swift 08/07/07 18:04:59 Added: nagios-guide.xml Log: Starting of nagios guide draft
Revision Changes Path 1.1 xml/htdocs/doc/en/nagios-guide.xml file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/nagios-guide.xml?rev=1.1&view=markup plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/nagios-guide.xml?rev=1.1&content-type=text/plain Index: nagios-guide.xml =================================================================== <?xml version="1.0" encoding="UTF-8"?> <!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/nagios-guide.xml,v 1.1 2008/07/07 18:04:59 swift Exp $ --> <!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> <guide disclaimer="draft"> <title>Gentoo System Monitoring with Nagios</title> <author title="Author"> <mail link="[EMAIL PROTECTED]">Sven Vermeulen</mail> </author> <abstract> For system and network monitoring, the Nagios tool is a popular choice amongst various free software users. This guide helps you discover Nagios and how you can integrate it with your existing Gentoo infrastructure. </abstract> <license/> <version>0.1</version> <date>2008-07-06</date> <chapter> <title>Introduction</title> <section> <title>System Monitoring</title> <body> <p> Single system users usually don't need a tool to help them identify the state of their system. However, when you have a couple of systems to administer, you will require an overview of your systems' health: do the partitions still have sufficient free space, is your CPU not overloaded, how many people are logged on, are your systems up to date with the latest security fixes, etc. </p> <p> System monitoring tools, such as the Nagios software we discuss here, offer an easy way of dealing with the majority of metrics you want to know about your system. In larger environments, often called "enterprise environments", the tools aggregate the metrics of the various systems onto a single location, allowing for centralized monitoring management. </p> </body> </section> <section> <title>About Nagios</title> <body> <p> The <uri link="http://www.nagios.org";>Nagios</uri> software is a popular software tool for host, service and network monitoring for Unix (although it can also capture metrics from the Microsoft Windows operating system family). It supports: </p> <ul> <li> obtaining metrics for local system resources, such as diskspace, CPU usage, memory consumption, ... </li> <li> discovering service availability (such as SSH, SMTP and other protocols), </li> <li> assuming network outages (when a group of systems that are known to be available on a network are all unreachable), </li> </ul> <p> and more. </p> <p> Basically, the Nagios software consists of a core tool (which manages the metrics), a web server module (which manages displaying the metrics) and a set of plugins (which obtain and send the metrics to the core tool). </p> </body> </section> <section> <title>About this Document</title> <body> <p> The primary purpose of this document is to introduce you, Gentoo users, to the Nagios software and how you can integrate it within your Gentoo environment. The guide is not meant to describe Nagios in great detail - I leave this up to the documentation editors of Nagios itself. </p> </body> </section> </chapter> <chapter> <title>Setting Up Nagios</title> <section> <title>Installing Nagios</title> <body> <p> Before you start installing Nagios, draw out and decide which system will become your master Nagios system (i.e. where the Nagios software is fully installed upon and where all metrics are stored) and what kind of metrics you want to obtain. You will not install Nagios on every system you want to monitor, but rather install Nagios on the master system and the TODO on the systems you want to receive metrics from. </p> <p> Install the Nagios software on your central server: </p> <warn> Nagios 3 is currently still ~arch masked, so you first need to unmask it. </warn> <pre caption="Installing Nagios"> # <i>emerge nagios</i> </pre> <p> Follow the instructions the ebuild displays at the end of the installation (i.e. adding <c>nagios</c> to your active runlevel, configuring web server read access and more). </p> <p> Really. Read it. </p> <!-- TODO directory structure: plugins and so forth --> </body> </section> <section> <title>Restricting Access to the Nagios Web Interface</title> <body> <p> The Nagios web interface allows for executing commands on the various systems monitored by the Nagios plugins. For this purpose (and also because the metrics can have sensitive information) it is best to restrict access to the interface. </p> <p> For this purpose, we introduce two access restrictions: one on IP level (from what systems can a user connect to the interface) and a basic authentication one (using the username / password scheme). </p> <p> First, edit <path>/etc/apache2/modules/99_nagios3.conf</path> and edit the <c>allow from</c> definitions: </p> <pre caption="Allow from definitions"> <comment>(Example allowing access from the local host and the local network)</comment> Order allow,deny Allow from 127.0.0.1 192.168.1.1/24 </pre> <p> Next, create an Apache authorization table where you define the users who have access to the interface as well as their authorizations. The authentication definition file is called <path>.htaccess</path> and contains where the authentication information itself is stored. </p> <pre caption="Example .htaccess file"> AuthName "Nagios Access" AuthType Basic AuthUserFile /etc/nagios/auth.users Require valid-user </pre> <p> Place this file inside the <path>/usr/share/nagios/htdocs</path> and <path>/usr/lib/nagios/cgi-bin</path> directories. </p> <p> Create the <path>/etc/nagios/auth.users</path> file with the necessary user credentials. By default, the Gentoo nagios ebuild defines a single user called <c>nagiosadmin</c>. Let's create that user first: </p> <pre caption="Creating the nagiosadmin user"> # <i>htpasswd2 -c /etc/nagios/auth.users nagiosadmin</i> </pre> </body> </section> <section> <title>Accessing Nagios</title> <body> <p> Once Nagios and its dependencies are installed, fire up Apache and Nagios: </p> <pre caption="Starting the services"> # <i>/etc/init.d/nagios start</i> # <i>/etc/init.d/apache2 start</i> </pre> <p> Next, fire up your browser and connect to <uri link="http://localhost/nagios";>http://localhost/nagios</uri>. Log on as the <c>nagiosadmin</c> user and navigate to the <e>Host Detail</e> page. You should be able to see the monitoring states for the local system. </p> </body> </section> <section> <title>Installing Client Daemons</title> <body> <p> TODO Inform what to install on systems that will not run the nagios interface, both for active (performs checks and communicates with the main nagios system) and passive (polled by main nagios system through check_ssh). </p> </body> </section> </chapter> <chapter> <title>Adding Gentoo Support</title> <section> <title>System Security Checks</title> <body> <p> TODO integrate glsa-check plugin, cf. wschlich stuff? </p> </body> </section> </chapter> <chapter> <title>More Resources</title> <section> <title>Nagios Resources</title> <body> <p> TODO check plugins (nagiosexchange.org) </p> <p> TODO additional nagios packages </p> </body> </section> </chapter> <!-- TODO additional chapter "Extending the Nagios Installation", dixit dertobi123 --> </guide> -- [email protected] mailing list
