<服务>Nagios安装
目录:
Nagios简介
Nagios是一款开源的网络及服务的监控工具,其功能强大,灵活性强,能有效的监控windows和linux等操作系统主机信息,交换机路由器等设备,主机,端口及URL服务,根据不同业务故障级别发出警告信息,如邮件,微信,短信,语音,报警,飞信等,故障恢复也会发送信息,不过Nagios服务端只能在Linux系统上。
可监控项
- 本地资源:负载(uptime),cpu(top,sar),磁盘(df),内存(free),IO(iostat),raid级别,温度,passwd文件的变化,本地所有文件指纹识别
- 网络服务:端口,URL,丢包,进程数,网络流量
- 其他设备:路由器,交换机端口流量,光衰,打印机,WINDOWS等
- 业务数据:用户登录失败次数,用户登录网站次数,输入验证码失败的次数,某个API接口流量并发,订单数量等
Nagios构成
监控一般由主程序Nagios,插件程序Nagios-plugins和一些可选的附加程序(NRPE,NSClient ++,NSCA和NDOUtils等) nagios具体的监控是通过nagios-plugins插件来实现的。
Nagios监控模式
NRPE
| 不同点 | 描述 |
|---|---|
| 模式 | 半被动模式 |
| 存在位置 | 被监控端,用于Linux操作系统 |
| 作用 | 用于在被监控的远程Linux主机上执行脚本插件获取数据回传给服务端,以实现主机资源监控 |
| 存在形式 | 守护进程模式,5666 |
| 数据传输方式 | 通过Nagios的check_nrpe模块,通过ssl协议对被监控端NRPE进行check_disk和check_load获取本地资源信息,返回给Nagios |
NSClient++
| 不同点 | 描述 |
|---|---|
| 模式 | 半被动模式 |
| 存在位置 | 被监控端,用于Windows操作系统 |
| 作用 | 功能相当于linux下的NRPE |
| 数据传输方式 | 与NRPE类似,只不过是通过Nagios模块check_nt模块 |
NDOUtils:
| 不同点 | 描述 |
|---|---|
| 存在位置 | nagios服务端 |
| 作用 | 用于将Nagios的配置信息和各event产生的数据存入数据库以实现对这些数据的索引和处理 |
| 数据传输方式 | 通过NSCA模块,通过tcp或者socket由NDO2DB Deamon写入数据库 |
不过不推荐这种模式,因为放在数据库不如直接放在磁盘上效率高
NSCA
| 不同点 | 描述 |
|---|---|
| 模式 | 纯被动模式的监控 |
| 存在位置 | 同时安装在服务端和被监控端 |
| 作用 | 用于让被监控的远程Linux主机主动将监控到的信息发送给Nagios服务器(一般用于大批量集群) |
| 数据传输方式 | 通过分布式监控,最后汇总到Nagios上 |
原理简图
Nagios安装
Nagios服务器配置
| IP地址 | 角色 |
|---|---|
| 192.168.0.203 | 服务端 |
| 192.168.0.202 | 被监控端 |
Nagios服务端安装
1. 配置yum源
2. 修改字符集,不然perl插件安装会有错误
[root@why-3 ~]# echo 'export 'LC_ALL=C'' >> /etc/profile
[root@why-3 ~]# source /etc/profile
3. 关闭防火墙和SELINUX
[root@why-3 ~]# service iptables stop
iptables:将链设置为政策 ACCEPT:filter [确定]
iptables:清除防火墙规则: [确定]
iptables:正在卸载模块: [确定]
[root@why-3 ~]# chkconfig iptables off
[root@why-3 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
[root@why-3 ~]# setenforce 0
4. 时间同步
[root@why-3 ~]# echo '#time sync by why at 17.1.20' >> /var/spool/cron/root
[root@why-3 ~]# echo '*/10 * * * * /usr/sbin/ntpdate pool.ntp.org >/dev/null 2&>1' >> /var/spool/cron/root
5. 安装依赖
[root@why-3 ~]# yum install -y gcc glibc glibc-common gd gd-devel httpd php php-gd mysql*
http用于提供web访问,gd画图用,如果不安装mysql*编译的过程中不会有监控数据库的插件
6. 创建用户和组
[root@why-3 ~]# /usr/sbin/useradd -m nagios
[root@why-3 ~]# /usr/sbin/useradd nagcmd
[root@why-3 ~]# /usr/sbin/usermod -a -G nagcmd nagios
[root@why-3 ~]# /usr/sbin/usermod -a -G nagcmd apache
7. 编译安装主程序
[root@why-3 ~]# tar xf nagios-3.5.1.tar.gz
[root@why-3 ~]# cd nagios
[root@why-3 nagios]# ./configure --with-command-group=nagcmd
*** Configuration summary for nagios 3.5.1 08-30-2013 ***:
General Options:
-------------------------
Nagios executable: nagios
Nagios user/group: nagios,nagios
Command user/group: nagios,nagcmd
Embedded Perl: no
Event Broker: yes
Install ${prefix}: /usr/local/nagios
Lock file: ${prefix}/var/nagios.lock
Check result directory: ${prefix}/var/spool/checkresults
Init directory: /etc/rc.d/init.d
Apache conf.d directory: /etc/httpd/conf.d
Mail program: /bin/mail
Host OS: linux-gnu
Web Interface Options:
------------------------
HTML URL: http://localhost/nagios/
CGI URL: http://localhost/nagios/cgi-bin/
Traceroute (used by WAP): /bin/traceroute
Review the options above for accuracy. If they look okay,
type 'make all' to compile the main program and CGIs.
