Table des matières

< retour à la page de l'administration technique

Munin sert à monitorer les serveurs, en produisant des graphiques issus de diverses statistiques.

Accessible à l'adresse suivante : https://munin.federez.net

Installation

Rien de spécial :

Configuration

Ne sont reportées ici que les lignes des fichiers de configuration qui diffèrent par rapport à la valeur par défaut.

Munin master (hexagon)

/etc/munin.conf

munin.conf
...
dbdir   /var/lib/munin
htmldir /var/cache/munin/www
logdir /var/log/munin
rundir  /var/run/munin
...
tmpldir /etc/munin/templates
...
# a simple host tree
[hexagon.federez.net]
    address 127.0.0.1
#    use_node_name yes
 
[quigon.federez.net]
    address 160.228.155.65
#    use_node_name yes
 
[baldrick.federez.net]
    address 138.231.142.239
#    use_node_name yes

/etc/munin-node.conf

Laissé dans son état par défaut.

Munin node (les autres serveurs)

/!\ Le port 4949 en TCP du node doit être accessible depuis hexagon. /!\

Ouverture dans le firewall le cas échéant.

/etc/munin-node.conf

munin-node.conf
...
# Set this if the client doesn't report the correct hostname when
# telnetting to localhost, port 4949
#
host_name quigon.federez.net
 
# A list of addresses that are allowed to connect.  This must be a
# regular expression, since Net::Server does not understand CIDR-style
# network notation unless the perl module Net::CIDR is installed.  You
# may repeat the allow line as many times as you'd like
 
allow ^127\.0\.0\.1$
allow ^::1$
allow ^5\.39\.82\.35$
allow ^2001:41d0:8:9423::1$
...

VirtualHost Apache

munin
<VirtualHost *:80>
    ServerAdmin admin@federez.net
    ServerName munin.federez.net
 
    Redirect permanent / https://munin.federez.net/
 
    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn
    ErrorLog ${APACHE_LOG_DIR}/munin-error.log
    CustomLog ${APACHE_LOG_DIR}/munin-access.log combined
 
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
  ServerAdmin admin@federez.net
  ServerName munin.federez.net
 
  DocumentRoot /var/cache/munin/www
  <Directory />
        Options None
        AllowOverride None
 
        Order allow,deny
        #Allow from localhost 127.0.0.0/8 ::1
        Allow from all
 
        # This file can be used as a .htaccess file, or a part of your apache
        # config file.
        #
        # For the .htaccess file option to work the munin www directory
        # (/var/cache/munin/www) must have "AllowOverride all" or something
        # close to that set.
        #
 
        Include /etc/apache2/ldap.conf
        #AuthUserFile /etc/munin/munin-htpasswd
        #AuthName "Munin"
        #AuthType Basic
        #require valid-user
 
        # This next part requires mod_expires to be enabled.
        #
 
        # Set the default expiration time for files to 5 minutes 10 seconds from
        # their creation (modification) time.  There are probably new files by
        # that time.
        #
 
        <IfModule mod_expires.c>
            ExpiresActive On
            ExpiresDefault M310
        </IfModule>
    </Directory>
 
    # Enables fastcgi for munin-cgi-html if present
    #<Location /munin-cgi>
    #    <IfModule mod_fastcgi.c>
    #        SetHandler fastcgi-script
    #    </IfModule>
    #</Location>
 
    #<Location /munin-cgi/static>
    #   SetHandler None
    #</Location>
 
    # Enables fastcgi for munin-cgi-graph if present
    ScriptAlias /munin-cgi/munin-cgi-graph /usr/lib/munin/cgi/munin-cgi-graph
    <Location /munin-cgi/munin-cgi-graph>
        Order allow,deny
        #Allow from localhost 127.0.0.0/8 ::1
        Allow from all
        # AuthUserFile /etc/munin/munin-htpasswd
        # AuthName "Munin"
        # AuthType Basic
        # require valid-user
            <IfModule mod_fastcgi.c>
                    SetHandler fastcgi-script
            </IfModule>
    </Location>
 
    ScriptAlias /munin-cgi/munin-cgi-html /usr/lib/munin/cgi/munin-cgi-html
    <Location /munin-cgi/munin-cgi-html>
        Order allow,deny
        #Allow from localhost 127.0.0.0/8 ::1
        Allow from all
        # AuthUserFile /etc/munin/munin-htpasswd
        # AuthName "Munin"
        # AuthType Basic
        # require valid-user
            <IfModule mod_fastcgi.c>
                    SetHandler fastcgi-script
            </IfModule>
    </Location>
 
    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn
    ErrorLog ${APACHE_LOG_DIR}/munin-error.log
    CustomLog ${APACHE_LOG_DIR}/munin-access.log combined
 
    # SSL
    SSLEngine on
    SSLCertificateFile /etc/ssl/federez/federez.crt
    SSLCertificateKeyFile /etc/ssl/private/federez.key
    SSLCertificateChainFile /etc/ssl/federez/sub.class2.server.ca.pem
    SSLCACertificateFile /etc/ssl/certs/StartCom_Certification_Authority.pem
 
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
        SSLOptions +StdEnvVars
    </Directory>
 
    BrowserMatch "MSIE [2-6]" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0
    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
 
</VirtualHost>
</IfModule>