User Tools

Site Tools


hannibal:nagios

As you probably have about two eyes and two hands max, you might need some help to monitor the health of all services on your network. We use the Nagios (version 2) monitor-software as our monitoring backbone. In addition to Nagios we install Centreon, which provides a very nice webinterface that allows webbased configuration of Nagios. Centreon also provides some graphing (based on rrdtool) and reporting functions.

Some older Hannibal documentation on howto install Nagios (version 1.4) with a MySQL-backend is still available at nagios1_with_mysql.

Server Installation

The server installation describes howto install a centralized monitor server based on Nagios2 and Centreon. The systems you want to monitor are called clients. The client documentation is available at client_installation.

Installation

Debian packages

Start to install the Debian (Etch) packages for Mysql and Nagios2:

apt-get install  mysql-server-5.0 apache2 nagios2 nagios-plugins nagios-images \
                 nagios-nrpe-plugin nagios2-doc

Install these packages to setup the required PHP environment:

apt-get install  php5 php-db php-date php5-gd php5-mysql php5-snmp php5-ldap php-mail php-mail-mime php-net-smtp \
                 php-net-socket php5-cli php-pear php5-xmlrpc

Rrdtool, snmp and some Perl packages are also required:

apt-get install  rrdtool librrds-perl snmp snmpd libnet-snmp-perl libgd-gd2-perl libconfig-inifiles-perl

Configuration

In /etc/php5/cli/php.ini set:

...
memory_limit = 40M
...

Modify /etc/snmp/snmpd.conf to:

com2sec readonly  default         public

Restart snmpd

/etc/init.d/snmpd restart

Check the snmpd with the command:

snmpwalk -v1 -c public localhost

Set a root password on the Mysql-server to satisfy the Centreon installation script. As we usually install a separate MySQL-server on the monitor-server itself you might want to read the Hannibal documentation on the Mysql-server for additional information.

Pear software

Upgrade the pear software (to PEAR-1.7.1.tgz or higher):

pear upgrade pear
pear install -o -f --alldeps DB_DataObject DB_DataObject_FormBuilder MDB2 Numbers_Roman \
             Numbers_Words HTML_Common HTML_QuickForm HTML_QuickForm_advmultiselect  \
             HTML_Table Auth_SASL HTTP Image_Canvas Image_Color Image_Graph Image_GraphViz \
             Net_Traceroute Net_Ping Validate XML_RPC

Centreon

Get the latest tarball from http://download.centreon.com/centreon Unpack the software and create a symbolic link for easy versioning.

cd /opt
wget http://download.centreon.com/centreon/centreon-1.4.2.6.tar.gz
tar xvf centreon-1.4.2.6.tar.gz
ln -s  centreon-1.4.2.6  centreon

Create this symbolic link to satisfy the Centreon installation script:

cd /usr/sbin
ln -s nagios2 nagios

Run the Centreon installation script:

cd /opt/centreon
./install.sh 
Where is installed Nagios ?
default to [/usr/local/nagios]:/usr/lib/cgi-bin/nagios2

Where is your nagios etc directory ?
default to [/usr/lib/cgi-bin/nagios2/etc]:/etc/nagios2
Path /etc/nagios2                                          OK

Where is your nagios var directory ?
default to [/usr/lib/cgi-bin/nagios2/var]:/var/lib/nagios2
Path /var/lib/nagios2                                      OK

Where is your nagios plugins (libexec) directory ?
default to [/usr/lib/cgi-bin/nagios2/libexec]:/usr/lib/nagios/plugins
Path /usr/lib/nagios/plugins                               OK

Where is your nagios bin directory?
default to [/usr/lib/cgi-bin/nagios2/bin]:/usr/sbin
Path /usr/sbin                                             OK

Where is your nagios image directory ?
default to [/usr/lib/cgi-bin/nagios2/share/images]:/usr/share/nagios/htdocs/images/logos
Path /usr/share/nagios/htdocs/images/logos                 OK

Where do I install centreon ?
default to [/usr/local/centreon]:/opt/centreon
Path /opt/centreon                                         OK

Where is sudo configuration file?
default to [/etc/sudoers]:
File /etc/sudoers                                          OK

Where is installed RRD perl modules [RRDs.pm] ?
Just put directory, not full path.
default to [/usr/local/rrdtool/lib/perl]:/usr/lib/perl5
File /usr/lib/perl5                                        OK

Where is rrdtool binary ?
default to [/usr/bin/rrdtool]:
/usr/bin/rrdtool                                           OK

Where is mail binary ?
default to [/usr/bin/mail]:
/usr/bin/mail                                              OK

Where is PEAR Path ?
default to [/usr/share/pear]:/usr/share/php
PEAR Path /usr/share/php                                   OK

...
Finding Centreon Plugins configuration file 'centreon.conf'OK
You already seem to have installed the plugins Centreon.
Do you want overwrite this file ? You must regenerate this one from Centreon interface.
[y/n], default to [n]:y

...

Afterwards browse to http://centreon-server/centreon/install/setup.php and follow the instructions to finish the installation.

You probably will have to apply these corrections:

chmod -R g+w /usr/lib/nagios/plugins
pear install -o -f --alldeps SOAP

Choose not to use LDAP-authentication in de centreon-setup GUI. This will be done later on.

