- # Example configuration file for Munin, generated by 'make build'
- # The next three variables specifies where the location of the RRD
- # databases, the HTML output, logs and the lock/pid files. They all
- # must be writable by the user running munin-cron. They are all
- # defaulted to the values you see here.
- #
- dbdir /var/lib/munin
- htmldir /var/cache/munin/www
- logdir /var/log/munin
- rundir /var/run/munin
- # Where to look for the HTML templates
- #
- tmpldir /etc/munin/templates
- # Where to look for the static www files
- #
- #staticdir /etc/munin/static
- # temporary cgi files are here. note that it has to be writable by
- # the cgi user (usually nobody or httpd).
- #
- # cgitmpdir /var/lib/munin/cgi-tmp
- # (Exactly one) directory to include all files from.
- includedir /etc/munin/munin-conf.d
- [...]
- # a simple host tree
- [debian7.lan]
- address 127.0.0.1
- use_node_name yes
- [...]
сервер debian7.lan
Устанавливаем пакеты: Создаём симлинки на нужные нам плагины: Редактируем конфиг Munin: Без комментариев, измененный файл выглядит следующим образом: Создаём пароль для доступа Админу к Munin: Редактируем конфиг для Apashe2:
Код: Выделить всё
# Enable this for template generation
Alias /munin /var/cache/munin/www
# Enable this for cgi-based templates
#Alias /munin-cgi/static /var/cache/munin/www/static
#ScriptAlias /munin-cgi /usr/lib/munin/cgi/munin-cgi-html
#<Location /munin-cgi>
# Order allow,deny
# Allow from localhost 127.0.0.0/8 ::1
# AuthUserFile /etc/munin/munin-htpasswd
# AuthName "Munin"
# AuthType Basic
# require valid-user
#</Location>
<Directory /var/cache/munin/www>
Order allow,deny
#Allow from localhost 127.0.0.0/8 ::1
#Для всех адресов и интерфейсов
Allow from all
Options None
# This file can be used as a .htaccess file, or a part of your apache
# config file.
#
# For the .htaccess file option to work the munin www directory
# (/var/cache/munin/www) must have "AllowOverride all" or something
# close to that set.
#
# Ограничение доступа к Munin
AuthUserFile /etc/munin/munin-htpasswd
AuthName "Munin"
AuthType Basic
require valid-user
# This next part requires mod_expires to be enabled.
#
# Set the default expiration time for files to 5 minutes 10 seconds from
# their creation (modification) time. There are probably new files by
# that time.
#
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault M310
</IfModule>
</Directory>
[...]
Рестарт Apache: Затем рестарт munin: Заходим в панель ISPConfig3 и настраиваем: Результат работы:
сервер debian7.lan
Устанавливаем пакет: Теперь надо настроить monit по нашим потребностям.Для просмотра ссылок Вы должны быть авторизованы на форуме. есть много примеров по настройкам. Для примера нам надо:
- контролировать Pure-FTPD, SSHD, MySQL, Apache и Postfix
- включить Monit веб-интерфейс на порт 2812
- HTTPS Web-интерфейс
- войти в веб-интерфейс с [имя пользователя] admin и [пароль] test
- чтобы отправлялись Monit оповещения по электронной почте test@test.com
Код: Выделить всё
set daemon 60
set logfile syslog facility log_daemon
set mailserver localhost
# От чьего имени будут присылаться сообщения
set mail-format { from: monit@debian7.lan }
# Кому отсылать сообщения
set alert test@test.com
# Устанавливаем порт и разрешаем SSL
set httpd port 2812 and
SSL ENABLE
PEMFILE /var/certs/monit.pem
# имя_пользователя:пароль
allow admin:test
# Следим за Pure-FTPD
check process pure-ftpd with pidfile /var/run/pure-ftpd/pure-ftpd.pid
start program = "/etc/init.d/pure-ftpd-mysql start"
stop program = "/etc/init.d/pure-ftpd-mysql stop"
if failed port 21 protocol ftp then restart
if 5 restarts within 5 cycles then timeout
# Следим за SSH
check process sshd with pidfile /var/run/sshd.pid
start program "/etc/init.d/ssh start"
stop program "/etc/init.d/ssh stop"
if failed port 22 protocol ssh then restart
if 5 restarts within 5 cycles then timeout
# Следим за MySql
check process mysql with pidfile /var/run/mysqld/mysqld.pid
group database
start program = "/etc/init.d/mysql start"
stop program = "/etc/init.d/mysql stop"
if failed host 127.0.0.1 port 3306 then restart
if 5 restarts within 5 cycles then timeout
# Следим за Apache2
check process apache with pidfile /var/run/apache2.pid
group www
start program = "/etc/init.d/apache2 start"
stop program = "/etc/init.d/apache2 stop"
# Если сервер недоступен порт 80, протокол http
if failed host debian7.lan port 80 protocol http
# и не читает содержимое файла "/monit/token", тогда рестарт
# это только один из способов проверки доступности сервера
# более подробно http://mmonit.com/monit/documentation/monit.html
and request "/monit/token" then restart
if cpu is greater than 60% for 2 cycles then alert
if cpu > 80% for 5 cycles then restart
if totalmem > 500 MB for 5 cycles then restart
if children > 250 then restart
if loadavg(5min) greater than 10 for 8 cycles then stop
if 3 restarts within 5 cycles then timeout
# Следим за Postfix
check process postfix with pidfile /var/spool/postfix/pid/master.pid
group mail
start program = "/etc/init.d/postfix start"
stop program = "/etc/init.d/postfix stop"