[root@why-3 nagios]# make all
*** Compile finished ***
If the main program and CGIs compiled without any errors, you
can continue with installing Nagios as follows (type 'make'
without any arguments for a list of all possible options):
make install
- This installs the main program, CGIs, and HTML files
make install-init
- This installs the init script in /etc/rc.d/init.d
make install-commandmode
- This installs and configures permissions on the
directory for holding the external command file
make install-config
- This installs *SAMPLE* config files in /usr/local/nagios/etc
You'll have to modify these sample files before you can
use Nagios. Read the HTML documentation for more info
on doing this. Pay particular attention to the docs on
object configuration files, as they determine what/how
things get monitored!
make install-webconf
- This installs the Apache config file for the Nagios
web interface
make install-exfoliation
- This installs the Exfoliation theme for the Nagios
web interface
make install-classicui
- This installs the classic theme for the Nagios
web interface
*** Support Notes *******************************************
If you have questions about configuring or running Nagios,
please make sure that you:
- Look at the sample config files
- Read the documentation on the Nagios Library at:
http://library.nagios.com
before you post a question to one of the mailing lists.
Also make sure to include pertinent information that could
help others help you. This might include:
- What version of Nagios you are using
- What version of the plugins you are using
- Relevant snippets from your config files
- Relevant error messages from the Nagios log file
For more information on obtaining support for Nagios, visit:
http://support.nagios.com
*************************************************************
Enjoy.
[root@why-3 nagios]# make install
*** Main program, CGIs and HTML files installed ***
You can continue with installing Nagios as follows (type 'make'
without any arguments for a list of all possible options):
make install-init
- This installs the init script in /etc/rc.d/init.d
make install-commandmode
- This installs and configures permissions on the
directory for holding the external command file
make install-config
- This installs sample config files in /usr/local/nagios/etc
[root@why-3 nagios]# make install-init 生成init.d启动脚本
/usr/bin/install -c -m 755 -d -o root -g root /etc/rc.d/init.d
/usr/bin/install -c -m 755 -o root -g root daemon-init /etc/rc.d/init.d/nagios
*** Init script installed ***
[root@why-3 nagios]# make install-config 安装配置文件模板
/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/etc
/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/etc/objects
/usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/nagios.cfg /usr/local/nagios/etc/nagios.cfg
/usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/cgi.cfg /usr/local/nagios/etc/cgi.cfg
/usr/bin/install -c -b -m 660 -o nagios -g nagios sample-config/resource.cfg /usr/local/nagios/etc/resource.cfg
/usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/templates.cfg /usr/local/nagios/etc/objects/templates.cfg
/usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/commands.cfg /usr/local/nagios/etc/objects/commands.cfg
/usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/contacts.cfg /usr/local/nagios/etc/objects/contacts.cfg
/usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/timeperiods.cfg /usr/local/nagios/etc/objects/timeperiods.cfg
/usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/localhost.cfg /usr/local/nagios/etc/objects/localhost.cfg
/usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/windows.cfg /usr/local/nagios/etc/objects/windows.cfg
/usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/printer.cfg /usr/local/nagios/etc/objects/printer.cfg
/usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/switch.cfg /usr/local/nagios/etc/objects/switch.cfg
*** Config files installed ***
Remember, these are *SAMPLE* config files. You'll need to read
the documentation for more information on how to actually define
services, hosts, etc. to fit your particular needs.
