Ebony - an Opsview CentOS 6 monitoring VM
This document follows the installation howto document from the OpsView web site with only a few additions.
Installation
Prerequisites
Disable SeLinux in '/etc/selinux/config'.
Repository
The following RPM repositories are used:
- Opsview
- RPMForge
Opsview doesn't have a opsview-package' RPM to install the repository. A yum configuration file must be created manually. As of Opsview v3.12 there are no CentOS 6 RPM's so use the RHEL 6 repository instead.
Add the following to '/etc/yum.repos.d/opsview.repo':
[opsview] name = Opsview baseurl = http://downloads.opsera.com/opsview-community/latest/yum/rhel/$releasever/$basearch enabled = 1 protect = 0 gpgcheck = 0
Install the RPMForge repository
# rpm -Uvh http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
Packages
Instal the required packages. The opsview meta package should bring in most packages however there are a couple that aren't declared dependencies.
# yum install opsview mysql-server java-1.6.0-openjdk-1.6.0.0 rrdtool-perl redhat-lsb perl-Net-SNMP perl-MOP
Configuration
MySQL
Add the following to the [ mysqld] section of '/etc/my.cnf':
bind-address = localhost innodb_file_per_table=1 innodb_flush_log_at_trx_commit=2 innodb_buffer_pool_size=256M
Start the MySql server:
# chkconfig mysqld on # service mysqld start
Change the MySql root password:
# /usr/bin/mysqladmin -u root password password
Nagios user setup
Add the following line to the nagios users '.bash_profile'.
nagios$ echo "test -f /usr/local/nagios/bin/profile && . /usr/local/nagios/bin/profile" >> ~/.bash_profile
Create the Nagios database
# /usr/local/nagios/bin/db_mysql -u root -ppassword
OpsView
As the nagios user edit the file '/usr/local/nagios/etc/opsview.conf' and populate it with passwords.
# /usr/local/nagios/bin/db_opsview db_install # /usr/local/nagios/bin/db_runtime db_install # /usr/local/nagios/bin/db_odw db_install # /usr/local/nagios/bin/db_reports db_install # /usr/local/nagios/bin/rc.opsview gen_config
Due to a known limitation add the following to the file ' /usr/local/opsview-web/opsview_web_local.yml'. This is a new file that didn't exist in the distribution:
Controller::Root: authtkt_ignoreip: 1
Start the web service.
# service opsview-web start
Initial setup
Use a web browser to view the web interface on port 3000 of the host. The initial credentials are:
| Username | admin |
|---|---|
| Password | initial |
Nginx Web Server
Instead of the stock recommended Apache httpd configuration use Nginx as a web server to server the static content and proxy the dynamic pages. This is based on the information in the Apache httpd sample configuration '/usr/local/nagios/installer/apache_proxy.conf'.
server {
listen [::]:80;
server_name _;
location ~* ^/(error_pages/|javascript/|stylesheets/|help/|images/|xml/|favicon.ico|graphs/|static/|media/) {
expires 7d;
add_header Cache-Control public;
access_log off;
root /usr/local/nagios/share;
}
location /static/nmis/ {
expires 7d;
add_header Cache-Control public;
access_log off;
root /usr/local/nagios/nmis/htdocs;
}
location / {
proxy_pass http://localhost:3000;
}
}
Nginx Reverse proxy
Use Nginx as a front-door reverse proxy with SSL offload. Note that the Catalyst engine requires the 'X-Forwarded-...' headers to be set so that the URL's are rewritten correctly.
