Testing using Monit monitoring services
First, the basic Environment 1, on the basis of tvm-rpm test. 2, Network: eth0:host-only (for virtual intranet, manually fixed IP, so from the host can directly connect to this VM) Eth1:nat (for Sisu network, dynamic IP) [[email protected] ~]# cd /etc/sysconfig/network-scripts/[[email protected] network-scripts]# cat ifcfg-eth0device=eth0type=ethernetonboot=yesnm_controlled=yesbootproto=noneipaddr=192.168.56.253prefix= 24gateway=192.168.56.1dns1=192.168.56.254[[email protected] network-scripts]# cat ifcfg-eth1device=eth1type=ethernetonboot=yesnm_controlled=yesbootproto=dhcpdns1=192.168.56.254 Second, configure the Monit environment 1, The Salt-master service has been configured, and the PID is enabled in the configuration. [[Email protected] ~]# vim /etc/salt/master pidfile: /var/run/salt-master.pid2, Install Monit[[email protected] ~]# yum -y install monit after installing the default log file in:/var/log/ Monit rolling compression has also been configured well: [[email protected] ~]# cat /etc/logrotate.d/monit / Var/log/monit { missingok notifempty size 100k create 0644 root root Postrotate /sbin/service monit condrestart > /dev/null 2>&1 | | : endscript}3, personalization 1) configuration file in/etc/monit.conf/etc/monit.d2) default already has its own configuration for log: [[email protected] ~]# cat /etc/monit.d/logging # log to monit.logset logfile /var/log/monit3) Mail Related: [[email protected] ~]# vim /etc/monit.d/monit-mail.conf# mail serverset mailserver smtp.xxx.com port 25 username "[email protected]" password "xxx" # later delivery retryset Eventqueue basedir /var/monit slots 100# mail formatset mail-format { from: [email protected] subject: [monit alter][test from xxx] $HOST $SERVICE $EVENT message: $EVENT Service $SERVICE Date: $DATE Action: $ACTION Host: $HOST Description: $DESCRIPTION Your faithful employee, &Nbsp; monit }# mail recipientsset &NBSP;ALERT&NBSP;[EMAIL&NBSP;PROTECTED]4) Monitoring for a specified service: [[EMAIL&NBSP;PROTECTED]&NBSP;~]#&NBSP;VIM&NBSP;/ETC/MONIT.D /salt-master.conf check process salt-master with pidfile /var/run/ salt-master.pid start program = "/etc/init.d/salt-master start" stop program = "/etc/init.d/salt-master stop" NOTE 1: Various monitoring methods, this can be consulted on the configuration files and official website examples. Note 2: The Alarm object can also specify the range of events. 4, start service [[Email protected] ~]# service monit startstarting monit: monit: generated unique monit id 5701f8ce7fd7a6a69c713ec2b1b5f22e and stored to '/root/.monit.id ' [ ok ] View log: no exception. Join boot:[[email protected] ~]# chkconfig monit on5. view Mail [monit Alter][test from xxx] tvm-rpm tvm-rpm Monit instance changed Sender:test <[email protected]> : July 21, 2015 (Tuesday) 2:42 to: admin <[ email protected]> monit instance changed service tvm-rpm Date: Tue, 21 Jul 2015 14:42:47 +0800 Action: start host: tvm-rpm description: monit started your faithful employee, &NBSP;&NBSP;MONIT6, continue testing stop salt-master service, see effect [[Email protected] ~]# service salt-master stopStopping salt-master daemon: [ ok ][[email protected] ~]# tail -f /var/log /monit[cst jul 21 14:42:47] info : ' tvm-rpm ' Monit started[CST Jul 21 14:48:49] error : ' Salt-master ' process is not running[cst jul 21 14:48:50] info : ' Salt-master ' trying to restart[cst jul 21 14:48:50] info : ' Salt-master ' start: /etc/init.d/salt-master see 2 messages: [Monit alter][test from xxx] tvm-rpm salt-master Does not existDoes not exist Service salt-master date: tue, 21 jul 2015 14:48:49 +0800 Action: restart host: tvm-rpm Description: process is not running your faithful employee , monit [monit Alter][test from xxx] tvm-rpm salt-master existsexists service salt-master Date: Tue, 21 Jul 2015 14:49:51 +0800 Action: alert Host: tvm-rpm Description: process is running with pid 8380 your faithful employee , monit View Salt-master Services:[[email protected] ~]# service salt-master statussalt-master (pid 8380) is running... 7, viewing Monit's own web service [[email protected] ~]# vim /etc/monit.d/ monit-web.conf set httpd port 2812 and use address 192.168.56.253 allow localhost allow 192.168.56.0/24 allow Admin:monit Restart Service: [[email protected] ~]# service monit restart Browser input username admin, Password Monit can access:http://192.168.56.253:2812/8. to monit Web Service plus SSL1) generate certificate [[Email protected] ~]# ls /etc/pki/tlscert.pem certs misc openssl.cnf Private custom One SSL certificate generated configuration file:[[email protected] ~]# echo ' abc ' >/tmp/openssl.rnd[[ email protected] ~]# cat /tmp/monit.ssl.conf # create rsa certs - server randfile = /tmp/openssl.rnd [ req ] default_ bits = 2048 default_md = sha256 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type [ req_dn ] countryname = Country Name (2 letter code) countryName_default = ZH stateOrProvinceName = state or province name (Full name) stateOrProvinceName_default = TESTPROV localityName = Locality Name (eg, city) localityName_default = TESTCITY organizationName = Organization Name (Eg, company) organizationname_default = testcomp Organizationalunitname = organizational unit name (eg, section) organizationalUnitName_default = TESTSVR commonName = Common Name (Fqdn of your server) commonName_default = server.office.com emailaddress = Email Address emailAddress_default = [email protected] [ cert_type ] nsCertType = server generate private keys and certificates:[[email protected] ~]# openssl req -new -x509 -days 365 -nodes -config /tmp/monit.ssl.conf -out /etc/pki/tls/certs/ Monit.pem -keyout /etc/pki/tls/certs/monit.pem View file/etc/pki/tls/certs/monit.pem can see:-----BEGIN Private key----------end private key----------begin certificate----------end CERTIFICATE-----Generate Diffie-hellman Parameters:[[email protected] ~]# openssl gendh 1024 >> /etc/pki/tls/certs/monit.pem View file/etc/pki/tls/certs/monit.pem can see:-----begin dh PARAMETERS----------end dh parameters-----Set permissions: [[email protected] ~]# chmod 600 &NBSP;/ETC/PKI/TLS/CERTS/MONIT.PEM Output certificate information: [[Email protected] ~]# openssl x509 -text &NBSP;-NOOUT&NBSP;-IN&NBSP;/ETC/PKI/TLS/CERTS/MONIT.PEM2) Adjust the monit configuration [[Email protected] ~]# vim /etc/monit.d/monit-web.conf set httpd port 2812 and use address 192.168.56.253 allow localhost allow 192.168.56.0/24 Allow admin:monit ssl enable pemfile /etc/pki/tls /CERTS/MONIT.PEM3) Access Https://192.168.56.253:2812/ZYXW, reference 1, real-world configuration exampleshttps:// Mmonit.com/wiki/monit/configurationexamples2, enable ssl in monithttps://mmonit.com/wiki/monit/ ENABLESSLINMONIT3, First knowledge opensslhttp://blog.csdn.net/jiangwlee/article/details/7724274
Testing using Monit monitoring services