As you probably have about two eyes and two hands max, you might need some help to monitor the health of all services on your network. We use the Nagios (version 2) monitor-software as our monitoring backbone. In addition to Nagios we install Centreon, which provides a very nice webinterface that allows webbased configuration of Nagios. Centreon also provides some graphing (based on rrdtool) and reporting functions.
* More information on Nagios is available at the [[http://www.nagios.org/|Nagios website]].
* The Centreon website is [[http://www.centreon.com/|http://www.centreon.com/]]
Some older Hannibal documentation on howto install Nagios (version 1.4) with a MySQL-backend is still available at [[hannibal:nagios1_with_mysql]].
=====Server Installation=====
The server installation describes howto install a centralized monitor server based on Nagios2 and Centreon. The systems you want to monitor are called clients. The client documentation is available at [[hannibal:nagios#client_installation]].
====Installation====
===Debian packages===
Start to install the Debian (Etch) packages for Mysql and Nagios2:
apt-get install mysql-server-5.0 apache2 nagios2 nagios-plugins nagios-images \
nagios-nrpe-plugin nagios2-doc
Install these packages to setup the required PHP environment:
apt-get install php5 php-db php-date php5-gd php5-mysql php5-snmp php5-ldap php-mail php-mail-mime php-net-smtp \
php-net-socket php5-cli php-pear php5-xmlrpc
Rrdtool, snmp and some Perl packages are also required:
apt-get install rrdtool librrds-perl snmp snmpd libnet-snmp-perl libgd-gd2-perl libconfig-inifiles-perl
===Configuration===
In /etc/php5/cli/php.ini set:
...
memory_limit = 40M
...
Modify /etc/snmp/snmpd.conf to:
com2sec readonly default public
Restart snmpd
/etc/init.d/snmpd restart
Check the snmpd with the command:
snmpwalk -v1 -c public localhost
Set a root password on the Mysql-server to satisfy the Centreon installation script. As we usually install a separate MySQL-server on the monitor-server itself you might want to read the [[hannibal:mysqlserver|Hannibal documentation on the Mysql-server]] for additional information.
===Pear software===
Upgrade the pear software (to PEAR-1.7.1.tgz or higher):
pear upgrade pear
pear install -o -f --alldeps DB_DataObject DB_DataObject_FormBuilder MDB2 Numbers_Roman \
Numbers_Words HTML_Common HTML_QuickForm HTML_QuickForm_advmultiselect \
HTML_Table Auth_SASL HTTP Image_Canvas Image_Color Image_Graph Image_GraphViz \
Net_Traceroute Net_Ping Validate XML_RPC
====Centreon====
Get the latest tarball from http://download.centreon.com/centreon
Unpack the software and create a symbolic link for easy versioning.
cd /opt
wget http://download.centreon.com/centreon/centreon-1.4.2.6.tar.gz
tar xvf centreon-1.4.2.6.tar.gz
ln -s centreon-1.4.2.6 centreon
Create this symbolic link to satisfy the Centreon installation script:
cd /usr/sbin
ln -s nagios2 nagios
Run the Centreon installation script:
cd /opt/centreon
./install.sh
Where is installed Nagios ?
default to [/usr/local/nagios]:/usr/lib/cgi-bin/nagios2
Where is your nagios etc directory ?
default to [/usr/lib/cgi-bin/nagios2/etc]:/etc/nagios2
Path /etc/nagios2 OK
Where is your nagios var directory ?
default to [/usr/lib/cgi-bin/nagios2/var]:/var/lib/nagios2
Path /var/lib/nagios2 OK
Where is your nagios plugins (libexec) directory ?
default to [/usr/lib/cgi-bin/nagios2/libexec]:/usr/lib/nagios/plugins
Path /usr/lib/nagios/plugins OK
Where is your nagios bin directory?
default to [/usr/lib/cgi-bin/nagios2/bin]:/usr/sbin
Path /usr/sbin OK
Where is your nagios image directory ?
default to [/usr/lib/cgi-bin/nagios2/share/images]:/usr/share/nagios/htdocs/images/logos
Path /usr/share/nagios/htdocs/images/logos OK
Where do I install centreon ?
default to [/usr/local/centreon]:/opt/centreon
Path /opt/centreon OK
Where is sudo configuration file?
default to [/etc/sudoers]:
File /etc/sudoers OK
Where is installed RRD perl modules [RRDs.pm] ?
Just put directory, not full path.
default to [/usr/local/rrdtool/lib/perl]:/usr/lib/perl5
File /usr/lib/perl5 OK
Where is rrdtool binary ?
default to [/usr/bin/rrdtool]:
/usr/bin/rrdtool OK
Where is mail binary ?
default to [/usr/bin/mail]:
/usr/bin/mail OK
Where is PEAR Path ?
default to [/usr/share/pear]:/usr/share/php
PEAR Path /usr/share/php OK
...
Finding Centreon Plugins configuration file 'centreon.conf'OK
You already seem to have installed the plugins Centreon.
Do you want overwrite this file ? You must regenerate this one from Centreon interface.
[y/n], default to [n]:y
...
Afterwards browse to http://centreon-server/centreon/install/setup.php and follow the instructions to finish the installation.
You probably will have to apply these corrections:
chmod -R g+w /usr/lib/nagios/plugins
pear install -o -f --alldeps SOAP
Choose not to use LDAP-authentication in de centreon-setup GUI. This will be done later on.
