一、什么是nagios
Nagios 是一款开源的免费网络监控报警服务,能有效监控 Windows、Linux 和 Unix 的主机状态以及交换机、路由器和防火墙等网络设置,还有打印机、网络投影、网络摄像等设备。在系统或服务状态异常时发出邮件或其他即时通讯报警,以第一时间通知运维人员。在状态恢复后发出正常的邮件或即时通讯通知。
Nagios 有完善的插件功能,可以方便的根据应用服务扩展功能。
Nagios 可以使用服务-代理(Server-Agent)方式获取主机信息,也可以使用 SNMP 方式获取设备信息。使用服务器-代理(Server-Agent)方式在每个主机上运行代理软件,主机上的代理软件主动提交数据信息,可以避免服务器轮询带来的延迟和非实时性等问题。Nagios 已经可以支持由数万台服务器或上千台网络设备组成的云技术平台的监控,它可以充分发挥自动化运维技术特点在设备和人力资源减少成本。
Nagios 的缺点在于无法将多个相同应用集群的数据集合起来,也不能监控到集群中特殊节点的迁移和恢复。
Nagios更进一步的特征包括:
监控网络服务(SMTP、POP3、HTTP、NNTP、PING等); --公共服务
监控主机资源(处理器负荷、磁盘利用率等); --私有服务
简单地插件设计使得用户可以方便地扩展自己服务的检测方法;
并行服务检查机制;
当服务或主机问题产生与解决时将告警发送给联系人(通过EMail、短信、用户定义方式);
具备定义事件句柄功能,它可以在主机或服务的事件发生时获取更多问题定位;
可选的WEB界面用于查看当前的网络状态、通知和故障历史、日志文件等;
nagios的组成:
1、nagios的核心组件
2、nagios监控插件
3、nagios web页面(html/cgi/php)
4、nrpe远程主机私有服务的监控组件
二、配置nagios的运行环境
首先建立一个Nagios的Web主机,用来接受用户的Web访问。这里以servera作为nagios的server端:执行以下操作
安装nagios(rpm包)
[root@servera pkg]# ls #rpm包太多此处省略,下载地址:http://down.51cto.com/data/2339789
[root@servera pkg]# yum localinstall *.rpm
了解httpd的nagios虚拟主机
[root@servera conf.d]# vim /etc/httpd/conf.d/nagios.conf ScriptAlias /nagios/cgi-bin/ "/usr/lib64/nagios/cgi-bin/" Alias /nagios "/usr/share/nagios/html" <Directory "/usr/share/nagios/html"> # SSLRequireSSL Options None AllowOverride None AuthName "Nagios Access" AuthType Basic AuthUserFile /etc/nagios/passwd </Directory>
我们需要使用 htpasswd 工具设置 /etc/nagios/passwd 文件,用户名是 nagiosadmin,密码我们设置为 123456 。
[root@servera conf.d]# htpasswd -c /etc/nagios/passwd nagiosadmin New password: Re-type new password: Adding password for user nagiosadmin [root@servera conf.d]# cat /etc/nagios/passwd nagiosadmin:$apr1$YKvTZ4/1$Puhwv8zlVMOJRke9xtJxC/ 配置正常后,启动 httpd 和nagios服务, [root@servera conf.d]# systemctl restart httpd [root@servera conf.d]# systemctl restart nagios
浏览器访问:http://172.25.0.10/nagios/
若在这里想要看到右边service health处于绿色的状态的话,需要将本地的snmpd服务打开
[root@servera conf.d]# yum -y install net-snmp net-snmp-utils
[root@servera conf.d]# systemctl restart snmpd
三、配置nagios监控本机
[root@servera ~]# cat /etc/nagios/objects/localhost.cfg |grep -v ^# |grep -v ^$ define host{ use linux-server host_name localhost alias nagios监控器 address 127.0.0.1 } define hostgroup{ hostgroup_name linux-servers ; The name of the hostgroup alias Linux Servers ; Long name of the group members localhost ; Comma separated list of hosts that belong to this group } define service{ use local-service ; Name of service template to use host_name localhost service_description PING check_command check_ping!100.0,20%!500.0,60% } define service{ use local-service ; Name of service template to use host_name localhost service_description Root Partition check_command check_local_disk!20%!10%!/ } define service{ use local-service ; Name of service template to use host_name localhost service_description Current Users check_command check_local_users!20!50 } define service{ use local-service ; Name of service template to use host_name localhost service_description Total Processes check_command check_local_procs!250!400!RSZDT } define service{ use local-service ; Name of service template to use host_name localhost service_description Current Load check_command check_local_load!5.0,4.0,3.0!10.0,6.0,4.0 } define service{ use local-service ; Name of service template to use host_name localhost service_description Swap Usage check_command check_local_swap!20!10 } define service{ use local-service ; Name of service template to use host_name localhost service_description SSH check_command check_ssh notifications_enabled 0 } define service{ use local-service ; Name of service template to use host_name localhost service_description HTTP check_command check_http notifications_enabled 0 } [root@servera objects]# service nagios start [root@servera objects]# nagios -v /etc/nagios/nagios.cfg
四、配置nagios监控远程主机
在这里,我们被监控的主机为serverb这台服务器,ip地址为172.25.0.11。
NRPE是Nagios的一个功能扩展,它可在远程Linux/Unix主机上执行插件程序。通过在远程服务器上安装NRPE插件及Nagios插件程序来向Nagios监控平台提供该服务器的本地情况,如CPU负载,内存使用,磁盘使用等。我们将Nagios监控端称为Nagios服务器端,而将远程被监控的主机称为Nagios客户端。
Nagios监控远程主机的方法有多种,其方式包括SNMP、NRPE、SSH、NCSA等。Nagios官方推荐监控主机使用NRPE方式,而监控设备使用SNMP方式。
