Nagios 3 on Debian Wheezy or Ubuntu 14.x

After a quick dap with Observium, I’ve decided to go back to Nagios. Nagios3 is a full featured monitoring package for Linux hosts.
The article will describe how to install Nagios 3 on a Debian or Ubuntu host. For the people who never heard about Nagios, please take a look at http://www.nagios.org/projects/nagioscore . In this how-to we will use the opensource version, named Nagios Core.

To start with Nagios Core, you will need a fully functioning LAMP server. If you don’t have a LAMP enviroment run the following command:

The MySQL install will ask you for an administrative password who you will need to enter 2 times.

After the LAMP installation we can go further with the Nagios installation. Run the following command on your Nagios server:

I gave the password as per my choice, please give the values as per your server environment.

Next we need to configure the Nagios at Server, as follows:

Next change the values for check_external_commands to 1 to enable settings as follows:

Now we need to make the changes effective by restarting the Nagios service by using the command:

Accessing the web-interface at http://server1.example.com/nagios3 or http://IP/nagios3 as follows:

Username will be nagiosadmin and password as created above!

Next click on Host Groups:

It will show the present server as localhost. Just click over the localhost.

Now that the basic setup of the Nagios server is finished, we can add our first client / server to monitor.

A monitored client/server on Nagios is called a “host”. To add a host you will need to install the following package:

Further at  server2.example.com define the main Nagios monitoring server entries in Nagios configuration file as :

Where 192.168.0.100 is the main Nagios monitor server server1.example.com IP. Next start nrpe service as shown below

Similarly we can add more nodes to which we want monitoring.

We also need to define the Nagios client entries at server end. Create a file monitor1.cfg in directory /etc/nagios3/conf.d/ and define the values at server1.example.com. In the object configuration files, you can define hosts, host groups, contacts, contact groups, services, etc. You can split your object definitions across several config files if you wish, or keep them all in a single config file.

Default directory is /etc/nagios3/conf.d/ , you can use any name such as I used monitor1.cfg Entries must be like this:

In above file define host contains the information about the added client server2.example.com, next we can use Nagios to check different services. I used to check PING SSH and DISK services. For more details of services used in Nagios check directory /etc/nagios-plugins/config.

Next to make the changes effective restart the nagios3 service.

Now we can check the client details at the Nagios web-interface at Host Groups as follows:

Next on server2.example.com and check the values there.

 

That is it! Now you have a working Nagios server with 2 monitored hosts.

In following posts I will describe how you can implement monitoring alerts, have detailed graphs and much more. So stay tuned!

Acronis 11.5 Linux agent installation – Debian / Ubuntu

From my point of view is Acronis one of the best back-up tools on the market. They provide agent for different kind of OS’s, cloud storage support, central management and etc. Nevertheless installation of the Acronis 11.5 Linux agent has some dependencies that are not written out in the Acronis manual. Therefor I’m writing still how-to for the installation on Debian / Ubuntu.

This how-to is tested on Debian 6 & 7 and Ubuntu 12.04 (all i386), the installation of the Acronis Management server is not covered by this how-to. For detailed information on how to install and configure the Acronis Management server I need to redirect you to the Acronis 11.5 manual

First we need to download the up to date and correct Acronis 11.5 Linux agent, the best place for this is Acronis website @ www.acronis.eu/my

So head on over to your account, go to “My Product & Downloads”, choose your product and download the agent on the Linux component tab. Once you have downloaded the Agent you will have a file called “ABR11.5AL_en-EU.i686”, this file needs to be transferred to your Linux server. If you are looking for a secure way to transfer file on and off your Linux server please check out WinSCP.

Once the Acronis 11.5 Linux agent is transferred to a temporary folder like /tmp , you will need to execute the following commands as root (su or sudo)

Give the appropriate rights

Update, upgrade, download and install the dependencies

Once all the dependencies are installed you can start the agent by executing

The installation process of the Acronis 11.5 Linux agent will start, now just follow the wizard and fill out the license and management server and your Linux Acronis Agent is configured and installed.

See used folder space in Linux Terminal (Ubuntu, Mint, Debian)

Working more and more in the terminal, once and so often I find a problem where there is no simple terminal solution. One off these problems was seeing the how much space every folder takes on my servers. After a little search I found a solution called NCDU.

The default file manager for Ubuntu doesn’t give users the possibility to see how much space a folder or subfolder takes up. You may use third-party software to see which folders that take up most space in your hard drive, or simply use the terminal to scan for big size folders to see where hard disk space has gone.
To do this, we need first to install the ncdu package (ncurses disk usage viewer & analyzer) with this command:

To scan the root folder, run now this command:

The scan process may take several minutes to finish depending on the size of your hard drive. The returned output will be sorted by size.

