Deploying Nagios: Difference between revisions

From The Opensource Knowledgebase
Jump to navigation Jump to search
First Draft of Nagios wiki
 
 
(One intermediate revision by the same user not shown)
Line 4: Line 4:
|
|
<pre>
<pre>
App Server: Redmine
App Server: Nagios
Network   : 172.16.141.0/24
Network   : 172.16.141.0/24
IP Address : 172.16.141.101
IP Address : 172.16.141.110
Subnet Mask: 255.255.255.0
Subnet Mask: 255.255.255.0
Gateway: 172.16.141.1
Gateway: 172.16.141.1
Line 12: Line 12:
sudo user: kedar
sudo user: kedar


Container: db1
Container: test-server
Network: 172.16.141.0/24
Network: 172.16.141.0/24
IP Address : 172.16.141.97
IP Address : 172.16.141.102
Subnet Mask: 255.255.255.0
Subnet Mask: 255.255.255.0
Gateway: 172.16.141.1
Gateway: 172.16.141.1
Line 23: Line 23:
|}
|}
=Before you proceed=
=Before you proceed=
The domain used here is '''networked.com'''. This is used only for demonstration and required dns entries for this domain have already been done to the host file to make the domain and any subdomains reachable on the network. This domain may be owned by someone else and we do not know who it is and we are not linked to them. Redmine configured for this domain in this 'howto' is not reachable on public IP. If you try networked.com and find any material that may be suitable / unsuitable to you, we are not the owners of the same and we are not responsible for the content.
This how to article will explain how to install Nagios Core 4 monitoring server on Ubuntu 24.04. This 'how to' will also include installing Nagios Plugins to monitor various parameters of Linux servers. This may not be the most optimal way of installing Nagios server but will help users to understand how to Nagios works, what are the various aspects of Nagios. It will include some sample configs for switches and Linux servers. A lot of documentation is available for extending the capabilities of Nagios and it is not in scope of this article.


=Introduction=
=Introduction=
* Installation of Redmine with FQDN as: <nowiki>https://redmine.networked.com</nowiki>
* Install Nagios 4 Core on Ubuntu Server - 172.16.141.110
* Apache2 web server will be used and the root folder will be: /opt/redmine/
* Install Nagios Plugins on the Nagios Monitoring server
* Postgre SQL server will be used as a database server
* Install NRPE and Nagios plugins on another Linux server which needs to be monitored - 172.16.141.102
* The site will be hosted on port number: 443
* Access the web interface to check the status of various parameters of the both the servers
* Self signed SSL certificates will be used.
* Host entry to ensure this website is reachable is done in the user PC, in absence of a DNS


=Pre-requisites installation=
=Pre-requisites=
* Log into the appserver / webserver (ssh kedar@172.16.141.101) and run the below commands
* Log into the Nagios server - ssh kedar@172.16.141.110) and run the below commands
<pre>
<pre>
sudo apt-get update && sudo apt-get upgrade -y
sudo apt install apache2 php8.3 libapache2-mod-php8.3 php8.3-gd wget snmp snmpd build-essential openssl libssl-dev unzip sendmail snmp-mibs-downloader nano curl autoconf gcc make libgd-dev libmcrypt-dev libssl-dev dc libnet-snmp-perl gettext inetutils-ping net-tools
sudo apt install -y apache2 ruby ruby-dev build-essential libapache2-mod-passenger nano openssl postgresql-client git
</pre>
</pre>
* If you are using MySQL (not recommended as some plugins for Redmine need PostgreSQL), replace postgresql-client with libmysqlclient-dev and mysql-client
* Add relevant Nagios user and user groups that will be used to run nagios
 
=DB Server Installation & DB Creation=
==PostgreSQL Installation==
* Login to postgresql server - ssh kedar@172.16.141.97 and run the following commands
<pre>
$ sudo apt install -y postgresql
 
Check if the service is running
$ sudo systemctl status postgresql
 
Set a password for the default postgresql user
$ sudo -u postgres psql
postgres=# ALTER USER postgres WITH ENCRYPTED PASSWORD '123456';
postgres=# \q
</pre>
* This will exit to $ prompt
==Enable Remote access of the DB==
* At the end of the file /etc/postgresql/16/main/pg_hba.conf add
<pre>
$ sudo nano /etc/postgresql/16/main/pg_hba.conf
 
host    all            all            0.0.0.0/0              md5
</pre>
* Edit the following file and make relevant change
<pre>
$ sudo nano /etc/postgresql/16/main/postgresql.conf
 
# - Connection Settings -
...
listen_addresses = '*'  (you can either add * to allow any remote server to connect or you can specify an IP address)
...
</pre>
 