NRPE(Nagios Remote Plugin Executor)是用于在远端服务器上运行监测命令的守护进程,它用于让Nagios监控端基于安装的方式触发远端主机上的检测命令,并将检测结果返回给监控端。而其执行的开销远低于基于SSH的检测方式,而且检测过程不需要远程主机上的系统账号信息,其安全性也高于SSH的检测方式。
[root@serverb nagios]# yum -y localinstall nagios-plugins-2.0.3-1.el7.x86_64.rpm nrpe-2.15-2.el7.x86_64.rpm
[root@serverb ~]# yum -y install openssl-devel
编辑nrpe配置文件
[root@serverb nagios]# vim /etc/nagios/nrpe.cfg allowed_hosts=127.0.0.1, 172.25.0.10 # 定义监控主机的ip地址 command[check_users]=/usr/lib64/nagios/plugins/check_users -w 5 -c 10 command[check_load]=/usr/lib64/nagios/plugins/check_load -w 15,10,5 -c 30,25,20 command[check_hda1]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% -p /dev/hda1 command[check_zombie_procs]=/usr/lib64/nagios/plugins/check_procs -w 5 -c 10 -s Z command[check_total_procs]=/usr/lib64/nagios/plugins/check_procs -w 150 -c 200 # 以上为定义命令的方式,默认已配好一部分命令的定义,也可以自己调用插件来完成相关定义 启动nrpe服务 [root@serverb ~]# systemctl restart xinetd [root@serverb ~]# netstat -tnlp |grep :5666 tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 2330/nrpe tcp6 0 0 :::5666 :::* LISTEN 2330/nrpe [root@serverb nrpe-2.12]# netstat -at | grep nrpe tcp6 0 0 [::]:nrpe [::]:* LISTEN 本地检测nrpe服务: [root@serverb nrpe-2.12]# /usr/local/nagios/libexec/check_nrpe -H localhost
配置监控主机的相关内容
先在主配置文件里增加一个条目,定义serverb.conf该配置文件专门用来定义serverb的监控实例:
[root@servera objects]# vim /etc/nagios/nagios.cfg
cfg_file=/etc/nagios/objects/serverb.cfg
编写serverb.conf的相关内容:
[root@servera objects]# vim serverb.cfg # 定义主机 define host{ use linux-server host_name serverb.pod0.example.com alias serverb address 172.25.0.11 } # 定义主机组 define hostgroup{ hostgroup_name uplooking-servers alias uplooking members serverb.pod0.example.com } # 定义命令 define command{ command_name check_nrpe command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ } # 定义监控服务 define service{ use generic-service host_name serverb.pod0.example.com service_description load check_command check_nrpe!check_load } define service{ use generic-service host_name serverb.pod0.example.com service_description user check_command check_nrpe!check_users }
先运行nagios指令查看一下配置文件是否有误,根据报错修改配置参数:
[root@servera objects]# nagios -v /etc/nagios/nagios.cfg Nagios Core 3.5.1 Copyright (c) 2009-2011 Nagios Core Development Team and Community Contributors Copyright (c) 1999-2009 Ethan Galstad Last Modified: 08-30-2013 License: GPL Website: http://www.nagios.org Reading configuration data... Read main config file okay... Processing object config file '/etc/nagios/objects/commands.cfg'... Processing object config file '/etc/nagios/objects/contacts.cfg'... Processing object config file '/etc/nagios/objects/timeperiods.cfg'... Processing object config file '/etc/nagios/objects/templates.cfg'... Processing object config file '/etc/nagios/objects/localhost.cfg'... Processing object config file '/etc/nagios/objects/serverb.cfg'... Processing object config directory '/etc/nagios/conf.d'... Read object config files okay... Running pre-flight check on configuration data... Checking services... Checked 10 services. Checking hosts... Checked 2 hosts. Checking host groups... Checked 2 host groups. Checking service groups... Checked 0 service groups. Checking contacts... Checked 1 contacts. Checking contact groups... Checked 1 contact groups. Checking service escalations... Checked 0 service escalations. Checking service dependencies... Checked 0 service dependencies. Checking host escalations... Checked 0 host escalations. Checking host dependencies... Checked 0 host dependencies. Checking commands... Checked 25 commands. Checking time periods... Checked 5 time periods. Checking for circular paths between hosts... Checking for circular host and service dependencies... Checking global event handlers... Checking obsessive compulsive processor commands... Checking misc settings... Total Warnings: 0 Total Errors: 0 Things look okay - No serious problems were detected during the pre-flight check 确认配置文件无误后,重启nagios服务 [root@servera objects]# systemctl restart nagios
访问测试:
浏览器访问 http://172.25.0.10/nagios,输入用户名 nagiosadmin,密码123456。点击 map ,我们可以看到类似下图的结构。
点击services,查看对应主机监控内容是否ok,如果处于pending的状态,则稍等片刻查看数据结果:
转载于:https://blog.51cto.com/zzclinux/1978320