CIV:Granty/Moderní monitoring IT infrastruktury/Workshop

Z HelpDesk

Instalace

Konfigurace

Modul Director

  • Příprava databáze (v našem případe PostgreSQL)
su postgres
cd /tmp
psql -q -c "CREATE DATABASE director WITH ENCODING 'UTF8';"
psql director -q -c "CREATE USER director WITH PASSWORD 'some-password'";
psql director -q -c "GRANT ALL PRIVILEGES ON DATABASE director TO director;"
exit
  • Příprava uživatele pro import dat z Directoru:
apt-get install php-curl
cat > /etc/icinga2/conf.d/api-users.conf << EOF
object ApiUser "director" {
  password = "other-password"
  permissions = [ "*" ]
}

EOF
  • vytvoření certifikátů a okopírování na správná místa
SERVERNAME=$HOSTNAME.zcu.cz
cd /root
icinga2 pki new-ca
icinga2 pki new-cert --cn $SERVERNAME \
 --key $SERVERNAME.key \
 --csr $SERVERNAME.csr
mkdir -p /var/lib/icinga2/certs
cp $SERVERNAME.{crt,key} /var/lib/icinga2/certs
cp /var/lib/icinga2/ca/ca.crt /var/lib/icinga2/certs
  • Povoleni API na Icinga2:
cat > /etc/icinga2/features-available/api.conf << EOF
/**
 * The API listener is used for distributed monitoring setups.
 */

object ApiListener "api" {
/*  cert_path = SysconfDir + "/icinga2/pki/" + NodeName + ".crt"
  key_path = SysconfDir + "/icinga2/pki/" + NodeName + ".key"
  ca_path = SysconfDir + "/icinga2/pki/ca.crt"*/

  ticket_salt = "TicketSalt"
}

EOF
icinga2 feature enable api
/etc/init.d/icinga2 restart
  • Nastavení resources pro databázi
ICINGA -> Configuration -> Application -> Resources -> Create a New Resource:
Resource Type: SQL
Resource Name: director_db
Database Type: PostgreSQL
Host:          localhost
Port:          5432
Database Name: director
Username:      director
Password:      some-password
Character Set: utf8
Use SSL:       No
-> Validate Configuration -> Save Changes
  • Instalace
git clone https://github.com/Icinga/icingaweb2-module-director /usr/share/icingaweb2/modules/director
ICINGA -> Configuration -> Modules -> Director -> enable -> Configuration:
DB Resource: director_db -> Create Database Schema
Endpoint Name: aetherXY.zcu.cz
Icinga Host: aetherXY.zcu.cz
Port: 5665
API user: director
Cluster zone: 

Monitorujeme

  • vlastniho hosta
  • icinga agent na cizím stroji

Rozšíření

  • modul pro RT
  • modul pro mapy

Ostatní

  • ukázka monitoringu na ZČU
    • dashboardy
    • director
    • grafana
    • automatizace
      • LDAP, DNS
      • cfengine - JSON API