Nagios软件介绍及服务端安装部署实战

1. Nagios服务端安装

1.1 准备3台服务器或者虚拟机器

管理IP地址

角色

备注

192.168.1.80

Nagios监控服务器

192.168.1.81

Lamp服务器

被监控的客户端服务器

192.168.1.82

Lamp服务器

被监控的客户端服务器

1.2 解决perl编译问题:

后面编译的软件有perl程序,这里要提前设置下环境变量

批量执行命令如下:

echo 'export LC_ALL=C' >> /etc/profile   去除所有本地化的设置,让命令能正确执行

tail -1 /etc/profile

source /etc/profile

echo $LC_ALL    --------C表示正确

1.3 关闭nagios server 防火墙

测试环境下为了调试方便关闭防火墙

/etc/init.d/iptables stop

chkconfig iptables off

1.4 解决系统时间同步

如果不解决时间同步,会导致nagios配置异常甚至失败

crontab -e

#time sync by oldboy at 2010-2-1

*/10 * * * * /usr/sbin/ntpdate pool.ntp.org >/dev/null 2>&1

1.5 安装或者升级nagios所需的基础软件包

yum -y install gcc glibc glibc-common gd gd-devel httpd php php-gd

yum -y install mysql* (非必需,如果要监控mysql需要安装)

1.6 创建nagios所需的用户及组

useradd -m nagios

useradd apache

groupadd nagcmd

usermod -a -G nagcmd nagios

usermod -a -G nagcmd apache

1.7 安装nagios软件包

tar -xf nagios-4.1.1.tar.gz

cd nagios-4.1.1

./configure --with-command-group=nagcmd

(注:如果是编译安装的httpd时,可以执行./configure --with-httpd-conf=/usr/local/apache/conf/extra增加一个编译参数即指定nagios web配置的生成路径)

make all

make install

make install-init

make install-commandmode

make install-config

1.8 安装nagios web 配置文件及创建登陆用户

make install-webconf

(注:如果通过编译安装httpd,编辑vim /usr/local/apache/conf/httpd.conf增加Include conf/extra/nagios.conf

或者mkdir -p /etc/httpd/conf && make install-webconf

cp /etc/httpd/conf.d/nagios.conf /usr/local/apache/conf/extra

vim /usr/local/apache/conf/httpd.conf增加Include conf/extra/nagios.conf

创建nagios web监控界面登入时需要的用户名(oldboy)及密码(redhat

htpasswd -c /usr/local/nagios/etc/htpasswd.users oldboy

(之所以放到 /usr/local/nagios/etc/是因为这个文件中的密码是加密的)

1.9 添加监控报警的接收email地址

vim /usr/local/nagios/etc/objects/contacts.cfg +35

email                           nagios@localhost(改为自己的邮箱)

或者:sed -i 's#nagios@localhost#824412801@qq.com#' /usr/local/nagios/etc/objects/contacts.cfg

1.10 配置apache服务

启动apache :  /etc/init.d/httpd start

1.11 安装nagios插件软件包

tar -xf nagios-plugins-2.1.1.tar.gz

cd nagios-plugins-2.1.1

./configure --with-nagios-user=nagios --with-nagios-group=nagios --enable-perl-modules

make (如果编译遇到Error2configure--with-mysql=/usr/local/mysql解决)

make install

检查插件软件包的个数:

ls /usr/local/nagios/libexec/ | wc -l

1.12 配置nagios自启动

chkconfig nagios on

1.13 验证nagios配置文件(检查语法)

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

或者:/etc/init.d/nagios checkconfig

启动nagios服务

/etc/init.d/nagios start

检查nagios进程

ps -ef | grep nagios

(如果启动失败,检查selinux是否关闭)

此时打开浏览器输入ip/nagios 输入以上设置的用户名密码即可进入

1.14 安装nrpe

tar -xf nrpe-2.15.tar.gz

cd nrpe-2.15

./configure

make all

make install-plugin

make install-daemon

make install-daemon-config

提示:生成nrpe的配置文件/usr/local/nagios/etc/nrpe.cfg

服务端也要安装nrpe,不然会缺少相关检测配件,另外服务端也会监控自身的基本健康状态

 

2. Nagios客户端安装

2.1 解决perl编译问题:

后面编译的软件有perl程序,这里要提前设置下环境变量

批量执行命令如下:

echo 'export LC_ALL=C' >> /etc/profile

tail -1 /etc/profile

source /etc/profile

echo $LC_ALL    --------C表示正确

2.2 关闭nagios server 防火墙

测试环境下为了调试方便关闭防火墙

/etc/init.d/iptables stop

chkconfig iptables off

2.3 解决系统时间同步

如果不解决时间同步,会导致nagios配置异常甚至失败

crontab -e

#time sync by oldboy at 2010-2-1

*/10 * * * * /usr/sbin/ntpdate pool.ntp.org >/dev/null 2>&1

2.4 安装nagios-plugins-2.1.1.tar.gz

useradd nagios -M -s /sbin/nologin

tar -xf nagios-plugins-2.1.1.tar.gz

cd nagios-plugins-2.1.1

./configure --with-nagios-user=nagios --with-nagios-group=nagios --enable-perl-modules