To scan the home folder, run this command:

To scan a specific folder, use this command:

That’s it!

Webmin System Stats

A *nix admin is used to work with the command line but from time to time a GUI interface comes in quite handy; Webmin is an GUI webinterface for *nix systems that allows you to administrate basic roles on your server like apache, bind dns, samba and etc…

Webmin also provides addon modules who are developed by 3th party developers. One of those modules is Historic System Stats (or webminstats in short) by Eric Gerbier.

Webminstats monitors different aspects of your server and graphs them out with rrdtool.

Installation

  1. Have a working webmin system, see http://www.webmin.com/ for more information
  2. Download the latest webminstats from http://sourceforge.net/projects/webminstats/
  3. Install the following pre requirements (debian, ubuntu)
    apt-get install perl
    apt-get install rrdtool
    apt-get install librrds-perl
  4. Go to Webmin -> Webmin Configuration -> Webmin Modules -> From uploaded file -> choose the downloaded file
  5. Go to Webmin -> Refresh Modules
  6. Go to Webmin -> System -> Historic System Statistics
  7. Click OK for the not installed modules

After the installation webminstats will gather information about the installed modules and graph them out.

Many thanks to Eric Gerbier for the wonderfull plugin.

 

/dev/random running out

In Linux /dev/random is a special file which serves high quality pseudo random numbers. This implementation collects entropy from events originating from the keyboard, mouse, disk and system interrupts.(refer this document) So when there are no such events, the entropy pool is empty, reads from /dev/random will block until additional environmental noise is gathered. This explains your problem. To fill the entropy pool you can press keys on keyboard. On a VM this can be troublesome offcourse.

On the other note a truly random number generator uses Hardware random number generator which generates random numbers from physical processes.These processes include microscopic phenomena that generate a low-level, statistically random “noise” signal, such as thermal noise or the photoelectric effect or other physical phenomena. These processes are, in theory, completely unpredictable, and the theory’s assertions of unpredictability are subject to experimental test.

A hardware random number generator typically consists of a transducer to convert some aspect of the physical phenomena to an electrical signal, an amplifier and other electronic circuitry to increase the amplitude of the random fluctuations to a macroscopic level, and some type of analog to digital converter to convert the output into a digital number, often a simple binary digit 0 or 1. By repeatedly sampling the randomly varying signal, a series of random numbers is obtained.

The Hardware Random Number Generator gathers environmental noise from device drivers and other sources into an entropy pool. From this entropy pool random numbers are created. When read, the /dev/random device will only return random bytes within the estimated number of bits of noise in the entropy pool.

Some implementations of Hardware RNG are explained in kernel doc and information on a device.

A counterpart to /dev/random is /dev/urandom (“unlocked”/non-blocking random source) which reuses the internal pool to produce more pseudo-random bits. This means that the call will not block, but the output may contain less entropy than the corresponding read from /dev/random.

So if your intent is not to generate CSPRNG(Cryptographically secure pseudorandom number generator), you should use /dev/urandom.

To solve this issue you can use the /dev/urandom and create a symlink to it:

Windows shares in Ubuntu server

Until now I have always used SMBFS as protocol to mount Windows shares on a Ubuntu server.
SMBFS (with webmin) is an easy way to add all your current shares and make them read/writable with the root user. But because of security reasons I’m stepping back on using the root user everywhere, this brought me to the problem that I only could read on my SMBFS mounts.

After some internet searching I came across a solution: CIFS

CIFS is a different protocol then SMBFS but it can also mount Windows Shares with ease.
It is also a lot more secure because we are saving the share credentials in a secure file instead of putting them in fstab file.

The following is tested with Ubuntu Server 10.04 & Windows Server 2008 R2

1) Open a Terminal and enter the following:
Code:

The output will be something similar to:
Code:

Make a note of the uid and gid.

2) Make the following entry in your /etc/fstab file :

If you don’t need a user name and password to access a samba share add this line:
Code:

If you need a user name and password to access a samba share add this line and proceed to the next 2 steps:
Code:

Modify the server_name, share_name, mount_path, UID value and GID value to suit your environment.

4) Add the following in /root/.smbcredentials:
Code:

Where myusername and mypassword is the user name and password to access the samba share.

5) Set the following permission to /root/.smbcredentials
Code:

6) Now try to login as a particular user and see whether you able to read and write to the share.

Reference: CIFS man page