本文共 9254 字,大约阅读时间需要 30 分钟。
ncpa是nagios最近几年推出的监控客户端,已日趋完善,用于替代老旧的nrpe。
首先,nagios的优点在于
| 1 2 3 4 5 6 7 8 9 10 11 12 13 | 1、监控界的工业标准,专注报警近二十年(1999年诞生) 业界的话是这样的,每种监控系统背后都有nagios的影子 2、优秀的设计永不过时,无数据库设计 与zabbix的臃肿相比,nagios是遵循unix哲学的典范,做一件事并把它做好。 无数据库设计,不让数据库拖后腿。 3、c语言编写,超高性能 nagios4.0以前,采用了类似apache prefork模式,性能一度受到影响。在事件模型出现以前,它仍然是当时最好的方案。 nagios4.0之后,采用了类似nginx的事件模型,以极小的内存代价,取得性能上质的提升,10k+不成问题。 4、优秀的插件机制,非常灵活 nagios积累了十余年的由社区贡献的海量插件,自己编写插件也十分容易。 |
ncpa比nrpe优秀的地方在于
| 1 2 3 4 5 6 7 8 9 10 | 1、支持被动监控,即ncpa主动向nagios上报(通过nrdp) 2、ncpa跟snmp类似,基本不需要配置,自带基本监控项,比如cpu,内存,服务、进程等, 而nrpe需要在客户端定义一堆check,然后还要在nagios服务端再定义一遍,非常繁琐。 3、保留原有的nagios插件 4、通过简单的脚本编程,在nagios服务端用nmap扫描ncpa客户端,可以实现自动添加基本监控 5、环境依赖除了python2.7,对系统没有任何侵入 |
本文描述基于nagios+ncpa的主动监控,替代nrpe。
环境
| 1 2 | 服务端:CentOS 7 + nagios 4 IP:192.168.1.200 客户端:CentOS 7 + ncpa 2.0.6 IP:192.168.1.50 |
客户端配置
1、安装ncpa
| 1 | rpm -ivh https: //assets .nagios.com /downloads/ncpa/ncpa-2 .0.6.el7.x86_64.rpm |
2、启动ncpa服务
| 1 2 3 4 | /etc/init .d /ncpa_passive start /etc/init .d /ncpa_listener start chkconfig ncpa_listener on chkconfig ncpa_passive on |
3、客户端开启防火墙端口5693
| 1 | iptables -A INPUT -p tcp --dport 5693 -j ACCEPT |
或
| 1 | iptables -A INPUT -s 192.168.1.200 -p tcp --dport 5693 -j ACCEPT |
服务端配置
安装nagios(简略版)
| 1 2 3 4 5 | yum install epel-release -y yum install nagios httpd php php-pecl-zendopcache fping nmap -y systemctl enable httpd nagios systemctl start httpd nagios iptables -A INPUT -p tcp --dport 80 -j ACCEPT |
| 1 2 3 4 5 6 7 | mkdir -p /etc/nagios/bin mkdir -p /etc/nagios/hosts mkdir -p /etc/nagios/services mkdir -p /etc/nagios/template echo "cfg_dir=/etc/nagios/hosts" >> /etc/nagios/nagios .cfg echo "cfg_dir=/etc/nagios/services " >> /etc/nagios/nagios .cfg service nagios restart |
一、主机自动发现
所谓自动发现,就是用扫描器扫描局域网,
1、如果IP已在监控之内,则略过;
2、如果是新IP,则按照固定的模板,创建配置文件,并通知管理员;
3、如果某个IP发现后又消失了,nagios会报警,通知管理员。
这样就形成了一个局域网IP管理的闭环。
使用fping配置主机自动发现
创建主机模板文件/etc/nagios/template/host.cfg,内容如下:
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | define host { host_name HOST address HOST check_command check-host-alive max_check_attempts 3 check_interval 5 retry_interval 1 check_period 24x7 contacts nagiosadmin notification_interval 60 notification_period 24x7 notifications_enabled 1 } 创建脚本/etc/nagios/bin/find-hosts.sh,内容如下: |
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 | #!/usr/bin/env bash if [ ! -f /usr/sbin/fping ]; then yum install fping -y fi network=$1 echo_usage() { echo -e "\e[1;31mUsage: $0 [network] \e[0m" echo -e "example: \e[1;32m $0 192.168.0.0/24 \e[0m" echo exit 3 } if [ x$network == "x" ]; then echo_usage fi ######################################################## ######################################################## dir = /etc/nagios/hosts host_template= /etc/nagios/template/host .cfg result=$(mktemp -u /tmp/fping-XXXXXX ) mkdir -p $ dir fping -a -q -g $network > $result i=0 while read host; do if [ ! -f /etc/nagios/hosts/ $host.cfg ]; then echo new host found $host #mailx -s "new host found :$host" root@localhost sed "s/HOST/$host/g" $host_template > $ dir /$host.cfg i=$( expr $i + 1) fi done < $result rm -rf $result if [ $i - eq 0 ]; then echo no new host found exit 0 fi if (nagios - v /etc/nagios/nagios .cfg | grep -q "Things look okay" ); then echo "nagios configuration is OK" sleep 1 service nagios restart echo "nagios restart successfully" else echo "nagios restart failed.please check" exit 1 fi |