(如果是编译安装: yum install perl-devel perl-CPAN -y

./configure --with-nagios-user=nagios --with-nagios-group=nagios --enable-perl-modules --with-httpd-conf=/usr/local/apache/conf/extra --with-mysql=/application/mysql)  

make

make install

检查插件软件包的个数:

ls /usr/local/nagios/libexec/ | wc -l

2.5 安装nrpe

tar -xf nrpe-2.15.tar.gz

cd nrpe-2.15

./configure

make all

make install-plugin

make install-daemon

make install-daemon-config

2.6 安装其他插件

tar -xf Params-Validate-0.91.tar.gz

cd Params-Validate-0.91

    perl Makefile.PL

make

make install

----------------------------

 tar -xf Class-Accessor-0.34.tar.gz

 cd Class-Accessor-0.34

 perl Makefile.PL

 make

 make install

------------------------

tar -xf Config-Tiny-2.23.gz

cd Config-Tiny-2.23

perl Makefile.PL

make && make install

-----------------------------

tar -xf Math-Calc-Units-1.07.tar.gz

cd Math-Calc-Units-1.07

perl Makefile.PL

make

make install

-----------------------------------

tar -xf Regexp-Common-2016020301.tar.gz

cd Regexp-Common-2016020301

perl Makefile.PL

make

make install

------------------------------------

yum install sysstat -y

这个命令是安装系统性能分析工具,监控系统性能时程序或脚本会调用这些工具

iostat 查看磁盘IO

2.7 配置开发的几个基础脚本插件

cp check_memory.pl /usr/local/nagios/libexec

cp check_iostat /usr/local/nagios/libexec

chmod 755 /usr/local/nagios/libexec/check_memory.pl

chmod 755 /usr/local/nagios/libexec/check_iostat

dos2unix /usr/local/nagios/libexec/check_memory.pl

dos2unix /usr/local/nagios/libexec/check_iostat

2.8 配置nrpe

cd /usr/local/nagios/etc/

vim nrpe.cfg +79

allowed_hosts=192.168.1.80  nagios服务器的IP,配置允许哪个nagios连接)

(或者:perl -pi -e 's/allowed_hosts=127.0.0.1/allowed_hosts=192.168.1.80/g' /usr/local/nagios/etc/nrpe.cfg

vim nrpe.cfg  291行)

#command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10

#command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20

#command[check_hda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda1

#command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs -w 5 -c 10 -s Z

#command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c 200

command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20

command[check_mem]=/usr/local/nagios/libexec/check_memory.pl -w 10% -c 3%

command[check_disk]=/usr/local/nagios/libexec/check_disk -w 15% -c 7% -p /

command[check_swap]=/usr/local/nagios/libexec/check_swap -w 20% -c 10%

command[check_iostat]=/usr/local/nagios/libexec/check_iostat -w 6 -c 10

注:上面依次为对负载,内存,硬盘,虚拟内存,磁盘IO的监控,这些都是本地的服务(我们这里称之为被动监控),由nagios服务器通过nrpe插件定时去clientnrpe服务定期获取信息

启动:nagio client

/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d

echo  "/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d" >> /etc/rc.local

ps -ef|grep nagios

netstat -lnt

lsof -i tcp:5666

 

3. 配置servernagios监控的服务

3.1 配置主配置文件

vim etc/nagios.cfg +34  (配置如下主机和服务的胚子文件)

#added by oldboy 20160507

cfg_file=/usr/local/nagios/etc/objects/hosts.cfg

cfg_file=/usr/local/nagios/etc/objects/services.cfg

cfg_dir=/usr/local/nagios/etc/objects/services

(作为备用增加一个service目录,使用目录的优点很多,在目录下只要符合*.cfg就可以被nagios加载,使用脚本批量部署时非常方便的随机配置命令,必须存在此目录)

#cfg_file=/usr/local/nagios/etc/objects/localhost.cfg(对本机的监控注释掉)

创建services目录mkdir /usr/local/nagios/etc/objects/services

cd /usr/local/nagios/etc/objects

生成hosts.cfg文件

head -51 localhost.cfg >hosts.cfg

对目录授权

chown -R nagios.nagios /usr/local/nagios/etc/objects/hosts.cfg

生成services.cfg文件

touch services.cfg  (暂时留空)

