Saturday, April 11, 2020

Ubuntu: Step by Step Guide to Install and Configure Nagios on Ubuntu 18.04

Step by step guide to install and configure Nagios on Ubuntu 18.04


Nagios is server monitoring tool freely available.
OS: Ubuntu 18.04
Nagios: nagios-4.4.5
Nagios Plugin: nagios-plugins-2.3.3

if test "nagios-plugins" = "gettext-tools"; then \
  /bin/mkdir -p /usr/local/nagios/share/gettext/po; \
  for file in Makefile.in.in remove-potcdate.sin    Makevars.template; do \
    /usr/bin/install -c -o nagios -g nagcmd -m 644 ./$file \
                    /usr/local/nagios/share/gettext/po/$file; \
  done; \
  for file in Makevars; do \
    rm -f /usr/local/nagios/share/gettext/po/$file; \
  done; \
else \
  : ; \
fi



1. We are going to build nagios from source code. First install the build dependencies on your system.
root@sam:~# apt-get install build-essential libgd-dev openssl libssl-dev unzip wget

2. Install apache, php
root@sam:~# apt-get install apache2 php libapache2-mod-php php-gd libgd-dev

3. Create nagios user
root@sam:~# groupadd nagcmd
root@sam:~# useradd -G nagcmd nagios
root@sam:~# id nagios
uid=1001(nagios) gid=1002(nagios) groups=1002(nagios),1001(nagcmd)

4. Installing Nagios
A. Installing Nagios Binary
B. Installing Nagios using source code

A. Nagios Binary installation
a. Go to github and download the software
https://www.nagios.org/downloads/nagios-core/thanks/?skip=1&t=1524771419
or
https://github.com/NagiosEnterprises/nagioscore/releases
root@sam:~# wget https://github.com/NagiosEnterprises/nagioscore/releases/download/nagios-4.4.5/nagios-4.4.5.tar.gz

b. Extract the package
root@sam:~# tar xpf nagios-4.4.5.tar.gz
root@sam:~# ls
mysleep.sh  nagios-4.4.5  nagios-4.4.5.tar.gz  releases
root@sam:~# cd nagios-4.4.5/
root@sam:~/nagios-4.4.5# ./configure --with-command-group=nagcmd --with-nagios-group=nagios

may take a while to complete. Review the error if you get any.

Now, make it with the number of processor. I have 4 CPU core which will speed up the process..

# make -j4 all

You successfully compile your software. Now its time to install the software component.
root@sam:~/nagios-4.4.5# make install
root@sam:~/nagios-4.4.5# make install-init
root@sam:~/nagios-4.4.5# make install-daemoninit
root@sam:~/nagios-4.4.5# make install-config
root@sam:~/nagios-4.4.5# make install-commandmode
root@sam:~/nagios-4.4.5# make install-exfoliation

Now, copy event handlers script to libexec directory which provides multiple event triggers for Nagios web interface.
root@sam:~/nagios-4.4.5# cp -R contrib/eventhandlers/ /usr/local/nagios/libexec/
root@sam:~/nagios-4.4.5# chown -R nagios:nagios /usr/local/nagios/libexec/eventhandlers

Now, copy apache configuration to apache sites-available directory. After that add apache user to nagcmd group
root@sam:~/nagios-4.4.5# /usr/bin/install -c -m 644 sample-config/httpd.conf /etc/apache2/sites-available/nagios.conf
root@sam:~/nagios-4.4.5# usermod -a -G nagcmd www-data

3. Install the plugins
Nagios plugins enhance the functionality and add extra value to the product. Download from
https://www.nagios.org/downloads/nagios-plugins/

root@sam:~# wget https://nagios-plugins.org/download/nagios-plugins-2.3.3.tar.gz
root@sam:~# tar -xpf nagios-plugins-2.3.3.tar.gz; cd nagios-plugins-2.3.3/

Configure nagios with open ssh support
check for errors
root@sam:~/nagios-plugins-2.3.3# ./configure --with-nagios-user=nagios --with-nagios-group=nagcmd --with-openssl

Now, same way before, run make command and install the plugins
# make -j 4
# make install


Some configuration change to let nagios to process all config files with .cfg at specified location.
So, just uncomment the line cfg_dir=/usr/local/nagios/etc/servers

Open nagios config file and uncomment the
root@sam:~/nagios-plugins-2.3.3# vi /usr/local/nagios/etc/nagios.cfg
root@sam:~/nagios-plugins-2.3.3# mkdir /usr/local/nagios/etc/servers

If you like, you can change the email address so that you get notification by editing the file below,

root@sam:~/nagios-plugins-2.3.3# vi /usr/local/nagios/etc/objects/contacts.cfg
Change email to your email
email                   nagios@localhost to email your@companyemail.com


Set up Apache with an authentication gateway

Now, set up apache virtual host for nagios and authentication gateway to prevent unauthorized access to your system.

