原始碼安裝nagios監控系統(centos7)
一、nagios簡介
1、一款開源的電腦系統和網路監視工具,可以有效監控windows、Linux和Unix的主機狀態
,交換機、路由器等網路設定。在系統或服務狀態異常時發出郵件或者簡訊報警,第一
時間通知支離維人員,在狀態恢復後發出正常的郵件或者簡訊通知。
2、主要功能
網路服務監控(SMTP、POP3、HTTP、NNTP、ICMP、SNMP、FTP、SSH)
主機資源監控(CPU load、disk usage、system logs),也包括Windows主機(使用NSClient++ plugin)
可以指定自己編寫的Plugin通過網路收集資料來監控任何情況
可以通過配置Nagios遠端執行外掛遠端執行指令碼
簡單的plugin設計允許使用者很容易的開發自己需要的檢查服務,支援很多開發語言
包含很多圖形化資料Plugins(Nagiosgraph、Nagiosgrapher、PNP4Nagios等)
可並行服務檢查
能夠定義網路主機的層次,允許逐級檢查,就是從父主機開始向下檢查
當服務或主機出現問題時發出通告,可通過email, pager, sms 或任意使用者自定義的plugin進行通知
能夠自定義事件處理機制重新激活出問題的服務或主機
自動日誌迴圈
支援冗餘監控
包括Web介面可以檢視當前網路狀態,通知,問題歷史,日誌檔案等
二、nagios工作原理
1、Nagios的功能是監控服務和主機,但是他自身並不包括這部分功能,所有的監控、檢測功能都是通過各種外掛來完成的。
0(OK)表示狀態正常/綠色
1(WARNING)表示出現警告/***
2(CRITICAL)表示出現非常嚴重的錯誤/紅色
3(UNKNOWN)表示未知錯誤/深***
3、Nagios 通過NRPE 來遠端管理服務
Nagios 執行安裝在它裡面的check_nrpe 外掛,並告訴check_nrpe 去檢測哪些服務。
通過SSL,check_nrpe 連線遠端機子上的NRPE daemon
NRPE 執行本地的各種外掛去檢測本地的服務和狀態(check_disk)
最後,NRPE 把檢測的結果傳給主機端的check_nrpe,check_nrpe 再把結果送到Nagios狀態佇列中。
Nagios 依次讀取佇列中的資訊,再把結果顯示出來。
1、lamp環境搭建
(1)原始碼安裝apr-1.5.2和apr-util-1.5.4
cd apr-1.5.2
./configure && make && make install
cd apr-util-1.5.4
./configure --with-apr=/usr/local/apr/ && make && make install
(2)安裝openssl-devel
#mod_ssl has been requested
yum -y install openssl-devel
(3)原始碼安裝httpd-2.4.17
#./configure --prefix=/usr/local/apache2 --sysconfdir=/etc/httpd/ --enable-so --enable-ssl=static --with-ssl=/usr/local/ssl/ --enable-mods-shared=all --with-apr=/usr/local/apr/ --with-apr-util=/usr/local/apr/ --enable-cgi --enable-suexec
./configure --prefix=/usr/local/apache2 --sysconfdir=/etc/httpd/ --enable-so --enable-ssl=static --with-ssl=/usr/local/ssl/ --enable-mods-shared=all --with-apr=/usr/local/apr/ --with-apr-util=/usr/local/apr/ --enable-cgi
make && make install
(4)原始碼安裝mysql-5.6.27-linux-glibc2.5-x86_64
#FATAL ERROR: please install the following Perl modules before executing scripts/mysql_install_db:Data::Dumper
yum -y install perl-Data-Dumper
tar zxvf mysql-5.6.27-linux-glibc2.5-x86_6.tar.gz -C /uar/local/
cd /usr/local
ln -s mysql-5.6.27-linux-glibc2.5-x86_64/ mysql
cd mysql
#新增mysql使用者和群組
groupadd mysql
useradd -r -g mysql mysql
#修改相關目錄和檔案屬主和所屬群組
chown -R mysql .
chgrp -R mysql .
或者:chown -R mysql:mysql .
#將目錄屬主更改為root,避免mysql使用者將目錄刪除
chown -R root .
chown -R mysql data
#使用mysql使用者許可權來初始化資料庫
scripts/mysql_install_db --user=mysql
#將mysql新增為服務
cp support-files/mysql.server /etc/init.d/mysqld
chkconfig --add mysqld
#將mysql的bin目錄加入到PATH環境變數
#在/etc/profile最後面新增
echo "PATH=$PATH:/usr/local/mysql/bin">>/etc/profile
source /etc/profile
#指令碼初始化已經新增mysqld指令碼,如果沒有直接cp /etc/init.d/mysqld
/etc/rc.d/init.d/mysqld
#啟動mysql
mkdir -p /var/run/mysqld/
chown -R mysql:mysql /var/run/mysqld/
#/var/log/mariadb/mariadb.log No such file or directory
mkdir -p /var/log/mariadb/ /var/run/mariadb/
touch /var/log/mariadb/mariadb.log
chown root:mysql /var/log/mariadb/mariadb.log /var/run/mariadb/
chmod -R 774 /var/log/mariadb/mariadb.log /var/run/mariadb/
/usr/local/mysql/bin/mysqld_safe &
ln -s /var/lib/mysql/mysql.sock /tmp/mysql.sock
#在/etc/my.cnf 檔案socket引數指定為/tmp/mysql.sock
echo "socket=/tmp/mysql.sock">>/etc/my.cnf
#修改root密碼為love
#mysqladmin -u root -p password love --socket=/var/lib/mysql/mysql.sock
mysqladmin -u root -p password love
(4)原始碼安裝php-5.6.15
#apxs是在安裝php時生成動態連線模組工具,如果不指明路徑,apache就無法呼叫php
#一定要新增--with-apxs2=/usr/local/apache2/bin/apxs
#php安裝完成後,可以看到會在httpd.conf檔案新增"LoadModule php5_module modules/libphp5.so"
#安裝依賴包libxml2-devel
#error: xml2-config not found. Please check your libxml2 installation
yum -y install libxml2-devel
#libzip:not found
yum -y install libzip-devel
#動態載入php來完成解析
#./configure --prefix=/usr/local/php --with-config-file-path=/etc --with-mysql=/usr/local/mysql/ --with-apxs2=/usr/local/apache2/bin/apxs
./configure --prefix=/usr/local/php --with-config-file-path=/etc --with-mysql=/usr/local/mysql/ --with-apxs2=/usr/local/apache2/bin/apxs --enable-mbstring --with-libzip --enable-zip
make && make install
cp php.ini-development /etc/php.ini
#不需要進行手動更改就可以讓apache呼叫php
#php在編譯的時候會修改httpd.conf配置檔案,新增如下一行
LoadModule php5_module modules/libphp5.so
#如果在編譯的時候沒有指定--with-apxs2=/usr/local/apache2/bin/apxs,則apache無法載入php
(5)lamp連線測試
#設定service方式啟動apache
#將啟動指令碼複製為/etc/init.d/httpd
cp /usr/local/apache2/bin/apachectl /etc/init.d/httpd
#可以這樣來停止、啟動和重啟apache
service httpd stop/start/restart
/etc/init.d/httpd stop/start/restart
/usr/local/apache2/bin/apachectl stop/start/restart
#或許是因為相容性不好,無法使用chkconfig設定開機啟動
chkconfig –add httpd
#但是可以修改/etc/rc.local設定apache開機啟動
#在/etc/rc.local新增
/usr/local/apache2/bin/apachectl start
#修改httpd.conf:
#如果使用yum安裝apache,配置檔案存放在
/etc/httpd/conf/httpd.conf
#DocumentRoot為
/var/www/html
#如果是使用原始碼方法安裝,配置檔案存放在
/usr/local/apache2/conf/httpd.conf
#DocumentRoot為
/usr/local/apache2/htdocs
#在<IfModule></IfModule>新增如下兩行,以便apache知道怎樣解析php檔案
AddType application/x-httpd-php .php .phtml
AddType application/x-httpd-php-source .phps
#修改ServerName
ServerName 192.168.137.40:80
#在htdocs目錄新增檔案index.php,內容如下
#讀取mysql資料庫中的資料表user內容
<?php
$con=mysql_connect("localhost","root","love");
$sql="select user,password from user";
$db_select=mysql_select_db("mysql",$con);
$result=mysql_query($sql,$con);
while ($row=mysql_fetch_array($result))
{
echo $row["user"]." ".$row["password"];
echo "<br/>";
}
mysql_close($con);
?>
#從mysql資料庫中讀取資料表user並顯示
#載入cgi解析
#在"LoadModule php5_module modules/libphp5.so"後面新增
LoadModule cgi_module modules/mod_cgi.so
2、安裝nagios-4.1.1
cd nagios-4.1.1
useradd nagios -M -s /sbin/nologin
#unzip: command not found
yum -y install unzip
./configure --prefix=/usr/local/nagios --with-nagios-group=nagios
make install && make all && make install-init && make install-commandmode && make install-config
cp sample-config/httpd.conf /etc/httpd/nagios.conf
#make install-exfoliation,因找不到目錄而失敗
#cp: target /usr/local/nagios/share/stylesheetsis not a directory
mkdir -p /usr/local/nagios/share/stylesheetsis
cp -rf contrib/exfoliation/stylesheets/* /usr/local/nagios/share/stylesheetsis/
#make install-classicui
#cp: target usr/local/nagios/share/stylesheetsis not a directory
cp -rf html/stylesheets/* /usr/local/nagios/share/stylesheets
#安裝外掛
cd nagios-plugins-2.1.1
./configure --with-gnutls --enable-perl-modules --enable-libtap --with-openssl --with-gnutls && make && make install
#Can't locate ExtUtils/MakeMaker.pm
yum -y install perl-CPAN
cpan -i ExtUtils::MakeMaker
#或者
yum -y install perl-ExtUtils-MakeMaker.noarch
#新增nagios管理使用者
/usr/local/apache2/bin/htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
#檢查配置檔案
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
#下面的是因為nagios沒有啟動,啟動nagios即可
#Error: Could not read object configuration data!
/usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg
#開啟瀏覽器訪問,IP為實際IP或者域名,如果是域名一定要能夠解析
3、監控windows主機
(1)安裝NSCP-0.4.3.143-Win32.msi
#啟用以下選項
Enable common check plugins
Enable nsclient server(check_nt)
Enable NRPE server(check_nrpe)
Secure(UserCertificates for authentication)
Enable NSCA client
Allow hosts:127.0.0.1,::1,192.168.137.111,192.168.137.8
password:123456
#配置檔案存放於安裝目錄下的nsclient.ini
(2)檢視nsclient++監控埠5666
netstat -anbv | find "5666"
(3)配置nagios
#命令列檢查,檢查系統執行時間
#-H:指定主機,-s:指定密碼,-p:指定埠,-v:指定查詢選項
/usr/local/nagios/libexec/check_nt -H 192.168.137.222 -s 123456 -p 12489 -v UPTIME
#檢查CPU資訊
#-w:警告比例;-c:緊急比例;-l:過去5分鐘平均值,80%為警告,90%為緊急
/usr/local/nagios/libexec/check_nt -H 192.168.137.222 -s 123456 -p 12489 -v CPULOAD -w 80 -c 90 -l 5,80,90
#檢查硬碟使用率
#-w:警告比例;-c:緊急比例;-l:指定碟符
/usr/local/nagios/libexec/check_nt -H 192.168.137.222 -s 123456 -p 12489 -v USEDDISKSPACE -w 80 -c 90 -l C
#在/usr/local/nagios/etc/command.cfg最後新增
define command{
command_name check_win
command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -v $ARG1$ $ARG2$
}
#複製/usr/local/nagios/etc/objects/windows.cfg一份win-222.cfg,並修改為
#繼承模板/usr/local/nagios/etc/objects/template.cfg windows-server主機監控設定以及generic-service服務監控設定
#監控主機IP為192.168.137.222,被監控的服務分別為:系統執行時間、CPU負載、記憶體使用情況、C盤使用情況以及explorer.exe程序數
define host{
use windows-server ; Inherit default values from a template
host_name win-222; The name we're giving to this host
alias My Windows Server ; A longer name associated with the host
address 192.168.137.222 ; IP address of the host
}
define hostgroup{
hostgroup_name windows-servers ; The name of the hostgroup
alias Windows Servers ; Long name of the group
}
define service{
use generic-service
host_name win-222
service_description NSClient++ Version
check_command check_nt!CLIENTVERSION
}
define service{
use generic-service
host_name win-222
service_description Uptime
check_command check_nt!UPTIME
}
define service{
use generic-service
host_name win-222
service_description CPU Load
check_command check_nt!CPULOAD!-l 5,80,90
}
define service{
use generic-service
host_name win-222
service_description Memory Usage
check_command check_nt!MEMUSE!-w 80 -c 90
}
define service{
use generic-service
host_name win-222
service_description C:\ Drive Space
check_command check_nt!USEDDISKSPACE!-l c -w 80 -c 90
}
define service{
use generic-service
host_name win-222
service_description Explorer
check_command check_nt!PROCSTATE!-d SHOWALL -l explorer.exe
}
#效果圖示,可以看到已經正常監控到windows各項服務
4、監控linux主機
#監控IP為192.168.137.6的linux主機,分別監控ping、root分割槽使用情況、現存使用者情況、程序數、實時負載、swap使用情況、ssh和httpd程序
define host{
use linux-server ; Name of host template to use
; This host definition will inherit all variables that are defined
; in (or inherited by) the linux-server host template definition.