授权

chown -R nagios.nagios /usr/local/nagios/etc/objects/services.cfg

 

3.2 hosts.cfg中主机定义部分配置参数详解

define host{ 

       use                     linux-server    ;定义主机使用的模板

    host_name                       Nagios-Server   ; 设置主机的名字,该名字会出现在hostgroups.cfg services.cfg 中。注意,这个名字可以不是该服务器的主机名。 

        alias                           Nagios服务器     ; 别名 

        address                         192.168.81.128  ; 主机的IP 地址 

        check_command                   check-host-alive ; 检查使用的命令,需要在命令定义文件定义,默认是定义好的。 

        check_interval                  1               ; 检测的时间间隔 

        retry_interval                  1               ; 检测失败后重试的时间间隔 

        max_check_attempts              3               ; 最大重试次数 

        check_period                    24x7            ; 检测周期 

        process_perf_data               0 

        retain_nonstatus_information    0 

        contact_groups                  admins         ; 报警需要通知的联系组 

        notification_interval           30              ; 故障后,两次报警的时间间隔,默认单位分钟

        notification_period             24x7            ; 一天之内通知的周期 ,比如全天

        notification_options            d,u,r           ; 通知的选项 

#w—报警(warning)u—未知(unkown) 

#c—严重(critical)r—从异常情况恢复正常 

3.2.1 nagios 的监控模式定义及监控模式选择

按照监控的行为来看,Nagios插件的监控可以分为主动监控和被动监控

主动服务:我们把对于像URL监控这样的一般由服务端发出请求探测就可以得到数据的监控方式,定义为主动监控。当然,主动监控也可以配置成被动模式。

被动监控:我们把对负载,内存,硬盘,虚拟内存,磁盘IO等的监控,这些都是本地的资源,非系统对外提供的服务,这种资源的监控是有nagios服务器通过nrpe插件去连接clientnrpe服务定期获取信息发回服务端。这样的监控我们称为被动监控。

3.3 hosts.cfg中主机定义部分批量模板化配置

主机的配置可以只配置关键选项,多数选项课采用linux-server模板的默认值

#定义一个主机组   

define host{   

uselinux-server   

        host_name              qmail      #主机组名称,可以随意指定。

        alias                    016-qmail        #主机组别名

        address192.168.1.85     

    }

千台服务器配置

define host{   

uselinux-server   

        host_name              qmail      #主机组名称,可以随意指定。

        alias                    016-qmail        #主机组别名

        address192.168.1.85     

    }

 

define host{   

uselinux-server   

        host_name              qmail      #主机组名称,可以随意指定。

        alias                    016-qmail        #主机组别名

        address192.168.1.86    

    }

...............

 

3.4 services.cfg中服务定义部分参数

services.cfg文件是配置监控服务的,是nagios最重要的配置文件之一,对于服务器数量比较少(50台以内),大部分需要的监控服务配置都可以在里面添加,此文件默认不存在

vim services.cfg 

define service {     意思是定义一个服务

use    generic-service    ;定义该服务使用的模板

        host_name               Nagios-Server           ; 被监控的主机名,hosts.cfg 定义的主机名称 

        service_description     check-host-alive        ; 服务描述 

    check_command           check_nrpe!check_load  ;检查服务命令,这个很关键。注意被动的监控均由 check_nrpe调用  (check_load为服务端nrpe.cfg  []中定义的)

        check_period            24x7                    ; 检测的时间段 

        max_check_attempts      3                       ; 最大检测次数 

        normal_check_interval   3 ;正常状态检测间隔

        retry_check_interval    2 

        contact_groups          admins                 ; 发生故障通知的联系人组 

        notification_interval   10 

        notification_period     24x7                    ; 通知的时间段 

        notification_options    w,u,c,r 

process_perl_data1;PNP出图相关配置

 } 

磁盘分区监控【被动监控】

define service { 

use    generic-service

        host_name               a,b,c,d    ;这里可以指定多台机器,通过逗号隔开 

        service_description     Disk Partition 

    check_command           check_nrpe!check_disk

        check_period            24x7 

        max_check_attempts      3

        normal_check_interval   3 

        retry_check_interval    2 

        contact_groups          mailusers  ;磁盘的报警值设定的合理些,可只报邮件不报短信 

        notification_interval   360 

        notification_period     24x7 

        notification_options    w,u,c,r 

        check_command           check-host-alive 

process_perl_data1

也可以定义为模板

define service { 

use   generic-disk-service  ;这就是在templates.cfgdinginess好的模板名

        host_name              072-wiki

}

URL的监控用/usr/local/nagios/libexec/check_http 中的选项命令

服务端口的监控

define service { 

use    generic-service

        host_name               051-ett-1-1,052-ett-2-1 

        service_description     img_8150

    check_command           check_tcp!8150

        check_period            24x7 

        max_check_attempts      3

        normal_check_interval   3 

        retry_check_interval    2 

        contact_groups          mailusers  ;磁盘的报警值设定的合理些,可只报邮件不报短信 

        notification_interval   360 

        notification_period     24x7 

        notification_options    w,u,c,r 

        check_command           check-host-alive 

process_perl_data1

 

