Chat / support@radicenter.eu

Tasuta monitoorimistarkvara Linux serverile – Monit

Osa VPS kliente on soovinud installida oma serverile ka graafilise tarkvara teenuste toimivuse paremaks jälgimiseks ning statistika jaoks.
Antud juhend on mõeldud Monit tarkvara installimiseks Debian tüüpi serveritel (testitud Ubuntu 14.04 LTS peal).

Moniti installimisjuhend / konfiguratsioon
Moniti teenuste lisamine
Moniti näidiskood täiendavaks teenuste jälgimiseks
( Vajadusel täiendav rakendus Moniti töö kontrolliks väikese mälumahuga serveril)


1. Uuenda süsteemi pakette ning lae alla Monit tarkvara:

apt-get update
apt-get install monit

2. Rakenda tööle Moniti baaskonf veebiserveri jaoks:

vi /etc/monit/monitrc

(Faili sisu muutmiseks vajuta tähele “i“, salvestamiseks vajuta klahvile “Esc” ja kirjuta “:wq“)
Baaskonfi sätted (porti ja kasutajat/salasõna PEAB muutma):

##Kogu moniti vajaminev konfiguratsioon:
##NB! Kui on vaja midagi antud lisadest kasutada, mis hetkel on "välja kommenteeritud", tuleks antud rea eest eemaldada # märk
set daemon  60           # check services at 1-minute intervals
# set idfile /var/.monit.id
set logfile /var/log/monit.log
##set state file
set statefile /var/lib/monit/state
## Set the list of mail servers for alert delivery. Multiple servers may be
## specified using a comma separator. If the first mail server fails, Monit
## will use the second mail server in the list and so on. By default Monit uses
## port 25 - it is possible to override this with the PORT option.
#
 set mailserver mail.teiedomeen.ee port 587 username teiekasutajakonto@teieserver.ee password XXXxxXXXXxxxXXX using TLSV1               # primary mailserver
#                backup.bar.baz port 10025,  # backup mailserver on port 10025
#                localhost                   # fallback relay
#
## Monit by default uses the following format for alerts if the the mail-format
## statement is missing::
## --8<--
## set mail-format {
##      from: monit@$HOST
##   subject: monit alert --  $EVENT $SERVICE
##   message: $EVENT Service $SERVICE
##                 Date:        $DATE
##                 Action:      $ACTION
##                 Host:        $HOST
##                 Description: $DESCRIPTION
##
##            Your faithful employee,
##            Monit
## }
## --8<--

## You can override this message format or parts of it, such as subject
## or sender using the MAIL-FORMAT statement. Macros such as $DATE, etc.
## are expanded at runtime. For example, to override the sender, use:
#
 set mail-format {
        from: teiekasutajakonto@teieserver.ee
        subject: MONIT alert from $HOST -- $EVENT $SERVICE
}
#
#
## You can set alert recipients whom will receive alerts if/when a
## service defined in this file has errors. Alerts may be restricted on
## events by using a filter as in the second example below.
#
 set alert mail@kuhuteavesaadetakse.ee                       # receive all alerts
## Do not alert when Monit start,stop or perform a user initiated action
# set alert manager@foo.bar not on { instance, action }


##set eventqueue and params
set eventqueue
      basedir /var/lib/monit/events # set the base directory where events will be stored
      slots 100                     # optionally limit the queue size
##set Monit server port and user + password
set httpd port 2828 and
#    use address localhost  # only accept connection from localhost
#    allow localhost        # allow localhost to connect to the server and
    allow admin:monit      # require user 'admin' with password 'monit'
#    allow @monit           # allow users of group 'monit' to connect (rw)
#    allow @users readonly  # allow users of group 'users' to connect readonly

###############################################################################
## Teenuste sätete algus
###############################################################################

###############################################################################
## Teenuste sätete lõpp
###############################################################################

###############################################################################
## Includes
###############################################################################
##
## It is possible to include additional configuration parts from other files or
## directories.
#
   include /etc/monit/conf.d/*
#


