Category Archives: CentOS

CentOS 6.3 Sensu

Почему Sonian отказались от использования Nagios и написали свой monitoring framework Sensu

Система на которой будем устанавливать Sensu CentOS 6.3 x64 c подключенным репозиторием EPEL

# cat /etc/issue
CentOS release 6.3 (Final)
# uname -rm
2.6.18-028stab077.1 x86_64
# yum repolist | grep epel
 * epel: epel.mirror.constant.com
*epel  Extra Packages for Enterprise Linux 6 - x86_64

Установка Sensu

Sensu server node

rabbitmq
redis
sensu-server / sensu-client / sensu-api / sensu-dashboard

Sensu client node

sensu-client

Установим RabbitMQ

# yum install erlang
# rpm --import http://www.rabbitmq.com/rabbitmq-signing-key-public.asc
# rpm -Uvh http://www.rabbitmq.com/releases/rabbitmq-server/v2.8.7/rabbitmq-server-2.8.7-1.noarch.rpm

Сконфигурируем RabbitMQ SSL

# yum install git git-core
# git clone git://github.com/joemiller/joemiller.me-intro-to-sensu.git
# cd joemiller.me-intro-to-sensu/
# ./ssl_certs.sh clean
# ./ssl_certs.sh generate
# mkdir /etc/rabbitmq/ssl
# cp server_key.pem /etc/rabbitmq/ssl/
# cp server_cert.pem /etc/rabbitmq/ssl/
# cp testca/cacert.pem /etc/rabbitmq/ssl/

Создаем RabbitMQ /etc/rabbitmq/rabbitmq.config

[
    {rabbit, [
    {ssl_listeners, [5671]},
    {ssl_options, [{cacertfile,"/etc/rabbitmq/ssl/cacert.pem"},
                   {certfile,"/etc/rabbitmq/ssl/server_cert.pem"},
                   {keyfile,"/etc/rabbitmq/ssl/server_key.pem"},
                   {verify,verify_peer},
                   {fail_if_no_peer_cert,true}]}
  ]}
].

Устанавливаем RabbitMQ management console

# rabbitmq-plugins enable rabbitmq_management
The following plugins have been enabled:
  mochiweb
  webmachine
  rabbitmq_mochiweb
  amqp_client
  rabbitmq_management_agent
  rabbitmq_management
Plugin configuration has changed. Restart RabbitMQ for changes to take effect.

Прописываем RabbitMQ в автозагрузку и запускаем

# chkconfig rabbitmq-server on
# chkconfig --list | grep rabbit
rabbitmq-server 0:off   1:off   2:on    3:on    4:on    5:on    6:off
# service rabbitmq-server start
Starting rabbitmq-server: SUCCESS
rabbitmq-server.

Протокол amqp должен слушать порт 5672, amqp/ssl порт 5671.

# netstat -nlp | grep 567
tcp        0      0 0.0.0.0:55672    0.0.0.0:*   LISTEN      54463/beam.smp
tcp        0      0 :::5671          :::*        LISTEN      54463/beam.smp
tcp        0      0 :::5672          :::*        LISTEN      54463/beam.smp

Проверим Web UI

http://IP.IP.IP.IP:55672
Username: guest
Password: guest

Создадим RabbitMQ виртуальный хост и пользователя для Sensu

# rabbitmqctl add_vhost /sensu
# rabbitmqctl add_user sensu your_password
# rabbitmqctl set_permissions -p /sensu sensu ".*" ".*" ".*"

Результат
RabbitMQ management console

Установим Redis

# yum install redis
# rpm -qa | grep redis
redis-2.4.10-1.el6.x86_64

Прописываем Redis в автозагрузку и запускаем

# chkconfig redis on
# chkconfig --list | grep redis
redis           0:off   1:off   2:on    3:on    4:on    5:on    6:off
# service redis start
Starting redis-server:                                     [  OK  ]

Создадим Sensu.repo

# cat /etc/yum.repos.d/Sensu.repo
[sensu]
name=sensu-main
baseurl=http://repos.sensuapp.org/yum/el/6/$basearch/
gpgcheck=0
enabled=1

Устанавливаем Sensu

# yum install sensu

Прописываем сервисы Sensu server node в автозагрузку

# chkconfig sensu-server on
# chkconfig sensu-api on
# chkconfig sensu-client on
# chkconfig sensu-dashboard on

Сконфигурируем Sensu

Скопируем SSL client key + cert которые мы создавали ранее

# # mkdir -p  /etc/sensu/ssl/
# cp client_key.pem client_cert.pem  /etc/sensu/ssl/

Конфигурационный файл Sensu server node /etc/sensu/config.json

{
  "rabbitmq": {
  "ssl": {
          "private_key_file": "/etc/sensu/ssl/client_key.pem",
          "cert_chain_file": "/etc/sensu/ssl/client_cert.pem"
         },
    "host": "localhost",
    "port": 5671,
    "user": "sensu",
    "password": "your_password",
    "vhost": "/sensu"
  },
  "redis": {
    "host": "localhost",
    "port": 6379
  },
  "api": {
    "host": "localhost",
    "port": 4567
  },
  "dashboard": {
    "port": 8080,
    "user": "admin",
    "password": "secret"
  },
  "handlers": {
    "default": {
      "type": "set",
      "handlers": [
        "stdout"
      ]
    },
    "stdout": {
      "type": "pipe",
      "command": "cat"
    }
  },
  "checks": {
    "test": {
      "command": "echo -n OK",
      "subscribers": [
        "test"
      ],
      "interval": 60
    }
  },
  "client": {
    "name": "localhost",
    "address": "127.0.0.1",
    "subscriptions": [
      "test"
    ]
  }
}

Запускаем сервисы Sensu

# service sensu-server start
Starting sensu-server                                      [  OK  ]
# service sensu-api start
Starting sensu-api                                         [  OK  ]
# service sensu-client start
Starting sensu-client                                      [  OK  ]
# service sensu-dashboard start
Starting sensu-dashboard                                   [  OK  ]

Результат
Sensu monitoring framework

Установка Sensu client node происходит аналогичным образом, только запускать необходимо один сервис

# service sensu-client start

Добавим тестовую проверку

Устанавливаем check скрипт

# yum install rubygems ruby-devel make gcc
# gem install sensu-plugin --no-rdoc --no-ri
Building native extensions.  This could take a while...
Successfully installed json-1.7.5
Successfully installed mixlib-cli-1.2.2
Successfully installed sensu-plugin-0.1.4
3 gems installed

Скачиваем и устанавливаем check-procs.rb

# cd /etc/sensu/plugins
# wget https://raw.github.com/sensu/sensu-community-plugins/master/plugins/processes/check-procs.rb
# chmod 755 /etc/sensu/plugins/check-procs.rb

Добавим Handler

# cat /etc/sensu/conf.d/handler_email.json
{
  "handlers": {
    "email": {
      "type": "pipe",
      "command": "mail -s 'Sensu Alert' admin@sensu"
    }
  }
}

В проверке изменяем handlers

# grep handlers /etc/sensu/conf.d/check_cron.json
        "handlers": ["default", "email"],

Для теста останавливаем сервис crond

# service crond stop

Через минуту проверяем Dashboard и email
Sensu_Check