Icinga2 on CentOS7

icinga_logo

A Software to monitor the health of an infrastructure is a vital component to a good system administrator.

After looking arround for open source software i decided to give Icinga2 a try.

Icinga2 is a fork of Nagios (it’s a good start) and looks much cooler ūüôā (IMO The cool factor is very important)

CentOS7 was the choice for the Operating System.

After reading the documentation in Icinga website and having some trouble i decided to add some crucial steps that i had to take to perform a successful installation.

All the steps described are performed as root user

First thing firts, after CentOS installation update your system:

# yum update

Now add the Icinga repository to your package management configuration

# rpm --import http://packages.icinga.org/icinga.key
# curl -o /etc/yum.repos.d/ICINGA-release.repo http://packages.icinga.org/epel/ICINGA-release.repo
# yum makecache

Install Icinga2

# yum install icinga2
# systemctl enable icinga2
# systemctl start icinga2

Congratulations Icinga2 is installed.

CheckPlugins

It’s time to install the checkplugins.

As Icinga2 is a Nagios fork we are going ot install the same plugins for it to work properly by installing the Monitoring Plugins.

# wget https://www.monitoring-plugins.org/download/monitoring-plugins-2.1.2.tar.gz
# yum install gcc
# gzip -dc monitoring-plugins-2.x.tar.gz | tar -xf -
# cd monitoring-plugins-2.x
# ./configure
# make
# make install

Vim editor

Icinga2 comes with some color schemes for vim that you can install by

# PREFIX=~/.vim
# mkdir -p $PREFIX/{syntax,ftdetect}
# cd /usr/share/doc/icinga2-common-2.4.1/syntax/
# cp vim/syntax/icinga2.vim $PREFIX/syntax/
# cp vim/ftdetect/icinga2.vim $PREFIX/ftdetect/

Lets change the installation directory of the plugins from /urs/lib64/* to /urs/local/libexec in the constants.conf file of icinga2. The file is in /etc/icinga2

# cd /etc/icinga2
# vim constants.conf

Creating a systemctl for Icinga2

# systemctl enable icinga2
# systemctl start icinga2

Icinga Web 2 interface

At this point Icinga2 is istalled and configured.
Icinga 2 can be used with Icinga Web 2 and a number of other web interfaces.
For now i am going to install Icinga Web 2.
Firts we are going to install MySQL

# yum install mariadb-server mariadb
# systemctl enable mariadb
# systemctl start mariadb
# mysql_secure_installation

Now install install the icinga2-ido-mysql package

# yum install icinga2-ido-mysql

MySQL setup and configuration

# mysql -u root -p
mysql>  CREATE DATABASE icinga;
        GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icinga.* TO 'icinga'@'localhost' IDENTIFIED BY 'icinga';
# mysql -u root -p icinga < /usr/share/icinga2-ido-mysql/schema/mysql.sql

Enable the IDO MySQL module

# icinga2 feature enable ido-mysql
# systemctl restart icinga2

WebServer install

If you did not install the CenOS web server you need to install httpd

# yum install httpd
# systemctl enable httpd
# systemctl start httpd

Firewall

Add some rules to permit access to the web server

# firewall-cmd --add-service=http
# firewall-cmd --permanent --add-service=http

Command Pipe

For the Icinga2 to receive commands from the Icinga Web 2 you need to enable the command pipe

# icinga2 feature enable command
# systemctl restart icinga2

Icinga Web 2 interface installation

Setting up package repository

# rpm --import http://packages.icinga.org/icinga.key
# curl -o /etc/yum.repos.d/ICINGA-release.repo http://packages.icinga.org/epel/ICINGA-release.repo
# yum makecache

EPEL install

# yum install epel-release

PHP install

# yum install php php-mysql

Don’t forget to change the date.timezone in¬†/etc/php.ini

Let’s install the web interface

# yum install icingaweb2 icingacli

And now lets prepare for the web setup

# icingacli setup token create

Run this command to mitigate an error at the web setup

chcon -R -t httpd_sys_rw_content_t /etc/icingaweb2/

Copy the token and access the site:
http://<server-ip>/icingaweb2/setup
past the token and continue the setup
If the website does not open restart the httpd by running:

# systemctl restart http

For the web interface to work (send commands to your icinga server) you need to disable SELinx in your system.
To do that just edit the file /etc/selinux/confing and change the enforcing to disabled.

Advertisements

VMware ESXi server hardware

I have a VMware infrastructure in my company and it’s time to make a hardware upgrade.

All my server are up and running and i can’t shut them down, how can i check how many slots of physical memory RAM are free? It’s as simple as running on the ESXi Shell the command:

smbiosDump

This command will list all the hardware on the server and all you need to find is the
Memory Device section an in Size you’ll see the size of the memory that is installed or it says Size: no memory installed all you have to do is count the ones that says that.

Access Cisco Firewall through Telnet using Python

In my company we have a couple of VPN’s configured and one of the VPN’s is essential to the core business of the company.

That particular VPN from time to time freezes and i need to disconnect it, but that isn’t always a simple task as when i am in vacations i don’t have access to internet so i needed a way for users to be able to disconnect the VPN themselves. The solution was a python script that connects to the Cisco equipment through¬†telnet using the telnetlib.

This is the script:

import telnetlib

pwd1 = “password
pwd2 = “enable_password
cmdVpn = “vpn-sessiondb logoff ipaddress 1.0.0.0”
cmdEn = “enable”
host = “10.60.2.254”

tn = telnetlib.Telnet(host)
##tn.set_debuglevel(5)

tn.read_until(“:”)
tn.write(pwd1 + “\n”)
tn.read_until(“ciscoasa>”)
tn.write(cmdEn + “\n”)
tn.read_until(“:”)
tn.write(pwd2 + “\n”)
tn.read_until(“ciscoasa#”)
tn.write(cmdVpn + “\n”)
tn.read_until(“[confirm]”)
tn.write(“\n”)
tn.read_until(“ciscoasa#”)
tn.write(“exit”+”\n”)
print tn.read_all()
tn.close()
print “Operation completed”

Windows 2008 – Running a Scheduled Task after another

I had a problem with my Windows 2008 SQL Server.

I have a scheduled task to handle the backups of the backups with robocopy and a very small disk.

I thought i could just delete the files after copying them to a network drive, but this is a lot harder than it look.

It looks like Windows Task Scheduler does not permit to run a task after another one has finished despite  the existence of an event log showing the task starting, running and completing.

However it is possible to define Custom Event, though the standard filter does not allow much control over the selection of the events.

So i found this XML to place in the Custom Event

1 2 3 4

Now insert this XML in the text box and where you read copy backup replace with the name of your previous task:

<QueryList> 
   <Query Id="0" Path="Microsoft-Windows-TaskScheduler/Operational"> 
      <Select Path="Microsoft-Windows-TaskScheduler/Operational">*[EventData [@Name='TaskSuccessEvent'][Data[@Name='TaskName']='\copy backup']]</Select> 
   </Query> 
</QueryList>

VMware Broker

This is a tutorial on how to install the VMware broker.

Download the VMware View Connection Server 5 (in my case) and start the installation process.

Keep clicking next until you get the Installation Options screen. In my case i am going to choose “View Replica Server” because i already have a VMware infrastructure.

vmware_1

Click next.

Now you must type the VMware server ip address or hostname

vmware_1

Click next and don’t forget to choose “Configure Windows Firewall Automatic”

It’s done, now just access the http://localhost/admin and if you go to View Configuration – Servers in the View Connection Servers tab you’ll find your new server.