==Redmine Database Creation==
<pre>
$ sudo -u postgres psql
postgres=# CREATE ROLE redmine LOGIN ENCRYPTED PASSWORD '123456' NOINHERIT VALID UNTIL 'infinity';
postgres=# CREATE DATABASE redmine WITH ENCODING='UTF8' OWNER=redmine;
postgres=# \q
</pre>
 
=Create self signed certificates=
* Log into the appserver / webserver and run the below commands
<pre>
<pre>
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/redmine.key -out /etc/ssl/certs/redmine.crt
$ sudo useradd nagios
$ sudo groupadd nagcmd
$ sudo usermod -a -G nagcmd nagios
$ sudo usermod -a -G nagcmd www-data
</pre>
</pre>
* You can use a commercial self signed certificate if you have one or can also use free Lets Encrypt certificate
* Using Lets Encrypt certificates is out of scope of this howto


=Redmine Installation=
=Installing Nagios=
* This has three steps
* Log into the Nagios server - ssh kedar@172.16.141.110) and run the below commands. This will download Nagios source and Nagios plugins source on the Nagios server from where Nagios will be compiled and installed.
** Download Redmine
** Make changes to the configuration file
** Install Redmine
==Download Redmine==
* Login to the Redmine app server: ssh kedar@172.16.141.101
<pre>
<pre>
$ cd /opt
$ wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.5.7.tar.gz  
/opt$ sudo wget https://www.redmine.org/releases/redmine-5.1.3.tar.gz
$ wget http://www.nagios-plugins.org/download/nagios-plugins-2.4.11.tar.gz  
/opt$ sudo tar -xvzf redmine-5.1.3.tar.gz
/opt$ sudo ln -s redmine-5.1.3 redmine
/opt$ ls -l
 
It will look like this
lrwxrwxrwx  1 root    root          13 Oct 25 07:05 redmine -> redmine-5.1.3
drwxr-xr-x 17 root    root        4096 Oct 25 07:18 redmine-5.1.3
-rw-r--r--  1 root    root    3251273 Jun 12 00:45 redmine-5.1.3.tar.gz
</pre>
</pre>
* After all the configurations are done and installation is done, ownership of Redmine folder will be with the apache web server user www-data
* Extract and change directory to Nagios
==Make Configuration Changes==
* Make changes to the database yml file
<pre>
<pre>
$ cd /opt/redmine
$ tar -xvf nagios-4.5.7.tar.gz
/opt/redmine$ sudo cp config/database.yml.example config/database.yml
$ cd nagios-4.5.7
nagios-4.5.7 $ ./configure --with-nagios-group=nagios --with-command-group=nagcmd --with-mail=/usr/sbin/sendmail
nagios-4.5.7$ make all
nagios-4.5.7$ sudo make install
nagios-4.5.7$ sudo make install-commandmode
nagios-4.5.7$ sudo make install-init
nagios-4.5.7$ sudo make install-config
nagios-4.5.7$ sudo /usr/bin/install -c -m 644 sample-config/httpd.conf /etc/apache2/sites-available/nagios.conf
nagios-4.5.7$ sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
</pre>
</pre>
* The file should look like this
* Create Nagios Service by adding the below code in the file: sudo nano /etc/systemd/system/nagios.service
<pre>
<pre>
production:
[Unit]
  adapter: postgresql
Description=Nagios
  database: redmine
BindTo=network.target
  host: 172.16.141.97
  username: redmine
  password: "123456"
  encoding: utf8
  #variables:
    # Recommended `transaction_isolation` for MySQL to avoid concurrency issues is
    # `READ-COMMITTED`.
    # In case of MySQL lower than 8, the variable name is `tx_isolation`.
    # See https://www.redmine.org/projects/redmine/wiki/MySQL_configuration
    #transaction_isolation: "read committed"
</pre>
* The variables section as shown above needs to be completely commented out to avoid any errors while installing. Common errors like 'Undefined method `stringify_keys' will come up if the variables section is not completely commented out.
* Don't make any change to 'Development' and 'Test' section of the file right now. Configuring these sections is out of scope of this howto


==Install Redmine==
[Install]
* Before you begin, check if the postgresql server is reachable from the Redmine server
WantedBy=multi-user.target
<pre>
$ psql -U redmine -p 5432 -h 172.16.141.97
On entering password, one will get the redmine prompt confirming that the user id & password is correct and Redmine server is able to connect to the PostgreSQL server.
redmine=>
</pre>
* From the Redmine directory run the following commands one after the other. Since Ubuntu 22.04, all these commands will have to be run using sudo. While running the commands using sudo, there will be warnings saying, do not run these commands using root or privileged user -ignore all of the warnings
<pre>
$ cd /opt/redmine
/opt/redmine$ sudo gem install bundler
/opt/redmine$ sudo bundle install
/opt/redmine$ sudo bundle exec rake generate_secret_token
/opt/redmine$ sudo RAILS_ENV=production bundle exec rake db:migrate
/opt/redmine$ sudo RAILS_ENV=production bundle exec rake redmine:load_default_data
</pre>
* If there are no errors, redmine installation is complete and now Webserver needs to be configured to serve Redmine to users


