参考:http://space.itpub.net/228190/viewspace-578408
示意图:
监控机安装NRPE
wget http://nchc.dl.sourceforge.net/sourceforge/nagios/nrpe-2.12.tar.gz
tar zxvf nrpe-2.12.tar.gz
cd nrpe-2.12
./configure –prefix=/usr/local/nagios
make all
make install-plugin
#监控机只需安装到这步
被监控机添加用户
groupadd nagios
useradd -g nagios -d /usr/local/nagios -s /sbin/nologin nagios
被监控机安装plugin
wget http://nchc.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.13.tar.gz
tar zxf nagios-plugins-1.4.13.tar.gz
cd nagios-plugins-1.4.13
./configure –with-nagios-user=nagios –with-nagios-group=nagios –prefix=/usr/local/nagios –with-ping-command=”/bin/ping” –with-mysql=/opt/mysql
make
make install
#查看播件文件是否已安装在这个目录
ls /usr/local/nagios/libexec
被监控机安装NRPE
wget http://nchc.dl.sourceforge.net/sourceforge/nagios/nrpe-2.12.tar.gz
tar zxvf nrpe-2.12.tar.gz
cd nrpe-2.12
./configure –prefix=/usr/local/nagios
make all
make install-plugin
make install-daemon
make install-daemon-config
chown -R nagios:nagios /usr/local/nagios
配置 NRPE:
vi /usr/local/nagios/etc/nrpe.cfg
allowed_hosts=127.0.0.1,192.168.1.91
#Nagios监控机的地址或域名
修改/etc/hosts.allow增加监控机ip
echo ‘nrpe:192.168.1.91’ >> /etc/hosts.allow
启动 NRPE 守护进程:
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
可以将此命令加入 /etc/rc.local ,以便开机自动启动。
echo “/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d” >> /etc/rc.local
检查 NRPE 是否正常:
在被监控机上
/usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
查看相应的端口:netstat -an |grep 5666
防火墙开启5666 允许局域网IP或固定IP连接
在监控主机上
/usr/local/nagios/libexec/check_nrpe -H $目标主机地址
都应该可以输出 NRPE 的版本: NRPE v2.12
检查可监控的服务
在被监控端的 nrpe.cfg 文件中,可以看到这样的配置:
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20
这是用来检查 CPU 负载的。
如果需要自定参数则使用下面命令
command[check_load]=/usr/local/nagios/libexec/check_load -w $ARG1$ -c $ARG2$
并开启dont_blame_nrpe =1
开启参数将会带来一定的安全风险
被监控机重启nrpe
ps aux|grep nrpe
kill $pid
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
监控机设置
在监控机commands.cfg 添加nrpe的定义
# ‘check_nrpe ‘ command definition
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
增加hostA.cfg
在/usr/local/nagios/etc/objects/ 目录下新建文件:hostA.cfg
把A.cfg添加到nagios主机:
echo “cfg_file=/usr/local/nagios/etc/objects/hostA.cfg” >> /usr/local/nagios/etc/nagios.cfg
如果要再添加B机器方法炮制就可以了
hostA.cfg
define host{
use generic-server
host_name A
alias A
address A 的IP
}
define service{
use generic-service
host_name A
service_description load
check_command check_nrpe!check_load
#使用自定参数
#check_command check_nrpe!check_load!6.0,5.0,4.0!15.0,8.0,6.0
}
重启监控机nagios
service nagios reload
访问http://localhost/nagios就可以看到新增的机器了
如何修改nrpe端口
被监控机nrpe.cfg修改server_port为15666
/usr/local/nagios/libexec/check_nrpe -p 15666 -H 127.0.0.1
server_port=15666
重启nrpe
监控机commands.cfg增加-p 15666
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -p 15666 -c $ARG1$
}
重启nagios就可以了
Connection refused or timed out
检查nrpe 端口
检查nrpe.cfg中allowed_hosts是否包含监控机ip地址
检查/etc/hosts.allow文件中监控机ip地址nrpe:192.168.1.91
检查iptables
开放5666端口
iptables -L
iptables -A RH-Firewall-1-INPUT -p tcp -m state –state NEW -m tcp –dport 5666 -j ACCEPT
#注意顺序
iptables -L
service iptables save
service iptables restart
NRPE: Unable to read output
1.检查客户端nrpe的权限是否可读,可被nagios执行。
2.检查nrpe.cfg里面commands命令路径是否正确。
CHECK_NRPE: Error – Could not complete SSL handshake.
1.查看防火墙
2.nrpe.cfg中授权ip
3./etc/hosts.allow中授权ip
非常详尽的笔记