3.5 commands.cfg生产库实战配置例子

commands.cfg这个是定义报警命令的配置文件

define contact{ 

        contact_name maoxian ; 联系人的名字 

        alias maoxian ; 别名 

        service_notification_period 24x7 ; 服务报警的时间段 

        host_notification_period 24x7 ; 主机报警的时间段 

        service_notification_options w,u,c,r ; 就是在这四种情况下报警。 

        host_notification_options d,u,r ;同上。 

#服务报警发消息的命令,在command.cfg 中定义。 

        service_notification_commands notify-service-by-email 

#服务报警发消息的命令,在command.cfg 中定义。 

        host_notification_commands notify-host-by-email 

        email wangyx088@gmail.com       ; 定义邮件地址,也就是接收报警邮件地址。 

注:模板文件在/usr/local/nagios/etc/objects/templates.cfg ,可以复制模板,批量修改,便捷很多

 

3.6 nagios实战配置过程细节

3.6.1 监控客户端服务器磁盘分区、Load负载、Mem内存、swap、磁盘IO【被动模式】

1)首先在hosts.cfg里添加客户端主机和主机组(HOSTGROUP

cd /usr/local/nagios/etc/objects

vim hosts.cfg

define host{

        use                     linux-server           

        host_name               81-lamp-1

        alias                   81-lamp-1

        address                 192.168.1.81

}

#初学者增加上面一个HOST作为测试即可

define host{

        use                     linux-server           

        host_name               82-lamp-1

        alias                   82-lamp-1

        address                 192.168.1.82

check_command           check-host-alive

      check_period            24x7 

        max_check_attempts      3

       normal_check_interval   

        retry_check_interval    

        contact_groups          admins  

        notification_interval   300 

        notification_period     24x7 

        notification_options    d,u,r 

process_perl_data1

}

 

define hostgroup{

        hostgroup_name  linux-servers ; The name of the hostgroup

        alias           Linux Servers ; Long name of the group

        members         81-lamp-1,82-lamp-1     ; Comma separated list of hosts that belong to this group

        }

2)接下来添加要监控的服务配置到services.cfg

vim services.cfg

define service {

        use                     generic-service

        host_name               81-lamp-1,82-lamp-1

        service_description     Current Load

        check_command           check_nrpe!check_load

        max_check_attempts      2

        normal_check_interval   4

        retry_check_interval    4

        check_period            24x7

        notification_interval   1440

        notification_period     24x7

        notification_options    w,u,c,r

        contact_groups          admins

        process_perl_data       1

}

 

define service {

        use                     generic-service

        host_name               81-lamp-1,82-lamp-1

        service_description     MEM Useage

        check_command           check_nrpe!check_mem

        max_check_attempts      2

        normal_check_interval   4

        retry_check_interval    4

        check_period            24x7

        notification_interval   1440

        notification_period     24x7

        notification_options    w,u,c,r

        contact_groups          admins

        process_perl_data       1

}

 

define service {

        use                     generic-service

        host_name               81-lamp-1,82-lamp-1

        service_description     Swap Useage

        check_command           check_nrpe!check_swap

        max_check_attempts      2

        normal_check_interval   4

        retry_check_interval    4

        check_period            24x7

        notification_interval   480

        notification_period     workhours

notification_options    w,u,c,r

contact_groups          admins

process_perl_data       1

}

 

define service {

use                     generic-service

host_name               81-lamp-1,82-lamp-1

service_description     Disk Partition

check_command           check_nrpe!check_disk

max_check_attempts      8

normal_check_interval   3

retry_check_interval    2

check_period            24x7

notification_interval   360

notification_period     24x7

notification_options    w,u,c,r

contact_groups          admins

process_perl_data       1

}

 

define service {

use                     generic-service

host_name               81-lamp-1,82-lamp-1

service_description     Disk Iostat

check_command           check_nrpe!check_iostat!5!11

max_check_attempts      2

normal_check_interval   4

retry_check_interval    4

check_period            24x7

notification_interval   1440

notification_period     24x7

notification_options    w,u,c,r

contact_groups          admins

process_perl_data       1

}

3)检查配置文件

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

Warning: Duplicate definition found for hostgroup 'linux-servers' (config file '/usr/local/nagios/etc/objects/localhost.cfg', starting on line 45)

Error: Could not add object property in file '/usr/local/nagios/etc/objects/localhost.cfg' on line 46.

