As you probably have about two eyes and two hands max, you might need some help to monitor the health of all services on your network. We use the Nagios (version 2) monitor-software as our monitoring backbone. In addition to Nagios we install Centreon, which provides a very nice webinterface that allows webbased configuration of Nagios. Centreon also provides some graphing (based on rrdtool) and reporting functions.
Some older Hannibal documentation on howto install Nagios (version 1.4) with a MySQL-backend is still available at nagios1_with_mysql.
The server installation describes howto install a centralized monitor server based on Nagios2 and Centreon. The systems you want to monitor are called clients. The client documentation is available at client_installation.
Start to install the Debian (Etch) packages for Mysql and Nagios2:
apt-get install mysql-server-5.0 apache2 nagios2 nagios-plugins nagios-images \
nagios-nrpe-plugin nagios2-doc
Install these packages to setup the required PHP environment:
apt-get install php5 php-db php-date php5-gd php5-mysql php5-snmp php5-ldap php-mail php-mail-mime php-net-smtp \
php-net-socket php5-cli php-pear php5-xmlrpc
Rrdtool, snmp and some Perl packages are also required:
apt-get install rrdtool librrds-perl snmp snmpd libnet-snmp-perl libgd-gd2-perl libconfig-inifiles-perl
In /etc/php5/cli/php.ini set:
... memory_limit = 40M ...
Modify /etc/snmp/snmpd.conf to:
com2sec readonly default public
Restart snmpd
/etc/init.d/snmpd restart
Check the snmpd with the command:
snmpwalk -v1 -c public localhost
Set a root password on the Mysql-server to satisfy the Centreon installation script. As we usually install a separate MySQL-server on the monitor-server itself you might want to read the Hannibal documentation on the Mysql-server for additional information.
Upgrade the pear software (to PEAR-1.7.1.tgz or higher):
pear upgrade pear
pear install -o -f --alldeps DB_DataObject DB_DataObject_FormBuilder MDB2 Numbers_Roman \
Numbers_Words HTML_Common HTML_QuickForm HTML_QuickForm_advmultiselect \
HTML_Table Auth_SASL HTTP Image_Canvas Image_Color Image_Graph Image_GraphViz \
Net_Traceroute Net_Ping Validate XML_RPC
Get the latest tarball from http://download.centreon.com/centreon Unpack the software and create a symbolic link for easy versioning.
cd /opt wget http://download.centreon.com/centreon/centreon-1.4.2.6.tar.gz tar xvf centreon-1.4.2.6.tar.gz ln -s centreon-1.4.2.6 centreon
Create this symbolic link to satisfy the Centreon installation script:
cd /usr/sbin ln -s nagios2 nagios
Run the Centreon installation script:
cd /opt/centreon ./install.sh
Where is installed Nagios ? default to [/usr/local/nagios]:/usr/lib/cgi-bin/nagios2 Where is your nagios etc directory ? default to [/usr/lib/cgi-bin/nagios2/etc]:/etc/nagios2 Path /etc/nagios2 OK Where is your nagios var directory ? default to [/usr/lib/cgi-bin/nagios2/var]:/var/lib/nagios2 Path /var/lib/nagios2 OK Where is your nagios plugins (libexec) directory ? default to [/usr/lib/cgi-bin/nagios2/libexec]:/usr/lib/nagios/plugins Path /usr/lib/nagios/plugins OK Where is your nagios bin directory? default to [/usr/lib/cgi-bin/nagios2/bin]:/usr/sbin Path /usr/sbin OK Where is your nagios image directory ? default to [/usr/lib/cgi-bin/nagios2/share/images]:/usr/share/nagios/htdocs/images/logos Path /usr/share/nagios/htdocs/images/logos OK Where do I install centreon ? default to [/usr/local/centreon]:/opt/centreon Path /opt/centreon OK Where is sudo configuration file? default to [/etc/sudoers]: File /etc/sudoers OK Where is installed RRD perl modules [RRDs.pm] ? Just put directory, not full path. default to [/usr/local/rrdtool/lib/perl]:/usr/lib/perl5 File /usr/lib/perl5 OK Where is rrdtool binary ? default to [/usr/bin/rrdtool]: /usr/bin/rrdtool OK Where is mail binary ? default to [/usr/bin/mail]: /usr/bin/mail OK Where is PEAR Path ? default to [/usr/share/pear]:/usr/share/php PEAR Path /usr/share/php OK ... Finding Centreon Plugins configuration file 'centreon.conf'OK You already seem to have installed the plugins Centreon. Do you want overwrite this file ? You must regenerate this one from Centreon interface. [y/n], default to [n]:y ...
Afterwards browse to http://centreon-server/centreon/install/setup.php and follow the instructions to finish the installation.
You probably will have to apply these corrections:
chmod -R g+w /usr/lib/nagios/plugins pear install -o -f --alldeps SOAP
Choose not to use LDAP-authentication in de centreon-setup GUI. This will be done later on.
