Server monitoring with Icinga 2 and Icingaweb 2 on CentOS 7
Icinga 2 is a scalable OpenSource monitoring software. This tutorial describes the installation of Icinga 2 together with Icingaweb on a CentOS 7 server.
1. Requirements
To install such a system you will need the following:
- A Centos 7 minimal server system. This can be a server installed from scratch as described in the Centos 7.1 minimal server tutorial or a virtual-server or root-server from a hosting company that has a minimal Centos 7 setup installed.
- A fast Internet connection.
2. Preliminary notes
- In this tutorial, I use the hostname icinga2.domain.tld with the IP address 192.168.250.100/24 and the gateway 192.168.250.254. These settings might differ for you, so you have to replace them where appropriate.
- The outputs shown here is just an example and might differ on your system, depending on your base system and the packages already installed.
- The database server will be maria db and will be installed on the same host.
- A user administrator exists and is in the sudoers list.
- We will disable SELinux for this tutorial.
3. Preparation
Login as administrator
login as: administrator [email protected]'s password: [administrator@icinga2 ~]$
Check network connectivity
we will test if our internet connection is established and name resolution is working:
ping www.google.de -c3
The output will be like:
[administrator@icinga2 ~]$ ping www.google.de -c3 PING www.google.de (172.217.20.67) 56(84) bytes of data. 64 bytes from fra02s27-in-f3.1e100.net (172.217.20.67): icmp_seq=1 ttl=57 time=19.2 ms 64 bytes from fra02s27-in-f3.1e100.net (172.217.20.67): icmp_seq=2 ttl=57 time=19.3 ms 64 bytes from fra02s27-in-f3.1e100.net (172.217.20.67): icmp_seq=3 ttl=57 time=19.6 ms --- www.google.de ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2001ms rtt min/avg/max/mdev = 19.276/19.430/19.649/0.195 ms [administrator@icinga2 ~]$
Change to root
Now we will make ourself root. To do so enter:
sudo su
The output will be like:
[administrator@icinga2 ~]$ sudo su We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for administrator: [root@icinga2 administrator]#
Install preliminary software
We will now install some preliminary software:
- deltarpm will lower the amount to be downloaded, by checking if there is just a differential file, instead of the whole package
- nano is a text-editor
- wget is needed to download files from URLs
- net-tools is needed for certain checks on network-processes
- gcc is the GNU Compiler
yum -y install deltarpm
The output will be like:
Loaded plugins: fastestmirror base | 3.6 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 (1/4): extras/7/x86_64/primary_db ... ... Total download size: 82 k Installed size: 209 k Downloading packages: warning: /var/cache/yum/x86_64/7/base/packages/deltarpm-3.6-3.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY Public key for deltarpm-3.6-3.el7.x86_64.rpm is not installed deltarpm-3.6-3.el7.x86_64.rpm | 82 kB 00:00:00 Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 Importing GPG key 0xF4A80EB5: Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <[email protected]>" Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5 Package : centos-release-7-2.1511.el7.centos.2.10.x86_64 (@anaconda) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : deltarpm-3.6-3.el7.x86_64 1/1 Verifying : deltarpm-3.6-3.el7.x86_64 1/1 Installed: deltarpm.x86_64 0:3.6-3.el7 Complete!
yum -y install nano wget net-tools gcc
The output will be like:
Loaded plugins: fastestmirror base | 3.6 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 (1/4): extras/7/x86_64/primary_db ... ... Installed: gcc.x86_64 0:4.8.5-4.el7 nano.x86_64 0:2.3.1-10.el7 net-tools.x86_64 0:2.0-0.17.20131004git.el7 wget.x86_64 0:1.14-10.el7_0.1 Dependency Installed: cpp.x86_64 0:4.8.5-4.el7 glibc-devel.x86_64 0:2.17-106.el7_2.4 glibc-headers.x86_64 0:2.17-106.el7_2.4 kernel-headers.x86_64 0:3.10.0-327.13.1.el7 libmpc.x86_64 0:1.0.1-3.el7 mpfr.x86_64 0:3.1.1-4.el7 Dependency Updated: glibc.x86_64 0:2.17-106.el7_2.4 glibc-common.x86_64 0:2.17-106.el7_2.4 Complete!
Disable SELinux
edit the /etc/selinux/config
nano /etc/selinux/config
Find
SELINUX=enforcing
change it to
SELINUX=disabled
Save the file
Update system and reboot
Now we will update the system.
yum -y update && yum -y upgrade
This may take some time. After that reboot.
reboot
4. Install icinga2 and additional Software
Install additional repositories
After the system has restarted login as administrator and make yourself root again.