通过定时任务运行这个脚本,即可自动添加主机监控,也可以修改脚本,让每次发现新机器时发邮件通知管理员。
二、服务自动发现
使用nmap+check_ncpa实现服务自动发现
1、下载check_ncpa
| 1 2 3 4 | wget https: //assets .nagios.com /downloads/ncpa/check_ncpa . tar .gz tar zxvf check_ncpa. tar .gz cp check_ncpa.py /usr/lib64/nagios/plugins/ cp check_ncpa.py /usr/bin/ |
2、配置check_ncpa
创建文件/etc/nagios/conf.d/check_ncpa.cfg,内容如下:
| 1 2 3 4 5 | # 'check_ncpa' command definition define command { command_name check_ncpa command_line $USER1$ /check_ncpa .py -H $HOSTADDRESS$ -P 5693 -t mytoken $ARG1$ } |
3、测试check_ncpa.py
| 1 | python check_ncpa.py -H 192.168.1.50 -p 5693 -t mytoken -l |
4、创建服务发现模板
常规的监控项目无外乎两类,一类是基本的CPU、swap、负载、磁盘等,另一种是服务,比如nginx
创建文件/etc/nagios/template/ncpa-service.cfg,内容如下:
| 1 2 3 4 5 6 7 8 9 10 11 12 | define service { host_name HOST service_description SERVICE check_command check_ncpa!-M service/SERVICE max_check_attempts 3 check_interval 5 retry_interval 1 check_period 24x7 notification_interval 60 notification_period 24x7 contacts nagiosadmin } |
创建文件/etc/nagios/template/ncpa-basic.cfg,内容如下:
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 | #监控uptime,防止机器重启 define service { host_name HOST service_description system uptime check_command check_ncpa!-M system/uptime -w @60:120 -c @1:60 max_check_attempts 3 check_interval 5 retry_interval 1 check_period 24x7 notification_interval 60 notification_period 24x7 contacts nagiosadmin } #监控CPU使用率 define service { host_name HOST service_description CPU Usage check_command check_ncpa!-M cpu/percent -w 50 -c 80 -q 'aggregate=avg' max_check_attempts 3 check_interval 5 retry_interval 1 check_period 24x7 notification_interval 60 notification_period 24x7 contacts nagiosadmin } #监控swap define service { host_name HOST service_description swap Usage check_command check_ncpa!-M memory/swap -w 512 -c 1024 -u mb max_check_attempts 3 check_interval 5 retry_interval 1 check_period 24x7 notification_interval 60 notification_period 24x7 contacts nagiosadmin } #监控进程总数 define service { host_name HOST service_description Process Count check_command check_ncpa!-M processes -w 500 -c 1000 max_check_attempts 3 check_interval 5 retry_interval 1 check_period 24x7 notification_interval 60 notification_period 24x7 contacts nagiosadmin } #监控磁盘空间 define service { host_name HOST service_description Disk Usage check_command check_ncpa!-M 'plugins/check_disk' -a "-w 20 -c 10 --local" max_check_attempts 3 check_interval 5 retry_interval 1 check_period 24x7 notification_interval 60 notification_period 24x7 contacts nagiosadmin } #监控系统负载 define service { host_name HOST service_description Load average check_command check_ncpa!