1 检测环境
Redhat6.4环境下需要安装:
httpd gcc glibc glibc-common gd gd-devel
libjpeg(libjpeg-turbo) libjpeg-devel(libjpeg-turbo-devel) libpng libpng-devel
rrdtoolrrdtool-devel perl-rrdtool perl perl-devel
php5php5-devel php5-gd
//mysql所需
libdbi libdbi-devel libdbi-drivers libdbi-dbd-mysql
//这几个一般都已安装
rpm-q httpd
rpm-q gcc
rpm-q glibc
rpm-q glibc-common
2 服务器端源码安装
虽然网上已经有一些安装的文章,但我这种非yum方式的纯手工安装方式相信大家没见过。以下文章用的都是root用户2.1 依赖包安装
大部分rpm依赖包来自linux /media下挂载的系统光盘中的Packages文件夹中也有部分包要去下,我常去的rpm包网站有:http://www.rpm-find.net/linux/RPM/index.html
http://rpm.pbone.net/
有些包可能原来就装好了,但版本比你装的低,那时候可以选择rpm升级,用rpm -Uvh命令。
/****************httpd-devel install**********************/
rpm-ivh db4-cxx-4.7.25-17.el6.x86_64.rpm
rpm-ivh db4-devel-4.7.25-17.el6.x86_64.rpm
rpm-ivh expat-devel-2.0.1-11.el6_2.x86_64.rpm
rpm-ivh cyrus-sasl-devel-2.1.23-13.el6_3.1.x86_64.rpm
rpm-ivh openldap-devel-2.4.23-31.el6.x86_64.rpm
rpm-ivh apr-devel-1.3.9-5.el6_2.x86_64.rpm
rpm-ivh apr-util-devel-1.3.9-3.el6_0.1.x86_64.rpm
rpm-ivh httpd-devel-2.2.15-26.el6.x86_64.rpm
/**********************gd-devel*********************/
rpm -ivhfreetype-devel-2.3.11-6.el6_2.9.x86_64.rpmfontconfig-devel-2.8.0-3.el6.x86_64.rpm zlib-devel-1.2.3-29.el6.x86_64.rpm
rpm -ivhlibxcb-devel-1.8.1-1.el6.x86_64.rpm libXau-devel-1.0.6-4.el6.x86_64.rpmxorg-x11-proto-devel-7.6-25.el6.noarch.rpm
rpm -ivh libX11-devel-1.5.0-4.el6.x86_64.rpm
rpm -ivh libXpm-3.5.10-2.el6.x86_64.rpm
rpm -ivh libXpm-devel-3.5.10-2.el6.x86_64.rpm
rpm -ivh libpng-devel-1.2.49-1.el6_2.x86_64.rpm
rpm -ivh zlib-devel-1.2.3-29.el6.x86_64.rpm
rpm -ivh libjpeg-turbo-devel-1.2.1-1.el6.x86_64.rpm
rpm -ivh gd-2.0.35-11.el6.x86_64.rpm
rpm -ivh gd-devel-2.0.35-11.el6.x86_64.rpm
/****************perl-devel install******************/
rpm -ivh gdbm-devel-1.8.0-36.el6.x86_64.rpm
rpm -ivhperl-devel-5.10.1-136.el6.x86_64.rpmperl-ExtUtils-CBuilder-0.27-136.el6.x86_64.rpmperl-ExtUtils-MakeMaker-6.55-136.el6.x86_64.rpmperl-ExtUtils-ParseXS-2.2003.0-136.el6.x86_64.rpmperl-ExtUtils-Embed-1.28-136.el6.x86_64.rpmperl-Test-Harness-3.17-136.el6.x86_64.rpm
rpm -ivh perl-devel-5.10.1-136.el6.x86_64.rpm
/****************rrd install******************/
rpm -ivhdejavu-lgc-sans-mono-fonts-2.30-2.el6.noarch.rpm
rpm -ivh rrdtool-1.3.8-6.el6.x86_64.rpm
rpm -ivh rrdtool-devel-1.3.8-6.el6.x86_64.rpm
rpm -ivh rrdtool-perl-1.3.8-6.el6.x86_64.rpm
/********************php install*************************/
rpm -ivh php-cli-5.3.3-22.el6.x86_64.rpmphp-common-5.3.3-22.el6.x86_64.rpm
rpm -ivh php-5.3.3-22.el6.x86_64.rpm
rpm -ivh php-gd-5.3.3-22.el6.x86_64.rpm
rpm -ivh autoconf-2.63-5.1.el6.noarch.rpm
rpm -ivh automake-1.11.1-4.el6.noarch.rpm
rpm -ivh php-devel-5.3.3-22.el6.x86_64.rpm
2.2 Mysql安装
这里选择了mysql 5.6.20 rpm包。//redhat默认安装了mysql-libs包,因此需要卸载掉它:
rpm -qa | grep mysql
mysql-libs-5.1.71-1.el6.x86_64/
rpm -e mysql-libs-5.1.71-1.el6.x86_64 –nodeps
//开始安装:
rpm -ivh --replacefilesMySQL-server-5.6.20-1.el6.x86_64.rpm
rpm -ivh --replacefilesMySQL-client-5.6.20-1.el6.x86_64.rpm
rpm -ivh --replacefilesMySQL-devel-5.6.20-1.el6.x86_64.rpm