   Error processing object config files!

此错误的解决办法,将localhost.cfg中的46行的组名重改一个

hostgroup_name  linux-servers1 ; The name of the hostgroup

        alias           Linux Servers1

 

Error: Service check command 'check_nrpe!check_load' specified in service 'Current Load' for host '81-lamp-1' not defined anywhere!

Error: Service check command 'check_nrpe!check_iostat!5!11' specified in service 'Disk Iostat' for host '81-lamp-1' not defined anywhere!

Error: Service check command 'check_nrpe!check_disk' specified in service 'Disk Partition' for host '81-lamp-1' not defined anywhere!

Error: Service check command 'check_nrpe!check_mem' specified in service 'MEM Useage' for host '81-lamp-1' not defined anywhere!

Error: Service check command 'check_nrpe!check_swap' specified in service 'Swap Useage' for host '81-lamp-1' not defined anywhere!

Error: Service check command 'check_nrpe!check_load' specified in service 'Current Load' for host '82-lamp-1' not defined anywhere!

Error: Service check command 'check_nrpe!check_iostat!5!11' specified in service 'Disk Iostat' for host '82-lamp-1' not defined anywhere!

Error: Service check command 'check_nrpe!check_disk' specified in service 'Disk Partition' for host '82-lamp-1' not defined anywhere!

Error: Service check command 'check_nrpe!check_mem' specified in service 'MEM Useage' for host '82-lamp-1' not defined anywhere!

Error: Service check command 'check_nrpe!check_swap' specified in service 'Swap Useage' for host '82-lamp-1' not defined anywhere!

..............................

Total Warnings: 0

Total Errors:   10

..........................

根据错误提示,我们可以知道,是check_nrpe插件没有定义导致

需要在commands.cfg中加入check_nrpe的插件配置

vim commands.cfg  (在结尾添加)

#check_nrpe' command definition

define command {

        command_name    check_nrpe

        command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$

        }

此时再检查语法正确,全部正确

4)启动nagios

/etc/init.d/nagios start

打开浏览器访问:192.168.1.80/nagios

此时登陆进去会报如下错误:

It appears as though you do not have permission to view information for any of the hosts you requested...

If you believe this is an error, check the HTTP server authentication requirements for accessing this CGI

and check the authorization options in your CGI configuration file.

解决方法:

cd /usr/local/nagios/etc

vim cgi.cfg

将其中所有的nagiosadmin全部替换成当前的登陆用户oldboy(%s/nagiosadmin/yan/g)

/etc/init.d/nagios reload

 

4. 通过URL及端口方式监控客户端主机提供的服务

4.1 增加从nagios服务器端发起的监控:如url地址,端口监控

此类服务一般都是开启了对外提供业务服务。这样的业务,我们一般采取主动监控的方式

4.1.1 对域名URL地址http://www.yan.com  的监控

1)添加要监控的服务配置到services.cfg

vim etc/objects/services.cfg

define service {

        use                     generic-service

        host_name               81-lamp-1

        service_description     blog_url

        check_command           check_weburl!-H www.yan.com(81主机)

        max_check_attempts      3

        normal_check_interval   2

        retry_check_interval    1

        check_period            24x7

        notification_interval   30

        notification_period     24x7

        notification_options    w,u,c,r

        contact_groups          admins

}

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg(检查语法)

有一个错误

Error: Service check command 'check_weburl!-H 192.168.1.80' specified in service 'blog_url' for host '81-lamp-1' not defined anywhere!