server {
listen [::]:80;
server_name opsview.lucidsolutions.co.nz;
location / {
# redirect to secure page [permanent | redirect]
rewrite ^ https://opsview.lucidsolutions.co.nz$request_uri? permanent;
}
}
server {
listen [::]:443 ssl;
server_name opsview.lucidsolutions.co.nz;
keepalive_timeout 70;
ssl on;
ssl_certificate certs/opsview.lucidsolutions.co.nz.startssl.crt;
ssl_certificate_key certs/opsview.lucidsolutions.co.nz.key;
ssl_ciphers ALL;
include /etc/nginx/semitrusted-networks;
access_log /var/log/nginx/opsview.lucidsolutions.co.nz.access.log main;
location / {
proxy_pass http://10.20.11.3:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Port 443;
}
}
Residuals
- No caching of web site content
- Static content is served by the OpsView perl module
Links
Documentation
Appendices
Packages
=================================================================================
Package Arch Version Repository
Size
=================================================================================
Installing:
java-1.6.0-openjdk x86_64 1:1.6.0.0-1.36.b17.el6_0 updates 25 M
mysql-server x86_64 5.1.52-1.el6_0.1 updates 8.1 M
opsview noarch 3.13.0.6479-1.el6 opsview 1.5 k
Installing for dependencies:
alsa-lib x86_64 1.0.21-3.el6 base 369 k
apr x86_64 1.3.9-3.el6_0.1 updates 124 k
apr-util x86_64 1.3.9-3.el6_0.1 updates 87 k
apr-util-ldap x86_64 1.3.9-3.el6_0.1 updates 15 k
bind-libs x86_64 32:9.7.0-5.P2.el6_0.1 updates 829 k
bind-utils x86_64 32:9.7.0-5.P2.el6_0.1 updates 174 k
cairo x86_64 1.8.8-3.1.el6 base 309 k
dejavu-fonts-common noarch 2.30-2.el6 base 59 k
dejavu-lgc-sans-mono-fonts noarch 2.30-2.el6 base 393 k
dejavu-sans-mono-fonts noarch 2.30-2.el6 base 450 k
fontconfig x86_64 2.8.0-3.el6 base 186 k
fontpackages-filesystem noarch 1.41-1.1.el6 base 8.8 k
freetype x86_64 2.3.11-6.el6_0.2 updates 359 k
gd x86_64 2.0.35-10.el6 base 142 k
giflib x86_64 4.1.6-3.1.el6 base 37 k
httpd x86_64 2.2.15-5.el6.centos base 811 k
httpd-tools x86_64 2.2.15-5.el6.centos base 68 k
jline noarch 0.9.94-0.8.el6 base 86 k
jpackage-utils noarch 1.7.5-3.12.el6 base 59 k
ksh x86_64 20100621-2.el6 base 656 k
libICE x86_64 1.0.6-1.el6 base 53 k
libSM x86_64 1.1.0-7.1.el6 base 26 k
libX11 x86_64 1.3-2.el6 base 582 k
libX11-common noarch 1.3-2.el6 base 188 k
libXau x86_64 1.0.5-1.el6 base 22 k
libXext x86_64 1.1-3.el6 base 33 k
libXft x86_64 2.1.13-4.1.el6 base 49 k
libXi x86_64 1.3-3.el6 base 32 k
libXpm x86_64 3.5.8-2.el6 base 59 k
libXrender x86_64 0.9.5-1.el6 base 27 k
libXtst x86_64 1.0.99.2-3.el6 base 22 k
libasyncns x86_64 0.8-1.1.el6 base 24 k
libjpeg x86_64 6b-46.el6 base 134 k
libmcrypt x86_64 2.5.7-1.2.el6.rf rpmforge 196 k
libpng x86_64 2:1.2.44-1.el6 base 180 k
libsndfile x86_64 1.0.20-3.el6 base 223 k
libthai x86_64 0.1.12-3.el6 base 183 k
libxcb x86_64 1.5-1.el6 base 100 k
lm_sensors-libs x86_64 3.1.1-10.el6 base 37 k
mailcap noarch 2.1.31-1.1.el6 base 27 k
mrtg x86_64 2.16.2-5.el6 base 694 k
mrtg-libs x86_64 2.16.2-5.el6 base 95 k
mysql x86_64 5.1.52-1.el6_0.1 updates 889 k
net-snmp x86_64 1:5.5-27.el6_0.1 updates 297 k
net-snmp-libs x86_64 1:5.5-27.el6_0.1 updates 1.5 M
opsview-base x86_64 3.13.0.6479-1.el6 opsview 6.9 M
opsview-core noarch 3.13.0.6479-1.el6 opsview 2.2 M