3. Muuda Monit kontrollfaili/seadete faili, lisades sinna teenuseid vastavalt (Sätete alguse ja lõpu vahele):

## Check general system resources such as load average, cpu and memory
## usage. Each test specifies a resource, conditions and the action to be
## performed should a test fail.
#
#  check system myhost.mydomain.tld
#    if loadavg (1min) > 4 then alert
#    if loadavg (5min) > 2 then alert
#    if memory usage > 75% then alert
#    if swap usage > 25% then alert
#    if cpu usage (user) > 70% then alert
#    if cpu usage (system) > 30% then alert
#    if cpu usage (wait) > 20% then alert
#
###
##Kontrolli veebiserveri Apache toimivust
###
check process apache with pidfile /var/run/apache2/apache2.pid
    start program = "/etc/init.d/apache2 start" with timeout 60 seconds
    stop program  = "/etc/init.d/apache2 stop"

###
##Kontrolli MySQL andmebaasi toimivust
###
check process mysqld with pidfile /var/run/mysqld/mysqld.pid
    start program = "/etc/init.d/mysql start"
    stop program = "/etc/init.d/mysql stop"
    if failed host 127.0.0.1 port 3306 then restart
    if 10 restarts within 10 cycles then timeout

###
##Kontrolli WebMin/Virtualmin toimivust
###
#check process webmin with pidfile /var/webmin/miniserv.pid
#   group webmin
#   start program = "/etc/init.d/webmin start"
#   stop  program = "/etc/init.d/webmin stop"
#   if failed host 127.0.0.1 port 10000 then restart
#   if 20 restarts within 20 cycles then timeout
#
# check file webmin_rc with path /etc/init.d/webmin
#   group webmin
#   if failed checksum then unmonitor
#   if failed permission 755 then unmonitor
#   if failed uid root then unmonitor
#   if failed gid root then unmonitor
#
###
##Kontrolli SSH serveri toimivust
###
check process sshd with pidfile /var/run/sshd.pid
   start program  "/etc/init.d/ssh start"
   stop program  "/etc/init.d/ssh stop"
   if failed port 22 protocol ssh then restart
   if 5 restarts within 5 cycles then timeout

###
##Kontrolli turvalisusprogrammi fail2ban toimivust
###
#check process fail2ban with pidfile /var/run/fail2ban/fail2ban.pid
#   start program  "/etc/init.d/fail2ban start"
#   stop program  "/etc/init.d/fail2ban stop"

###
##Kontrolli Mailiserveri Postfix toimivust
###
#check process postfix with pidfile /var/spool/postfix/pid/master.pid
#   group mail
#   start program = "/etc/init.d/postfix start"
#   stop  program = "/etc/init.d/postfix stop"
#   if failed port 25 protocol smtp then restart
#   if 10 restarts within 10 cycles then timeout
#   depends on postfix_rc
#
# check file postfix_rc with path /etc/init.d/postfix
#   group mail
#   if failed checksum then unmonitor
#   if failed permission 755 then unmonitor
#   if failed uid root then unmonitor
#   if failed gid root then unmonitor
#
###
##Kontrolli ProFTP serveri toimivust
###
#check process proftpd with pidfile /var/run/proftpd.pid
#   start program = "/etc/init.d/proftpd start"
#   stop program  = "/etc/init.d/proftpd stop"
#   if failed port 21 protocol ftp then restart
#   if 10 restarts within 10 cycles then timeout
#

4. Kui antud konfiguratsioonifail on salvestatud, kontrolli setingute paikkapidavust:

monit -t

5. Taaskäivita monit tarkvara:

monit restart

Kui kõik läks hästi, on teil täisfunktsionaalne süsteemsete teenuste monitor koos teavitusvõimalusega
Teenuste staatust saate näha ka käsuga:

monit summary


Näidiskoode Monit tarkvara jaoks:

