1、NRPE简介
Nagios监控远程主机的方法有多种,其方式包括SNMP、NRPE、SSH和NCSA等。这里介绍其通过NRPE监控远程Linux主机的方式。
NRPE(Nagios RemotePluginExecutor)是用于在远端服务器上运行检测命令的守护进程,它用于让Nagios监控端基于安装的方式触发远端主机上的检测命令,并将检测结果输出至监控端。而其执行的开销远低于基于SSH的检测方式,而且检测过程并不需要远程主机上的系统帐号等信息,其安全性也高于SSH的检测方式。
2、安装配置被监控端
1)先添加nagios用户
# useradd -s/sbin/nologin nagios
2)NRPE依赖于nagios-plugins,因此,需要先安装之
[root@node3 ~]# ls
nrpe-2.15.tar.gz
nagios-plugins-1.5.tar.gz
[root@node3 ~]# tar-xf nrpe-2.15.tar.gz
安装编译环境
[root@node3 ~]# yuminstall gcc make -y
# tar zxfnagios-plugins-1.4.15.tar.gz
# cdnagios-plugins-1.4.15
# ./configure--with-nagios-user=nagios --with-nagios-group=nagios
# make all
# make instal
3)安装NRPE
[root@node3nrpe-2.15]# yum install openssl openssl-devel -y
# tar -zxvfnrpe-2.12.tar.gz
# cd nrpe-2.12.tar.gz
# ./configure--with-nrpe-user=nagios \
--with-nrpe-group=nagios \
--with-nagios-user=nagios \
--with-nagios-group=nagios \
--enable-command-args \
--enable-ssl #如果要启用ssl的话,需要安装opensslopenssl-devel包
# make all
# make install-plugin
# make install-daemon
# makeinstall-daemon-config
4)配置NRPE
# vim /usr/local/nagios/etc/nrpe.cfg
log_facility=daemon
pid_file=/var/run/nrpe.pid
server_address=192.168.0.3
server_port=5666
nrpe_user=nagios
nrpe_group=nagios
allowed_hosts=192.168.0.4
command_timeout=60
connection_timeout=300
debug=0
上述配置指令可以做到见名知义,因此,配置过程中根据实际需要进行修改即可。其中,需要特定说明的是allowed_hosts指令用于定义本机所允许的监控端的IP地址。
5)启动NRPE
#/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg –d
为了便于NRPE服务的启动,可以将如下内容定义为/etc/init.d/nrped脚本:
#!/bin/bash # chkconfig: 2345 8812 # description: NRPEDAEMON NRPE=/usr/local/nagios/bin/nrpe NRPECONF=/usr/local/nagios/etc/nrpe.cfg case "$1"in start) echo-n "Starting NRPE daemon..." $NRPE-c $NRPECONF -d echo" done." ;; stop) echo-n "Stopping NRPE daemon..." pkill-u nagios nrpe echo" done." ;; restart) $0stop sleep2 $0start ;; *) echo"Usage: $0 start|stop|restart" ;; esac exit 0
或者,也可以在/etc/xinetd.d目录中创建nrpe文件,使其成为一个基于非独立守护进程的服务,文件内容如下:
service nrpe
{
flags= REUSE
socket_type= stream
wait= no
user= nagios
group= nagios
server= /usr/local/nagios/bin/nrpe
server_args= -c /etc/nagios/nrpe.cfg -i
log_on_failure+= USERID
disable= no
}此种情况下启动NRPE进程需要通过重启xinetd来实现。
6)配置允许远程主机监控的对象
在被监控端,可以通过NRPE监控的服务或资源需要通过nrpe.cfg文件使用命令进行定义,定义命令的语法格式为:command[<command_name>]=<command_to_execute>。比如:
command[check_rootdisk]=/usr/local/nagios/libexec/check_disk-w 20% -c 10% -p /
command[check_swap]=/usr/local/nagios/libexec/check_disk-w 40% -c 20%
command[check_sensors]=/usr/local/nagios/libexec/check_sensors #需要安装sensor
command[check_users]=/usr/local/nagios/libexec/check_users-w 10 -c 20
command[check_load]=/usr/local/nagios/libexec/check_load-w 10,8,5 -c 20,18,15
command[check_sda1]=/usr/local/nagios/libexec/check_disk-w 20% -c 10% -p /dev/sda1
command[check_sda2]=/usr/local/nagios/libexec/check_disk-w 20% -c 10% -p /dev/sda2
command[check_zombies]=/usr/local/nagios/libexec/check_procs-w 5 -c 10 -s Z
command[check_all_procs]=/usr/local/nagios/libexec/check_procs-w 150 -c 200
7)启动进程