2)解决办法,需要在commands.cfg中加入check_weburl的插件配置

vim commands.cfg

#'check_weburl' command definition

define command {

        command_name    check_weburl

        command_line    $USER1$/check_http $ARG1$ -w 10 -c 30

        }

3)如果是测试URL监控,注意在nagios服务端的/etc/hosts下加

192.168.1.81

4.1.2 对域名URL地址http://www.yan.com/yan/test.html的监控

vim etc/objects/services.cfg

define service {

        use                     generic-service

        host_name               81-lamp-1

        service_description     blog_yan_url

        check_command     check_weburl!-H  -u /yan/test.html

        max_check_attempts      3

        normal_check_interval   2

        retry_check_interval    1

        check_period            24x7

        notification_interval   30

        notification_period     24x7

        notification_options    w,u,c,r

        contact_groups          admins

}

因为wget

需要在81主机: mkdir /var/www/html/yan

vim  /var/www/html/yan/index.html

4.1.3 对特殊带传参的URL地址的监控

vim etc/objects/services.cfg

define service {

        use                     generic-service

        host_name               yan_app

        service_description     appVIP_url

        check_command     check_weburl!-H  -u /yan/index.php?m=article&a=list&id=670

        max_check_attempts      3

        normal_check_interval   2

        retry_check_interval    1

        check_period            24x7

        notification_interval   30

        notification_period     24x7

        notification_options    w,u,c,r

        contact_groups          admins

}

4.2 监控任意端口举例如:80110258080

vim etc/objects/services.cfg

define service {

        use                     generic-service

        host_name               81-lamp-1

        service_description     ssh_22

        check_command           check_tcp!22

        max_check_attempts      3

        normal_check_interval   2

        retry_check_interval    1

        check_period            24x7

        notification_interval   30

        notification_period     24x7

        notification_options    w,u,c,r

        contact_groups          admins

}

define service {

        use                     generic-service

        host_name               81-lamp-1

        service_description     http_80

        check_command           check_tcp!80

        max_check_attempts      3

        normal_check_interval   2

        retry_check_interval    1

        check_period            24x7

        notification_interval   30

        notification_period     24x7

        notification_options    w,u,c,r

        contact_groups          admins

}

检查语法:

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg(没有错误)

(因为commands.cfg中默认已经定义了check_tcp

重新加载配置:

/etc/init.d/nagios reload

 

 

4.3 nagios调试

4.3.1 优化配置nagios启动脚本检查nagios语法

4.3.2 通过日志排查问题

tail /usr/local/nagios/var/nagios.log

4.3.3 被动模式错误排查

NRPE: Unable to read output 

1)nagios服务端执行/usr/local/nagios/libexec/check_nrpe-H192.168.1.81 check_mem

2)从客户端本地执行命令脚本检查(就是command[check_mem]=后面对应的脚本)

/usr/local/nagios/libexec/check_memory.pl -w 10% -c 3%(这个命令最后复制nrpe.cfg里的配置,不要手巧,防止出错)

4.4 基本部署及服务监控常见问题

4.4.1 问题1.打开IE无服务,出现下面错误

It appears as though you do not have permission to view information for any services you requested......

原因:打开IE登陆的nagios用户无访问权限

解决:vi /usr/local/nagios/etc/cgi.cfg

将其中所有的nagiosadmin全部替换成当前的登陆用户oldboy(%s/nagiosadmin/yan/g)

或者:将use_authentication的值改为0.

use_authentication=0

 

5. nagios图形监控显示和管理【服务端】

5.1 Pnp安装图形监控曲线(服务器端)

1)yum安装pnp软件需要的基础包

yum -y install cairo pango* zlib zlib-devel freetype freetype-devel gd gd-devel

2)安装libart_lgpl-2.3.17.tar.gz

tar -xf libart_lgpl-2.3.17.tar.gz

   cd libart_lgpl-2.3.17

   ./configure

   make

   make install

   cp -r /usr/local/include/libart-2.0 /usr/include/

3)安装rrdtool-1.4.5.tar.gz

tar -xf rrdtool-1.4.5.tar.gz

       cd rrdtool-1.4.5

./configure --prefix=/usr/local/rrdtool --disable-python --disable-tcl

configure:error:Please fix the library issues listed above and try again

解决办法:yum -y install libxml*

make && make install

ll /usr/local/rrdtool/bin/

total 500

-rwxr-xr-x. 1 root root 121433 Jun  5 23:47 rrdcached

-rwxr-xr-x. 1 root root  59970 Jun  5 23:47 rrdcgi

-rwxr-xr-x. 1 root root  61134 Jun  5 23:47 rrdtool

-rwxr-xr-x. 1 root root 264602 Jun  5 23:47 rrdupdate

4)安装pnp-0.4.13.tar.gz

tar -xf pnp-0.4.13.tar.gz

cd pnp-0.4.13

./configure --with-rrdtool=/usr/local/rrdtool/bin/rrdtool --with-perfdata-dir=/usr/local/nagios/share/perfdata

make all

make install

make install-config

make install-init

  PNP提供了一个perl脚本,可以用如下命令查到

ll /usr/local/nagios/libexec/ | grep process

-rwxr-xr-x. 1 nagios nagios  30151 Jun  6 00:19 process_perfdata.pl

5.2 nagios出图相关基本配置

1vim /usr/local/nagios/etc/nagios.cfg +835

process_performance_data=1

host_perfdata_command=process-host-perfdata

service_perfdata_command=process-service-perfdata

2vim /usr/local/nagios/etc/objects/commands.cfg +227

删除227-238,添加:

# 'process-host-perfdata' command definition

define command{

        command_name    process-host-perfdata

        command_line    /usr/local/nagios/libexec/process_perfdata.pl        

}   

 

# 'process-service-perfdata' command definition

define command{

        command_name    process-service-perfdata

        command_line    /usr/local/nagios/libexec/process_perfdata.pl        

}

(注:也可以用nagios变量$USER1$替代/usr/local/nagios/libexec/路径)

