Why we need Continuous Monitoring :
- In a large scale distributed applications we never know what kind issue we may ran into .
- some of them are :
- Failure in CI/CD pipeline .
- Static code analysis .
- Application side issue .
- Infrastructure side issue .
And in big organizations server health and application Security can not be compromised at any cost .
What is continuous monitoring :
Continuous monitoring is a phase in our application development lifecycle which make sure that our application is getting continuously monitored and debugged if any issue .
Phases of continuous monitoring :
- Define
- Establish
- Implement
- Analyze
- Respond
- Review and Update
What is Nagios :
Nagios monitors your entire IT lifecycle to ensures systems, applications , services and business process are functioning properly .
Features of Nagios :
- Using a master slave architecture .
- Easy to write plugins .
- Good web interface for visualization purpose .
- Automate the e-mail sending in case of any network failure .
Architecture of Nagios :
How install Nagios (Ubuntu):
$ sudo apt update
$ sudo apt install build-essentials libgd-dev openssl libssl-dev unzip apache2 gcc
- Nagios user and group are used to run Nagios process
$ sudo useradd nagios
$ sudo groupadd nagcmd
$ sudo usermod -a -G nagcmd nagios
$ wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.4.6.tar.gz
$ tar xpf nagios-*.tar.gz
$ cd nagios-4.4.6
$ ./configure --with-nagios-group=nagios --with-command-group=nagcmd
You can see the configuration using the configure command :
Now we have to build the project using the make command and then install it :
$ make -j4 all
$ sudo make install
- Now run these commands to install Nagios sample files, binary files and it's sample config files .
sudo make install
sudo make install-daemoninit
sudo make install-commandmode
sudo make install-config
- We are using apache to serve Nagios web interface .
$ sudo make install-webconf
- Enable the Apache rewrite and cgi modules with the a2enmod command:
$ sudo a2enmod rewrite
$ sudo a2enmod cgi
- In order to execute commands via the web interface to Nagios add the web server user, www-data, to the nagios group:
$sudo usermod -a -G nagios www-data
- Next we have to create a username and password for our user which can enable our user to login to the web interface .
$ sudo apt install htpasswd
$ sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
Enter Your Password :
Warning: If you create a user with a name other than nagiosadmin
you will need to edit /usr/local/nagios/etc/cgi.cfg
and change all the nagiosadmin references to the user you created.
- Restart the Apache server
$ sudo systemctl restart apache2
Installing the Nagios plugin :
$ cd ~
$ http://www.nagios-plugins.org/download/nagios-plugins-2.3.3.tar.gz
$ tar zxf nagios-plugins-2.2.1.tar.gz
$ cd nagios-plugins-2.2.1
*configure their installation
$ ./configure
* Now build and install the plugin
$ make
$ sudo make install
Now we need to install check_nrpe plugin to monitor the remote plugins :
cd ~
curl -L -O https://github.com/NagiosEnterprises/nrpe/releases/download/nrpe-3.2.1/nrpe-3.2.1.tar.gz
tar zxf nrpe-3.2.1.tar.gz
cd nrpe-3.2.1
./configure
- Now build and install check_nrpe :
make check_nrpe
sudo make install-plugin
Configure Nagios :
- Navigate to the Nagios configuration file
$sudo nano /usr/local/nagios/etc/nagios.cfg
- Add this line to the config file
...
#cfg_dir=/usr/local/nagios/etc/servers
...
- Uncomment this line
cfg_dir=/usr/local/nagios/etc/servers
- Now we have to create a directory so that we can store our configuration file for each server .
$sudo mkdir /usr/local/nagios/etc/servers
open the Nagios contact file :
$ sudo nano /usr/local/nagios/etc/objects/contacts.cfg
Find the email directive and replace it with yours
...
define contact{
contact_name nagiosadmin ; Short name of user
use generic-contact ; Inherit default values from generic-contact template (defined above)
alias Nagios Admin ; Full name of user
email your_email@your_domain.com ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******
...
- Navigate to the directory and add a new command which is for defining check_nrpe command .
$ sudo nano /usr/local/nagios/etc/objects/commands.cfg
...
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
This defines the name and specifies the command-line options to execute the plugin.
$ sudo systemctl start nagios
Access the Nagios web interface :
http://nagios_server_public_ip/nagios
Enter the login credentials .
Monitoring :
ssh into the server you want to monitor.
$ ssh ubuntu@server_ip
$ sudo useradd nagios
cd ~
curl -L -O https://nagios-plugins.org/download/nagios-plugins-2.2.1.tar.gz
tar zxf nagios-plugins-2.2.1.tar.gz
cd nagios-plugins-2.2.1
then configure and build it
$ ./configure
$ make
$ sudo make install
- Install nrpe daemon find the latest url at github pages:
cd ~
curl -L -O https://github.com/NagiosEnterprises/nrpe/releases/download/nrpe-4.0.0/nrpe-4.0.0.tar.gz
tar zxf nrpe-4.0.0.tar.gz
cd nrpe-4.0.0
$ ./configure
- Now build and install NRPE and its startup script with these commands:
make nrpe
sudo make install-daemon
sudo make install-config
sudo make install-init
$ sudo nano /usr/local/nagios/etc/nrpe.cfg
- server_address: Set to the private IP address of the monitored server.
- allowed_hosts: Add the private IP address of your Nagios server to the comma-delimited list.
- command[check_hda1]: Change /dev/hda1 to whatever your root filesystem is called.
...
server_address=second_ubuntu_server_private_ip
...
allowed_hosts=127.0.0.1,::1,your_nagios_server_private_ip
...
command[check_vda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/vda1
...
$ sudo systemctl start nrpe.service
$ sudo ufw allow 5666/tcp
- Now you can check the communication with the remote NRPE server. Run the following command on the Nagios server:
$ /usr/local/nagios/libexec/check_nrpe -H second_ubuntu_server_ip
- On your Nagios server, create a new configuration file for each of the remote hosts that you want to monitor in /usr/local/nagios/etc/servers/. Replace the highlighted word, monitored_server_host_name with the name of your host:
$ sudo nano /usr/local/nagios/etc/servers/your_monitored_server_host_name.cfg
- Add the following host definition, replacing the host_name value with your remote hostname, the alias value with a description of the host, and the address value with the private IP address of the remote host:
define host {
use linux-server
host_name your_monitored_server_host_name
alias My client server
address your_monitored_server_private_ip
max_check_attempts 5
check_period 24x7
notification_interval 30
notification_period 24x7
}
- Add some sevices
- First, add this block to monitor load average:
define service {
use generic-service
host_name your_monitored_server_host_name
service_description Load average
check_command check_nrpe!check_load
}
- Next, add this block to monitor disk usage:
define service {
use generic-service
host_name your_monitored_server_host_name
service_description /dev/vda1 free space
check_command check_nrpe!check_vda1
}
Now restart and navigate to the web interface :
$ sudo systemctl restart nagios
Top comments (0)