opsview-perl x86_64 3.13.0.464-1.el6 opsview 28 M
opsview-reports noarch 2.2.4.259-1.el6 opsview 15 M
opsview-web noarch 3.13.0.6479-1.el6 opsview 556 k
pango x86_64 1.28.1-3.el6_0.5 updates 351 k
perl-DBD-MySQL x86_64 4.013-3.el6 base 134 k
perl-DBI x86_64 1.609-4.el6 base 705 k
perl-IO-Socket-INET6 noarch 2.56-4.el6 base 17 k
perl-SNMP_Session noarch 1.12-4.el6 base 67 k
perl-Socket6 x86_64 0.23-3.el6 base 23 k
pixman x86_64 0.18.4-1.el6_0.1 updates 146 k
pulseaudio-libs x86_64 0.9.21-13.el6 base 462 k
rhino noarch 1.7-0.7.r2.2.el6 base 778 k
rrdtool x86_64 1.3.8-6.el6 base 293 k
rsync x86_64 3.0.6-5.el6_0.1 updates 335 k
tzdata-java noarch 2011g-1.el6 updates 152 k
Transaction Summary
=================================================================================
Install 65 Package(s)
Upgrade 0 Package(s)
Total download size: 99 M
Installed size: 314 M
MySql
The first time startup message is:
# service mysqld start
Initializing MySQL database: Installing MySQL system tables...
OK
Filling help tables...
OK
To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system
PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:
/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h ebony.lucidsolutions.co.nz password 'new-password'
Alternatively you can run:
/usr/bin/mysql_secure_installation
which will also give you the option of removing the test
databases and anonymous user created by default. This is
strongly recommended for production servers.
See the manual for more instructions.
You can start the MySQL daemon with:
cd /usr ; /usr/bin/mysqld_safe &
You can test the MySQL daemon with mysql-test-run.pl
cd /usr/mysql-test ; perl mysql-test-run.pl
Please report any problems with the /usr/bin/mysqlbug script!
[ OK ]
Starting mysqld: [ OK ]
db_opsview db_install
# /usr/local/nagios/bin/db_opsview db_install
Class::C3::Componentised::load_components(): Use of DBIx::Class::UTF8Columns is strongly
discouraged. See documentation of DBIx::Class::UTF8Columns for more info
gen_config error
Missing dependency of 'rrdtool-perl'
# /usr/local/nagios/bin/rc.opsview gen_config Thu Sep 29 17:37:19 2011 Starting Thu Sep 29 17:37:19 2011 --> Writing config files for Master Monitoring Server Thu Sep 29 17:37:19 2011 Created distributed information Thu Sep 29 17:37:19 2011 Created keyword lookup list for 4 keywords Thu Sep 29 17:37:19 2011 83 commands written to checkcommands.cfg Thu Sep 29 17:37:19 2011 27 service definitions written to services.cfg Thu Sep 29 17:37:19 2011 1 hosts written to hosts.cfg Thu Sep 29 17:37:19 2011 1 hostgroups written to hostgroups.cfg Thu Sep 29 17:37:20 2011 2 contacts (1 profiles) written to contacts.cfg Thu Sep 29 17:37:20 2011 2 contacts written to htpasswd.users Thu Sep 29 17:37:20 2011 8 groups written to contactgroups.cfg Thu Sep 29 17:37:20 2011 Written nagios.cfg Thu Sep 29 17:37:20 2011 Written cgi.cfg Thu Sep 29 17:37:20 2011 Written misccommands.cfg Thu Sep 29 17:37:20 2011 Written timeperiods.cfg Thu Sep 29 17:37:20 2011 Written snmptraps.cfg Thu Sep 29 17:37:20 2011 Written notificationmethodvariables.cfg Thu Sep 29 17:37:20 2011 Written nsca.cfg Thu Sep 29 17:37:20 2011 Written nrd.conf