Check if you have a directory /opt/centreon/OreonDataStorage/backup. Otherwise create it and set proper permissions:

mkdir -p /opt/centreon/OreonDataStorage/backup
chown -R www-data:nagios /opt/centreon/OreonDataStorage
chmod 775 /opt/centreon/OreonDataStorage

Apply these last fixes:

chown nagios:www-data /var/lib/nagios2/rw/
chmod g+rx /var/lib/nagios2/rw/

Centreon database corrections

Apply these corrections directly to the Centreon database by issuing SQL statements:

mysql -u root -p
USE centreon1
 
UPDATE general_opt SET nagios_path_img = '/usr/share/nagios/htdocs/images/logos/';
UPDATE general_opt SET nagios_path_bin = '/usr/sbin/nagios2';
 
UPDATE cfg_cgi SET main_config_file = '/etc/nagios2/nagios.cfg';
UPDATE cfg_cgi SET physical_html_path = '/usr/share/nagios2/htdocs';
UPDATE cfg_cgi SET url_html_path = '/nagios2';
UPDATE cfg_cgi SET nagios_check_command = 
  'nagios_check_command=/usr/lib/nagios/plugins/check_nagios /var/cache/nagios2/ status.dat 5 '/usr/sbin/nagios2'';
 
UPDATE cfg_nagios SET log_file = '/var/log/nagios2/nagios.log';
UPDATE cfg_nagios SET cfg_dir = '/etc/nagios2/';
UPDATE cfg_nagios SET temp_file = '/var/tmp/nagios.tmp';
UPDATE cfg_nagios SET status_file = '/var/cache/nagios2/status.dat';
UPDATE cfg_nagios SET p1_file = '/usr/lib/nagios2/p1.pl';
UPDATE cfg_nagios SET log_archive_path = '/var/log/nagios2/archives/';
UPDATE cfg_nagios SET command_file = '/var/lib/nagios2/rw/nagios.cmd';
UPDATE cfg_nagios SET downtime_file = '/var/lib/nagios2/downtime.dat';
UPDATE cfg_nagios SET comment_file = '/var/lib/nagios2/comments.dat';
UPDATE cfg_nagios SET lock_file = '/var/run/nagios2/nagios2.pid';
UPDATE cfg_nagios SET state_retention_file = '/var/lib/nagios2/retention.dat';

Apply these corrections to the ODS database:

USE centreondata1
 
UPDATE config SET RRDdatabase_path = '/opt/centreon/OreonDataStorage/';
UPDATE config SET drop_file = '/var/lib/nagios2/service-perfdata.tmp';
UPDATE config SET perfdata_file = '/var/lib/nagios2/service-perfdata';
UPDATE config SET nagios_log_file = '/var/log/nagios2/nagios.log';

Post-installation

LDAP-authentification

Login the Centreon webinterface and browse to: Options→General Options→LDAP. Enter your LDAP-settings conform this example.

LDAP informations
Enable LDAP authentification yes
LDAP Server ldap1.intra.example.com
LDAP Port 389
LDAP Base DN dc=intra,dc=example,dc=com
LDAP Login Attribut uid
Enable LDAP over SSL no
LDAP Search Information
Default LDAP filter (&(objectClass=person)(uid=*))
LDAP search timeout 60
LDAP Search Size Limit 60

Now we have to import some LDAP-users into Centreon. This is only for Nagios/Centreon specific properties. Authentification will be done live against LDAP.

Browse to Configuration→Users→LDAP import and apply the search filter.

Apache virtual host definition

We usually access our monitor via a HTTPS enabled virtual host.

Enable mod_ssl and mod_rewite in Apache and create a virtual host for Centreon. You might want to check the Hannibal documentation on the Apache webserver.

/etc/apache2/sites-available/centreon

# Centreon stuff


<IfModule mod_rewrite.c>
  <IfModule mod_ssl.c>
      RewriteEngine on
      RewriteCond %{HTTPS} !^on$ [NC]
      RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI}  [L]
  </IfModule>
</IfModule>


<IfModule mod_ssl.c>
 AddType application/x-x509-ca-cert .crt
 AddType application/x-pkcs7-crl    .crl
</IfModule>

<IfModule mod_ssl.c>
 SSLPassPhraseDialog  builtin
 SSLSessionCache dbm:/var/run/ssl_scache
 SSLSessionCacheTimeout  300
 SSLMutex file:/var/run/ssl_mutexSSLMutex
 SSLRandomSeed startup builtin
 SSLRandomSeed connect builtin
</IfModule>


AddType application/x-java-jnlp-file .jnlp


# Centreon https virtual host declaration

<VirtualHost 192.168.1.27:443>
  DocumentRoot /usr/local/centreon/www
  ServerName monitor.intra.example.com
  ServerAlias centreon.intra.example.com
  ServerAdmin centreon@intra.example.com
  Alias /oreon/ /usr/local/centreon/www/
  Alias /centreon/ /usr/local/centreon/www/
  <Directory "/usr/local/centreon/www">
      Options None
      AllowOverride AuthConfig Options
      Order allow,deny
      Allow from all
  </Directory>
  SSLEngine on
  SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
  SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
  SetEnvIf User-Agent ".*MSIE.*" \
           nokeepalive ssl-unclean-shutdown \
           downgrade-1.0 force-response-1.0
</VirtualHost>

Client Installation

On the systems you want to monitor install the nagios-nrpe-server and basic plugins software:

apt-get install nagios-nrpe-server nagios-plugins-basic

Edit /etc/nagios/nrpe.cfg to your needs. As the Debian Etch package nagios-nrpe-server seems to contain a bug on the PID-file permissions at least modify this entry:

...
pid_file=/var/run/nagios/nrpe.pid
...

Create the directory for the PID-file and set proper permissions:

mkdir /var/run/nagios
chown -R nagios.nagios /var/run/nagios

Literature

hannibal/nagios.txt · Last modified: 2008/06/25 12:22 by Olivier Brugman