Procedures for configuring the CA service: 192.168.4.55 ca.tedu.cn Tarena
1 Deployment Certificate Issuance Environment:/ETC/PKI/TLS/OPENSSL.CONF
Working directory
Certificate store Directory
Private key file name
Root certificate file name
Certificate Number File
Certificate Index file
Certificate recognition: National Provincial City Company department
Matching policy:
2 Create private key file name: Command Store directory file name
3 Create root certificate file name: Command Store directory file name
Input: National Provincial City Company Department mailbox host name
4 Sharing root certificate files: Services that you can use to httpd FTP NFS Samba
5 Client tests and installs the root certificate file
++++++++++++++++++++++++++++++++++++++++++++
To issue a digital certificate file to the Web server 192.168.4.53 www.tedu.cn
Configuration of the Web server: 192.168.4.53
1 Create private key file: Command Store directory file name
2 Create a certificate Request file: Command Store directory file name
Input: National Provincial City Company Department mailbox host name
3 Submit a certificate request file to the CA server
CA Server Configuration: 192.168.4.55
1 Audit Certificate Request file issue digital certificate file: Command store directory file name
2 issued a digital certificate file to the Web server
3 Configure the Web site service to load the private key file and the digital certificate file at run time and restart the Web site service on the site server.
4 Verify the configuration on client 254.
+++++++++++++++++++++++++++++++++++++++
DBA Operations Engineer IDC Monitoring
One, monitoring: monitoring and control
Ii. Monitoring objects: Servers (websites and databases)
Third, what resources to monitor?
Network traffic: EthX (incoming and outgoing traffic)
Usage of hardware resources: CPU Memory storage
Service Run Status: Run stop dormant Zombie
Operating System performance: number of processes users
Iv. means of monitoring?
Use the command to view the operation: Ping SAR uptime free DF
Systemctl Status Service name PS
PS aux | Wc-l Users
Wc-l/etc/passwd
Write monitoring scripts to monitor: Shell python
Setting up a monitoring server: monitor the specified host
Nagios Cacti Zabbix
++++++++++++++++++++++++++++++++++++++++
Prepare a new server for monitoring server: Configuration requirements:
#setenforce 0
#systemctl Stop Firewalld; Systemctl Disable FIREWALLD;
#配置本地yum源
#ip地址 192.168.4.56
+++++++++++++++++++++++++++++++++++++++++
A. Build Nagios Monitoring Server
I. Deploying the Nagios Service Runtime environment
#yum-y Install httpd PHP
#systemctl start httpd; Systemctl Enable httpd
#vim/var/www/html/test.php
<?php
Phpinfo ();
?>
: Wq
The host opens a browser to access the Web page file
http://192.168.4.56/test.php
Ii. installation of Nagios software (source package)
2.1 Installation Preparation
]# rpm-q gcc gcc-c++ | | Yum-y Install GCC gcc-c++
[Email protected] ~]# Useradd Nagios
[Email protected] ~]# Groupadd nagcmd
[Email protected] ~]# usermod-g nagcmd Nagios
2.2 Installing Packages
#tar-ZXF nagios-4.2.4.tar.gz
#cd nagios-4.2.4
[Email protected] nagios-4.2.4]#/configure \
--with-nagios-user=nagios--with-nagios-group=nagcmd \
--with-command-user=nagios--with-command-group=nagcmd
[[email protected] nagios-4.2.4]# make all
Make install
Make Install-init
Make Install-commandmode
Make Install-config
Make install-webconf
Make Install-exfoliation
#ls/usr/local/nagios
Bin etc libexec Sbin share Var
Third, install the Monitoring plug-in (software developers write good script)
TAR-ZXF nagios-plugins-2.1.4.tar.gz
CD nagios-plugins-2.1.4
./configure
Make
Make install
#ls/usr/local/nagios/libexec/check_*
Iv. start of monitoring services
4.1 Starting the Service
#/etc/init.d/nagios Status | Start | Stop |restart
#systemctl Restart httpd
4.2 Setting the user name and password for the Access Monitoring page
#sed-n ' 39p;52p '/etc/httpd/conf.d/nagios.conf
Alias/nagios "/usr/local/nagios/share"//define directory aliases
Authuserfile/usr/local/nagios/etc/htpasswd.users//user authentication
[Email protected] libexec]# htpasswd-c/usr/local/nagios/etc/htpasswd.users nagiosadmin
New Password:
Re-type New Password:
Adding Password for user nagiosadmin
[Email protected] libexec]#
[Email protected] libexec]# cat/usr/local/nagios/etc/htpasswd.users
Nagiosadmin: $apr 1$qa.ikjez$pxvwvx9efnwhncya4aqeh.
