Back to the main page
Start with Nagios on Solaris10
What is Nagios and why I need it?
It is software for monitoring systems (hosts) and services. It can monitor network services (SMTP, HTTP, NNTP, PING, etc) and host resources (disk/RAM usage, CPU load, etc)
What are requirements?
Of course you need C compiler and TCP/IP configured.
And yes, you want to use CGI (included in Nagios) for handling dynamic web pages. So you need Apache web server.
In Apache root directory there is cgi-bin subdirectory (web servers knows that files here has to be executed). Files in cgi-bin can be executable ones or say Perl script.
Also you need Boutell's gd graphic library (this dynamically creates images, like JPEG ones and is used for creating charts and graphic).
How to monitor remote devices, tell me very shortly (for now)
Monitoring remote Unix machine:
1. One way (I don't use) is using SSH to execute plug-in on remote machine. This results in high load on Nagios server
2. Using NRPE addon (run this on remote machine, it will run Nagios plug-in and send results back to Nagios server)
Monitoring routers and switches: you can simply ping them or if they support SNMP use check_snmp plug-in.
What are Public and Private services
Public services are accessible from network and can be monitored without special requirements. They are HTTP, FTP, SSH, POP3, IMAP and others.
Private services are CPU load, RAM or disk usage and to access them you need agent on remote machine (I already mentioned NRPE and SNMP).
Basically NRPE will use Nagios plug-in (installed on remote host) to collect information about private service. Check great source of plug-ins on Monitoring Exchange
About Configuration files
The most important are:
1. Main config file - read by Nagios daemon and CGIs.
2. Resource File(s) - defines macros, like $USER1$ is defining location of plug-ins.
3. Object definition files - define hosts, services, hostgroups, contacts, contactgroups, commands, notifications, etc. In Main config file they are defined with "cfg_file". Also define their directories with "cfg_dir".
4. CGI config file - define operation of CGIs and has reference to Main config file.
Installation
Probably the easiest way to install Nagios (and Nagios plug-in and NRPE) is using pkg-get command.
Run pkg-get -i nagios (I am taking files from blastwave.org and they offer version 2.10 which is old one but okay for writing this document) and this will install all dependencies:
CSWapache, CSWcommon, CSWcommon, CSWfreetype, CSWgd, CSWjpeg, CSWiconv, CSWiconv, CSWiconv, CSWlibtool, CSWlibtool, CSWlibtool, CSWmodperl, CSWosslrt, CSWosslrt, CSWperl, CSWperl, CSWpng, CSWpng and CSWzlib
The good thing here is that Nagios is integrated in SMF.
See how installation should finish (I already had installed NRPE and Nagios plug-in).
## Executing postinstall script.
Configuring service in SMF
nagios is using Service Management Facility. The FMRI is:
svc:/application/cswnagios:default
## Not starting nagios - configuration file not found
The Nagios system has been installed but you must update the files in
/opt/csw/nagios/etc/ to reflect your monitoring setup.
Additionally you must make Nagios accessible from your Apache webserver.
The file /opt/csw/apache/conf/httpd-nagios.conf lists the exact configuration
directives required.
Add those lines into your httpd.conf and restart your Apache server.
Installation of < CSWnagios > was successful.
|
Nagios/NREP integration in SMF
|
Manifest (defines services properties)
|
Method (defined how service restarted interacts with service)
|
nagios
|
/opt/csw/var/svc/manifest/application/nagios.xml
|
/opt/csw/lib/svc/method/svc-nagios
|
nrpe
|
/opt/csw/var/svc/manifest/network/nrpe.xml
|
/opt/csw/lib/svc/method/svc-nrpe
|
For example: see nagios (actually cswnagios) services properties:
# /opt/csw/var/svc/manifest/application> svccfg
svc:> select cswnagios
svc:/application/cswnagios> listprop
general framework
general/single_instance boolean true
filesystem dependency
filesystem/entities fmri svc:/system/filesystem/local
filesystem/grouping astring require_all
filesystem/restart_on astring none
filesystem/type astring service
config-file dependency
config-file/entities fmri file://localhost/opt/csw/nagios/etc/nagios.cfg
config-file/grouping astring require_any
config-file/restart_on astring refresh
config-file/type astring path
... show other dependencies ....
start method
start/exec astring "/opt/csw/lib/svc/method/svc-nagios start"
start/timeout_seconds count 30
start/type astring method
... show other methods ...
svc:/application/cswnagios> exit
|
Nagios Plugins
These are compiled executables or scripts (Perl, shell) that can be run from CLI to check status of host/service.
Actually they return the code which Nagios use to examine host/service state.
This means that Nagios has no idea what are Plugins monitoring.