rpm -ivh MySQL-shared-5.6.20-1.el6.x86_64.rpm
rpm -ivh MySQL-shared-compat-5.6.20-1.el6.x86_64.rpm
rpm -ivh libdbi-0.8.3-4.el6.x86_64.rpm
rpm -ivh libdbi-devel-0.8.3-4.el6.x86_64.rpm
rpm -ivh libdbi-drivers-0.8.3-5.1.el6.x86_64.rpm
rpm -ivh libdbi-dbd-mysql-0.8.3-5.1.el6.x86_64.rpm
//修改mysql密码
# mysqld_safe --user=mysql --skip-grant-tables--skip-networking &
# mysql -u root mysql
//一般这里会报错:
ERROR 2002 (HY000): Can't connect tolocal MySQL server through socket '/tmp/mysql.sock' (2)
# ln -s/var/lib/mysql/mysql.sock /tmp/mysql.sock
mysql> update user set password=PASSWORD('123456')where user='root';
mysql> FLUSH PRIVILEGES;
mysql> quit
#service mysql stop
//选择mysqld_safe更好,原因请搜索mysqld和mysql_safe的区别:
# mysqld_safe &
# mysql -uroot -p
Enter password: <输入新设的密码123456>
mysql>
//修改远程登录,用navicat登录
mysql>GRANT ALL PRIVILEGES ON *.* TO 'root'@'%'WITHGRANT OPTION
mysql> FLUSH PRIVILEGES ;
2.3 创建用户组
创建一个新的Icinga帐户,并设置一个密码.
#> /usr/sbin/useradd -m icinga
#> passwd icinga
在某些发行版本 你需要在这一个步骤中添加组:
#> /usr/sbin/groupadd icinga
#> /usr/sbin/usermod -a -G icinga apache
2.4 icinga-pnp4-cn-1.11.5安装
#>tar -xvf icinga-pnp4-cn-1.11.5.tar.xz
#>cd icinga-pnp4-cn-1.11.5
#>./configure --prefix=/usr/local/icinga--with-icinga-user=icinga -with-icinga-group=icinga --with-commond-user=icinga--with-command-group=icinga --with-mail=/usr/bin/mutt --with-perl_lib_path=/usr/lib64/perl5--with-libdbi-driver-dir=/usr/lib64 --enable-nanosleep--enable-event-broker
报错:error:
configure: error:Perl Module Time::HiRes not available
//perl包安装我一般去下面网站下载,目前还没发现没找到的。
https://metacpan.org/
1:download Time::HisRes path icinga/perl/Time-HiRes-1.9726.tar.gz
2:tar -zxvf Time-HiRes-1.9726.tar.gz
3:cd Time-HiRes-1.9726
4:perl Makefile.PL
5:make install (ensure user is root)
//重新执行./configue
#>./configure --prefix=/usr/local/icinga--with-icinga-user=icinga -with-icinga-group=icinga --with-commond-user=icinga--with-command-group=icinga --with-mail=/usr/bin/mutt --with-perl_lib_path=/usr/lib64/perl5--with-libdbi-driver-dir=/usr/lib64 --enable-nanosleep--enable-event-broker
//安装完上述步骤
#>make all
#>make fullinstall
#>make install-config
2.5 导入icinga表数据
# mysql -u root -p
报错:
You must SET PASSWORD before executing this statement
mysql> SETPASSWORD = PASSWORD('123456');
mysql>create database icinga default charset=utf8;
mysql>grant usage on icinga.* to 'icinga'@'localhost' identified by 'icinga' withmax_queries_per_hour 0 max_connections_per_hour 0 max_updates_per_hour 0;
mysql>grant select,insert,update,delete,drop,create view,index,execute on icinga.* to'icinga'@'localhost';
mysql>flush privileges;
mysql>quit;
//向MySQL导入数据库架构:
#> cd ./module/idoutils/db/mysql
#> mysql -u root -p icinga < mysql.sql
升级MySQL数据库,升最新的版本,但效果不明:
#> cd ../../../../module/idoutils/db/mysql/upgrade
#> mysql -u root -p icinga <mysql-upgrade-x.sql
编辑DB配置文件自定义IDOUtils
#> vi /usr/local/icinga/etc/ido2db.cfg
db_servertype=mysql
db_port=3306
db_user=icinga
db_pass=icinga
2.6 安装Icinga附带的经典web界面
#> cd icinga-pnp4-cn-1.11.5
#> make cgis
#> make install-cgis
#> make install-html
//安装经典web配置文件到Apache的conf.d目录下.
