nagios安装配置笔记

安装

创新互联长期为近1000家客户提供的网站建设服务,团队从业经验10年,关注不同地域、不同群体,并针对不同对象提供差异化的产品和服务;打造开放共赢平台,与合作伙伴共同营造健康的互联网生态环境。为班玛企业提供专业的成都网站设计、网站建设班玛网站改版等技术服务。拥有十载丰富建站经验和众多成功案例,为您定制开发。

    server 192.168.12.145

    client 192.168.12.144

服务器端安装

    nagios-3.3.1.tar.gz

    nagios-plugins-1.4.5

安装环境

yum install httpd  gcc gcc-c++ openssl  openssl-devel perl

添加nagios用户和组

useradd nagios     ##若是指定-s 为nologin,则重启nagios的时候可能会报错,但是不影响功能

groupadd nagcmd

usermod -G nagcmd nagios

usermod -G nagcmd apache

安装nagios

    tar -xf nagios-2.2.1.tar.gz -C /usr/local/src

    cd /usr/local/src/nagios-2.2.1

    ./configure --with-command-group=nagcmd

    make all

    make install                    ##安装主程序

    make install-init               ##安装启动脚本

    make install-config             ##创建配置文件

    make install-commandmode        ##配置目录权限

    make install-webconf

定义联系人

    vi /usr/local/nagios/etc/objects/contacts.cfg

        定义联系人和组

    创建一个用户用于在web页面登陆nagios

        htpasswd -c /usr/locl/nagios/etc/httpasswd.user nagiosadmin

    重启apache

        chown -R nagios:nagios /usr/local/nagios/etc/htpasswd.users

            若权限不对可能造成web界面没有权限打开该文件,造成无法登陆

    编辑http.conf配置文件    

scriptAlias "/nagios/cgi-bin""/usr/local/nagios/sbin"

  Options ExecCGI

  AllowOverride None

  Order allow,deny

  Allow from all 

  AuthName "Nagios Access"

  AuthType Basic 

  AuthUserFile /usr/local/nagios/etc/htpasswd.users    ##此处为之前建的用户认证文件位置

  Require valid-user

 

Alias /nagios"/usr/local/nagios/share"

  Options None 

  AllowOverride None

  Order allow,deny

  Allow from all 

   AuthName "Nagios Access"

  AuthType Basic 

  AuthUserFile /usr/local/nagios/etc/htpasswd.users

  Require valid-user

  

重启apache

安装nagios-plugins-1.4.15

./configure --prefix=/usr/local/nagios --with-nagios-user=nagios --with-nagios-group=nagios 

make && make install

验证配置文件是否有错

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

关闭selinux

在浏览器输入http://ip/nagios  输入htpasswd命令生成的账户密码即可以访问

注意点:php是否安装 apache是否加载了php模块

错误:

apache  access.log

10.13.115.1 - nagiosadmin[26/Jun/2011:13:01:10 +0800] "GET /nagios/side.php HTTP/1.1" 304

         10.13.115.1- nagiosadmin [26/Jun/2011:13:01:10 +0800] "GET /nagios/p_w_picpaths/sblogo.pngHTTP/1.1" 304 –

         10.13.115.1- nagiosadmin [26/Jun/2011:13:01:10 +0800] "GET/nagios/stylesheets/common.css HTTP/1.1" 304

         10.13.115.1- nagiosadmin [26/Jun/2011:13:01:10 +0800] "GET/nagios/p_w_picpaths/greendot.gif HTTP/1.1" 304

        

apace error.log

         [notice]Apache/2.2.19 (Unix) DAV/2 configured -- resuming normal operations

         [error][client xx.xx.115.1] DirectoryindexforbiddenbyOptionsdirective:/usr/local/nagios/share

         [error][client xx.xx.115.1] DirectoryindexforbiddenbyOptionsdirective:/usr/local/nagios/share

         [error][client xx.xx.115.1] DirectoryindexforbiddenbyOptionsdirective:/usr/local/nagios/share

         [error][client xx.xx.115.1] DirectoryindexforbiddenbyOptionsdirective:/usr/local/nagios/share

         [error][client xx.xx.115.1] DirectoryindexforbiddenbyOptionsdirective:/usr/local/nagio/share

解决办法:

php页面无法被apache解析

解决:
在apache的配置文件httpd.conf修改
第一步:

