admin:services:monit
Différences
Ci-dessous, les différences entre deux révisions de la page.
Prochaine révision | Révision précédenteDernière révisionLes deux révisions suivantes | ||
admin:services:monit [2015/04/19 23:14] – créée marc.gallet | admin:services:monit [2016/05/01 04:20] – chirac | ||
---|---|---|---|
Ligne 3: | Ligne 3: | ||
Zertrin monitore les services de federez via son serveur perso (zertrin.org) avec monit. Cf config actuelle : https:// | Zertrin monitore les services de federez via son serveur perso (zertrin.org) avec monit. Cf config actuelle : https:// | ||
- | TODO monitoring à Federez sur les serveurs. | + | FIXME Documentation du monitoring à Federez sur les serveurs. |
+ | |||
+ | === Mise en place === | ||
+ | |||
+ | Lors de l' | ||
+ | |||
+ | < | ||
+ | apt-get install monit | ||
+ | </ | ||
+ | |||
+ | Ensuite, on paste la conf suivant dans / | ||
+ | |||
+ | < | ||
+ | # Configuration de monit | ||
+ | # On ne met ici que les réglages généraux, la liste des services monitorés est dans services | ||
+ | # On peut rajouter des conf particulières dans le conf.d | ||
+ | |||
+ | |||
+ | set daemon 60 | ||
+ | |||
+ | set logfile / | ||
+ | |||
+ | set mailserver localhost, smtp.crans.org | ||
+ | |||
+ | set alert monitoring@federez.net { uid gid size nonexist data icmp invalid exec timeout resource checksum timestamp connection permission } | ||
+ | |||
+ | # Local host doit pouvoir contacter monit | ||
+ | set httpd port 2812 and | ||
+ | use address localhost | ||
+ | allow localhost | ||
+ | |||
+ | set mail-format { | ||
+ | from: monit@$HOST | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | Monit, unique employé de federez, | ||
+ | } | ||
+ | |||
+ | include / | ||
+ | include / | ||
+ | </ | ||
+ | |||
+ | Pour terminer, on met dans / | ||
+ | De base, il est nécessaire de monitorer ssh, nslcd, nscd et munin-node. | ||
+ | |||
+ | A adapter en fonction des services présents sur la bète. | ||
+ | |||
+ | < | ||
+ | # Services gérés par monit | ||
+ | |||
+ | # freeradius | ||
+ | check process freeradius with pidfile / | ||
+ | start program = "/ | ||
+ | stop program = "/ | ||
+ | if 5 restarts within 5 cycles then timeout | ||
+ | |||
+ | # nslcd | ||
+ | check process nslcd with pidfile / | ||
+ | start program = "/ | ||
+ | stop program = "/ | ||
+ | if failed unixsocket / | ||
+ | if 5 restarts within 5 cycles then timeout | ||
+ | |||
+ | # nscd | ||
+ | check process nscd with pidfile / | ||
+ | start program = "/ | ||
+ | stop program = "/ | ||
+ | if failed unixsocket / | ||
+ | if 5 restarts within 5 cycles then timeout | ||
+ | |||
+ | |||
+ | # fail2ban | ||
+ | check process fail2ban with pidfile / | ||
+ | start program = "/ | ||
+ | stop program = "/ | ||
+ | if failed port 22 protocol ssh timeout 30 seconds then restart | ||
+ | if children > 200 then restart | ||
+ | if 5 restarts within 5 cycles then timeout | ||
+ | |||
+ | # ssh | ||
+ | check process ssh with pidfile / | ||
+ | start program = "/ | ||
+ | stop program = "/ | ||
+ | if failed port 22 protocol ssh timeout 30 seconds then restart | ||
+ | if children > 200 then restart | ||
+ | if 5 restarts within 5 cycles then timeout | ||
+ | |||
+ | |||
+ | # munin-node | ||
+ | check process munin-node with pidfile / | ||
+ | start program = "/ | ||
+ | stop program = "/ | ||
+ | if 5 restarts within 5 cycles then timeout</ |
admin/services/monit.txt · Dernière modification : 2019/04/10 15:09 de zertrin