Check if you have a directory /opt/centreon/OreonDataStorage/backup. Otherwise create it and set proper permissions:
mkdir -p /opt/centreon/OreonDataStorage/backup
chown -R www-data:nagios /opt/centreon/OreonDataStorage
chmod 775 /opt/centreon/OreonDataStorage
Apply these last fixes:
chown nagios:www-data /var/lib/nagios2/rw/
chmod g+rx /var/lib/nagios2/rw/
===Centreon database corrections===
Apply these corrections directly to the Centreon database by issuing SQL statements:
mysql -u root -p
use centreon1
UPDATE general_opt SET nagios_path_img = '/usr/share/nagios/htdocs/images/logos/';
UPDATE general_opt SET nagios_path_bin = '/usr/sbin/nagios2';
UPDATE cfg_cgi SET main_config_file = '/etc/nagios2/nagios.cfg';
UPDATE cfg_cgi SET physical_html_path = '/usr/share/nagios2/htdocs';
UPDATE cfg_cgi SET url_html_path = '/nagios2';
UPDATE cfg_cgi SET nagios_check_command =
'nagios_check_command=/usr/lib/nagios/plugins/check_nagios /var/cache/nagios2/ status.dat 5 '/usr/sbin/nagios2'';
UPDATE cfg_nagios SET log_file = '/var/log/nagios2/nagios.log';
UPDATE cfg_nagios SET cfg_dir = '/etc/nagios2/';
UPDATE cfg_nagios SET temp_file = '/var/tmp/nagios.tmp';
UPDATE cfg_nagios SET status_file = '/var/cache/nagios2/status.dat';
UPDATE cfg_nagios SET p1_file = '/usr/lib/nagios2/p1.pl';
UPDATE cfg_nagios SET log_archive_path = '/var/log/nagios2/archives/';
UPDATE cfg_nagios SET command_file = '/var/lib/nagios2/rw/nagios.cmd';
UPDATE cfg_nagios SET downtime_file = '/var/lib/nagios2/downtime.dat';
UPDATE cfg_nagios SET comment_file = '/var/lib/nagios2/comments.dat';
UPDATE cfg_nagios SET lock_file = '/var/run/nagios2/nagios2.pid';
UPDATE cfg_nagios SET state_retention_file = '/var/lib/nagios2/retention.dat';
Apply these corrections to the ODS database:
use centreondata1
UPDATE config SET RRDdatabase_path = '/opt/centreon/OreonDataStorage/';
UPDATE config SET drop_file = '/var/lib/nagios2/service-perfdata.tmp';
UPDATE config SET perfdata_file = '/var/lib/nagios2/service-perfdata';
UPDATE config SET nagios_log_file = '/var/log/nagios2/nagios.log';
====Post-installation====
===LDAP-authentification===
Login the Centreon webinterface and browse to:
Options->General Options->LDAP. Enter your LDAP-settings conform this example.
^LDAP informations^^^
| | Enable LDAP authentification | yes |
| | LDAP Server | ldap1.intra.example.com |
| | LDAP Port | 389 |
| | LDAP Base DN | dc=intra,dc=example,dc=com |
| | LDAP Login Attribut | uid |
| | Enable LDAP over SSL | no |
^LDAP Search Information^^^
| | | |
| | Default LDAP filter | (&(objectClass=person)(uid=*))|
| | LDAP search timeout | 60 |
| | LDAP Search Size Limit | 60 |
Now we have to import some LDAP-users into Centreon. This is only for Nagios/Centreon specific properties. Authentification will be done live against LDAP.
Browse to Configuration->Users->LDAP import and apply the search filter.
===Apache virtual host definition===
We usually access our monitor via a HTTPS enabled virtual host.
Enable mod_ssl and mod_rewite in Apache and create a virtual host for Centreon. You might want to check the [[hannibal:apache|Hannibal documentation on the Apache webserver]].
/etc/apache2/sites-available/centreon
# Centreon stuff
RewriteEngine on
RewriteCond %{HTTPS} !^on$ [NC]
RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L]
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/run/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/var/run/ssl_mutexSSLMutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
AddType application/x-java-jnlp-file .jnlp
# Centreon https virtual host declaration
DocumentRoot /usr/local/centreon/www
ServerName monitor.intra.example.com
ServerAlias centreon.intra.example.com
ServerAdmin centreon@intra.example.com
Alias /oreon/ /usr/local/centreon/www/
Alias /centreon/ /usr/local/centreon/www/
Options None
AllowOverride AuthConfig Options
Order allow,deny
Allow from all
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
=====Client Installation=====
On the systems you want to monitor install the nagios-nrpe-server and basic plugins software:
apt-get install nagios-nrpe-server nagios-plugins-basic
Edit /etc/nagios/nrpe.cfg to your needs. As the Debian Etch package nagios-nrpe-server seems to contain a bug on the PID-file permissions at least modify this entry:
...
pid_file=/var/run/nagios/nrpe.pid
...
Create the directory for the PID-file and set proper permissions:
mkdir /var/run/nagios
chown -R nagios.nagios /var/run/nagios
=====Literature=====
* http://wiki.oreon-project.org/index.php/InstallOreon1.4-DebianEtch
* http://linuxfellaz.net/doku.php?id=debian_centreon