if failed port 25 protocol smtp then restart
if 5 restarts within 5 cycles then timeout
# Остальные процессы можете контролировать (если нет нужных - добавьте) самостоятельно.
#check process nginx with pidfile /var/run/nginx.pid
# start program = "/etc/init.d/nginx start"
# stop program = "/etc/init.d/nginx stop"
# if failed host 127.0.0.1 port 80 then restart
#
#check process memcached with pidfile /var/run/memcached.pid
# start program = "/etc/init.d/memcached start"
# stop program = "/etc/init.d/memcached stop"
# if failed host 127.0.0.1 port 11211 then restart
#
#check process pureftpd with pidfile /var/run/pure-ftpd/pure-ftpd.pid
# start program = "/etc/init.d/pure-ftpd-mysql start"
# stop program = "/etc/init.d/pure-ftpd-mysql stop"
# if failed port 21 protocol ftp then restart
# if 5 restarts within 5 cycles then timeout
#
#check process named with pidfile /var/run/named/named.pid
# start program = "/etc/init.d/bind9 start"
# stop program = "/etc/init.d/bind9 stop"
# if failed host 127.0.0.1 port 53 type tcp protocol dns then restart
# if failed host 127.0.0.1 port 53 type udp protocol dns then restart
# if 5 restarts within 5 cycles then timeout
#
#check process ntpd with pidfile /var/run/ntpd.pid
# start program = "/etc/init.d/ntp start"
# stop program = "/etc/init.d/ntp stop"
# if failed host 127.0.0.1 port 123 type udp then restart
# if 5 restarts within 5 cycles then timeout
#
#check process mailman with pidfile /var/run/mailman/mailman.pid
# group mail
# start program = "/etc/init.d/mailman start"
# stop program = "/etc/init.d/mailman stop"
#
#check process amavisd with pidfile /var/run/amavis/amavisd.pid
# group mail
# start program = "/etc/init.d/amavis start"
# stop program = "/etc/init.d/amavis stop"
# if failed port 10024 protocol smtp then restart
# if 5 restarts within 5 cycles then timeout
#
#check process courier-imap with pidfile /var/run/courier/imapd.pid
# group mail
# start program = "/etc/init.d/courier-imap start"
# stop program = "/etc/init.d/courier-imap stop"
# if failed host localhost port 143 type tcp protocol imap then restart
# if 5 restarts within 5 cycles then timeout
#
#check process courier-imap-ssl with pidfile /var/run/courier/imapd-ssl.pid
# group mail
# start program = "/etc/init.d/courier-imap-ssl start"
# stop program = "/etc/init.d/courier-imap-ssl stop"
# if failed host localhost port 993 type tcpssl sslauto protocol imap then restart
# if 5 restarts within 5 cycles then timeout
#
#check process courier-pop3 with pidfile /var/run/courier/pop3d.pid
# group mail
# start program = "/etc/init.d/courier-pop start"
# stop program = "/etc/init.d/courier-pop stop"
# if failed host localhost port 110 type tcp protocol pop then restart
# if 5 restarts within 5 cycles then timeout
#
#check process courier-pop3-ssl with pidfile /var/run/courier/pop3d-ssl.pid
# group mail
# start program = "/etc/init.d/courier-pop-ssl start"
# stop program = "/etc/init.d/courier-pop-ssl stop"
# if failed host localhost port 995 type tcpssl sslauto protocol pop then restart
# if 5 restarts within 5 cycles then timeout
#
#check process dovecot with pidfile /var/run/dovecot/master.pid
# group mail
# start program = "/etc/init.d/dovecot start"
# stop program = "/etc/init.d/dovecot stop"
# if failed host localhost port 993 type tcpssl sslauto protocol imap then restart
# if 5 restarts within 5 cycles then timeout
Код: Выделить всё
# create RSA certs - Server
RANDFILE = ./openssl.rnd
[ req ]
default_bits = 2048
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
[ req_dn ]
countryName = Country Name (2 letter code)
countryName_default = MO
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Monitoria
localityName = Locality Name (eg, city)
localityName_default = Monittown
organizationName = Organization Name (eg, company)
organizationName_default = Monit Inc.
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default = Dept. of Monitoring Technologies
commonName = Common Name (FQDN of your server)
commonName_default = server.monit.mo
emailAddress = Email Address
emailAddress_default = root@monit.mo
[ cert_type ]
nsCertType = server
Делаем старт monit: Заходим в панель ISPConfig3 и настраиваем: Результат работы: Если в Chrom'e нет вывода графиков, обращаем внимание на значок: Пока настраивал сервис, Monit накидал сообщений на ящик test@test.com Вроде всё... Удачи!