    DirectoryIndex index.html

改成

    DirectoryIndex index.php index.html

第二步:
增加如下内容记得装php

LoadModule php5_module modules/libphp5.so
AddType application/x-httpd-php .php .phtml
AddType applicatoin/x-httpd-php-source .phps

 

 

 

问题2

输入账户密码无法登陆

查看apache配置文件添加的用户认证那一段

查看/usr/localnagios/etc/下面的用户账户密码文件htpasswd.users

发现apache的用户和nagios下面的用户文件名不一致,修改其中一个即可

问题3

[Tue Jan 27 01:51:51 2015] [error] [client 127.0.0.1] Directory index forbidden by Options directive: /var/www/html/

[Tue Jan 27 01:51:51 2015] [error] [client 192.168.12.27] (13)Permission denied: exec of '/usr/local/nagios/sbin/status.cgi' failed, referer: http://192.168.12.149/nagios/side.php

[Tue Jan 27 01:51:51 2015] [error] [client 192.168.12.27] Premature end of script headers: status.cgi, referer: http://192.168.12.149/nagios/side.php

[Tue Jan 27 01:51:55 2015] [error] [client 192.168.12.27] (13)Permission denied: exec of '/usr/local/nagios/sbin/status.cgi' failed, referer: http://192.168.12.149/nagios/side.php

[Tue Jan 27 01:51:55 2015] [error] [client 192.168.12.27] Premature end of script headers: status.cgi, referer: http://192.168.12.149/nagios/side.php

[Tue Jan 27 01:52:07 2015] [error] [client 192.168.12.27] (13)Permission denied: exec of '/usr/local/nagios/sbin/status.cgi' failed, referer: http://192.168.12.149/nagios/side.php

[Tue Jan 27 01:52:07 2015] [error] [client 192.168.12.27] Premature end of script headers: status.cgi, referer: http://192.168.12.149/nagios/side.php

[Tue Jan 27 01:52:08 2015] [error] [client 192.168.12.27] (13)Permission denied: exec of '/usr/local/nagios/sbin/status.cgi' failed, referer:

http://192.168.12.149/nagios/side.php

此问题导致nagios访问页面无法显示,原因selinux没关

 

问题4

u're trying to run actually exists.

Jan 27 02:30:42 localhost nagios: Warning: Return code of 127 for check of service 'LOAD' on host '192.168.12.145' was out of bounds. Make sure the plugin you're trying to run actually exists.

Jan 27 02:31:42 localhost nagios: Warning: Return code of 127 for check of service 'LOAD' on host '192.168.12.145' was out of bounds. Make sure the plugin you're trying to run actually exists.

 

用check_nrpe进行监控的需要在监控命令前加上check_nrpe,如下

check_command           check_nrpe!check_nrpe_load

 

监控端服务器安装nrpe

需要安装openssl和openssl-devel,不然会出错

tar –xf nrpe-2.13.tar.gz

cd nrpe-2.12

./configure –enable-ssl –with-ssl-lib

make all

make install-plugin

make install-daemon

make install-daemon-config

 

下面这条监控端可以不用执行(监控端nrpe只需要安装即可),被监控端的nrpe必须启动

/usr/local/nagios/bin/nrpe –c/usr/local/nagios/etc/nrpe.cfg –d启动nrpe,或者将nrpe嵌入xinetd中,由xinetd启动

必须关闭防火墙,可以用service iptables status查看规则,service iptablesstop关闭防火墙,或者配置一条规则允许5666号端口

 

被监控端安装

必须安装openssl和openssl-devel,否则会出错

tar –xf nagios-plugins-1.3.13.tar.gz

cd nagios-plugins-1.3.13

useradd nagios

cd nagios-plugins-1.4.13

./configure –with-nagios-user=nagios –with-nagios-group=nagios

make

make install

chown –R nagios:nagios /usr/local/nagios

 

安装nrpe

tar –xf nrpe-2.12.tar.gz

cd nrpe-2.12

./configure –enable-ssl –with-lib

make all

make install-plugin

make install-daemon

make install-daemon-config

make install-xinetd  将nrpe嵌入xinetd服务(也可以用上面的我上面用到的命令启动)

 

vim /usr/local/nagios/etc/nrpe.cfg

         修改allowed_host=127.0.0.1为allowed_host=127.0.0.1,192.168.12.145(监控服务器的ip)

