Server Monitoring With munin And monit - Page 2

Want to support HowtoForge? Become a subscriber!
 
Submitted by falko (Contact Author) (Forums) on Thu, 2006-04-20 20:14. ::

4 Install And Configure monit

To install monit, we do this:

apt-get install monit

Now we must edit /etc/monit/monitrc. The default /etc/monit/monitrc has lots of examples, and you can find more configuration examples on http://www.tildeslash.com/monit/doc/examples.php. However, in my case I want to monitor proftpd, sshd, mysql, apache, and postfix, I want to enable the monit web interface on port 2812, I want a https web interface, I want to log in to the web interface with the username admin and the password test, and I want monit to send email alerts to root@localhost, so my file looks like this:

vi /etc/monit/monitrc

set daemon  60
set logfile syslog facility log_daemon
set mailserver localhost
set mail-format { from: monit@server1.example.com }
set alert root@localhost
set httpd port 2812 and
SSL ENABLE
PEMFILE /var/certs/monit.pem
allow admin:test

check process proftpd with pidfile /var/run/proftpd.pid
start program = "/etc/init.d/proftpd start"
stop program = "/etc/init.d/proftpd stop"
if failed port 21 protocol ftp then restart
if 5 restarts within 5 cycles then timeout

check process sshd with pidfile /var/run/sshd.pid
start program "/etc/init.d/ssh start"
stop program "/etc/init.d/ssh stop"
if failed port 22 protocol ssh then restart
if 5 restarts within 5 cycles then timeout

check process mysql with pidfile /var/run/mysqld/mysqld.pid
group database
start program = "/etc/init.d/mysql start"
stop program = "/etc/init.d/mysql stop"
if failed host 127.0.0.1 port 3306 then restart
if 5 restarts within 5 cycles then timeout

check process apache with pidfile /var/run/apache2.pid
group www
start program = "/etc/init.d/apache2 start"
stop program = "/etc/init.d/apache2 stop"
if failed host www.example.com port 80 protocol http
and request "/monit/token" then restart
if cpu is greater than 60% for 2 cycles then alert
if cpu > 80% for 5 cycles then restart
if totalmem > 500 MB for 5 cycles then restart
if children > 250 then restart
if loadavg(5min) greater than 10 for 8 cycles then stop
if 3 restarts within 5 cycles then timeout

check process postfix with pidfile /var/spool/postfix/pid/master.pid
group mail
start program = "/etc/init.d/postfix start"
stop program = "/etc/init.d/postfix stop"
if failed port 25 protocol smtp then restart
if 5 restarts within 5 cycles then timeout

The configuration file is pretty self-explaining; if you are unsure about an option, take a look at the monit documentation: http://www.tildeslash.com/monit/doc/manual.php

In the apache part of the monit configuration you find this:

   if failed host www.example.com port 80 protocol http
and request "/monit/token" then restart

which means that monit tries to connect to www.example.com on port 80 and tries to access the file /monit/token which is /var/www/www.example.com/web/monit/token because our web site's document root is /var/www/www.example.com/web. If monit doesn't succeed it means Apache isn't running, and monit is going to restart it. Now we must create the file /var/www/www.example.com/web/monit/token and write some random string into it:

mkdir /var/www/www.example.com/web/monit
echo "hello" > /var/www/www.example.com/web/monit/token

Next we create the pem cert (/var/certs/monit.pem) we need for the SSL-encrypted monit web interface:

mkdir /var/certs
cd /var/certs

We need an OpenSSL configuration file to create our certificate. It can look like this:

vi /var/certs/monit.cnf

# create RSA certs - Server

RANDFILE = ./openssl.rnd

[ req ]
default_bits = 1024
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type

[ req_dn ]
countryName = Country Name (2 letter code)
countryName_default = MO

stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Monitoria

localityName = Locality Name (eg, city)
localityName_default = Monittown

organizationName = Organization Name (eg, company)
organizationName_default = Monit Inc.

organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default = Dept. of Monitoring Technologies

commonName = Common Name (FQDN of your server)
commonName_default = server.monit.mo

emailAddress = Email Address
emailAddress_default = root@monit.mo

[ cert_type ]
nsCertType = server

Now we create the certificate like this:

openssl req -new -x509 -days 365 -nodes -config ./monit.cnf -out /var/certs/monit.pem -keyout /var/certs/monit.pem
openssl gendh 512 >> /var/certs/monit.pem
openssl x509 -subject -dates -fingerprint -noout -in /var/certs/monit.pem
chmod 700 /var/certs/monit.pem

Afterwards we edit /etc/default/monit to enable the monit daemon. Change startup to 1 and set CHECK_INTERVALS to the interval in seconds that you would like monit to check your system. I choose 60 (seconds) so my file looks like this:

vi /etc/default/monit

# Defaults for monit initscript
# sourced by /etc/init.d/monit
# installed at /etc/default/monit by maintainer scripts
# Fredrik Steen <stone@debian.org>

# You must set this variable to for monit to start
startup=1

# To change the intervals which monit should run uncomment
# and change this variable.
CHECK_INTERVALS=60

Finally, we can start monit:

/etc/init.d/monit start

Now point your browser to https://www.example.com:2812/ (make sure port 2812 isn't blocked by your firewall), log in with admin and test, and you should see the monit web interface. It should look like this:

(Main Screen)

(Apache Status Page)

Depending on your configuration in /etc/monit/monitrc monit will restart your services if they fail and send notification emails if process IDs of services change, etc.

Have fun!

5 Links


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
Submitted by Ventzy (not registered) on Tue, 2010-06-22 17:26.

How much additional server load can be expected of running munin and monit?

Is it possible monit to monitor another server, so if whole server is down to get notified?

Submitted by Mattia Belletti (not registered) on Tue, 2009-09-08 13:55.
Thank you! Very useful and straight-to-the-point!
Submitted by Anonymous (not registered) on Tue, 2006-06-13 17:07.
Thanks for the great howto. It works great and was up and running in less than 1 hour.
Submitted by Anonymous (not registered) on Mon, 2006-05-08 19:59.
Thanks for the detailed instructions. I had both of them running in about an hour. Thanks!
Submitted by Anonymous (not registered) on Mon, 2006-05-08 19:42.

I recommend you http://www.monitorix.org. It is a very easy to install web-based, lightweight, open-source, rrdtool-based monitoring tool for UNIX and Linux servers that you must try.

:-)

Submitted by Anonymous (not registered) on Mon, 2006-05-08 16:10.

I got into work at 8:30 am this morning. I read this article at 9am.

By 9:30 I was running both monit and munin on a test server.

Awesome!

Submitted by Anonymous (not registered) on Mon, 2006-07-31 17:29.

I set up both of them in less than 30 min.

However, I am wandering what "10" in this statement means:

"if loadavg(5min) greater than 10 for 5 cycles then stop"

I do receive very often notifications about apache restart...?