Thu Sep 29 17:37:20 2011 Written send_nrd.cfg Thu Sep 29 17:37:20 2011 Written send_nsca.cfg Thu Sep 29 17:37:20 2011 Written ndo2db.cfg Thu Sep 29 17:37:20 2011 Written ndomod.cfg Thu Sep 29 17:37:20 2011 6 dependencies written to services.cfg Nagios config re-generated in 1.552 seconds Error: Starting opsview... Can't locate RRDs.pm in @INC (@INC contains: /usr/local/nagios/perl/lib/x86_64-linux-thread-multi /usr/local/nagios/perl/lib /usr/local/nagios/lib /usr/local/nagios/bin /usr/local/nagios/bin/../lib /usr/local/nagios/bin/../etc /usr/local/nagios/bin/../perl/lib/x86_64-linux-thread-multi /usr/local/nagios/bin/../perl/lib /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/local/nagios/bin/../lib/Opsview/Utils/PerfdatarrdImporter.pm line 15. BEGIN failed--compilation aborted at /usr/local/nagios/bin/../lib/Opsview/Utils/PerfdatarrdImporter.pm line 15. Compilation failed in require at /usr/local/nagios/bin/import_perfdatarrd line 40. BEGIN failed--compilation aborted at /usr/local/nagios/bin/import_perfdatarrd line 40. Cannot startup import_perfdatarrd Failed to generate configuration - see /admin/reload for errors
gen_config
# /usr/local/nagios/bin/rc.opsview gen_config Thu Sep 29 17:43:01 2011 Starting Thu Sep 29 17:43:01 2011 --> Writing config files for Master Monitoring Server Thu Sep 29 17:43:01 2011 Created distributed information Thu Sep 29 17:43:01 2011 Created keyword lookup list for 4 keywords Thu Sep 29 17:43:01 2011 83 commands written to checkcommands.cfg Thu Sep 29 17:43:01 2011 27 service definitions written to services.cfg Thu Sep 29 17:43:01 2011 1 hosts written to hosts.cfg Thu Sep 29 17:43:01 2011 1 hostgroups written to hostgroups.cfg Thu Sep 29 17:43:01 2011 2 contacts (1 profiles) written to contacts.cfg Thu Sep 29 17:43:01 2011 2 contacts written to htpasswd.users Thu Sep 29 17:43:01 2011 8 groups written to contactgroups.cfg Thu Sep 29 17:43:01 2011 Written nagios.cfg Thu Sep 29 17:43:01 2011 Written cgi.cfg Thu Sep 29 17:43:01 2011 Written misccommands.cfg Thu Sep 29 17:43:01 2011 Written timeperiods.cfg Thu Sep 29 17:43:01 2011 Written snmptraps.cfg Thu Sep 29 17:43:01 2011 Written notificationmethodvariables.cfg Thu Sep 29 17:43:01 2011 Written nsca.cfg Thu Sep 29 17:43:01 2011 Written nrd.conf Thu Sep 29 17:43:01 2011 Written send_nrd.cfg Thu Sep 29 17:43:01 2011 Written send_nsca.cfg Thu Sep 29 17:43:01 2011 Written ndo2db.cfg Thu Sep 29 17:43:01 2011 Written ndomod.cfg Thu Sep 29 17:43:01 2011 6 dependencies written to services.cfg Nagios config re-generated in 0.939 seconds
Authentication Issue
When logging in via the reverse proxy using IPv6 the following error is generated in the '/var/log/opsview/opsview-web.log' file:
[2011/09/30 18:26:32] [Opsview.Web.Controller.Root] [INFO] Successful login: bob,
from 2001:4428:225:77:9c00:a371:58fd:f228, via web
[2011/09/30 18:26:32] [Catalyst] [ERROR] Caught exception in engine "Can't call method
"as_string" on an undefined value at /usr/local/nagios/perl/lib/Catalyst/Engine.pm line 97."
This seems to be a well understood (but unaddressed known issue). I assume most 'real' installations use some form of LDAP authentication and this issue doesn't arrise.
