How to deploy a server monitoring system using Monit
Many Linux system administrators rely on a centralized remote monitoring system (such as Nagios or Cacti) to check the health status of their network infrastructure devices. Although centralized monitoring makes life easier for administrators, dedicated monitoring centers become a single point of failure when dealing with many machines and services, if the monitoring center fails or is inaccessible for any reason (such as hardware or network failure), you will lose any information about the entire network infrastructure.
One way to increase redundancy for your monitoring system is to install independent monitoring software (as a backup), at least on the key/core servers in the network. In this way, when the centralized monitoring system fails, you can also obtain the running status of the core server through the backup monitoring method.
Nagios details: click here
Nagios: click here
What is Monit?
Monit is a cross-platform tool used to monitor Unix/linux systems (such as Linux, BSD, OSX, and Solaris. Monit is especially easy to install and is very lightweight (only KB) and does not rely on any third-party programs, plug-ins, or libraries. However, Monit can be used in scenarios such as comprehensive monitoring, Process status monitoring, file system change monitoring, email notification, and custom actions on core services. Easy to install, lightweight implementation, and powerful functions make Monit an ideal backup monitoring tool.
I have been using Monit on some machines for several years, and I am very satisfied with its reliability. Even as a comprehensive monitoring system, Monit is also very useful and powerful for any Linux system administrator. In this tutorial, I will show you how to deploy Monit (as a backup Monitoring System) on a local server to monitor common services. During the deployment process, I will only show what we use.
Use HeartBeat + Monit to implement master-slave dual-Hot Backup System
Monitor in Google Guava
Install Monit in Linux
Monit has been included in the software repositories of most Linux distributions.
Debian, Ubuntu, or Linux Mint:
$ sudo aptitude install monit
Fedora or CentOS/RHEL:
In CentOS/RHEL, you must first enable EPEL or Repoforge software repository.
# yum install monit
Monit comes with a well-documented configuration file, which contains many examples. The main configuration file is in/etc/monit. conf (Fedora/CentOS/RHEL), or/etc/monit/monitrc (Debian/Ubuntu/Mint ). The Monit configuration file has two parts: Global and Services ).
Global Configuration: Web Status Page (Global Configuration: Web Status Page)
Monit can use the mail service to send notifications, or use HTTP/HTTPS pages to display notifications. Use the following web status page:
- Monit listens to port 1966.
- Access to the web status page is encrypted through SSL.
- Use monituser/romania as the user name/password to log on.
- Only access through localhost, myhost. mydomain. ro, and within the LAN (192.168.0.0/16) is allowed.
- Monit uses an SSL Certificate in pem format.
In the subsequent steps, I will use a Red Hat-based system. The steps In Debian-based systems are similar.
First, generate a self-signed certificate (monit. pem) in/var/cert ):
# mkdir /var/certs
# cd /etc/pki/tls/certs
# ./make-dummy-cert monit.pem
# cp monit.pem /var/certs
# chmod 0400 /var/certs/monit.pem
Now, put the following code snippets in the main configuration file of Monit. You can create an empty configuration file or modify it based on the built-in configuration file.
set httpd port 1966and
SSL ENABLE
PEMFILE /var/certs/monit.pem
allow monituser:romania
allow localhost
allow 192.168.0.0/16
allow myhost.mydomain.ro
Global Configuration: Email Notification (Global Configuration: Email Notification)
Then, set the Monit email notification. We need at least one available SMTP server for Monit to send emails. In this way, you can (modify according to your actual situation ):
- Email server machine name: smtp. monit. ro
- The sender used by Monit: [email protected]
- Email Recipient: [email protected]
- SMTP port used by the mail server: 587 (25 by default)
With the above information, mail notification can be configured as follows:
set mailserver smtp.monit.ro port 587
set mail-format {
from: monit@monit.ro
subject: $SERVICE $EVENT at $DATE on $HOST
message:Monit $ACTION $SERVICE $EVENT at $DATE on $HOST : $DESCRIPTION.
Yours sincerely,
Monit
}
set alert guletz@monit.ro
As you can see, Monit provides several internal variables ($DATE
,$EVENT
,$HOST
). You can customize the email content as needed. If you want to send emails from the machine where Monit is located, you need a program (such as postfix or ssmtp) that is compatible with sendmail ).
Global Configuration: Monit Daemon (Global Configuration: Monit Daemon)
Next, configure the Monit daemon. You can set it as follows:
- Perform the first detection in 120 seconds.
- The service is detected every 3 minutes.
- Use syslog To record logs.
The following code segment can meet the above requirements.
set daemon 120
with start delay 240
set logfile syslog facility log_daemon
We must define "idfile", a unique ID file of the Monit daemon, and "eventqueue". When monit emails cannot be sent due to SMTP or network faults, the email is saved here, And the/var/monit path exists. Then use the following configuration.
set idfile /var/monit/id
set eventqueue
basedir /var/monit
Test global configuration
Now the "Global" part is complete. The Monit configuration file looks like this:
# Global Section
# status webpage and acl's
set httpd port 1966and
SSL ENABLE
PEMFILE /var/certs/monit.pem
allow monituser:romania
allow localhost
allow 192.168.0.0/16
allow myhost.mydomain.ro
# mail-server
set mailserver smtp.monit.ro port 587
# email-format
set mail-format {
from: monit@monit.ro
subject: $SERVICE $EVENT at $DATE on $HOST
message:Monit $ACTION $SERVICE $EVENT at $DATE on $HOST : $DESCRIPTION.
Yours sincerely,
Monit
}
set alert guletz@monit.ro
# delay checks
set daemon 120
with start delay 240
set logfile syslog facility log_daemon
# idfile and mail queue path
set idfile /var/monit/id
set eventqueue
basedir /var/monit
Now it is time to verify our work. You can run the following command to verify the existing configuration file (/etc/monit. conf ):
# monit -t
Control file syntax OK
If monit prompts any error, check the configuration file again. Fortunately, error/warning information helps you identify problems, such:
monit:Cannot stat the SSL server PEM file '/var/certs/monit.pem'--No such file or directory
/etc/monit/monitrc:10:Warning: hostname did not resolve 'smtp.monit.ro'
Once you confirm that the configuration file is okay, you can start the monit daemon and wait for 2 to 3 minutes:
# service monit start
If you are using systemd, run:
# systemctl start monit
Open a browser window and accesshttps://<monit_host>:1966
. Set<monit_host>
Replace it with the machine name or IP address of the machine where Monit is located.
If you are using a self-Signed SSL certificate, you will see a warning in the browser. Continue.
After you log on, you will see this page.