###
##Täpsem apache näidisconf lisavõimaluste kopeerimiseks vajadusel:
###
#  check process apache with pidfile /usr/local/apache/logs/httpd.pid
#    start program = "/etc/init.d/httpd start" with timeout 60 seconds
#    stop program  = "/etc/init.d/httpd stop"
#    if cpu > 60% for 2 cycles then alert
#    if cpu > 80% for 5 cycles then restart
#    if totalmem > 200.0 MB for 5 cycles then restart
#    if children > 250 then restart
#    if loadavg(5min) greater than 10 for 8 cycles then stop
#    if failed host www.tildeslash.com port 80 protocol http
#       and request "/somefile.html"
#       then restart
#    if failed port 443 type tcpssl protocol http
#       with timeout 15 seconds
#       then restart
#    if 3 restarts within 5 cycles then timeout
#    depends on apache_bin
#    group server
#
###
##Failide jälgimiseks näidis:
###
#  check filesystem datafs with path /dev/sdb1
#    start program  = "/bin/mount /data"
#    stop program  = "/bin/umount /data"
#    if failed permission 660 then unmonitor
#    if failed uid root then unmonitor
#    if failed gid disk then unmonitor
#    if space usage > 80% for 5 times within 15 cycles then alert
#    if space usage > 99% then stop
#    if inode usage > 30000 then alert
#    if inode usage > 99% then stop
#    group server
#
#
## Check a file's timestamp. In this example, we test if a file is older
## than 15 minutes and assume something is wrong if its not updated. Also,
## if the file size exceed a given limit, execute a script
#
#  check file database with path /data/mydatabase.db
#    if failed permission 700 then alert
#    if failed uid data then alert
#    if failed gid data then alert
#    if timestamp > 15 minutes then alert
#    if size > 100 MB then exec "/my/cleanup/script" as uid dba and gid dba
#
#
## Check directory permission, uid and gid.  An event is triggered if the
## directory does not belong to the user with uid 0 and gid 0.  In addition,
## the permissions have to match the octal description of 755 (see chmod(1)).
#
#  check directory bin with path /bin
#    if failed permission 755 then unmonitor
#    if failed uid 0 then unmonitor
#    if failed gid 0 then unmonitor
#
###
##Kontrolli võrgus oleva teise serveri saadavust - näidis:
###
## Check a remote host availability by issuing a ping test and check the
## content of a response from a web server. Up to three pings are sent and
## connection to a port and an application level network check is performed.
#
#  check host myserver with address 192.168.1.1
#    if failed icmp type echo count 3 with timeout 3 seconds then alert
#    if failed port 3306 protocol mysql with timeout 15 seconds then alert
#    if failed url http://user:password@www.foo.bar:8080/?querystring
#       and content == 'action="j_security_check"'
#       then alert
#

 


Lisainfo:
Osadel juhtudel väikese mälumahuga serveritel ja minimaalse konfiguratsiooni korral võib virtuaalmälu täis saades ka Monit tarkvara crashida. Selleks soovitan kasutada järgnevat programmi ning siduda see serveri Cron'ide tööga:
1. Genereerime /root kausta faili:

vi services_check.sh

 

(Faili sisu muutmiseks vajuta tähele "i", salvestamiseks vajuta klahvile "Esc" ja kirjuta ":wq")
2. Lisame sinna vajaliku koodi:

#!/bin/sh
SERVICE=monit

if ps ax | grep -v grep | grep $SERVICE > /dev/null
then
    echo "$SERVICE service running, everything is fine"
else
    echo "$SERVICE is not running"
    echo "$SERVICE is not running!" | sudo mail -s "$SERVICE down - Restarting that service!" mail@kuhuteavesaadetakse.ee
   sudo /etc/init.d/$SERVICE start
fi

3. Peale salvestamist määrame failiõigused:

chmod 755 services_check.sh

4. Lisame antud faili Linuxi süsteemsete tööde alla:

crontab -e

(Faili sisu muutmiseks vajuta tähele "i", salvestamiseks vajuta klahvile "Esc" ja kirjuta ":wq")
Lisame crontab faili lõppu rea:

#kontrollib iga 2 minuti tagant failis oleva teenuse toimivust
*/2 * * * * /root/services_check.sh

Comments are currently closed.

See veebileht kasutab küpsiseid, mis aitavad teha lehe külastamise mugavamaks. Meie veebilehte külastades nõustute meiepoolse küpsiste kasutamisega.
Sain aru.