Add following apache configuration to /etc/apache2/conf-available/nagios.conf
root@sam:~/nagios-plugins-2.3.3# vi /etc/apache2/conf-available/nagios.conf

ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"

<Directory "/usr/local/nagios/sbin">
   Options ExecCGI
   AllowOverride None
   Order allow,deny
   Allow from all
   AuthName "Restricted Area"
   AuthType Basic
   AuthUserFile /usr/local/nagios/etc/htpasswd.users
   Require valid-user
</Directory>

Alias /nagios "/usr/local/nagios/share"

<Directory "/usr/local/nagios/share">
   Options None
   AllowOverride None
   Order allow,deny
   Allow from all
   AuthName "Restricted Area"
   AuthType Basic
   AuthUserFile /usr/local/nagios/etc/htpasswd.users
   Require valid-user
</Directory>

Set up authentication gateway to authenticate with user nagiosadmin. You can use different user but but you have to make other configuration changes. This is going ot be Nagios admin user.

root@sam:~/nagios-plugins-2.3.3# htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Now enable the Apache modules and restart apache.
root@sam:~/nagios-plugins-2.3.3# a2enconf nagios
root@sam:~/nagios-plugins-2.3.3# a2enmod cgi rewrite
root@sam:~/nagios-plugins-2.3.3# systemctl restart apache2
root@sam:~/nagios-plugins-2.3.3# echo $?
0

Now, Verify and start Nagios and enable to start @boot
before you use it, verify the configuration.
root@sam:~/nagios-plugins-2.3.3# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
Got the output as ...

Things look okay - No serious problems were detected during the pre-flight check
root@sam:~/nagios-plugins-2.3.3# systemctl status nagios
root@sam:~/nagios-plugins-2.3.3# systemctl start nagios
root@sam:~/nagios-plugins-2.3.3# systemctl status nagios
root@sam:~/nagios-plugins-2.3.3# systemctl enable nagios

If you need to create nagios service, copy the following content to nagios.service since it does not start automatically.
root@sam:~/nagios-plugins-2.3.3# cat /etc/systemd/system/abc123nagios.service.bk
[Unit]
Description=Nagios
BindTo=network.target

[Install]
WantedBy=multi-user.target

[Service]
Type=simple
User=nagios
group=nagcmd
# Remove line below to enable
#ExecStart=/usr/local/nagios/bin/nagios /use/local/nagios/etc/nagios.cfg

once you save it, enable the service
# systemctl enable /etc/systemd/system/nagios.service
# systemctl start nagios

Now, its time to access nagios through the web. It will prompt you for passwd, just use nagiosadmin user and the password you set it for the account

http://your_ip/nagios


Got help from,
https://draculaservers.com/tutorials/install-nagios-ubuntu/
https://linuxconfig.org/install-nagios-on-ubuntu-18-04-bionic-beaver-linux


Posted by at No comments:

Friday, April 10, 2020

Linux - BPF Tools -> high performance packet filtering

eBPF - Berkeley Packet Filter
 enables programmers to write code which gets executed in kernel space in a more secure and restricted environment. Yet this environment enables them to create tools which otherwise would require writing a new kernel module.

eBPF introduces a new syscall, bpf(2). This syscall is used for all eBPF operations like loading programs, attaching them to certain events, creating eBPF maps and access the map contents from tools.


echo "deb [trusted=yes] https://repo.iovisor.org/apt/xenial xenial-nightly main" | sudo tee /etc/apt/sources.list.d/iovisor.list
deb [trusted=yes] https://repo.iovisor.org/apt/xenial xenial-nightly main

# echo "deb [trusted=yes] https://repo.iovisor.org/apt/xenial xenial-nightly main" | sudo tee /etc/apt/sources.list.d/iovisor.list deb [trusted=yes] https://repo.iovisor.org/apt/xenial xenial-nightly main

echo "deb [trusted=yes] https://repo.iovisor.org/apt/xenial xenial-nightly main" | sudo tee /etc/apt/sources.list.d/iovisor.list