[Email protected] libexec]#
V. Client 254 host Access Monitoring Server View monitoring information
Url:http://192.168.4.56/nagios
Nagiosadmin
123456
Monitor display status: OK warning unknown critical pending
Normal warning monitoring configuration error monitoring
Monitoring process for Nagios services?
When the Nagios service runs, it invokes the monitoring plug-in and sets the monitored thresholds, which are warning values and error values, respectively. The Nagios service compares the data obtained by the plug-in with the set threshold and then displays the monitoring status.
Monitored data < warning values show OK status
Monitored data > warning values and < critical values Display warning status
Monitored data > Critical values display critical status
The display unknown status indicates a problem with the Nagios service configuration file.
Display Pending status indicates that data is being obtained for the monitored resource
+++++++++++++++++++++++++++++++++++++++
B. Configuring the Nagios Monitoring Server
1 Description of the configuration file
#cd/usr/local/ngaios/etc
#ls
Nagios.cfg main profile//ngios files loaded at startup
Cfg_file=/usr/local/nagios/etc/objects/commands.cfg
Cfg_file=/usr/local/nagios/etc/objects/contacts.cfg
Cfg_file=/usr/local/nagios/etc/objects/timeperiods.cfg
Cfg_file=/usr/local/nagios/etc/objects/templates.cfg
33
Definitions for monitoring the local (Linux) host
Cfg_file=/usr/local/nagios/etc/objects/localhost.cfg
RESOURCE.CFG macro Definition File//Set variable used by Ngios service
$USER 1$=/usr/local/nagios/libexec
CGI.CFG//define CGI file access rights
#cd Object
#ls
TEMPLATES.CFG//Define the monitoring template configuration file
TIMEPERIODS.CFG//define the monitoring time template configuration file
CONTACTS.CFG//Define the configuration file to receive alert messages
34:email [email protected]
COMMANDS.CFG//define monitoring commands
Define Command {
Command_name check_local_disk//Command name
Command_line $USER 1$/check_disk-w $ARG 1$-C $ARG 2$-P $ARG 3$//monitoring plug-in
}
LOCALHOST.CFG//Monitoring native configuration files
Define host{//define monitoring host
Use Linux-server//define the template used by the monitoring host
HOST_NAME localhost//define Host
Alias localhost//define description information available options
Address 127.0.0.1//IP addresses of monitored hosts
}
Define service {//define monitoring host resources
Use Local-service//templates used for monitoring resources
HOST_NAME localhost//host name
Service_description root_paticion//Set monitor resource display name
Check_command check_local_disk!20%!10%!///Call to monitor command
}
How do I verify that the configuration has errors?
]#/usr/local/nagios/bin/nagios-v/usr/local/nagios/etc/nagios.cfg
]# alias checknagios= '/usr/local/nagios/bin/nagios-v/usr/local/nagios/etc/nagios.cfg '
Vim ~/.BASHRC
Alias checknagios= '/usr/local/nagios/bin/nagios-v/usr/local/nagios/etc/nagios.cfg '
: Wq
2 Use of monitoring plugins
#cd/usr/local/nagios/libexec/
./Plugin name--HELP//View the plugin's Help information
CPU Load Check_load
Number of system logon users Check_users
Website Service Run Status Check_http
PING check_ping
Root partition free space Check_disk (monitor disk's free space)
SSH Service Check_ssh
Swap partition Usage Check_swap
Total number of system processes Check_procs
]#./check_users-w 1-c 2
]#./check_users-w 10-c 15
]#./check_http-i 192.168.4.51
]#./check_http-i 192.168.4.51-p 8090
]#./check_ssh-h 192.168.4.51
]#./check_ssh-h 192.168.4.51-p 22122
]# df-h
]#./check_disk-w 50%-C 25%-p/boot
]# DD If=/dev/zero of=/boot/a.txt bs=1m count=250
]#./check_disk-w 50%-C 25%-p/boot
]#./check_disk-w 25%-C 10%-P/
]#./check_procs-w 20-c 21-s R
]#./check_procs-w 10-c 11-s Z (PID 0-65535)
]#./check_procs-w 20-c 21-s S
]#./check_procs-w 100-c 101
]#./check_load-w 0.5,1.0,1.5-c 1.0,2.0,2.5
]#./check_ping-h 192.168.4.51-w 10,50%-C 15,75%
]#./check_swap-w 50%-C 25%
]#./check_tcp-h 192.168.4.51-p 80
]#./check_tcp-h 192.168.4.51-p 3306
——————————————————————
To monitor the host configuration steps:
1 Defining Monitoring Commands Commands.cfg
2 Creating a configuration file for a monitoring host Vim ser51.cfg
3 Load the monitoring host configuration file in the Service Host profile Nagios.cfg file ser51.cfg
4 Check the configuration for errors Checknagios
5 Restart Nagios Monitoring service
6 Access Monitoring Page view monitoring information
7 If the monitoring item has a warning status or a critical error status check if you receive an alert message
++++++++++++++++++++++++++++++++
Monitor the native configuration? When monitoring this machine,
Monitor usage of native boot partition: Free space less than 50% warning free space less than 25% error,
Modify the Monitor native login user number warning value modified to 1 error value modified to 2;
Does not monitor the usage of the local swap partition.