[root@node3 ~]#chkconfig --add nrped [root@node3 ~]#chkconfig --list nrped nrped 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@node3 ~]#service nrped start Starting NRPEdaemon...done. [root@node3 ~]#service nrped restart Stoping NRPEdaemon...done. Starting NRPEdaemon...done. [root@node3 ~]#netstat -tlnp Active Internetconnections (only servers) Proto Recv-Q Send-QLocal Address ForeignAddress State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1212/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1296/master tcp 0 0 192.168.0.3:5666 0.0.0.0:* LISTEN 35058/nrpe tcp 0 0 :::22 :::* LISTEN 1212/sshd tcp 0 0 ::1:25 :::* LISTEN 1296/master
3、配置监控端,nagios的服务端
1)安装NRPE
# tar -zxvfnrpe-2.12.tar.gz
# cd nrpe-2.12.tar.gz
# ./configure--with-nrpe-user=nagios \
--with-nrpe-group=nagios \
--with-nagios-user=nagios \
--with-nagios-group=nagios \
--enable-command-args \
--enable-ssl
# make all
# make install-plugin
2)定义如何监控远程主机及服务:
通过NRPE监控远程Linux主机要使用chech_nrpe插件进行,其语法格式如下:
check_nrpe -H<host> [-n] [-u] [-p <port>] [-t <timeout>] [-c<command>] [-a <arglist...>]
测试远端主机是否正常
[root@node4 libexec]#./check_nrpe -H 192.168.0.3
NRPE v2.15
使用示例1:
定义监控远程Linux主机swap资源的命令:
[root@node4 objects]# vim /usr/local/nagios/etc/objects/commands.cfg #添加下面的命令
definecommand{
command_namecheck_swap_nrpe
command_line $USER1$/check_nrpe –H"$HOSTADDRESS$" -c "ARG1"
}
定义远程Linux主机的swap资源:
defineservice
{
usegeneric-service
host_namelinuxserver1,linuxserver2
hostgroup_namelinux-servers
service_descriptionSWAP
check_commandcheck_swap_nrpe
normal_check_interval30
}
使用示例2:
如果希望上面的command定义更具有通用性,那么上面的定义也可以修改为如下:
定义监控远程Linux主机的命令:
definecommand
{
command_namecheck_nrpe
command_line$USER1$/check_nrpe –H "$HOSTADDRESS$" -c $ARG1$
}
$USER1$/check_nrpe –H"$HOSTADDRESS$" -c $ARG1$ $ARG2$
定义远程Linux主机的swap资源:
defineservice
{
usegeneric-service
host_namelinuxserver1,linuxserver2
hostgroup_namelinux-servers
service_descriptionSWAP
check_commandcheck_nrpe!check_swap
normal_check_interval30
}
使用示例3:
如果还希望在监控远程Linux主机时还能向其传递参数,则可以使用类似如下方式进行:
定义监控远程Linux主机disk资源的命令:
definecommand
{
command_namecheck_swap_nrpe
command_line$USER1$/check_nrpe –H "$HOSTADDRESS$" -c "check_swap" -a$ARG1$ $ARG2$
}
定义远程Linux主机的swap资源:
defineservice
{
usegeneric-service
host_namelinuxserver1,linuxserver2
hostgroup_namelinux-servers
service_descriptionSWAP
check_commandcheck_swap_nrpe!20!10
normal_check_interval30
}
实际操作:
[root@node4 objects]# vim /usr/local/nagios/etc/objects/commands.cfg #添加下面的命令
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H"$HOSTADDRESS$" -c $ARG1$
}
[root@node4 ~]# cd/usr/local/nagios/etc/objects/
[root@node4 objects]#vim commands.cfg
[root@node4 objects]#cp -p windows.cfg linuxserver.cfg
[root@node4 objects]#ll linuxserver.cfg
-rw-rw-r--. 1 nagiosnagios 4019 Feb 23 21:49 linuxserver.cfg
根据被监控端node3的关于命令的定义来定义这个
[root@node4 objects]#vim linuxserver.cfg
define host{
use linux-server ; Inherit default values from a template
host_name linuxserver ; The name we're giving to this host
alias My linux Server ; A longer nameassociated with the host
address 192.168.0.3 ; IP address of the host
}
###############################################################################
###############################################################################
#
# HOST GROUPDEFINITIONS
#
###############################################################################
###############################################################################
