In the next few weeks I’ll be doing some work for Honeycomb.io. In preparation I’ve been ramping up on a number of topics, namely the big one is the specific differences in things like observability and monitoring. The aside that makes this relatively easy, is I live and breath this space from a site reliability, apps, and services perspective. Not only am I fortunate in my situation to dive into this topic, I’m excited to do so as well.
I started this research just checking out what material Honeycomb.io has available onsite and additionally what Charity Majors has written, or spoken about at conferences. The first two were easy to find with a simple Google search and checking out the Honeycomb.io Blog. For each of these materials I’ve provided a summary before each linked reference. Enjoy. Continue reading “Reading Up on Observability and Monitoring”→
First I created a virtual machine for use with VMware Fusion on OS-X. Once I got a nice clean Ubuntu 14.04 image setup I installed SSH on it so I could manage it as if it were a headless (i.e. no monitor attached) machine (instructions).
In addition to installing openssh, these steps also include build-essential, make, and gcc along with instructions for, but don’t worry about installing VMware Tools. The instructions are cumbersome and in parts just wrong, so skip that. The virtual machine is up and running with ssh and a good C compiler at this point, so we’re all set.
2nd – The LAMP Stack
shell-script sudo apt-get install apache2
Once installed the default page will be available on the server, so navigate over to 192.168.x.x and view the page to insure it is up and running.
Next install mysql and php5 mysql.
sudo apt-get install mysql-server php5-mysql
During this installation you will be prompted for the mysql root account password. It is advisable to set one.
Then you will be asked to enter the password (the one you just set about 2 seconds ago) for the MySQL root account. Next, it will ask you if you want to change that password. Select ‘n’ so as not to create another password for the root acount since you’ve already created the password just a few seconds before.
For the rest of the questions, you should simply hit the enter key for each prompt. This will accept the default values. This will remove some sample users and databases, disable remote root logins, and load these new rules so that MySQL immediately respects the changes we have made.
Next up is to install PHP. No grumbling, just install PHP.
Next let’s open up dir.conf and change a small section to change what files apache will provide upon request. Here’s what the edit should look like.
Open up the file to edit. (in vi, to insert or edit, hit the ‘i’ button. To save hit escape and ‘:w’ and to exit vi after saving it escape and then ‘:q’. To force exit without saving hit escape and ‘:q!’)
sudo vi /etc/apache2/mods-enabled/dir.conf
This is what the file will likely look like once opened.
Now restart apache so the changes will take effect.
sudo service apache2 restart
Next let’s setup some public key for authentication. On your local box complete the following.
ssh-keygen
If you don’t enter a passphrase, you will be able to use the private key for auth without entering a passphrase. If you’ve entered one, you’ll need it and the private key to log in. Securing your keys with passphrases is more secure, but either way the system is more secure this way then with basic password authentication. For this particular situation, I’m skipping the passphrase.
What is generated is id_rsa, the private key and the id_rsa.pub the public key. They’re put in a directory called .ssh of the local user.
At this point copy the public key to the remote server. On OS-X grab the easy to use ssh-copy-id script with this command.
brew install ssh-copy-id
or
curl -L https://raw.githubusercontent.com/beautifulcode/ssh-copy-id-for-OSX/master/install.sh | sh
Then use the script to copy the ssh key to the server.
ssh-copy-id adron@192.168.x.x
Next let’s setup some public key for authentication. On your local box complete the following.
ssh-keygen
That should give you the ability to log into the machine without a password everytime. Give it a try.
Ok, so now on to the meat of this entry, Nagios itself.
Nagios Installation
Create a user and group that will be used to run the Nagios process.
When the configuration is done you’ll see a display like this.
Creating sample config files in sample-config/ ...
*** Configuration summary for nagios 4.1.1 08-19-2015 ***:
General Options:
-------------------------
Nagios executable: nagios
Nagios user/group: nagios,nagios
Command user/group: nagios,nagcmd
Event Broker: yes
Install ${prefix}: /usr/local/nagios
Install ${includedir}: /usr/local/nagios/include/nagios
Lock file: ${prefix}/var/nagios.lock
Check result directory: ${prefix}/var/spool/checkresults
Init directory: /etc/init.d
Apache conf.d directory: /etc/httpd/conf.d
Mail program: /bin/mail
Host OS: linux-gnu
IOBroker Method: epoll
Web Interface Options:
------------------------
HTML URL: http://localhost/nagios/
CGI URL: http://localhost/nagios/cgi-bin/
Traceroute (used by WAP):
Review the options above for accuracy. If they look okay,
type'make all' to compile the main program and CGIs.
Now run the following make commands. First run make all as shown.
make all
Once that runs the following will be displayed upon success. I’ve included it here as there are a few useful commands in it.
*** Compile finished ***
If the main program and CGIs compiled without any errors, you
can continue with installing Nagios as follows (type 'make'
without any arguments for a list of all possible options):
make install
- This installs the main program, CGIs, and HTML files
make install-init
- This installs the init script in /etc/init.d
make install-commandmode
- This installs and configures permissions on the
directory for holding the external command file
make install-config
- This installs *SAMPLE* config files in /usr/local/nagios/etc
You'll have to modify these sample files before you canuse Nagios. Read the HTML documentation for more infoon doing this. Pay particular attention to the docs onobject configuration files, as they determine what/howthings get monitored!make install-webconf- This installs the Apache config file for the Nagiosweb interfacemake install-exfoliation- This installs the Exfoliation theme for the Nagiosweb interfacemake install-classicui- This installs the classic theme for the Nagiosweb interface*** Support Notes *******************************************If you have questions about configuring or running Nagios,please make sure that you:- Look at the sample config files- Read the documentation on the Nagios Library at:https://library.nagios.combefore you post a question to one of the mailing lists.Also make sure to include pertinent information that couldhelp others help you. This might include:- What version of Nagios you are using- What version of the plugins you are using- Relevant snippets from your config files- Relevant error messages from the Nagios log fileFor more information on obtaining support for Nagios, visit:https://support.nagios.com*************************************************************Enjoy.
After that successfully finishes, then execute the following.
sudo make install
sudo make install-commandmode
sudo make install-init
sudo make install-config
sudo /usr/bin/install -c -m 644 sample-config/httpd.conf /etc/apache2/sites-available/nagios.conf
Now some tinkering to setup the web server user in www-data and nagcmd group.
sudo usermod -G nagcmd www-data
Now some Nagios plugins. You can find the plugins listed for download here: http://nagios-plugins.org/download/ The following are based on the 2.1.1 release of plugins.
Change back out to the user directory on the server and download, tar, and change into the newly unzipped files.
cd~
curl -L -O http://nagios-plugins.org/download/nagios-plugins-2.1.1.tar.gz
tar xvf nagios-plugins-*.tar.gz
cd nagios-plugins-*
./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-openssl
Now for some ole compilation magic.
make
sudo make install
Now pretty much the same things for NRPE. Look here to insure that 2.15 is the latest version.
cd~
curl -L -O http://downloads.sourceforge.net/project/nagios/nrpe-2.x/nrpe-2.15/nrpe-2.15.tar.gz
tar xvf nrpe-*.tar.gz
cd nrpe-*
You must be logged in to post a comment.