=Configure Apache webserver=
[Service]
* The root folder needs to have the owner as the local user (not root) which in this case is kedar. Hence set the permissions on the snipe folder first before installing the dependencies
Type=simple
<pre>
User=nagios
sudo chown -R www-data:www-data /opt/redmine/
Group=nagios
ExecStart=/usr/local/nagios/bin/nagios /usr/local/nagios/etc/nagios.cfg
</pre>
</pre>
* Create virtual host for the website in /etc/apache2/sites-available/
* Enable and restart Nagios, Apache
<pre>
<pre>
cd /etc/apache2/sites-available
$ sudo systemctl enable /etc/systemd/system/nagios.service
sudo a2dissite 000-default.conf
$ sudo a2ensite nagios.conf  
sudo a2dissite default-ssl.conf
$ sudo a2enmod rewrite
sudo nano redmine.conf
$ sudo a2enmod cgi
$ sudo systemctl start nagios
$ sudo systemctl restart apache2
</pre>
</pre>
* Add the below configuration in the snipe.conf file
* Nagios server is now installed
=Install Nagios Plugins=
* On the Nagios server, extract the Nagios plugins folder and compile
<pre>
<pre>
<VirtualHost *:443>
$ tar -xvf nagios-plugins-2.4.11.tar.gz
                ServerName      redmine.networked.com
$ cd nagios-plugins-2.4.11
                ServerAlias    redmine
nagios-plugins-2.4.11 $ ./compile --with-nagios-user=nagios --with-nagios-group=nagios
                ServerAdmin    fakeid@gmail.com
nagios-plugins-2.4.11 $ sudo make
                DocumentRoot    /opt/Redmine/
nagios-plugins-2.4.11 $ sudo make install
 
$ sudo systemctl restart nagios
                ErrorLog ${APACHE_LOG_DIR}/error.log
$ sudo systemctl restart apache2
                CustomLog ${APACHE_LOG_DIR}/access.log combined
                SSLEngine on
                SSLCertificateFile      /etc/ssl/certs/redmine.crt
                SSLCertificateKeyFile /etc/ssl/private/redmine.key
                <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>
        </VirtualHost>
</pre>
</pre>
* Enable the site and Restart apache service
=Check Localhost=
* With the above, Nagios and Nagios plugins have been installed
* Open any browser and type: http://<server-ip>/nagios
* It will prompt for user id & password: User I'd is nagiosadmin and password what you had kept while installing Nagios above
* You should be able to see all the services green for the host
=Monitoring other hosts=
* Install pre-requisites on the Linux host you want to monitor
<pre>
<pre>
sudo a2ensite redmine.conf
$ sudo apt install wget build-essential openssl libssl-dev unzip sendmail nano curl autoconf gcc make libgd-dev libmcrypt-dev libssl-dev dc inetutils-ping net-tools
sudo a2enmod rewrite ssl
sudo sysemctl restart apache2
</pre>
</pre>
 
* Install
=Finalize the installation=
* Using a browser navigate to https://redmine.networked.com
* Accept the self-signed certificate error
* Enter the default user id & password as : admin (uid & password are admin)
* It will ask you to change the password for the default admin user
* Finally Login using the user created
* Explore various plugins
=Conclusion=
* We have a working Redmine instance hosted with an apache web server and postgresql server.
* Explore various plugins. Some common plugins include but not limited to are
** Issue Charts Plugin
** Redmine Agile Plugin
** Redmine Checklist Plugin
** Redmine Email fetcher plugin
** Redmine Helpdesk Plugin
** Redmine issue history plugin
** Redmine Mentions
** [https://github.com/kontron/redmine_oauth Redmine OAuth plugin] (Supports Google, Azure AD, Okta and many more)
** Simple Author Change plugin
** Sidebar hide plugin
* There are commercial versions of Redmine developed by third party solution providers with a lot of features. One such example is RedmineUP - https://www.redmineup.com/pages/plugins/helpdesk


=References=
=References=

Latest revision as of 10:04, 30 October 2024

Setup Details 
App Server: Nagios
Network	  : 172.16.141.0/24
IP Address : 172.16.141.110
Subnet Mask: 255.255.255.0
Gateway: 172.16.141.1
DNS: 8.8.8.8
sudo user: kedar