#> make install-webconf
//创建 icingaadmin 账户,登录到Icinga经典web界面. 记住您分配给这个帐户的密码 -稍后你会需要它.
#> htpasswd -c/usr/local/icinga/etc/htpasswd.users icingaadmin
//如果你想改变用户密码,或添加另一个用户,请使用以下命令:
#> htpasswd/usr/local/icinga/etc/htpasswd.users <USERNAME>
//重新载入/重新启动Apache使新的设置生效.
#> service httpd restart
2.7 编译并安装nagios libexec插件
#>tar –xvf nagios-cn-plugins-2.0.tar.bz2
#>cd nagios-cn-plugins-2.0
#>./configure --prefix=/usr/local/icinga--with-package-name=icinga-plugins --with-cgiurl=/icinga/cgi-bin--with-nagios-user=icinga --with-nagios-group=icinga
#> make
#> make install
2.8 安装check_nrpe 插件
#>tar -zxvf icinga-nrpe-2.14.tar.gz
#>cd icinga-nrpe-2.14
#>./configure --prefix=/usr/local/icinga --enable-ssl
报错:
checking for SSL headers... configure:error: Cannot find ssl headers
/****************openssl-develinstall********************/
rpm-ivh keyutils-libs-devel-1.4-4.el6.x86_64.rpm
rpm -Uvhlibcom_err-1.41.12-18.el6.x86_64.rpm e2fsprogs-libs-1.41.12-18.el6.x86_64.rpme2fsprogs-1.41.12-18.el6.x86_64.rpm libss-1.41.12-18.el6.x86_64.rpm
rpm-ivh libcom_err-devel-1.41.12-18.el6.x86_64.rpm
rpm-ivh libsepol-devel-2.0.41-4.el6.x86_64.rpm
rpm -Uvhlibselinux-2.0.94-5.3.el6_4.1.x86_64.rpmlibselinux-utils-2.0.94-5.3.el6_4.1.x86_64.rpmlibselinux-python-2.0.94-5.3.el6_4.1.x86_64.rpm
rpm-ivh libselinux-devel-2.0.94-5.3.el6_4.1.x86_64.rpm
rpm -Uvh krb5-libs-1.10.3-10.el6_4.6.x86_64.rpmkrb5-workstation-1.10.3-10.el6_4.6.x86_64.rpm
rpm-ivh krb5-devel-1.10.3-10.el6_4.6.x86_64.rpm
rpm-Uvh openssl-1.0.1e-15.el6.x86_64.rpm
rpm-Uvh zlib-1.2.3-29.el6.x86_64.rpm
rpm-ivh zlib-devel-1.2.3-29.el6.x86_64.rpm
rpm-ivh openssl-devel-1.0.1e-15.el6.x86_64.rpm
#>cd icinga-nrpe-2.14
#>./configure --prefix=/usr/local/icinga --enable-ssl
#>make all
#>make install-plugin
2.9 调整SELinux的设置
#>vi /etc/selinux/config
SELINUX=disabled
#>reboot
2.10设置防火墙规则
//请确保您的系统的防火墙规则配置为允许访问到Web服务器,如果您要远程访问的Icinga的经典Web界面.
#> iptables -A INPUT -p tcp -m tcp --dport80 -j ACCEPT
//或者:
#> service iptables stop
2.11启动icinga
//验证Icinga的配置文件样本.
#>/usr/local/icinga/bin/icinga -v /usr/local/icinga/etc/icinga.cfg
//一切正常将显示OK信息。如何有任何错误将会显示相应错误出现的未知. 启动 Icinga.