root@sam:~# apt-get update
Ign:1 http://dl.google.com/linux/chrome/deb stable InRelease
Get:2 http://dl.google.com/linux/chrome/deb stable Release [943 B]
Get:3 http://dl.google.com/linux/chrome/deb stable Release.gpg [819 B]
Hit:4 http://archive.ubuntu.com/ubuntu bionic InRelease
Err:3 http://dl.google.com/linux/chrome/deb stable Release.gpg
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 78BD65473CB3BD13
Hit:5 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
Ign:6 https://repo.iovisor.org/apt/xenial xenial-nightly InRelease
Hit:7 http://archive.ubuntu.com/ubuntu bionic-backports InRelease
Hit:8 https://repo.iovisor.org/apt/xenial xenial-nightly Release
Hit:9 http://archive.ubuntu.com/ubuntu bionic-security InRelease
Ign:10 https://repo.iovisor.org/apt/xenial xenial-nightly Release.gpg
Fetched 819 B in 1s (1,022 B/s)
Reading package lists... Done
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://dl.google.com/linux/chrome/deb stable Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 78BD65473CB3BD13
W: Failed to fetch http://dl.google.com/linux/chrome/deb/dists/stable/Release.gpg  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 78BD65473CB3BD13
W: Some index files failed to download. They have been ignored, or old ones used instead.
root@sam:~# sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-key 78BD65473CB3BD13
Executing: /tmp/apt-key-gpghome.0CeQj9iCln/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-key 78BD65473CB3BD13
gpg: key 7721F63BD38B4796: 8 duplicate signatures removed
gpg: key 7721F63BD38B4796: 18 signatures not checked due to missing keys
gpg: key 7721F63BD38B4796: "Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>" 17 new signatures
gpg: key 7721F63BD38B4796: "Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>" 1 new subkey
gpg: Total number processed: 1
gpg:            new subkeys: 1
gpg:         new signatures: 17
root@sam:~# sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-key 78BD65473CB3BD13
Executing: /tmp/apt-key-gpghome.gI4uDLvk1F/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-key 78BD65473CB3BD13
gpg: key 7721F63BD38B4796: 8 duplicate signatures removed
gpg: key 7721F63BD38B4796: 18 signatures not checked due to missing keys
gpg: key 7721F63BD38B4796: "Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
root@sam:~# apt-get update
Ign:1 http://dl.google.com/linux/chrome/deb stable InRelease
Get:2 http://dl.google.com/linux/chrome/deb stable Release [943 B]
Get:3 http://dl.google.com/linux/chrome/deb stable Release.gpg [819 B]
Hit:4 http://archive.ubuntu.com/ubuntu bionic InRelease
Ign:5 https://repo.iovisor.org/apt/xenial xenial-nightly InRelease
Hit:6 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
Get:7 http://dl.google.com/linux/chrome/deb stable/main amd64 Packages [1,109 B]
Hit:8 https://repo.iovisor.org/apt/xenial xenial-nightly Release
Hit:9 http://archive.ubuntu.com/ubuntu bionic-backports InRelease
Ign:10 https://repo.iovisor.org/apt/xenial xenial-nightly Release.gpg
Hit:11 http://archive.ubuntu.com/ubuntu bionic-security InRelease
Fetched 1,928 B in 1s (2,201 B/s)
Reading package lists... Done
root@sam:~#

Install BCC tools
root@sam:/usr/share# apt-get install binutils bcc bcc-tools libbcc-examples python-bcc

Add man path and command path
# export MANPATH=$MANPATH:/usr/share/bcc/man
# export PATH=$PATH:/usr/share/bcc/tools
Test with python command

root@sam:/usr/share# python /usr/share/bcc/examples/hello_world.py

# python /usr/share/bcc/examples/tracing/task_switch.py
.................
task_switch[ 4055->    0]=322
task_switch[    0->   34]=1
task_switch[ 3757->29449]=1
task_switch[17211->    0]=5
task_switch[ 4037->17325]=1
task_switch[ 4382-> 4385]=2
task_switch[    0->  487]=1
task_switch[    0-> 4079]=15
task_switch[ 4084->17326]=1
task_switch[ 2346->    0]=1
task_switch[ 3757-> 4385]=1
task_switch[32002-> 3757]=2
task_switch[17327-> 3757]=1


Some BCC tools in ubuntu
1. ardist command displays function marameter values as a histogram or frequency count

root@sam:/usr/share/bcc/tools# ./argdist -h

histogram of buffer sizes passed to the write() function across the system

root@sam:/usr/share/bcc/tools# ./argdist -c -H 'p:c:write(int fd, void *buf, size_t len):size_t:len'

2. biosnop - traces block device I/O (disk I/O), and prints a line of output per I/O
root@sam:/usr/share/bcc/tools# ./biosnoop

root@sam:/usr/share/bcc/tools# iostat -x 1
Command 'iostat' not found, but can be installed with:
apt install sysstat
root@sam:/usr/share/bcc/tools#

3. biolatency - traces block device I/O (disk I/O), and records the distribution of I/O latency
root@sam:/usr/share/bcc/tools# ./biolatency

4. ext4slower - shows I/O slower
root@sam:/usr/share/bcc/tools# ./ext4slower 1

5. bashreadline tool - prints bash commands from all running bash shells on the system
root@sam:/usr/share/bcc/tools# bashreadline
TIME      PID    COMMAND
03:23:13  8277   sh myfile.sh

6. biotop - block device I/O top
root@sam:/usr/share/bcc/tools# biotop


Got idea from
https://opensource.com/article/17/11/bccbpf-performance
http://www.brendangregg.com/bpf-performance-tools-book.html
https://www.amazon.com/gp/reader/0136554822
http://www.brendangregg.com/blog/2019-07-15/bpf-performance-tools-book.html
https://linoxide.com/linux-how-to/bcc-kernel-tracing-tools-linux-performance/
https://github.com/iovisor/bcc
https://www.redhat.com/en/blog/introduction-ebpf-red-hat-enterprise-linux-7
Posted by at No comments:
Subscribe to: Posts (Atom)