Container: test-server
Network: 172.16.141.0/24
IP Address : 172.16.141.102
Subnet Mask: 255.255.255.0
Gateway: 172.16.141.1
DNS: 8.8.8.8
sudo user: kedar

Before you proceed

This how to article will explain how to install Nagios Core 4 monitoring server on Ubuntu 24.04. This 'how to' will also include installing Nagios Plugins to monitor various parameters of Linux servers. This may not be the most optimal way of installing Nagios server but will help users to understand how to Nagios works, what are the various aspects of Nagios. It will include some sample configs for switches and Linux servers. A lot of documentation is available for extending the capabilities of Nagios and it is not in scope of this article.

Introduction

  • Install Nagios 4 Core on Ubuntu Server - 172.16.141.110
  • Install Nagios Plugins on the Nagios Monitoring server
  • Install NRPE and Nagios plugins on another Linux server which needs to be monitored - 172.16.141.102
  • Access the web interface to check the status of various parameters of the both the servers

Pre-requisites

  • Log into the Nagios server - ssh kedar@172.16.141.110) and run the below commands
sudo apt install apache2 php8.3 libapache2-mod-php8.3 php8.3-gd wget snmp snmpd build-essential openssl libssl-dev unzip sendmail snmp-mibs-downloader nano curl autoconf gcc make libgd-dev libmcrypt-dev libssl-dev dc libnet-snmp-perl gettext inetutils-ping net-tools
  • Add relevant Nagios user and user groups that will be used to run nagios
$ sudo useradd nagios 
$ sudo groupadd nagcmd 
$ sudo usermod -a -G nagcmd nagios 
$ sudo usermod -a -G nagcmd www-data

Installing Nagios

  • Log into the Nagios server - ssh kedar@172.16.141.110) and run the below commands. This will download Nagios source and Nagios plugins source on the Nagios server from where Nagios will be compiled and installed.
$ wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.5.7.tar.gz 
$ wget http://www.nagios-plugins.org/download/nagios-plugins-2.4.11.tar.gz
  • Extract and change directory to Nagios
$ tar -xvf nagios-4.5.7.tar.gz
$ cd nagios-4.5.7
nagios-4.5.7 $ ./configure --with-nagios-group=nagios --with-command-group=nagcmd --with-mail=/usr/sbin/sendmail
nagios-4.5.7$ make all
nagios-4.5.7$ sudo make install
nagios-4.5.7$ sudo make install-commandmode
nagios-4.5.7$ sudo make install-init
nagios-4.5.7$ sudo make install-config
nagios-4.5.7$ sudo /usr/bin/install -c -m 644 sample-config/httpd.conf /etc/apache2/sites-available/nagios.conf
nagios-4.5.7$ sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
  • Create Nagios Service by adding the below code in the file: sudo nano /etc/systemd/system/nagios.service
[Unit]
Description=Nagios
BindTo=network.target

[Install]
WantedBy=multi-user.target

[Service]
Type=simple
User=nagios
Group=nagios
ExecStart=/usr/local/nagios/bin/nagios /usr/local/nagios/etc/nagios.cfg
  • Enable and restart Nagios, Apache
$ sudo systemctl enable /etc/systemd/system/nagios.service 
$ sudo a2ensite nagios.conf 
$ sudo a2enmod rewrite 
$ sudo a2enmod cgi 
$ sudo systemctl start nagios 
$ sudo systemctl restart apache2
  • Nagios server is now installed

Install Nagios Plugins

  • On the Nagios server, extract the Nagios plugins folder and compile
$ tar -xvf nagios-plugins-2.4.11.tar.gz
$ cd nagios-plugins-2.4.11
nagios-plugins-2.4.11 $ ./compile --with-nagios-user=nagios --with-nagios-group=nagios
nagios-plugins-2.4.11 $ sudo make
nagios-plugins-2.4.11 $ sudo make install
$ sudo systemctl restart nagios
$ sudo systemctl restart apache2

Check Localhost

  • With the above, Nagios and Nagios plugins have been installed
  • Open any browser and type: http://<server-ip>/nagios
  • It will prompt for user id & password: User I'd is nagiosadmin and password what you had kept while installing Nagios above
  • You should be able to see all the services green for the host

Monitoring other hosts

  • Install pre-requisites on the Linux host you want to monitor
$ sudo apt install wget build-essential openssl libssl-dev unzip sendmail nano curl autoconf gcc make libgd-dev libmcrypt-dev libssl-dev dc inetutils-ping net-tools
  • Install

References

Retrieved from "https://infrastructure-advisory.org/index.php?title=Deploying_Nagios&oldid=365"