+++++++++++++++++++++++++++++++++
3 Monitoring remote host 192.168.4.51
3.1 Monitoring the public resources of the remote host (various services httpd mysql SSH)
Vim Commands.cfg
#monitor mysqld
Define Command {
Command_name Check_51_mysqld
Command_line $USER 1$/check_tcp-h 192.168.4.51-p 3306
}
#monitor httpd
Define Command {
Command_name check_51_httpd
Command_line $USER 1$/check_http-h 192.168.4.51-p 8090
}
#monitor sshd
Define Command {
Command_name check_51_sshd
Command_line $USER 1$/check_ssh-h 192.168.4.51
}
[Email protected] objects]#
[email protected] objects]# cat ser51.cfg
Define Host{
Use Linux-server
HOST_NAME ser51
Address 192.168.4.51
}
Define Service{
Use Local-service
HOST_NAME ser51
Service_description httpd
Check_command check_51_httpd
}
Define Service{
Use Local-service
HOST_NAME ser51
Service_description mysqld
Check_command Check_51_mysqld
}
Define Service{
Use Local-service
HOST_NAME ser51
Service_description sshd
Check_command check_51_sshd
}
[Email protected] objects]#
[Email protected] etc]# grep ser51.cfg nagios.cfg
Cfg_file=/usr/local/nagios/etc/objects/ser51.cfg
#checknagios
#/etc/init.d/nagios restart
++++++++++++++++++++++++++++++++++++++
3.2 Monitoring the private resources of the remote host (System operating condition)
Disk usage number of logged on users process
A, configure the monitored side 51
1. Install plug-ins to get private resources and use plugins
]# TAR-ZXF nagios-plugins-2.1.4.tar.gz
]# CD nagios-plugins-2.1.4/
]# rpm-q gcc gcc-c++ | | Yum-y Install GCC gcc-c++
]#./configure && make && make install
]# Ls/usr/local/nagios
/usr/local/nagios/libexec/check_disk-w 20%-C 10%-P/
/usr/local/nagios/libexec/check_disk-w 20%-C 10%-p/boot
/usr/local/nagios/libexec/check_users-w 1-c 2
/usr/local/nagios/libexec/check_procs-w 10-c 11-s R
/usr/local/nagios/libexec/check_procs-w 5-c 6-s Z
/usr/local/nagios/libexec/check_procs-w 100-c 101
2. Running Nrpe Service
2.1 Pack
#rpm-Q OpenSSL openssl-devel
#yum-y Install Openssl-devel
#useradd Nagios
]# TAR-ZXF nrpe-3.0.1.tar.gz
]# CD NRPE-3.0.1/
]#./configure
]# make all
Make Install-daemon
Make Install-config
Make Install-init
Make Install-plugin
2.2 Modifying a configuration file
]# vim/usr/local/nagios/etc/nrpe.cfg
98 allowed_hosts=127.0.0.1, 192.168.4.56
Command[nrpe_51_users]=/usr/local/nagios/libexec/check_users-w 1-c 2
Command[nrpe_51_root]=/usr/local/nagios/libexec/check_disk-w 20%-C 10%-P/
Command[nrpe_51_boot]=/usr/local/nagios/libexec/check_disk-w 20%-C 10%-p/boot
Command[nrpe_51_prun]=/usr/local/nagios/libexec/check_procs-w 10-c 11-s R
Command[nrpe_51_pzbi]=/usr/local/nagios/libexec/check_procs-w 5-c 6-s Z
Command[nrpe_51_psum]=/usr/local/nagios/libexec/check_procs-w 100-c 101
2.3 Starting the Nrpe service
]# Systemctl enable Nrpe; Systemctl Start Nrpe
] #netstat-utnalp | grep:5666
2.4 Testing the NREP service configuration
[Email protected] ~]#/usr/local/nagios/libexec/check_nrpe-h 127.0.0.1-p 5666-c nrpe_51_users
Users OK-1 users currently logged in |users=1;1;2;0
[Email protected] ~]#
[Email protected] ~]#/usr/local/nagios/libexec/check_nrpe-h 127.0.0.1-p 5666-c nrpe_51_prun
Procs Ok:2 processes with state = R | procs=2;10;11;0;
[Email protected] ~]#
B. Configure the monitoring server: 192.168.4.56
1, install the plug-in connecting Nrpe service Check_nrpe and test