#> service ido2db start
#> service icinga start
开机重启后,发现只有icinga进程随系统启动,ido2db没有启动。需httpd和ido2db配置开机启动,还需进一步验证。
#> chkconfig --add httpd
#>chkconfig --add ido2db
#> chkconfig --add icinga
#>chkconfig httpd on
#>chkconfig ido2db on
#>chkconfig icinga on
3 客户端源码安装
3.1 添加用户(普通账户)icinga
#> /usr/sbin/useradd icinga
#> passwd icinga
3.2 客户端编译和安装Icinga插件
#>tar jxvf nagios-cn-plugins-1.5.tar.bz2
#> cd nagios-cn-plugins-1.5
#>./configure -prefix=/usr/local/icinga --with-package-name=icinga-plugins--with-nagios-user=icinga --with-nagios-group=icinga
#> make
#> make install
#查看播件文件是否已安装在这个目录
ls /usr/local/icinga/libexec
3.3 客户端编译和安装Nrpe
#>tar xvzf icinga-nrpe-2.14.tar.gz
#> cd icinga-nrpe-2.14
#> ./configure --prefix=/usr/local/icinga--with-nrpe-user=icinga --with-nrpe-group=icinga --with-icinga-user=icinga--with-icinga-group=icinga --enable-command-args --enable-ssl
报错:
checking for SSL headers... configure:error: Cannot find ssl headers
和服务器端一样的处理办法,装一大堆openssl所依赖的包。
//重新编译:
#>cd icinga-nrpe-2.14
#> ./configure --prefix=/usr/local/icinga--with-nrpe-user=icinga --with-nrpe-group=icinga --with-icinga-user=icinga--with-icinga-group=icinga --enable-command-args --enable-ssl
make all
make install
make install-plugin
make install-daemon
make install-daemon-config
make install-init
3.4 配置客户端Nrpe
添加nrpe服务器地址,允许服务器对其读取信息
#> vi /usr/local/icinga/etc/nrpe.cfg
#> allowed_hosts=127.0.0.1,IPADDRESS
增加command字段来添加要监控的服务,建议使用带参数的方式。
3.5 启动Nrpe
#>service icinga-nrpe start
检测服务端check_nrpe与客户端运行的nrpedaemon之间的通信
/usr/local/icinga/libexec/check_nrpe -H ClientIPADDRESS
4 自动部署客户端
为了方便客户端多机器部署。其他客户端可以使用源码编译后的文件。首先需要源码安装目录下的所有文件,第三部分我用的安装目录是/usr/local/icinga,可以将该icinga文件作为基础文件夹;其次需要2个lib文件,它们都在/usr/lib64 下:libssl.so.1.0.1e和libcrypto.so.1.0.1e我一般在放在/usr/local/icinga目录基础上加了个lib文件夹,专门放这些lib文件;再次需要/etc/rc.d/init.d/icinga-nrpe文件,用来配置service服务,也放在/usr/local/icinga下可能还会需要一些perl类库,类似lib包方式也放在/usr/local/icinga中;最后将/usr/local/icinga打包,名叫icinga.tar.gz
4.1 添加用户icinga
#> /usr/sbin/useradd icinga
4.2 客户端安装
tar-zxvf icinga.tar.gz
mv icinga /usr/local/
chown-R root:root /usr/local/icinga
chmod-R 755 /usr/local/icinga
1.2.1 添加service服务
//这样方便使用servcie icinga-nrpe start来启动服务,并能配置开机自启等。 ln-sf /usr/local/icinga/icinga-nrpe /etc/rc.d/init.d/icinga-nrpe
1.2.2 添加依赖lib库(软链接)
ln-sf /usr/local/icinga/lib/libssl.so.1.0.1e /usr/lib64/libssl.so.10
ln-sf /usr/local/icinga/lib/libcrypto.so.1.0.1e /usr/lib64/libcrypto.so.10
1.3 配置客户端Nrpe
添加nrpe服务器地址,允许服务器对其读取信息
#> vi /usr/local/icinga/etc/nrpe.cfg
#> allowed_hosts=127.0.0.1,IPADDRESS
1.4 启动Nrpe
#>service icinga-nrpe start
如果报,则表示启动成功:
Startingnrpe: [ OK ]
检测服务端check_nrpe与客户端运行的nrpedaemon之间的通信
/usr/local/icinga/libexec/check_nrpe-H ClientIPADDRESS
1.5 配置监测项目,登录web页面
//通知icinga管理员配置所需要监测的项目
//Icinga管理员配置完后,通知申请者查看web页面
测试环境ip:
http://192.168.59.15/icinga/
用户:icingaadmin
密码:admin
5 TroubleShooting
5.1 客户端Nrpe报错
执行命令:
/usr/local/icinga/libexec/check_nrpe-H 192.168.54.36
错误内容:
CHECK_NRPE:Error - Could not complete SSL handshake.
解决方法:
// 关闭防火墙
Serviceiptables stop
//重启客户端nrpe服务
Serviceicinga-nrpe restart | 
QQ群⑧:
窥视卡
雷达卡
发表于 2015-11-23 14:52:17
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