Yujun_Wu wrote:
I am working on getting the monitoring info out of ganglia and put them into a grid-level monitoring tool. I find I can do this in three ways after browsing the ganglia documentation: 1. telnet remote.cluster.nodename 8649 2. gstat 3. through rrdb The first one (using telnet) gives the richest monitoring information and gstat only provides limited info. However, we are discouraged from using telnet for security reasons. And I am a little bit unwilling to get info through rrdb. Could somebody tell me what's the best way to get info out of ganglia and put them into a grid-level monitoring tool? Is there a tool similar to gstat that offers richer monitoring info similar to the info I get through telnet.
Technically, telnetd is only a security hole when you're transmitting authentication information or other sensitive data, since it offers no encryption (to say nothing of the possibilities of h4x0r1ng the rest of the login sequence).
But hacking gmond would be like phreaking the speaking clock. It's just not listening to you. Check the code to see for yourself - gmond opens the socket, checks the origin IP, and immediately dumps its entire monitoring hash as XML, then closes the socket. All you can really do is spoof an IP or possibly send some bogus socket options to it, which would get you the XML feed. I think you'd be OK as long as you didn't add a plaintext_root_password metric. :P And let's say there's an overflow and someone manages a shell. Fantastic, they've just gotten themselves a shell as a very low-priority user (if not a chroot'd one).
That having been said, if you don't trust it, Do What I Do[tm] - run gmond locally on the monitoring server and tell it only to trust localhost.
(of course, I run gmetad on top of that, as well...) Anyway. Stuff to think about.