3)检查语法

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

4)重新加载nagios

/etc/init.d/nagios reload

5)浏览器输入192.168.1.80/nagios/pnp/index.php

 

出现这种情况,刷新几下就好

5.3 配置各个服务出监控状态图

1)服务出图记录数据设置

    执行编辑命令vim services.cfg,在各个服务里加process_perf_data       1

2)主机出图配置

    执行编辑命令hosts.cfg,在各个服务里加process_perf_data       1

3)整合pnp url超链接到nagios图形显示界面里

       提示:这会在主机或对应服务前面,出现一个红太阳图标,点击就是对应的服务图形监控状态

5.3.2 给主机添加红太阳超链接图标

方法一:

vim /usr/local/nagios/etc/objects/hosts.cfg  添加如下配置

    #grapbic for hosts create by yan!

    define hostextinfo {

            host_name       81-lamp-1

            action_url      /nagios/php/index.php?host=$HOSTNAME$

    }

方法二:

vim /usr/local/nagios/etc/objects/hosts.cfg  各个服务中添加如下

    action_url              /nagios/php/index.php?host=$HOSTNAME$

5.3.3 给指定服务添加红太阳超链接图标

方法一:

    vim /usr/local/nagios/etc/objects/services.cfg 结尾添加

#go sun link logo by yan

define serviceextinfo {

        host_name               81-lamp-1

        service_description     Swap Useage

        active_url              /nagios/php/index.php?host=$HOSTNAME$&srv=$SERVICEDESC$

}

 

#go sun link logo by yan

define serviceextinfo {

        host_name               81-lamp-1

        service_description     http_80

        active_url              /nagios/php/index.php?host=$HOSTNAME$&srv=$SERVICEDESC$

}

方法二:

vim /usr/local/nagios/etc/objects/services.cfg   各个服务中添加如下

   action_url/nagios/php/index.php?host=$HOSTNAME$&srv=$SERVICEDESC$

5.3.4 出图的图像数据存放路径

ll /usr/local/nagios/share/perfdata/

 

6. Nagios报警方式及生产报警策略

6.1 报警的种类及报警方式使用

6.1.1 报警的种类

1)邮件报警,生产环境尽量使用公司的信箱作为报警邮箱

2)飞信:首先在win32上装个飞信客户端,把对方手机加为好友,然后就可以给对方发短信了

3)邮件转短信报警,如139126189信箱:信箱邮件到达后,通过手机通知收件人是邮箱提供商提供的一个功能

4http短信网关

5)购买短信猫,类似手机终端一样的客户端硬件设备,实现报警,早期报警选用的一个方式

6)电话语音报警,在报警时直接电话给报警负责人

7MSNQQ及时通讯报警,模拟QQMSN发消息的功能,网友开发了程序,从命令行执行程序利用MSNQQ协议,直接发给MSNQQ好友

6.1.2 邮件报警的基本配置方法

vim /usr/local/nagios/etc/objects/contacts.cfg  +35

    email                           824412801@qq.com

    默认的报警配置在command.cfg

    # 'notify-host-by-email' command definition

define command{

        command_name    notify-host-by-email

        command_line    /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /bin/mail -s "Host $HOSTSTATE$ alert for $HOSTNAME$!" $CONTACTEMAIL$

        }

    

# 'notify-service-by-email' command definition

define command{

        command_name    notify-service-by-email

        command_line    /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /bin/mail -s "$HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$" $CONTACTEMAIL$

        }

     templates.cfg中有关邮件报警的联系人模板配置【默认已经配置,如果配置飞信、MSN等要追加】

    define contact{

        name                            generic-contact         ; The name of this contact template

        service_notification_period     24x7                    ; service notifications can be sent anytime

        host_notification_period        24x7                    ; host notifications can be sent anytime

        service_notification_options    w,u,c,r,f,s             ; send notifications for all service states, flapping events, and scheduled downtime events

        host_notification_options       d,u,r,f,s               ; send notifications for all host states, flapping events, and scheduled downtime events

        service_notification_commands   notify-service-by-email ; send service notifications via email

        host_notification_commands      notify-host-by-email    ; send host notifications via email

        register                        0                       ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL CONTACT, JUST A TEMPLATE!