Basically, you can see how to use plugin with (example):
/opt/csw/libexec/nagios-plugins> ./check_oracle --help
If you want to write own Plugins this table will help you:
Plugin return code | Service state | Host state |
0 | OK | Up |
1 | Warning | Up or Down/Unreachable (if use_aggresive_host_checking is enabled - takes more time but result is more reliable) |
2 | Critical | Down/Unreachable (define parent/child relationship so Nagios can determine which one of these two) |
3 | Unknows | Down/Unreachable |
Blastwave.org offers collection of plugins as package CSWnagiosp (version 1.4).
After installation they are located in directory /opt/csw/libexec/nagios-plugins/
Apache adjustment
As "End of Nagios installation" message suggests, Nagios has to be accessible from Apache.
Do this by adding lines from file /opt/csw/nagios/etc/httpd-nagios.conf to the end of the file /opt/csw/apache/conf/httpd.conf
Restart Apache:
/etc/init.d> ./cswapache restart
|
Note: Apache is run by user/group = webservd/webservd.
Nagios default page is using HTML frames and in case you want to add your company name/image or something similar go to directory /opt/csw/nagios/share/ and see files like [index|main|side].html
And finally Nagios Configuration
Check the directory /opt/csw/nagios/etc/ for sample files.
Start with coping sample file to ones you want to edit and use for your system.
So you will now work with files: cgi.cfg, commands.cfg, localhost.cfg, nagios.cfg and resource.cfg (they are commented well, so read the comments).
Before you enable Nagios service, edit mentioned files.
You will do detailed configuration later, for now you just want to check user/group for running Nagios (in nagios.cfg) and set yourself as contact person (in localhost.cfg).
Default configuration will monitor only local machine.
Check that there is no any error in configuration files.
/opt/csw/nagios/bin> ./nagios -v ../etc/nagios.cfg
...... some lines .....
Total Warnings: 0 (you can ignore warnings and start/reset Nagios)
Total Errors: 0 (if you have any, better correct them)
Things look okay - No serious problems were detected during the pre-flight check
|
Enable Nagios:
# svcadm -v enable -r cswnagios
You can monitor log file to quickly see errors if they happens and to troubleshoot them easily.
# tail -f application-cswnagios:default.log
Note: after changing config files, always verify changes with nagios -v configuration-file (as above), and then run "svcadm –v restart cswnagios".
Check Nagios statistics with:
/opt/csw/nagios/bin> ./nagiostats
Nagios Stats 2.10
Copyright (c) 2003-2007 Ethan Galstad (www.nagios.org)
Last Modified: 10-21-2007
License: GPL
CURRENT STATUS DATA
----------------------------------------------------
Status File: /opt/csw/nagios/var/status.dat
Status File Age: 0d 0h 0m 13s
Status File Version: 2.10
Program Running Time: 0d 0h 30m 58s
Nagios PID: 9660
Used/High/Total Command Buffers: 0 / 0 / 4096
Used/High/Total Check Result Buffers: 0 / 1 / 4096
Total Services: 5
- some data -
Total Hosts: 1
- some data -
|
I don't want everyone to see my Nagios - only Mona Lisa
Okay, let's do quick Basic authentication (somewhere else I can talk more about other Apache authentications).
Create password file and add first user.
/opt/csw/apache/bin> ./htpasswd -c /opt/csw/apache/password/apache-password monalisa
New password: this password will travel in clear text over network
Re-type new password: type password again
Adding password for user monalisa
|
-c = create file
When adding additional used do not use -c since it will overwrite existing file
Set ownership and permissions (only root can write and group that run Apache can read)
/opt/csw/apache/password> ls
-rw-r----- 1 root webservd 21 Aug 17 15:25 apache-password
|
Note: in this file password is stored in encrypted form (example: monalisa:cqwsnwCuEAG0k) but travels over network as clear text.
You "Basic authentication" Nagios directives in /opt/csw/apache/conf/httpd.conf are (red ones)
<Directory "/opt/csw/nagios/sbin/">
AllowOverride AuthConfig
Options ExecCGI
Order allow,deny
Allow from all
AuthType Basic
# realm (AuthName) associated with cashed username/passwd
AuthName "LOGIN TO COMPANY'S NAGIOS 2.1"
AuthUserFile /opt/csw/apache/password/apache-password
Require valid-user
</Directory>
|
Verify Apache configuration
/opt/csw/apache/bin> ./apachectl configtest
Reset Apache:
# /etc/init.d/cswapache restart
or
/opt/csw/apache/bin> ./apachectl restart
Postscript
You also need to add user (monalisa in this case) to be authorized user for accessing different pages controlled by CGI.
Check this:
/opt/csw/nagios/etc> grep monalisa cgi.cfg
authorized_for_system_information=monalisa
authorized_for_configuration_information=monalisa
authorized_for_system_commands=monalisa
authorized_for_all_services=monalisa
authorized_for_all_hosts=monalisa
authorized_for_all_service_commands=monalisa
authorized_for_all_host_commands=monalisa
Back to the main page