 

/usr/local/nagios/libexec/check_nrpe –Hlocalhost

如果出现  NRPE v2.12则说明安装成功

如果出现connection refused by host 则需要安装openssl或者是防火墙或selinux没关

 

修改nagios下面的object里面的commands.cfg文件增加check_nrpe的定义

         definecommand{

                   command_name      check_nrpe

                   command_line          $USER1$/check_nrpe –H  $HOSTADDRESS$ -c $ARG1$

                   }

 

在监控机上测试与被监控机的通讯是否正常

/usr/local/nagios/libexec/check_nrpe –Hlocalhost –c check_load

OK - loadaverage: 0.05, 0.06, 0.00|load1=0.050;15.000;30.000;0;load5=0.060;10.000;25.000;0; load15=0.000;5.000;20.000;0;

则说明正常

 

nagios配置文件

nagios安装后下面共有bin   etc   libexec      sbin  share  var几个目录

etc存放配置文件

         bin存放nagios的命令

         sbin存放通过web外部方式执行的cgi

         libexec存放的是所有插件

         var存放log和pid文件

         sharenagios网页文件目录,存放一些html文件

 

若是要添加web登陆的用户,而不是用默认的nagiosadmin,则需要在etc/cgi.cfg的authorized_for_system_commands=nagiosadmin后面加上需要添加到用户,如:nagiosadmin,henshui      具体添加条目需要百度

 

在nagios.cfg添加一些目录存放自己设定的相关配置文件,找到cfg_file部分

根据自己添加到目录设定配置文件存放的位置,例如:

cfg_file=/usr/local/nagios/etc/objects/commands.cfg

配置文件里面的$USER1$和$USER$是变量,因原路径太长,定义变量简化(变量是在resource.cfg中定义的)

$USER1$=/usr/local/nagios/libexec

$USER7$=-C mypublic -2               (snmp插件的命令行中参数需要设置snmp相关的信息,为节省输入,在此定义变量)

$HOSTADDRESS$为我们下面要定义的主机,即我们定义的检测对象。他的值就是主机IP地址

$ARG1$代表参数1,$ARG2$代表参数2

 

可以在service中定义组,属于这个组的主机都会被监控

 

check_command check_snmp_storage!-m "^VirtualMemory$"!70!90 定义监控命令

这里的!代表带入参数,几个!代表接收几个参数,每个参数之间用!分隔

 

cfg_file=/usr/local/nagios/etc/objects/hosts.cfg   新建hosts.cfg文件,存放主机与主机组定义

cfg_file=/usr/local/nagios/etc/objects/services.cfg        新建services.cfg文件,存放服务与服务组定义

cfg_file=/usr/local/nagios/etc/objects/localhost.cfg      定义监控本机的状态

cfg_file=/usr/local/nagios/etc/objects/timeperiods.cfg                   定义什么时间段进行监控

commands.cfg                   命令配置文件

contacts.cfg     联系人配置文件

 

#定义服务出了状况通知的时间段,这个时间段就是在timeperiods.cfg中定义的

service_notification_period24x7

#主机出了状况通知的时间段,同上

host_notification_period24x7

#当服务出现w-(warning),u-(unkown),c-(critical),或者r-从一擦汗那个情况恢复正常,通知联系人

service_notification_optionsw,u,c,r

#当主机出现d-(down),u-(unreachable),r

#################################################################

此处可以无视

#################################################################

define host{

        use                     linux-server

        host_name               192.168.12.145

        alias                   192.168.12.145

        address                 192.168.12.145

}

define service{

        use                     generic-service

        host_name               192.168.12.145

        service_description     check_ping

        check_command           check_ping!100.0,20%!200.0,50%

        max_check_attempts      5

        normal_check_interval   1

}

define service{

        use                     generic-service

        host_name               192.168.12.145

        service_description     LOAD

        check_command           check_nrpe!check_nrpe_load

        max_check_attempts      5

        normal_check_interval   1

}

define service{

        use                     generic-service

        host_name               192.168.12.145

        service_description     check_ssh

        check_command           check_ssh

        max_check_attempts      5

        normal_check_interval   1


本文标题:nagios安装配置笔记
本文来源:http://azwzsj.com/article/pjdcps.html