Testing using Monit monitoring services

Source: Internet
Author: User
Tags ssl certificate

Testing using Monit monitoring services

First, the basic Environment 1, on the basis of tvm-rpm test. 2, Network: eth0:host-only (for virtual intranet, manually fixed IP, so from the host can directly connect to this VM) Eth1:nat (for Sisu network, dynamic IP) [[email protected] ~]#  cd /etc/sysconfig/network-scripts/[[email protected] network-scripts]# cat  ifcfg-eth0device=eth0type=ethernetonboot=yesnm_controlled=yesbootproto=noneipaddr=192.168.56.253prefix= 24gateway=192.168.56.1dns1=192.168.56.254[[email protected] network-scripts]# cat  ifcfg-eth1device=eth1type=ethernetonboot=yesnm_controlled=yesbootproto=dhcpdns1=192.168.56.254 Second, configure the Monit environment 1, The Salt-master service has been configured, and the PID is enabled in the configuration. [[Email protected] ~]# vim /etc/salt/master pidfile: /var/run/salt-master.pid2, Install Monit[[email protected] ~]# yum -y install monit after installing the default log file in:/var/log/ Monit rolling compression has also been configured well: [[email protected] ~]# cat /etc/logrotate.d/monit    / Var/log/monit {    missingok    notifempty    size 100k    create 0644 root root     Postrotate        /sbin/service monit condrestart >  /dev/null 2>&1 | |  :    endscript}3, personalization 1) configuration file in/etc/monit.conf/etc/monit.d2) default already has its own configuration for log: [[email  protected] ~]# cat /etc/monit.d/logging # log to monit.logset  logfile /var/log/monit3) Mail Related: [[email protected] ~]# vim /etc/monit.d/monit-mail.conf#  mail serverset mailserver smtp.xxx.com port 25    username   "[email protected]"  password  "xxx" # later delivery retryset  Eventqueue    basedir /var/monit    slots 100# mail  formatset mail-format {        from: [email protected]        subject: [monit alter][test  from xxx]  $HOST   $SERVICE   $EVENT         message:   $EVENT  Service  $SERVICE                  Date:         $DATE                  Action:        $ACTION                  Host:         $HOST                  Description:  $DESCRIPTION                 Your faithful employee,        &Nbsp;       monit    }# mail recipientsset &NBSP;ALERT&NBSP;[EMAIL&NBSP;PROTECTED]4) Monitoring for a specified service: [[EMAIL&NBSP;PROTECTED]&NBSP;~]#&NBSP;VIM&NBSP;/ETC/MONIT.D /salt-master.conf check process salt-master with pidfile /var/run/ salt-master.pid  start program =  "/etc/init.d/salt-master start"   stop  program =  "/etc/init.d/salt-master stop" NOTE 1: Various monitoring methods, this can be consulted on the configuration files and official website examples. Note 2: The Alarm object can also specify the range of events.   4, start service [[Email protected] ~]# service monit startstarting monit:  monit: generated unique monit id 5701f8ce7fd7a6a69c713ec2b1b5f22e and  stored to  '/root/.monit.id '                                                               [  ok  ] View log: no exception. Join boot:[[email protected] ~]# chkconfig monit on5.  view Mail [monit Alter][test  from xxx] tvm-rpm tvm-rpm Monit instance changed   Sender:test  <[email protected]>      : July 21, 2015 (Tuesday)   2:42 to: admin <[ email protected]> monit instance changed service tvm-rpm                 Date:         Tue, 21 Jul 2015 14:42:47 +0800                 Action:       start                host:        tvm-rpm                 description: monit  started               your  faithful employee,              &NBSP;&NBSP;MONIT6, continue testing stop salt-master service, see effect [[Email protected] ~]# service salt-master  stopStopping salt-master daemon:                                 [  ok  ][[email protected] ~]# tail -f /var/log /monit[cst jul 21 14:42:47] info     :  ' tvm-rpm '  Monit  started[CST Jul 21 14:48:49] error    :  ' Salt-master '  process is not  running[cst jul 21 14:48:50] info     :  ' Salt-master '   trying to restart[cst jul 21 14:48:50] info     :  ' Salt-master '  start: /etc/init.d/salt-master see 2 messages: [Monit alter][test from xxx]  tvm-rpm salt-master Does not existDoes not exist Service  salt-master                 date:        tue, 21 jul 2015 14:48:49 +0800                 Action:       restart                 host:        tvm-rpm                 Description: process is not running                your faithful employee ,               monit                [monit Alter][test  from xxx] tvm-rpm salt-master existsexists service salt-master                 Date:         Tue, 21 Jul 2015 14:49:51 +0800                 Action:       alert                Host:         tvm-rpm                 Description: process is running with pid 8380                your faithful employee ,               monit                 View Salt-master Services:[[email  protected] ~]# service salt-master statussalt-master  (pid  8380)  is  running...  7, viewing Monit's own web service [[email protected] ~]# vim /etc/monit.d/ monit-web.conf set httpd port 2812 and    use address  192.168.56.253    allow localhost    allow 192.168.56.0/24    allow  Admin:monit Restart Service: [[email protected] ~]# service monit restart Browser input username admin, Password Monit can access:http://192.168.56.253:2812/8.  to monit Web Service plus SSL1) generate certificate [[Email protected] ~]# ls  /etc/pki/tlscert.pem  certs  misc  openssl.cnf   Private custom One SSL certificate generated configuration file:[[email protected] ~]# echo  ' abc '  >/tmp/openssl.rnd[[ email protected] ~]# cat /tmp/monit.ssl.conf # create rsa certs -  server  randfile = /tmp/openssl.rnd  [ req ]  default_ bits = 2048  default_md = sha256  encrypt_key = yes   distinguished_name = req_dn  x509_extensions = cert_type  [  req_dn ]  countryname = Country Name  (2 letter code)   countryName_default = ZH   stateOrProvinceName             =  state or province name  (Full name)   stateOrProvinceName_default      = TESTPROV  localityName                     = Locality Name  (eg,  city)   localityName_default             = TESTCITY  organizationName                 = Organization Name  (Eg, company)    organizationname_default        = testcomp   Organizationalunitname          = organizational unit name  (eg, section)    organizationalUnitName_default  = TESTSVR  commonName                       =  Common Name  (Fqdn of your server)   commonName_default               = server.office.com   emailaddress                     = Email Address  emailAddress_default             = [email protected]  [ cert_type  ]  nsCertType = server   generate private keys and certificates:[[email protected] ~]#  openssl req -new -x509 -days 365 -nodes -config /tmp/monit.ssl.conf -out /etc/pki/tls/certs/ Monit.pem -keyout /etc/pki/tls/certs/monit.pem View file/etc/pki/tls/certs/monit.pem can see:-----BEGIN  Private key----------end private key----------begin certificate----------end  CERTIFICATE-----Generate Diffie-hellman Parameters:[[email protected] ~]# openssl gendh 1024  >> /etc/pki/tls/certs/monit.pem View file/etc/pki/tls/certs/monit.pem can see:-----begin dh  PARAMETERS----------end dh parameters-----Set permissions: [[email protected] ~]# chmod 600 &NBSP;/ETC/PKI/TLS/CERTS/MONIT.PEM Output certificate information: [[Email protected] ~]# openssl x509 -text &NBSP;-NOOUT&NBSP;-IN&NBSP;/ETC/PKI/TLS/CERTS/MONIT.PEM2) Adjust the monit configuration [[Email protected] ~]# vim  /etc/monit.d/monit-web.conf set httpd port 2812 and    use  address 192.168.56.253    allow localhost    allow 192.168.56.0/24     Allow admin:monit    ssl enable    pemfile /etc/pki/tls /CERTS/MONIT.PEM3) Access Https://192.168.56.253:2812/ZYXW, reference 1, real-world configuration exampleshttps:// Mmonit.com/wiki/monit/configurationexamples2, enable ssl in monithttps://mmonit.com/wiki/monit/ ENABLESSLINMONIT3, First knowledge opensslhttp://blog.csdn.net/jiangwlee/article/details/7724274


Testing using Monit monitoring services

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.