Change directory to /tmp
cd /tmp
Install epel repository
yum install -y epel-release
Install icinga repository
rpm --import http://packages.icinga.org/icinga.key
wget http://packages.icinga.org/epel/ICINGA-release.repo -O /etc/yum.repos.d/ICINGA-release.repo
Rebuild yum cache (May take some time)
yum makecache
Install icinga2, icinga2 mysql connector and nagios plugins
yum install -y nagios-plugins-all icinga2 icinga2-ido-mysql icinga-idoutils-libdbi-mysql
Installing Apache, php and preparing php.ini
yum install -y httpd
yum install -y php-cli php-pear php-xmlrpc php-xsl php-pdo php-soap php-gd php-ldap
Edit php.ini
Find
; Defines the default timezone used by the date functions ; http://php.net/date.timezone ;date.timezone =
change it to
; Defines the default timezone used by the date functions ; http://php.net/date.timezone date.timezone = "Europe/Berlin"
Save the file
Enable Apache at startup
systemctl enable httpd
[root@icinga2 tmp]# systemctl enable httpd Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
systemctl start httpd
Check if Apache is running
netstat -nlp | grep 80
[root@icinga2 tmp]# netstat -nlp | grep 80 tcp6 0 0 :::80 :::* LISTEN 10360/httpd
Installing and configuring mariadb
yum install -y mariadb-server
systemctl start mariadb
systemctl enable mariadb
Output:
[root@icinga2 tmp]# systemctl enable mariadb Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
Check if mariadb is running
netstat -nlp | grep 3306
Output:
[root@icinga2 tmp]# netstat -nlp | grep 3306 tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 11623/mysqld
Set Password for user 'root'
mysql -u root
Output:
[root@icinga2 tmp]# mysql -u root Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 2 Server version: 5.5.47-MariaDB MariaDB Server Copyright (c) 2000, 2015, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]>
[MariaDB [(none)]> use mysql
Output:
[MariaDB [(none)]> use mysql; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed MariaDB [mysql]>
[MariaDB [(mysql)]> update user set password=PASSWORD("root_password") where User='root';
Output:
update user set password=PASSWORD("root_password") where User='root'; Query OK, 4 rows affected (0.00 sec) Rows matched: 4 Changed: 4 Warnings: 0
[MariaDB [(mysql)]> flush privileges;
Output:
MariaDB [mysql]> flush privileges; Query OK, 0 rows affected (0.00 sec0
[MariaDB [(mysql)]> exit;
Output:
MariaDB [mysql]> exit; Bye
Restart MariaDB
systemctl restart mariadb
Create and populate database for icinga2
Logon to MySQL with password for root.
mysql -u root -p
Output:
[root@icinga2 tmp]# [root@icinga2 tmp]# mysql -u root -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 7 Server version: 5.5.47-MariaDB MariaDB Server Copyright (c) 2000, 2015, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]>
[MariaDB [(none)]>CREATE DATABASE icinga2;
Output:
MariaDB [(none)]> CREATE DATABASE icinga2; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]>
[MariaDB [(none)]>GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icinga2.* TO 'icinga2'@'localhost' IDENTIFIED BY 'icinga2_password';
Output:
MariaDB [(none)]> GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icinga2.* TO 'icinga2'@'localhost' IDENTIFIED BY 'icinga2_password'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]>
[MariaDB [(none)]>flush privileges;;
Output:
MariaDB [(none)]> flush privileges; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]>
[MariaDB [(none)]> exit;
Output:
MariaDB [none]> exit; Bye
Populate database
mysql -u root -p icinga2 < /usr/share/icinga2-ido-mysql/schema/mysql.sql
Modify ido-mysql.conf
In order to make icinga2 connect to our mariadb Database we have to modify /etc/icinga2/ido-mysql.conf
nano /etc/icinga2/features-available/ido-mysql.conf
Find
/** * The db_ido_mysql library implements IDO functionality * for MySQL. */ library "db_ido_mysql" object IdoMysqlConnection "ido-mysql" { //user = "icinga" //password = "icinga" //host = "localhost" //database = "icinga" }
change it to
/** * The db_ido_mysql library implements IDO functionality * for MySQL. */ library "db_ido_mysql" object IdoMysqlConnection "ido-mysql" { user = "icinga2" password = "icinga2_password" host = "localhost" database = "icinga2" }
Enable and start icinga2 at startup
enable icinga2 at startup
systemctl enable icinga2
Output:
[root@icinga2 tmp]# systemctl enable icinga2 Created symlink from /etc/systemd/system/multi-user.target.wants/icinga2.service to /usr/lib/systemd/system/icinga2.service.
Start icinga2
systemctl start icinga2
In order to check if everything is working we will do tail -f /var/log/icinga2/icinga2.log. You can stop the output by hitting CTRL-C.
tail -f /var/log/icinga2/icinga2.log
The output should be something like this
[root@icinga2 tmp]# tail -f /var/log/icinga2/icinga2.log [2016-05-10 23:21:50 +0200] information/DbConnection: Resuming IDO connection: ido-mysql [2016-05-10 23:21:50 +0200] information/ConfigItem: Activated all objects. [2016-05-10 23:21:50 +0200] information/ConfigCompiler: Compiling config file: /var/lib/icinga2/modified-attributes.conf [2016-05-10 23:21:50 +0200] information/IdoMysqlConnection: MySQL IDO instance id: 1 (schema version: '1.14.0') [2016-05-10 23:21:50 +0200] information/IdoMysqlConnection: Finished reconnecting to MySQL IDO database in 0.201981 second(s).
Make icinga2 start at boot:
systemctl enable icinga2
Output:
[root@icinga2 tmp]# systemctl enable icinga2 Created symlink from /etc/systemd/system/multi-user.target.wants/icinga2.service to /usr/lib/systemd/system/icinga2.service.
Enable icinga2 command module:
icinga2 feature enable command
Output:
[root@icinga2 tmp]# icinga2 feature enable command Enabling feature command. Make sure to restart Icinga 2 for these changes to take effect.
Restart icinga2
systemctl restart icinga2