五、nagios服务器的安装和配置
1.创建nagios帐号和组
useradd -m nagios
passwd nagios
输入nagios的密码(这里我设的密码为nagios)
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd daemon
# daemon为运行apache的帐号。
2.安装nagios
cd /tmp
tar xzf nagios-3.0.5.tar.gz
cd nagios-3.0.5
./configure –with-command-group=nagcmd –with-gd-lib=/usr/local/libgd/lib/ –with-gd-inc=/usr/local/libgd/include/
make all
# 使用make install来安装主程序,CGI和HTML文件
make install
# 使用make install-init在/etc/rc.d/init.d安装启动脚本
make install-init
# 使用make install-cofig来安装示例配置文件,安装的路径是/usr/local/nagios/etc.
make install-config
# 使用make install-commandmode来配置目录权限
make install-commandmode
注:nagios目录功能的简要说明:
bin Nagios执行程序所在目录,nagios文件即为主程序
etc Nagios配置文件位置
sbin Nagios Cgi文件所在目录,也就是执行外部命令所需文件所在的目录
Share Nagios网页文件所在的目录
var Nagios日志文件、spid 等文件所在的目录
var/archives 日志归档目录
var/rw 用来存放外部命令文件
3.配置apache
将下面行加入apache配置文件httpd.conf的alias模块<IfModule alias_module>,并注释掉原先的“ScriptAlias…………”行。
---------------------------------------
ScriptAlias /nagios/cgi-bin “/usr/local/nagios/sbin”
<Directory “/usr/local/nagios/sbin”>
# SSLRequireSSL
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
# Order deny,allow
# Deny from all
# Allow from 127.0.0.1
AuthName “Nagios Access”
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
</Directory>
Alias /nagios “/usr/local/nagios/share”
<Directory “/usr/local/nagios/share”>
# SSLRequireSSL
Options None
AllowOverride None
Order allow,deny
Allow from all
# Order deny,allow
# Deny from all
# Allow from 127.0.0.1
AuthName “Nagios Access”
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
</Directory>
---------------------------------------
4. 创建apache目录验证文件
/usr/local/apache/bin/htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
New password: (输入密码)
Re-type new password: (再输入一次密码)
Adding password for user nagiosadmin
5.重启apache
/usr/local/apache2/bin/apachectl -k restart
6.配置nagios配置文件
vi /usr/local/nagios/etc/objects/contacts.cfg
# 将里面的email地址改为接收监控邮件的email地址。
7.安装nagios插件
tar xzf nagios-plugins-1.4.11.tar.gz
cd nagios-plugins-1.4.11
./configure –with-nagios-user=nagios –with-nagios-group=nagios
make
make install
8.启动nagios
# 配置机器启动时自动启动Nagios
chkconfig nagios on
# 检查Nagios配置文件
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
# 启动Nnagios
service nagios start
9.SELinux及防火墙设置
1).关闭SELinux
vi /etc/selinux/config
# 将下面行设为disabled
SELINUX=disabled
# 重启系统
2).如果开启防火墙,应该允许访问apache(一般为80端口)并允许nagios去抓取被监控机信息(一般nrpe为5666端口)。
10.测试nagios页面是否正常
在浏览器地址栏输入:http://localhost/nagios/
输入用户名及密码登录。
11.安装nrpe插件,用来监控linux机器
tar xzvf nrpe-2.12.tar.gz
cd nrpe-2.12
./configure
make all
# 在Nagios服务器端只要安装nrpe监控插件就行
make install-plugin
12.在/usr/local/nagios/etc/objects/commands.cfg中定义check_nrpe命令
vi /usr/local/nagios/etc/objects/commands.cfg
############################################################
#
# 2008.11.18 add by Stone
# NRPE COMMAND
#
############################################################
# ‘check_nrpe ‘ command definition
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
六、Linux被监控端的安装和设置
1.创建nagios帐号
useradd -m nagios
passwd nagios
输入nagios的密码,需要输入两次(这里我设的密码为nagios)
2.安装nagios-plugins
tar -zxvf nagios-plugins-1.4.13.tar.gz
cd nagios-plugins-1.4.13
./configure
make
make install
# Nagios-plugins默认安装到/usr/local/nagios
chown nagios.nagios /usr/local/nagios/
chown -R nagios.nagios /usr/local/nagios/libexec/
3.安装nrpe插件
tar xzvf nrpe-2.12.tar.gz
cd nrpe-2.12
./configure
make all
# 安装nrpe守护进程
make install-daemon
# 安装nrpe配置文件
make install-daemon-config
4.修改nrpe配置文件,允许Nagios服务器监控
vi /usr/local/nagios/etc/nrpe.cfg
# 此处设置nagios服务器的IP,多台机器用逗号隔开
allowed_hosts=127.0.0.1,172.0.0.44
5.启动nrpe
# 以独立守护进程启动nrpe,也可以使用xinetd启动nrpe,具体清查看nrpe官方文档。
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
# 开机自动启动nrpe
vi /etc/rc.d/rc.local
# 加入下面行
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
6.检查nrpe是否安装正常
# 查看启动端口
[root@wiki ~]# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 27387/nrpe
#如果有防火墙应该开放5666端口:
iptables -A INPUT -p tcp --dport 5666 -j ACCEPT
7.我们需要在/usr/local/nagios/etc/nrpe.cfg中定义我们用到的监控本地资源的命令。
下面的命令是默认定义的:
command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20
command[check_hda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda1
command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c 200
下面的命令是自己定义的:
# 监控交换分区的使用情况,使用超过20%时为警告状态,超过10%时为严重状态
command[check_swap]=/usr/local/nagios/libexec/check_swap -w 20% -c 10%
# 监控根分区磁盘使用情况
command[check_disk_root]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /
8.重启nrpe
#使用下面命令查看nrpe的pid号
ps -ef|grep nrpe
#使用kill命令结束nrpe进程
kill -9 <pid>
#启动nrpe
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg –d