Nginx下搭建Nagios监控平台

Nagios依赖PHP环境和perl环境,由于Nginx不支持Perl的CGI,需先来搭建Perl环境,Nagios原理介绍略。
1、下载最新稳定源码包和Perl脚本

mkdir nagios-cacti
cd nagios-cacti
wget http://www.cpan.org/modules/by-module/FCGI/FCGI-0.74.tar.gz
wget http://www.cpan.org/authors/id/B/BO/BOBTFISH/FCGI-ProcManager-0.24.tar.gz
wget //blog.linuxeye.com/wp-content/uploads/2013/04/perl-fcgi.pl
wget http://jaist.dl.sourceforge.net/project/nagios/nagios-3.x/nagios-3.5.0/nagios-3.5.0.tar.gz
wget http://nchc.dl.sourceforge.net/project/nagiosplug/nagiosplug/1.4.16/nagios-plugins-1.4.16.tar.gz
wget http://nchc.dl.sourceforge.net/project/nagios/nrpe-2.x/nrpe-2.14/nrpe-2.14.tar.gz

2、Nginx对Perl的CGI支持
Nginx支持Perl的CGI方法有好几种,基本原理都是通过Perl的FCGI模块实现,下面的方法就是其中一种:
安装FCGI模块

tar xzf FCGI-0.74.tar.gz
cd FCGI-0.74
perl Makefile.PL
make && make install
cd ../

安装FCGI-ProcManager模块

tar xzf FCGI-ProcManager-0.24.tar.gz
cd FCGI-ProcManager-0.24
perl Makefile.PL
make && make install
cd ../

Perl脚本

cp perl-fcgi.pl /usr/local/nginx
chmod +x /usr/local/nginx/perl-fcgi.pl
/usr/local/nginx/perl-fcgi.pl > /usr/local/nginx/logs/perl-fcgi.log 2>&1 & #启动Perl
chmod 777 /usr/local/nginx/logs/perl-fcgi.sock #Nginx Log中提示Permision Denied方法
cd ../

3、Nagios安装(服务端)

useradd -s /sbin/nologin nagios
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd www
tar xzf nagios-3.5.0.tar.gz
cd nagios
yum -y install gd-devel
./configure --prefix=/usr/local/nagios --with-command-group=nagcmd
make all
make install #用于安装主要的程序、CGI及HTML文件
make install-init #用于生成init启动脚本
make install-config #用于安装示例配置文件
make install-commandmode #用于设置相应的目录权限
chkconfig --add nagios
chkconfig nagios on
cd ../

Nagios主程序只是提供一个运行框架,其具体监控是靠运行在其下的插件完成的,Nagios插件必须安装

tar xzf nagios-plugins-1.4.16.tar.gz
cd nagios-plugins-1.4.16
./configure --prefix=/usr/local/nagios --with-nagios-user=nagios --with-nagios-group=nagios
make && make install
cd ../

由于Nagios只能监测自己所在的主机的一些本地情况,例如,cpu负载、内存使用、硬盘使用等等。如果想要监测被监控的服务器上的这些本地情况,就要
用到NRPE。NRPE(Nagios Remote Plugin
Executor)是Nagios的一个扩展,它被用于被监控的服务器上,向Nagios监控平台提供该服务器的一些本地的情况。NRPE可以称为
Nagios的Linux客户端。

tar xzf nrpe-2.14.tar.gz
cd nrpe-2.14
./configure
make && make install
cp sample-config/nrpe.cfg /usr/local/nagios/etc/
chown nagios.nagios /usr/local/nagios/etc/nrpe.cfg
cd ../

4、Nginx配置(服务端)

ln -s /usr/local/nagios/share /data/admin/nagios

以http://www.linuxeye.com/nagios,需要建立软链接,服务nginx.conf配置文件如下:

################http://www.linuxeye.com/nagios#########################
        server {
        listen  80;
        server_name    _;
        access_log     /dev/null;
        root /data/admin;
        index index.php;
        location ~ .*\.(php|php5)?$  {
                fastcgi_pass  127.0.0.1:9000;
                fastcgi_index index.php;
                include fastcgi.conf;
                }
        location ~ .*\.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ {
                expires      30d;
                }
        location ~ .*\.(js|css)?$ {
                expires      1h;
                }
        location /status {
                stub_status on;
                }
        location ~ .*\.(cgi|pl)?$ {
                auth_basic "Nagios Access";
                auth_basic_user_file /usr/local/nagios/etc/htpasswd.users;
                gzip off;
                root   /usr/local/nagios/sbin;
                rewrite ^/nagios/cgi-bin/(.*)\.cgi /$1.cgi break;
                fastcgi_pass  unix:/usr/local/nginx/logs/perl-fcgi.sock;
                fastcgi_param SCRIPT_FILENAME /usr/local/nagios/sbin$fastcgi_script_name;
                fastcgi_index index.cgi;
                fastcgi_param  REMOTE_USER        $remote_user;
                fastcgi_param HTTP_ACCEPT_LANGUAGE en_US;
                include fastcgi_params;
                fastcgi_read_timeout   60;
                }
        }

以http://nagios.linuxeye.com服务nginx.conf配置文件如下:

################http://nagios.linuxeye.com##############################
        server {
        listen  80;
        server_name     nagios.linuxeye.com;
        access_log      logs/nagios_access.log combined;
        auth_basic "Nagios Access";
        auth_basic_user_file /usr/local/nagios/etc/htpasswd.users;
        location / {
        root   /usr/local/nagios/share;
        index  index.html index.htm index.php;
                }
        location ~ .*\.(php|php5)?$ {
        root /usr/local/nagios/share;
        fastcgi_pass  127.0.0.1:9000;
        fastcgi_index index.php;
        include fastcgi.conf;
                }
        location /nagios {
            alias /usr/local/nagios/share;
                }
        location /cgi-bin/images {
            alias /usr/local/nagios/share/images;
                }
        location /cgi-bin/stylesheets {
            alias /usr/local/nagios/share/stylesheets;
                }
        location /cgi-bin {
            alias /usr/local/nagios/sbin;
                }
        location ~ .*\.(cgi|pl)?$ {
        gzip off;
        root   /usr/local/nagios/sbin;
        rewrite ^/nagios/cgi-bin/(.*)\.cgi /$1.cgi break;
        fastcgi_pass  unix:/usr/local/nginx/logs/nginx-fcgi.sock;
        fastcgi_param SCRIPT_FILENAME /usr/local/nagios/sbin$fastcgi_script_name;
        fastcgi_index index.cgi;
        fastcgi_param  REMOTE_USER        $remote_user;
        fastcgi_param HTTP_ACCEPT_LANGUAGE en_US;
        include fastcgi_params;
        fastcgi_read_timeout   60;
                }
        }

#创建web验证用户
在有安装apache服务器用htpasswd或者在线生成

/usr/local/apache/bin/htpasswd -nb admin 123456 > /usr/local/nagios/etc/htpasswd.users
chown nagios.nagios /usr/local/nagios/etc/htpasswd.users

5、服务端配置文件修改
NRPE

sed -i 's@allowed_hosts=.*$@allowed_hosts=127.0.0.1,192.168.1.114@g' /usr/local/nagios/etc/nrpe.cfg
sed -i 's@command[check_hda1]@#command[check_hda1]@g' /usr/local/nagios/etc/nrpe.cfg
sed -i '223a command[check_df]=/usr/local/nagios/libexec/check_disk -w 20 -c 10' /usr/local/nagios/etc/nrpe.cfg
sed -i '224a command[check_cpu_procs]=/usr/local/nagios/libexec/check_procs -w 50 -c 90 --metric=CPU' /usr/local/nagios/etc/nrpe.cfg
sed -i '225a command[check_swap]=/usr/local/nagios/libexec/check_swap -w 20% -c 5%' /usr/local/nagios/etc/nrpe.cfg
echo '/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d' >> /etc/rc.local
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d #启动nrpe

#修改配置文件归类

sed -i 's@cfg_file=/usr/local/nagios/etc/objects/templates.cfg@#cfg_file=/usr/local/nagios/etc/objects/templates.cfg@g' /usr/local/nagios/etc/nagios.cfg
sed -i 's@cfg_file=/usr/local/nagios/etc/objects/localhost.cfg@#cfg_file=/usr/local/nagios/etc/objects/localhost.cfg@g' /usr/local/nagios/etc/nagios.cfg
sed -i '32a cfg_file=/usr/local/nagios/etc/objects/hosts.cfg' /usr/local/nagios/etc/nagios.cfg
sed -i '33a cfg_file=/usr/local/nagios/etc/objects/hostgroups.cfg' /usr/local/nagios/etc/nagios.cfg
sed -i '34a cfg_file=/usr/local/nagios/etc/objects/contactsgroups.cfg' /usr/local/nagios/etc/nagios.cfg
sed -i '35a cfg_file=/usr/local/nagios/etc/objects/services.cfg' /usr/local/nagios/etc/nagios.cfg

#命令检查时间间隔

sed -i 's@^command_check_interval.*$@command_check_interval=10s@g' /usr/local/nagios/etc/nagios.cfg

#指定用户admin可以通过浏览器操纵nagios服务的关闭、重启等各种操作

sed -i 's@authorized_for_system_information=.*$@authorized_for_system_information=admin@g' /usr/local/nagios/etc/cgi.cfg
sed -i 's@authorized_for_configuration_information=.*$@authorized_for_configuration_information=admin@g' /usr/local/nagios/etc/cgi.cfg
sed -i 's@authorized_for_system_commands=.*$@authorized_for_system_commands=admin@g' /usr/local/nagios/etc/cgi.cfg
sed -i 's@authorized_for_all_services=.*$@authorized_for_all_services=admin@g' /usr/local/nagios/etc/cgi.cfg
sed -i 's@authorized_for_all_hosts=.*$@authorized_for_all_hosts=admin@g' /usr/local/nagios/etc/cgi.cfg
sed -i 's@authorized_for_all_service_commands=.*$@authorized_for_all_service_commands=admin@g' /usr/local/nagios/etc/cgi.cfg
sed -i 's@authorized_for_all_host_commands=.*$@authorized_for_all_host_commands=admin@g' /usr/local/nagios/etc/cgi.cfg

#hosts.cfg

cat > /usr/local/nagios/etc/objects/hosts.cfg << EOF
define host {
host_name                 linux4
alias                     nagios-server
address                   192.168.1.114
contact_groups            sagroup
check_command             check-host-alive
max_check_attempts          10
notification_interval       5
notification_period         24x7
notification_options        d,u,r
}
define host {
host_name                 linux3
alias                     192.168.1.113
address                   192.168.1.113
contact_groups            sagroup
check_command             check-host-alive
max_check_attempts          10
notification_interval       5
notification_period         24x7
notification_options        d,u,r
}
EOF
chown nagios.nagios /usr/local/nagios/etc/objects/hosts.cfg
chmod 664 /usr/local/nagios/etc/objects/hosts.cfg

#hostgroups.cfg

cat > /usr/local/nagios/etc/objects/hostgroups.cfg << EOF
define hostgroup {
hostgroup_name  sa-servers
alias           sa servers
members         linux4,linux3
}
EOF
chown nagios.nagios /usr/local/nagios/etc/objects/hostgroups.cfg
chmod 664 /usr/local/nagios/etc/objects/hostgroups.cfg

#contacts.cfg

cp /usr/local/nagios/etc/objects/contacts.cfg /usr/local/nagios/etc/objects/contacts.cfg.bk
cat > /usr/local/nagios/etc/objects/contacts.cfg << EOF
define contact {
contact_name    admin
alias           system administrator
service_notification_period    24x7
host_notification_period       24x7
service_notification_options   w,u,c,r
host_notification_options       d,u,r
host_notification_commands     notify-host-by-email
service_notification_commands  notify-service-by-email
email                          admin@linuxeye.com
}
EOF

#services.cfg

cat > /usr/local/nagios/etc/objects/services.cfg << EOF
define service {
host_name               linux4,linux3
service_description     check-host-alive
check_command           check-host-alive
check_period            24x7
max_check_attempts      4
normal_check_interval   3
retry_check_interval    2
contact_groups          sagroup
notification_interval   10
notification_period     24x7
notification_options    w,u,c,r
}
define service {
host_name               linux4,linux3
service_description     check_http
check_command           check_http
check_period            24x7
max_check_attempts      4
normal_check_interval   3
retry_check_interval    2
contact_groups          sagroup
notification_interval   10
notification_period     24x7
notification_options    w,u,c,r
}
define service{
host_name               linux4,linux3
service_description     check_ssh
check_command           check_ssh
max_check_attempts      4
normal_check_interval   3
retry_check_interval    2
check_period            24x7
notification_interval   10
notification_period     24x7
notification_options    w,u,c,r
contact_groups          sagroup
}
define service{
host_name               linux4,linux3
service_description     check-disk
check_command           check_nrpe!check_df
max_check_attempts      4
normal_check_interval   3
retry_check_interval    2
check_period            24x7
notification_interval   10
notification_period     24x7
notification_options    w,u,c,r
contact_groups          sagroup
}
define service{
host_name               linux4,linux3
service_description     check_cpu_procs
check_command           check_nrpe!check_cpu_procs
max_check_attempts      4
normal_check_interval   3
retry_check_interval    2
check_period            24x7
notification_interval   10
notification_period     24x7
notification_options    w,u,c,r
contact_groups          sagroup
}
define service{
host_name               linux4,linux3
service_description     check_load
check_command           check_nrpe!check_load
max_check_attempts      4
normal_check_interval   3
retry_check_interval    2
check_period            24x7
notification_interval   10
notification_period     24x7
notification_options    w,u,c,r
contact_groups          sagroup
}
define service{
host_name               linux4,linux3
service_description     check_users
check_command           check_nrpe!check_users
max_check_attempts      4
normal_check_interval   3
retry_check_interval    2
check_period            24x7
notification_interval   10
notification_period     24x7
notification_options    w,u,c,r
contact_groups          sagroup
}
define service{
host_name               linux4,linux3
service_description     check_swap
check_command           check_nrpe!check_swap
max_check_attempts      4
normal_check_interval   3
retry_check_interval    2
check_period            24x7
notification_interval   10
notification_period     24x7
notification_options    w,u,c,r
contact_groups          sagroup
}
define service{
host_name               linux4,linux3
service_description     check_zombie_procs
check_command           check_nrpe!check_zombie_procs
max_check_attempts      4
normal_check_interval   3
retry_check_interval    2
check_period            24x7
notification_interval   10
notification_period     24x7
notification_options    w,u,c,r
contact_groups          sagroup
}
EOF
 
chown nagios.nagios /usr/local/nagios/etc/objects/services.cfg
chmod 664 /usr/local/nagios/etc/objects/services.cfg

#commands.cfg

echo 'define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}' >> /usr/local/nagios/etc/objects/commands.cfg

#contactsgroups.cfg

cat > /usr/local/nagios/etc/objects/contactsgroups.cfg << EOF
define contactgroup {
contactgroup_name    sagroup
alias                system administrator group
members              admin
}
EOF
chown nagios.nagios /usr/local/nagios/etc/objects/contactsgroups.cfg
chmod 664 /usr/local/nagios/etc/objects/contactsgroups.cfg
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg #检查配置是否有错误
service nagios start

6、被监控端(客户端)

mkdir nagios
cd nagios
wget http://nchc.dl.sourceforge.net/project/nagiosplug/nagiosplug/1.4.16/nagios-plugins-1.4.16.tar.gz
wget http://nchc.dl.sourceforge.net/project/nagios/nrpe-2.x/nrpe-2.14/nrpe-2.14.tar.gz
useradd -M -s /sbin/nologin nagios
tar xzf nagios-plugins-1.4.16.tar.gz
cd nagios-plugins-1.4.16
./configure --prefix=/usr/local/nagios --with-nagios-user=nagios --with-nagios-group=nagios
make && make install
cd ../
tar xzf nrpe-2.14.tar.gz
cd nrpe-2.14
./configure
make && make install
mkdir /usr/local/nagios/etc
cp sample-config/nrpe.cfg  /usr/local/nagios/etc/
cd ../
sed -i 's@allowed_hosts=.*$@allowed_hosts=192.168.1.114@g' /usr/local/nagios/etc/nrpe.cfg
sed -i 's@command[check_hda1]=@#command[check_hda1]=@' /usr/local/nagios/etc/nrpe.cfg
sed -i '224a command[check_disk]=/usr/local/nagios/libexec/check_disk -w 20 -c 10' /usr/local/nagios/etc/nrpe.cfg
sed -i '225a command[check_cpu_procs]=/usr/local/nagios/libexec/check_procs -w 50 -c 90 --metric=CPU' /usr/local/nagios/etc/nrpe.cfg
sed -i '226a command[check_swap]=/usr/local/nagios/libexec/check_swap -w 20% -c 5%' /usr/local/nagios/etc/nrpe.cfg
echo '/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d' >> /etc/rc.local
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
iptables -A INPUT -p tcp -s 192.168.1.114 -m state --state NEW -m tcp --dport 5666 -j ACCEPT
0 Comments
Leave a Reply