# Define a hostgroupfor Windows machines
# All hosts that usethe windows-server template will automatically be a member of this group
#define hostgroup{
# hostgroup_name windows-servers ; The name of the hostgroup
# alias Windows Servers ; Long name of thegroup
# }
###############################################################################
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
###############################################################################
# Create a servicefor monitoring the version of NSCLient++ that is installed
# Change thehost_name to match the name of the host you defined above
define service{
use generic-service
host_name linuxserver
service_description CHECK USERS
check_command check_nrpe!check_users
}
# Create a servicefor monitoring the uptime of the server
# Change thehost_name to match the name of the host you defined above
define service{
use generic-service
host_name linuxserver
service_description Load
check_command check_nrpe!check_load
}
# Create a servicefor monitoring CPU load
# Change thehost_name to match the name of the host you defined above
define service{
use generic-service
host_name linuxserver
service_description SDA1
check_command check_nrpe!check_sda1
}
define service{
use generic-service
host_name linuxserver
service_description SDA2
check_command check_nrpe!check_sda2
}
# Create a servicefor monitoring memory usage
# Change thehost_name to match the name of the host you defined above
define service{
use generic-service
host_name linuxserver
service_description Zombie
check_command check_nrpe!check_zombie_procs
}
# Create a servicefor monitoring C:\ disk usage
# Change thehost_name to match the name of the host you defined above
define service{
use generic-service
host_name linuxserver
service_description Total_procs
check_command check_nrpe!check_total_procs
}
# Create a servicefor monitoring the W3SVC service
# Change thehost_name to match the name of the host you defined above
define service{
use generic-service
host_name linuxserver
service_description Swap
check_command check_nrpe!check_swap
}
# Create a servicefor monitoring the Explorer.exe process
# Change thehost_name to match the name of the host you defined above
define service{
use generic-service
host_name linuxserver
service_description Rootdisk
check_command check_nrpe!check_rootdisk
}
define service{
use generic-service
host_name linuxserver
service_description Sensor
check_command check_nrpe!check_sensors然后修改nagios.cfg,添加cfg_file一个条目
[root@node4 ~]# vim/usr/local/nagios/etc/nagios.cfg
cfg_file=/usr/local/nagios/etc/objects/linuxserver.cfg
检查语法:
[root@node4 objects]#/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
………………………….
Checking timeperiods...
Checked5 time periods.
Checking for circularpaths between hosts...
Checking for circularhost and service dependencies...
Checking global eventhandlers...
Checking obsessivecompulsive processor commands...
Checking miscsettings...
Total Warnings: 0
Total Errors: 0
然后重启nagios服务
[root@node4 ~]# clear
[root@node4 ~]#service nagios restart
Running configurationcheck...done.
Stopping nagios:.done.
Starting nagios:done.
[root@node4 ~]#
然后进nagios界面,就可以看到我们刚刚加入的机器,等一会就会检查
过一段时间监测完成以后就可以看到全是ok了