Check if you have a directory /opt/centreon/OreonDataStorage/backup. Otherwise create it and set proper permissions:
mkdir -p /opt/centreon/OreonDataStorage/backup chown -R www-data:nagios /opt/centreon/OreonDataStorage chmod 775 /opt/centreon/OreonDataStorage
Apply these last fixes:
chown nagios:www-data /var/lib/nagios2/rw/ chmod g+rx /var/lib/nagios2/rw/
Apply these corrections directly to the Centreon database by issuing SQL statements:
mysql -u root -p
USE centreon1 UPDATE general_opt SET nagios_path_img = '/usr/share/nagios/htdocs/images/logos/'; UPDATE general_opt SET nagios_path_bin = '/usr/sbin/nagios2'; UPDATE cfg_cgi SET main_config_file = '/etc/nagios2/nagios.cfg'; UPDATE cfg_cgi SET physical_html_path = '/usr/share/nagios2/htdocs'; UPDATE cfg_cgi SET url_html_path = '/nagios2'; UPDATE cfg_cgi SET nagios_check_command = 'nagios_check_command=/usr/lib/nagios/plugins/check_nagios /var/cache/nagios2/ status.dat 5 '/usr/sbin/nagios2''; UPDATE cfg_nagios SET log_file = '/var/log/nagios2/nagios.log'; UPDATE cfg_nagios SET cfg_dir = '/etc/nagios2/'; UPDATE cfg_nagios SET temp_file = '/var/tmp/nagios.tmp'; UPDATE cfg_nagios SET status_file = '/var/cache/nagios2/status.dat'; UPDATE cfg_nagios SET p1_file = '/usr/lib/nagios2/p1.pl'; UPDATE cfg_nagios SET log_archive_path = '/var/log/nagios2/archives/'; UPDATE cfg_nagios SET command_file = '/var/lib/nagios2/rw/nagios.cmd'; UPDATE cfg_nagios SET downtime_file = '/var/lib/nagios2/downtime.dat'; UPDATE cfg_nagios SET comment_file = '/var/lib/nagios2/comments.dat'; UPDATE cfg_nagios SET lock_file = '/var/run/nagios2/nagios2.pid'; UPDATE cfg_nagios SET state_retention_file = '/var/lib/nagios2/retention.dat';
Apply these corrections to the ODS database:
USE centreondata1 UPDATE config SET RRDdatabase_path = '/opt/centreon/OreonDataStorage/'; UPDATE config SET drop_file = '/var/lib/nagios2/service-perfdata.tmp'; UPDATE config SET perfdata_file = '/var/lib/nagios2/service-perfdata'; UPDATE config SET nagios_log_file = '/var/log/nagios2/nagios.log';
Login the Centreon webinterface and browse to: Options→General Options→LDAP. Enter your LDAP-settings conform this example.
| LDAP informations | ||
|---|---|---|
| Enable LDAP authentification | yes | |
| LDAP Server | ldap1.intra.example.com | |
| LDAP Port | 389 | |
| LDAP Base DN | dc=intra,dc=example,dc=com | |
| LDAP Login Attribut | uid | |
| Enable LDAP over SSL | no | |
| LDAP Search Information | ||
| Default LDAP filter | (&(objectClass=person)(uid=*)) | |
| LDAP search timeout | 60 | |
| LDAP Search Size Limit | 60 | |
Now we have to import some LDAP-users into Centreon. This is only for Nagios/Centreon specific properties. Authentification will be done live against LDAP.
Browse to Configuration→Users→LDAP import and apply the search filter.
We usually access our monitor via a HTTPS enabled virtual host.
Enable mod_ssl and mod_rewite in Apache and create a virtual host for Centreon. You might want to check the Hannibal documentation on the Apache webserver.
/etc/apache2/sites-available/centreon
# Centreon stuff
<IfModule mod_rewrite.c>
<IfModule mod_ssl.c>
RewriteEngine on
RewriteCond %{HTTPS} !^on$ [NC]
RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L]
</IfModule>
</IfModule>
<IfModule mod_ssl.c>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
</IfModule>
<IfModule mod_ssl.c>
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/run/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/var/run/ssl_mutexSSLMutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
AddType application/x-java-jnlp-file .jnlp
# Centreon https virtual host declaration
<VirtualHost 192.168.1.27:443>
DocumentRoot /usr/local/centreon/www
ServerName monitor.intra.example.com
ServerAlias centreon.intra.example.com
ServerAdmin centreon@intra.example.com
Alias /oreon/ /usr/local/centreon/www/
Alias /centreon/ /usr/local/centreon/www/
<Directory "/usr/local/centreon/www">
Options None
AllowOverride AuthConfig Options
Order allow,deny
Allow from all
</Directory>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
On the systems you want to monitor install the nagios-nrpe-server and basic plugins software:
apt-get install nagios-nrpe-server nagios-plugins-basic
Edit /etc/nagios/nrpe.cfg to your needs. As the Debian Etch package nagios-nrpe-server seems to contain a bug on the PID-file permissions at least modify this entry:
... pid_file=/var/run/nagios/nrpe.pid ...
Create the directory for the PID-file and set proper permissions:
mkdir /var/run/nagios chown -R nagios.nagios /var/run/nagios