Network Monitoring Appliance

My ambition was to implement a small (better tiny) appliance for monitoring network health and network resources, short and longtime trends, running under VMware Server or VMware ESX. So I had an eye upon all components which are implemented on the system, to be as leightweight as possible. This was also the reason why no SQL DBMS based software was used.

The appliance is based on Ubuntu Jeos LTS (8.04.3 at the time of this writing). Almost all used components are from the related repositories. This tutorial shows how the appliance was implemented. I do not issue any guarantee that this will work for you!

Used components:

* Ubuntu 8.04.3 JeOS as OS

* Nagios 2.11 for monitoring and alarming

* Smokeping 2.3 to observe latencies and paketloss

* MRTG 2.14.7 to observe networktraffic's tendencies

* RRDTool 1.2.19 as Round-Robin Database for storing all measurement data

* Lighttpd 1.4.19 as fast, lightweight webserver frontend

* weathermap4rrd for illustrating the networkweather

* ssmtp as extremely lightweight MTA for maildelivery

 

Preliminary Note

In this tutorial I use the hostname jeos.example.com with an IP address allocated with DHCP. These settings might differ for you, so you have to replace them where appropriate. As this whole installation is not GUI based, you should be familiar using bash, vi and similar programs. Also all work should be done with root privilegs or with sudo prepending each command.

 

1. Ubuntu Server JeOS 8.04 LTS

The idea behind Ubuntu Server JeOS is to use it as lightweight, performant base to build appliances under VMware ESX/Server or KVM.

You can download an ISO image from http://cdimage.ubuntu.com/jeos/releases/8.04.3/release/jeos-8.04.3-jeos-i386.iso.

As we want the whole VM to be lightweight, we allocate 1 CPU, 192MR RAM (both easily changeable in VMware) and 1GB diskspace.

Installation is straightforward and some screenshots are shown subsequent. There is also a tutorial regarding installation on https://help.ubuntu.com/community/JeOS.

Hostname:

Guided disk partitioning:

We use the entire disk. swap makes no real sense for this VM, but the swapspace is automatically configured, so we leave it.

Create an account for further logins:

After a while base installation is finished:

Now the system is base-installed and ready for further activities. First you should do an update/upgrade of all installed packages to the newest versions:

apt-get update && apt-get upgrade

Maybe we have to do another reboot and log in with the account created while installing the system:

As your system is only reachable inside the VMware console, another good idea might be to install ssh:

apt-get install ssh

Now we are going to install all software we need for building the appliance. As this system should be used for solving network problems, we also install some more packages which may be helpful. Feel free to extend this list according to your needs:

apt-get install lighttpd ssmtp mailx anacron build-essential linux-headers-$(uname -r) psmisc nmap rsync snmp openssh-server sshfs ntop smokeping xinetd mrtg mrtg-rrd nagios2 nagios2-doc localepurge lynx dnsutils bzip2 traceroute tcptraceroute iptables wget lsof pv telnet time whois alien

 

VMware Tools

The VMware Tools may not be of great help, as this system is without X11, but nevertheless you can install them in two ways:

In the VMware Virtual-Center Web-Access (or whichever VMware administrative console you have) mount the virtual CD for this VM, and mount it also from inside the VM by doing a

mount /media/cdrom

Either convert the VmwareTools .rpm package by using alien into a .deb package and install them by doing a dpkg -i vmwaretools*.deb

or

unpack the archive VmwareTools-*.tar.gz via tar xvzf vmwaretools_*.tar.gz and manually install them (see in detail on https://help.ubuntu.com/community/JeOS#Installing%20VMware%20Tools)

Subsequently a

apt-get remove build-essential linux-headers-$(uname -r) && apt-get clean && apt-get autoremove

could be done to remove unnecessary packages and to free some disk space.

Now the base system is really ready installed. Let's go on with the server applications.