[root@why-3 nagios]# make install-commandmode安装配置目录许可
/usr/bin/install -c -m 775 -o nagios -g nagcmd -d /usr/local/nagios/var/rw
chmod g+s /usr/local/nagios/var/rw
*** External command directory configured ***
[root@why-3 nagios]# make install-webconf 在http中生成nagios配置文件
/usr/bin/install -c -m 644 sample-config/httpd.conf /etc/httpd/conf.d/nagios.conf
*** Nagios/Apache conf file installed ***
8. 生成Nagios用户
[root@why-3 nagios]# htpasswd -cb /usr/local/nagios/etc/htpasswd.users why 123456
Adding password for user why
9. 安装插件依赖
[root@why-3 nagios]# yum install -y perl-devel
10. 安装nagios-plugins插件
[root@why-3 nagios]# cd ..
[root@why-3 ~]# tar xf nagios-plugins-1.4.16.tar.gz
[root@why-3 ~]# cd nagios-plugins-1.4.16
[root@why-3 nagios-plugins-1.4.16]# ./configure --with-nagios-user=nagios --with-nagios-group=nagios --enable-perl-modules
--with-apt-get-command:
--with-ping6-command: /bin/ping6 -n -U -w %d -c %d %s
--with-ping-command: /bin/ping -n -U -w %d -c %d %s
--with-ipv6: yes
--with-mysql: /usr/bin/mysql_config
--with-openssl: yes
--with-gnutls: no
--enable-extra-opts: no
--with-perl: /usr/bin/perl
--enable-perl-modules: yes
--with-cgiurl: /nagios/cgi-bin
--with-trusted-path: /bin:/sbin:/usr/bin:/usr/sbin
--enable-libtap: no
[root@why-3 nagios-plugins-1.4.16]# make && make install
查看插件个数
[root@why-3 nagios-plugins-1.4.16]# ls /usr/local/nagios/libexec/|wc -l
64
11. 安装NRPE
[root@why-3 nagios-plugins-1.4.16]# cd ..
[root@why-3 ~]# tar xf nrpe-2.12.tar.gz
[root@why-3 ~]# cd nrpe-2.12
[root@why-3 nrpe-2.12]# ./configure
*** Generating DH Parameters for SSL/TLS ***
Generating DH parameters, 512 bit long safe prime, generator 2
This is going to take a long time
.....................................+....+................+..............++*++*++*++*++*++*
checking for Kerberos include files... could not find include files
checking for perl... /usr/bin/perl
configure: creating ./config.status
config.status: creating Makefile
config.status: creating src/Makefile
config.status: creating subst
config.status: creating include/config.h
*** Configuration summary for nrpe 2.12 03-10-2008 ***:
General Options:
-------------------------
NRPE port: 5666
NRPE user: nagios
NRPE group: nagios
Nagios user: nagios
Nagios group: nagios
Review the options above for accuracy. If they look okay,
type 'make all' to compile the NRPE daemon and client.
[root@why-3 nrpe-2.12]# make all
[root@why-3 nrpe-2.12]# make install-plugin
cd ./src/ && make install-plugin
make[1]: Entering directory `/root/nrpe-2.12/src'
/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/libexec
/usr/bin/install -c -m 775 -o nagios -g nagios check_nrpe /usr/local/nagios/libexec
make[1]: Leaving directory `/root/nrpe-2.12/src'
[root@why-3 nrpe-2.12]# make install-daemon
cd ./src/ && make install-daemon
make[1]: Entering directory `/root/nrpe-2.12/src'
/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/bin
/usr/bin/install -c -m 775 -o nagios -g nagios nrpe /usr/local/nagios/bin
make[1]: Leaving directory `/root/nrpe-2.12/src'
[root@why-3 nrpe-2.12]# make install-daemon-config
/usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/etc
/usr/bin/install -c -m 644 -o nagios -g nagios sample-config/nrpe.cfg /usr/local/nagios/etc
到此为止,Nagios服务端安装完成
检查
[root@why-3 nrpe-2.12]# /etc/init.d/nagios start
Starting nagios: done.
