monitモニタリングサービスのテスト
monitモニタリングサービスのテスト
、
1、 tvm-rpm 。
2、 :
eth0:host-only( , IP, vm)
eth1:NAT( , IP)
[root@tvm-rpm ~]# cd /etc/sysconfig/network-scripts/
[root@tvm-rpm network-scripts]# cat ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
IPADDR=192.168.56.253
PREFIX=24
GATEWAY=192.168.56.1
DNS1=192.168.56.254
[root@tvm-rpm network-scripts]# cat ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
DNS1=192.168.56.254
、 monit
1、 salt-master , , pid。
[root@tvm-rpm ~]# vim /etc/salt/master
pidfile: /var/run/salt-master.pid
2、 monit
[root@tvm-rpm ~]# yum -y install monit
log :
/var/log/monit
:
[root@tvm-rpm ~]# cat /etc/logrotate.d/monit
/var/log/monit {
missingok
notifempty
size 100k
create 0644 root root
postrotate
/sbin/service monit condrestart > /dev/null 2>&1 || :
endscript
}
3、
1)
/etc/monit.conf
/etc/monit.d
2) log :
[root@tvm-rpm ~]# cat /etc/monit.d/logging
# log to monit.log
set logfile /var/log/monit
3) :
[root@tvm-rpm ~]# vim /etc/monit.d/monit-mail.conf
# mail server
set mailserver smtp.xxx.com port 25
username "[email protected]" password "xxx"
# later delivery retry
set eventqueue
basedir /var/monit
slots 100
# mail format
set mail-format {
from: [email protected]
subject: [monit Alter][test from xxx] $HOST $SERVICE $EVENT
message: $EVENT Service $SERVICE
Date: $DATE
Action: $ACTION
Host: $HOST
Description: $DESCRIPTION
Your faithful employee,
monit
}
# mail recipients
set alert [email protected]
4) :
[root@tvm-rpm ~]# vim /etc/monit.d/salt-master.conf
check process salt-master with pidfile /var/run/salt-master.pid
start program = "/etc/init.d/salt-master start"
stop program = "/etc/init.d/salt-master stop"
1: , 。
2: 。
4、
[root@tvm-rpm ~]# service monit start
Starting monit: monit: generated unique Monit id 5701f8ce7fd7a6a69c713ec2b1b5f22e and stored to '/root/.monit.id'
[ OK ]
log: 。
:
[root@tvm-rpm ~]# chkconfig monit on
5.
[monit Alter][test from xxx] tvm-rpm tvm-rpm Monit instance changed
:test <[email protected]>
:2015 7 21 ( ) 2:42
:admin <[email protected]>
Monit instance changed Service tvm-rpm
Date: Tue, 21 Jul 2015 14:42:47 +0800
Action: start
Host: tvm-rpm
Description: Monit started
Your faithful employee,
monit
6、 salt-master ,
[root@tvm-rpm ~]# service salt-master stop
Stopping salt-master daemon: [ OK ]
[root@tvm-rpm ~]# tail -f /var/log/monit
[CST Jul 21 14:42:47] info : 'tvm-rpm' Monit started
[CST Jul 21 14:48:49] error : 'salt-master' process is not running
[CST Jul 21 14:48:50] info : 'salt-master' trying to restart
[CST Jul 21 14:48:50] info : 'salt-master' start: /etc/init.d/salt-master
2 :
[monit Alter][test from xxx] tvm-rpm salt-master Does not exist
Does not exist Service salt-master
Date: Tue, 21 Jul 2015 14:48:49 +0800
Action: restart
Host: tvm-rpm
Description: process is not running
Your faithful employee,
monit
[monit Alter][test from xxx] tvm-rpm salt-master Exists
Exists Service salt-master
Date: Tue, 21 Jul 2015 14:49:51 +0800
Action: alert
Host: tvm-rpm
Description: process is running with pid 8380
Your faithful employee,
monit
salt-master :
[root@tvm-rpm ~]# service salt-master status
salt-master (pid 8380) is running...
7、 monit web
[root@tvm-rpm ~]# vim /etc/monit.d/monit-web.conf
set httpd port 2812 and
use address 192.168.56.253
allow localhost
allow 192.168.56.0/24
allow admin:monit
:
[root@tvm-rpm ~]# service monit restart
admin, monit :
http://192.168.56.253:2812/
8. monit web ssl
1)
[root@tvm-rpm ~]# ls /etc/pki/tls
cert.pem certs misc openssl.cnf private
ssl :
[root@tvm-rpm ~]# echo 'abc' >/tmp/openssl.rnd
[root@tvm-rpm ~]# cat /tmp/monit.ssl.conf
# create RSA certs - Server
RANDFILE = /tmp/openssl.rnd
[ req ]
default_bits = 2048
default_md = sha256
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
[ req_dn ]
countryName = Country Name (2 letter code)
countryName_default = ZH
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = TESTPROV
localityName = Locality Name (eg, city)
localityName_default = TESTCITY
organizationName = Organization Name (eg, company)
organizationName_default = TESTCOMP
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default = TESTSVR
commonName = Common Name (FQDN of your server)
commonName_default = server.office.com
emailAddress = Email Address
emailAddress_default = [email protected]
[ cert_type ]
nsCertType = server
:
[root@tvm-rpm ~]# openssl req -new -x509 -days 365 -nodes \
-config /tmp/monit.ssl.conf -out /etc/pki/tls/certs/monit.pem \
-keyout /etc/pki/tls/certs/monit.pem
/etc/pki/tls/certs/monit.pem :
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
Diffie-Hellman :
[root@tvm-rpm ~]# openssl gendh 1024 >> /etc/pki/tls/certs/monit.pem
/etc/pki/tls/certs/monit.pem :
-----BEGIN DH PARAMETERS-----
-----END DH PARAMETERS-----
:
[root@tvm-rpm ~]# chmod 600 /etc/pki/tls/certs/monit.pem
:
[root@tvm-rpm ~]# openssl x509 -text -noout -in /etc/pki/tls/certs/monit.pem
2) monit
[root@tvm-rpm ~]# vim /etc/monit.d/monit-web.conf
set httpd port 2812 and
use address 192.168.56.253
allow localhost
allow 192.168.56.0/24
allow admin:monit
SSL ENABLE
PEMFILE /etc/pki/tls/certs/monit.pem
3)
https://192.168.56.253:2812/
ZYXW、
1、Real-world configuration examples
https://mmonit.com/wiki/Monit/ConfigurationExamples
2、Enable SSL In Monit
https://mmonit.com/wiki/Monit/EnableSSLInMonit
3、 Openssl
http://blog.csdn.net/jiangwlee/article/details/7724274