host_name linux-6
alias linux-6
address 192.168.137.6
}
define hostgroup{
hostgroup_name my-linux-servers ; The name of the hostgroup
alias My Linux Servers ; Long name of the group
members linux-6 ; Comma separated list of hosts that belong to this group
}
define service{
use local-service ; Name of service template to use
host_name linux-6
service_description PING
check_command check_ping!100.0,20%!500.0,60%
notifications_enabled 1
}
define service{
use local-service ; Name of service template to use
host_name linux-6
service_description Root Partition
check_command check_local_disk!20%!10%!/
notifications_enabled 1
}
define service{
use local-service ; Name of service template to use
host_name linux-6
service_description Current Users
check_command check_local_users!20!50
}
define service{
use local-service ; Name of service template to use
host_name linux-6
service_description Total Processes
check_command check_local_procs!250!400!RSZDT
notifications_enabled 1
}
define service{
use local-service ; Name of service template to use
host_name linux-6
service_description Current Load
check_command check_local_load!5.0,4.0,3.0!10.0,6.0,4.0
notifications_enabled 1
}
define service{
use local-service ; Name of service template to use
host_name linux-6
service_description Swap Usage
check_command check_local_swap!20!10
notifications_enabled 1
}
define service{
use local-service ; Name of service template to use
host_name linux-6
service_description SSH
check_command check_ssh
notifications_enabled 1
}
define service{
use local-service ; Name of service template to use
host_name linux-6
service_description HTTP
check_command check_http
notifications_enabled 1
}
#在/usr/local/nagios/etc/nagios.cfg新增如下一行,並重新載入或者啟動nagios
cfg_file=/usr/local/nagios/etc/objects/linux-6.cfg
/etc/init.d/nagios restart
/etc/init.d/nagios reload
systemctl restart nagios
systemctl reload nagios
5、郵件報警設定
5、郵件報警設定
#在/usr/local/nagios/etc/object/contact.cfg下修改為
#定義兩個Nagios Admin郵箱地址,並隸屬於admins組
define contact{
contact_name nagiosadmin ; Short name of user
usegeneric-contact ; Inherit default values from generic-contacttemplate (defined above)
alias Nagios Admin ; Full name of user
email[email protected] ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS******
}
define contact{
contact_name nagiosroot ; Short name of user
usegeneric-contact ; Inheritdefault values from generic-contact template (defined above)
alias Nagios Admin ; Full name of user
email[email protected] ;<<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******
}
define contactgroup{
contactgroup_name admins
alias Nagios Administrators
members nagiosadmin,nagiosroot
}
#在/usr/local/nagios/etc/object/win-222.cfg中新增"notifications_enabled 1"啟用郵件報警,如修改為
define service{
use generic-service
host_name win-222
service_description C:\ Drive Space
check_command check_nt!USEDDISKSPACE!-l c -w 80 -c90
notifications_enabled 1
}
define service{
use generic-service
host_name win-222
service_description Explorer
check_command check_nt!PROCSTATE!-d SHOWALL -lexplorer.exe
notifications_enabled 1
}
#到192.168.137.222這臺windows主機將nsclient++服務停止或直接禁用網絡卡模擬故障
#檢視[email protected]和[email protected]有沒有收到郵件
#可以檢視/var/log/messages日誌檔案看有沒有傳送日誌記錄
#故障後郵件報警
#故障恢復後的郵件通知
6、簡訊通告
轉載於:https://blog.51cto.com/1055745601/1717268