-M 'plugins/check_load' -a "-w 8,4,4 -c 12,8,8" max_check_attempts 3 check_interval 5 retry_interval 1 check_period 24x7 notification_interval 60 notification_period 24x7 contacts nagiosadmin } #监控僵尸进程 define service { host_name HOST service_description Load average check_command check_ncpa!-M 'plugins/check_procs' -a "-w 3 -c 5 -s Z" max_check_attempts 3 check_interval 5 retry_interval 1 check_period 24x7 notification_interval 60 notification_period 24x7 contacts nagiosadmin } |
创建自动发现脚本/etc/nagios/bin/find-ncpa.sh,内容如下
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 | #!/usr/bin/env bash if [ ! -f /usr/bin/nmap ]; then yum install nmap -y fi network=$1 usage() { echo -e "\e[1;31mUsage: $0 [ip|ip-rang|network] \e[0m" echo -e "example1: \e[1;32m $0 192.168.0.100 \e[0m" echo -e "example2: \e[1;32m $0 192.168.1-200 \e[0m" echo -e "example3: \e[1;32m $0 192.168.2.0/24 \e[0m" echo exit 0 } if [ x$network == "x" ]; then usage fi dir = "/etc/nagios/services" ncpa_basic_template= "/etc/nagios/template/ncpa-basic.cfg" ncpa_service_template= "/etc/nagios/template/ncpa-service.cfg" nmap -sS -p 5693 -- open $network | awk '/Nmap scan report for/{print $5}' > /tmp/ncpa_hosts .txt while read host; do if [ ! -f $ dir /$host.cfg ]; then touch $ dir /$host.cfg sed "s/HOST/$host/g" $ncpa_basic_template >> $ dir /$host.cfg /usr/local/bin/check_ncpa .py -H $host -t mytoken -M services -l | grep running | awk '/running/{print $1}' | tr -d \ " |tr -d \: |egrep -v " @|systemd" > /tmp/ $host.servicelist.txt while read service; do sed -e "s/HOST/$host/g" -e "s/SERVICE/$service/g" $ncpa_service_template >> $ dir /$host.cfg done < /dev/shm/ $host.servicelist.txt rm -rf /dev/shm/ $host.servicelist.txt fi done < /tmp/ncpa_hosts .txt rm -rf /tmp/ncpa_hosts .txt if (nagios - v /etc/nagios/nagios .cfg | grep -q "Things look okay" ); then echo "nagios configuration is OK" sleep 1 service nagios restart echo "nagios restart successfully" else echo "nagios restart failed. please check" exit 1 fi |
业务监控
自动发现在很大程度上可以减轻工作量,但具体的业务监控仍然需要手动添加。
比如监控nginx是否重启过 (运行时长是否超过1800秒)
| 1 2 3 4 5 6 7 8 9 10 11 12 13 | #监控进程运行时长 define service { host_name HOST service_description Load average check_command check_ncpa!-M plugins/check_procs -a "-a nginx -m ELAPSED -w @1800:3600 -c @1:1800" max_check_attempts 3 check_interval 5 retry_interval 1 check_period 24x7 notification_interval 60 notification_period 24x7 contacts nagiosadmin } |
对于php-fpm这类动态进程模型,其特点是root身份启动一个master进程,子进程属主是普通用户,且个数是动态的,故只需监控master进程运行时长即可,也可以照葫芦划瓢,
| 1 2 3 4 5 6 7 8 9 10 11 12 13 | #监控php-fpm define service { host_name HOST service_description Load average check_command check_ncpa!-M plugins/check_procs -a "-u root -a php-fpm -m ELAPSED -w @1800:3600 -c @1:1800" max_check_attempts 3 check_interval 5 retry_interval 1 check_period 24x7 notification_interval 60 notification_period 24x7 contacts nagiosadmin } |