvs@l.g.o mailing list

Gentoo Archives: gentoo-doc-cvs