#yum-y Install Openssl-devel
]# TAR-ZXF nrpe-3.0.1.tar.gz
]# CD NRPE-3.0.1/
]#./configure
]# make all
]# make Install-plugin
] #ls/usr/local/nagios/libexec/check_nrpe
[Email protected] nrpe-3.0.1]#/usr/local/nagios/libexec/check_nrpe-h 192.168.4.51-p 5666-c nrpe_51_users
Users OK-0 users currently logged in |users=0;1;2;0
[Email protected] nrpe-3.0.1]#
2. Define monitoring commands to monitor the remote host's private resources
Vim Commands.cfg
Define Command {
Command_name Check_51_user
Command_line $USER 1$/check_nrpe-h 192.168.4.51-p 5666-c nrpe_51_users
}
3, when monitoring the remote host, call the defined monitoring command
Vim Ser51.cfg
Define Service{
Use Local-service
HOST_NAME ser51
Service_description Users
Check_command Check_51_user
}
: Wq
4. Load the configuration file that monitors the remote host when the Nagios service is configured to run
s]# grep ser51.cfg/usr/local/nagios/etc/nagios.cfg
Cfg_file=/usr/local/nagios/etc/objects/ser51.cfg
5. Check configuration and restart Nagios service
#checknagios
#systemctl Restart Nagios
6, Login monitoring page to view monitoring information
+++++++++++++++++++++++++++++++++
4 Configuring Monitoring Alarms (the Nagios service sends mail to the specified mailbox when the monitored resource shows a status of warning or critical)
]# grep email/usr/local/nagios/etc/objects/contacts.cfg
email [email protected]
[Email protected] ~]# hostname
Mon56
[Email protected] ~]#
Approx. vim/etc/hosts
127.0.0.1 mon56
Panax Notoginseng systemctl Restart Postfix
NAGIOS/ETC/PASSWD grep
echo 123456 | passwd--stdin Nagios
Mail-s "Test" Nagios </etc/hosts
Su-nagios
The Mail
——————————————————————————————
Steps to deploy the Nagios monitoring server:
1 Deployment Service Runtime Environment: yum-y Install httpd php
2 Installing Nagios Software: Installing preparation, installing packages, viewing the installation directory
/usr/local/nagios
3 Installing the Monitoring plug-in: Unpacking the configuration compilation installation to see if the installation was successful
/usr/local/nagios/libexec
4 Start the Nagios monitoring service:
Restart website Service/etc/httpd/conf.d/nagios.conf
Set Administrator nagiosadmin password for Access monitoring page 123456 start Nagios monitoring service
5 Visit Administration page to view monitoring information
6 Description of the configuration file:
#cd/usr/local/nagios/etc
#ls
Nagios.cfg resource.cfg cgi.cfg
#cd/usr/local/nagios/etc/object
#ls
Templates.cfg Monitoring host Linux-server monitoring Resources Local-service
Timeperiods.cfg 24x7
contacts.cfg email [email protected]
Commands.cfg
Define Command {
Command_name command name
Command_line plug-in Name option parameter
}
Localhost.cfg
Define host {}
Define Service {}
Check if the configuration file is associated with a syntax error:
++++++++++++++++++++++++++++++
Extended Knowledge:
Invoking a custom Monitoring script (shell script) when configuring Nagios service monitoring
Configure the Nagios service to receive alert messages using SMS.
Configuring Nagios Host Dependency Monitoring
Configuring Nagios Service Dependency Monitoring
Configuring Nagios to draw a monitoring image
Security 04:nagios monitoring combat, monitoring overview, Nagios monitoring Services
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