[root@why-3 nrpe-2.12]# /etc/init.d/httpd start
[root@why-3 nrpe-2.12]# lsof -i tcp:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
httpd 32386 root 4u IPv6 61946 0t0 TCP *:http (LISTEN)
httpd 32389 apache 4u IPv6 61946 0t0 TCP *:http (LISTEN)
httpd 32390 apache 4u IPv6 61946 0t0 TCP *:http (LISTEN)
httpd 32391 apache 4u IPv6 61946 0t0 TCP *:http (LISTEN)
httpd 32392 apache 4u IPv6 61946 0t0 TCP *:http (LISTEN)
httpd 32393 apache 4u IPv6 61946 0t0 TCP *:http (LISTEN)
httpd 32394 apache 4u IPv6 61946 0t0 TCP *:http (LISTEN)
httpd 32395 apache 4u IPv6 61946 0t0 TCP *:http (LISTEN)
httpd 32396 apache 4u IPv6 61946 0t0 TCP *:http (LISTEN)
[root@why-3 nrpe-2.12]# ps -ef | grep nagios
nagios 32330 1 0 15:09 ? 00:00:00 /usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg
root 32407 12016 0 15:13 pts/1 00:00:00 grep nagios
直接通过web页面进入http://192.168.0.203/nagios/
登录密码为当时我们通过htpasswd创建的
输入后进行登录
看到这个主页面证明Nagios服务端安装成功
Nagios客户端安装
1. 配置yum源
2. 修改字符集
[root@why-2 ~]# echo 'export 'LC_ALL=C'' >> /etc/profile
[root@why-2 ~]# source /etc/profile
3. 关闭防火墙和SELinux
[root@why-2 ~]# service iptables stop
iptables:将链设置为政策 ACCEPT:filter [确定]
iptables:清除防火墙规则: [确定]
iptables:正在卸载模块: [确定]
[root@why-2 ~]# chkconfig iptables off
[root@why-2 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
[root@why-2 ~]# setenforce 0
setenforce: SELinux is disabled
4. 时间同步
[root@why-2 ~]# echo '#time sync by why at 17.1.20' >> /var/spool/cron/root
[root@why-2 ~]# echo '*/10 * * * * /usr/sbin/ntpdate pool.ntp.org >/dev/null 2&>1' >> /var/spool/cron/root
5. 安装依赖包
[root@why-2 ~]# yum install -y gcc glibc glibc-common
6. 添加用户
[root@why-2 ~]# /usr/sbin/useradd -m nagios -s /sbin/nologin
7. 安装插件依赖
[root@why-2 ~]# yum install -y perl-devel
8. 安装插件
[root@why-2 ~]# tar xf nagios-plugins-1.4.16.tar.gz
[root@why-2 ~]# cd nagios-plugins-1.4.16
[root@why-2 nagios-plugins-1.4.16]# ./configure --prefix=/usr/local/nagios --enable-perl-modules --enable-redhat-pthread-workaround
[root@why-2 nagios-plugins-1.4.16]# make && make install
9. 安装NRPE
[root@why-2 ~]# tar xf nrpe-2.12.tar.gz
[root@why-2 ~]# cd nrpe-2.12
[root@why-2 nrpe-2.12]# ./configure
[root@why-2 nrpe-2.12]# make all
[root@why-2 nrpe-2.12]# make install-plugin
[root@why-2 nrpe-2.12]# make install-daemon
[root@why-2 nrpe-2.12]# make install-daemon-config
10. 安装iostat相关软件(本文提供的iostat插件依赖,可以不进行安装)
[root@why-2 nrpe-2.12]# cd ..
[root@why-2 ~]# tar xf Params-Validate-0.91.tar.gz
[root@why-2 ~]# cd Params-Validate-0.91
[root@why-2 Params-Validate-0.91]# perl Makefile.PL
Testing if you have a C compiler
Checking if your kit is complete...
Looks good
Writing Makefile for Params::Validate
[root@why-2 Params-Validate-0.91]# make
[root@why-2 Params-Validate-0.91]# make install
[root@why-2 Params-Validate-0.91]# cd ..