        }

6.1.3 邮件转短信报警(139邮箱为例)

配置方法和和邮件报警一样,只不过在注册信箱后要开启邮箱邮件到达短信提醒功能(设置白名单)。邮件转短信报警的稳定性一般,且信息的容量有很大限制。因此,建议作为辅助报警方式。

6.1.4 联系人分级报警生产策略

vim contacts.cfg

    #手机短信用户

    define contact{

        contact_name                    shouji_wo             

        use                             generic-contact         

        alias                           Nagios Admin            

        email                           18306847338@139.com        

        }

    define contact{

        contact_name                    shouji_ni             

        use                             generic-contact         

        alias                           Nagios Admin            

        email                           18306847338@139.com        

        }

    #邮件及MSN账号

    define contact{

        contact_name                    shouji_yan             

        use                             generic-contact         

        alias                           Nagios Admin            

        email                           824412801@qq.com

        address1ryran@hotmail.com       

        }

    define contact{

        contact_name                    shouji_yu             

        use                             generic-contact         

        alias                           Nagios Admin            

        email                           pynznzyjy@163.com

        address1ryran@hotmail.com       

        }

    

    #手机组

    define contactgroup{

        contactgroup_name       shoujiusers

        alias                   Nagios Administrators

        members                 shouji_wo,shouji_ni

        }

    #邮件msn账号组

    define contactgroup{

        contactgroup_name       msnusers

        alias                   Nagios Administrators

        members                 msn_yan,msn_yu

        }

6.1.5 vim services.cfg (各个服务需要报哪些组)

例如:

define service {

        use                     generic-service

        host_name               81-lamp-1,82-lamp-1

        service_description     Disk Partition

        check_command           check_nrpe!check_disk

        max_check_attempts      8

        normal_check_interval   3

        retry_check_interval    2

        check_period            24x7

        notification_interval   360

        notification_period     24x7

        notification_options    w,u,c,r

        contact_groups          admins,shoujiusers

        process_perf_data       1

        action_url              /nagios/php/index.php?host=$HOSTNAME$&srv=$SERVICEDESC$

}

 

6.2 手机短信报警

6.2.1 飞信软件报警

飞信报警的实现原理是:首先在个人电脑上(非报警服务器)装个飞信客户端,然后注册一个用于报警的发送人账号,需要绑定手机,然后登陆飞信客户端,把需要接收报警的所有手机加为好友(需要对方确认),然后就可以使用发送人账号给对方发短信了服务器报警使用其命令行模式的发送方式

飞信机器人下载地址:

    1)解压fetion/usr/local下面

    tar -xf fetion.tar.gz -C /usr/local/

2)把飞信的lib库和系统的/usr/lib/做一个软连接

    ln -s /usr/local/fetion/cenos54X64_20101113/lib/lib* /usr/lib

3)下面介绍飞信命令的一些选项【必须熟悉】

--mobile=[mobile]         这里是登陆的选项,使用手机号码登陆。 --sid=[sid]                       这里是使用用户名登陆、  

--pwd=[pwd]                  这里是登陆的密码。   

--config=[config file] *format:index mobile password   

--index=[index no in config file,refer to sample.conf]   

--debug  *debug mode on    --hide  *login fetion in hidden state    --to=[mobile/sid]            这个是接收人的手机号码 或者飞信用户名。   

--command-path=[command file path]   

--robotmode   

--daemon(linux only)    --proxy-ip(http proxy ip)   

--proxy-port(http proxy port)   

--msg-gb=[gb2312/gbk message]   

--msg-utf8=[utf8 message]            这个是短信的内容,以UTF8格式   

--msg-type=[0/1/2 sms longsms smartmsg]   

--file-gb=[gb2312/gbk file]   

--file-utf8=[utf8 file]   

--query-cmcc-no   

--auto-retry   

--exit-on-verifycode   

4)开始执行fetion测试命令:

      特别注意:在执行下面的发送信息命令时会返回一堆信息,然后命令处于等待用户输入验证码阶段

        ./fetion --mobile=18306847338 --pwd=yan5714076 --to=18306847338 --msg-type=1 --msg-utf8="fetion test"

验证码在/usr/local/fetion/ 重开一个窗口,下载验证码图片

     5)配置nagios通过飞信报警格式

     a:修改command.cfg

       cd /usr/local/nagios/etc/objects

       vim commands.cfg +37 (添加以下内容)

# 'notify-host-by-fetion' command definition

define command{

        command_name    notify-host-by-fetion        

        command_line    ./fetion --mobile=18306847338 --pwd=yan5714076 --to=18306847338 --msg-type=1 --msg-utf8="** $NOTIFICATIONTYPES$ Host Alert: $HOSTNAMES$ is $HOSTSTATE$ **"

        }

    

# 'notify-service-by-fetion' command definition

define command{

        command_name    notify-service-by-fetion        

        command_line    ./fetion --mobile=18306847338 --pwd=yan5714076 --to=18306847338 --msg-type=1 --msg-utf8="**$NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$ **"

        }

 b:修改templates.cfg

        vim templates.cfg  +34

    service_notification_commands   notify-service-by-email,notify-service-by-fetion        

        host_notification_commands      notify-host-by-email,notify-host-by-fetion