Share this page:

9 Comment(s)

Add comment

Comments

From: Ed Jones at: 2011-11-22 18:24:55

How does this compare with commercially available systems such as those from Lumeta or Netgrappler?

 

From: at: 2009-10-28 12:33:22

@Masoud,

 I have not tried to use another platform, but I'm sure that you can install and run these apps on nearly every other available Linux Distri, and also on *BSD or commercial Unices which are supported by the applications (but of course you will have to do some modifications in the setup). It should also be possible to use Apache as webserver, or maybe nginx or any other webserversoftware with an appropriate feature set.

I have used Ubuntu Jeos because I wanted to build an appliance running under VMware, and I used 8.04 because it's the newest LTS version. My tutorial is a kind of cooking recipe, so feel free to modify it according to your needs :-) 

Sorry if this is not the answer you expected :-)

From: at: 2009-10-15 09:31:54

@NetDiva,

thanks for this hint. I have a look at MonitoringForge, and if there is a chance to publish this tutorial, I'll do ;-)

 

@Bill,

1. feel free to install whichever editor you need ;-)

2.-4. I did not want to make a detailed description, only kind of a cooking recipe, where one who is interested has to work out the details for it's use.

 But nevertheless thanks for your hints.

 

@DUCKFACE,

 I have no usecase for ISPconf 2, but feel free to use my tutorial as base for one of you :-)

 

 @DP + anonymous,

I have no knowhow regarding OSSIM, but according to its specs it plays in another league 

 

This appliance is used in a  environment with more than 200 network devices, 100 servers scattered in a township of  ~200000 people. Of course only the most important, critical devices are monitored.

From: Masoud at: 2009-10-16 09:16:53

Can you please tell me that can I install these software on another version of ubuntu like ubuntu 9.04 desktop edition? Because I tried to install on jeos 8.04, but I couldn't configure then network card. It seem it is not recognizing NIC. My laptop is Acer Travelmate.

 Your kindly response is highly appreciated.

Regards

Masoud

From: at: 2009-09-30 12:26:58

How abaout make it for ISPConf 2 and / or apache :)

From: dp at: 2009-09-29 15:25:13

I have not tried your solution out yet. I am thinking of installing on its own box for now (no vmware). I am so sick of OSSIM not working correctly I hope your solution works out!

 

Thanks

From: Anonymous at: 2009-10-02 19:46:18

I wish I can add these functions to Ebox Platform; instead of wasting another box.

To compare with OSSIM is talking about different animals happened to swim in the same zoo.

From: NetDiva at: 2009-10-06 17:59:29

Hi All,

 You can find more monitoring documentation on http://MonitoringForge.org.  In fact, we've also announced a call for monitoring docs.  http://monitoringforge.org/plugins/mwiki/index.php/Www/WTFMM

Cheers!

 Amy Abascal

From: Bill Huber at: 2009-10-04 14:47:30

Hey, thanks for the great article. I had been looking at trying out GroundWork Monitor, http://www.groundworkopensource.com/products/community-edition/index.html, again. My major complaint on GroundWork Monitor is that it is overkill for small network monitoring needs so this solution looks very appealing since I do not need all of the bells and whistles of a full blown system. Here are some suggestions I have for improving the article.

  1. One of the first things I needed to install to make this installation go smoother was an editor so I could cut-and-paste to my ssh session. In my case I installed nano.
  2. The first application I configured was smokeping. The configuraton file is pretty easy to figure out and can be found at /etc/smokeping/config.  If everything works you can see your results at http://yourip/cgi-bin/smokeping.cgi.
  3. Configuring Nagios is a bit more complicated. The configuration files are located at /etc/nagios2/conf.d. The web page can be found at http://yourip/nagios2/. The Nagios QuickStart Document, http://nagios.sourceforge.net/docs/3_0/quickstart.html, is good primer for the folks not familiar with Nagios.
  4. The Debian logo did not appear in Nagios next to the localhost. After a little research I figured out that I needed to install nagios-images using apt-get install nagios-images.