[root@why-2 ~]# tar xf Class-Accessor-0.31.tar.gz
[root@why-2 ~]# cd Class-Accessor-0.31
[root@why-2 Class-Accessor-0.31]# perl Makefile.PL
Checking if your kit is complete...
Looks good
Writing Makefile for Class::Accessor
[root@why-2 Class-Accessor-0.31]# make
[root@why-2 Class-Accessor-0.31]# make install
[root@why-2 Class-Accessor-0.31]# cd ..
[root@why-2 ~]# tar xf Config-Tiny-2.12.tar.gz
[root@why-2 ~]# cd Config-Tiny-2.12
[root@why-2 Config-Tiny-2.12]# perl Makefile.PL
[root@why-2 Config-Tiny-2.12]# make
[root@why-2 Config-Tiny-2.12]# make install
[root@why-2 Config-Tiny-2.12]# cd ..
[root@why-2 ~]# tar xf Math-Calc-Units-1.07.tar.gz
[root@why-2 ~]# cd Math-Calc-Units-1.07
[root@why-2 Math-Calc-Units-1.07]# perl Makefile.PL
Checking if your kit is complete...
Looks good
Writing Makefile for Math::Calc::Units
[root@why-2 Math-Calc-Units-1.07]# make
[root@why-2 Math-Calc-Units-1.07]# make install
[root@why-2 Math-Calc-Units-1.07]# cd ..
[root@why-2 ~]# tar xf Regexp-Common-2010010201.tar.gz
[root@why-2 ~]# cd Regexp-Common-2010010201
[root@why-2 Regexp-Common-2010010201]# perl Makefile.PL
Checking if your kit is complete...
Looks good
Writing Makefile for Regexp::Common
[root@why-2 Regexp-Common-2010010201]# make
[root@why-2 Regexp-Common-2010010201]# make install
[root@why-2 Regexp-Common-2010010201]# cd ..
[root@why-2 ~]# tar xf Nagios-Plugin-0.34.tar.gz
[root@why-2 ~]# cd Nagios-Plugin-0.34
[root@why-2 Nagios-Plugin-0.34]# perl Makefile.PL
Checking if your kit is complete...
Looks good
Warning: prerequisite Config::Tiny 0 not found.
Writing Makefile for Nagios::Plugin
[root@why-2 Nagios-Plugin-0.34]# make
[root@why-2 Nagios-Plugin-0.34]# make install
[root@why-2 Nagios-Plugin-0.34]# yum install -y syssta
[root@why-2 Nagios-Plugin-0.34]# cp /root/check_memory.pl /usr/local/nagios/libexec/
[root@why-2 Nagios-Plugin-0.34]# cp /root/check_iostat /usr/local/nagios/libexec/
[root@why-2 Nagios-Plugin-0.34]# chmod 755 /usr/local/nagios/libexec/check_memory.pl
[root@why-2 Nagios-Plugin-0.34]# chmod 755 /usr/local/nagios/libexec/check_iostat
[root@why-2 Nagios-Plugin-0.34]# dos2unix /usr/local/nagios/libexec/check_memory.pl
[root@why-2 Nagios-Plugin-0.34]# dos2unix /usr/local/nagios/libexec/check_iostat
查看一下安装的插件
[root@why-2 Nagios-Plugin-0.34]# ls /usr/local/nagios/libexec/|wc -l
67
11. 配置
[root@why-2 Nagios-Plugin-0.34]# cd /usr/local/nagios/etc/
[root@why-2 etc]# cp nrpe.cfg nrpe.cfg.old
[root@why-2 etc]# vi nrpe.cfg
allowed_hosts=127.0.0.1
替换为
allowed_hosts=127.0.0.1,192.168.0.203
command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20
command[check_hda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda1
command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c 200
替换为
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,6 -c 30,25,20
command[check_mem]=/usr/local/nagios/libexec/check_memory.pl -w 6% -c 3%
command[check_disk]=/usr/local/nagios/libexec/check_disk -w 20% -c 8% -p /
command[check_swap]=/usr/local/nagios/libexec/check_swap -w 20% -c 10%
command[check_iostat]=/usr/local/nagios/libexec/check_iostat -w 6 -c 10
检查
[root@why-2 ~]# /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
[root@why-2 ~]# netstat -nlp | grep 5666
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 15981/nrpe
被监控端守护进程开启,端口为5666,这样客户端和服务端都安装完成。
