Scribd Logo
Upload

Welcome to Scribd!

  • NAGIOS

    Uploaded by

    Nguyen Dark
    2 views70 pages
    NAGIOS

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    NAGIOS

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    2 views70 pages

    NAGIOS

    Uploaded by

    Nguyen Dark
    NAGIOS

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    of 70
    muc Luc DANH MUC CAC TU’, THUAT NG@ VIET TAT Viét titvthuat | Tén day di Y nghia ngit Host __ Ding dé chi cdc thiét bj mang, c dau cudi duge gidm sat. tham gia vio mang déu duge goi chung 1a host) Flap Tinh trang thay déi trang thai lign tue plugin La cae img dung hé trg cho hoat déng iia mét phan mem. CHUNG 1. GIOI THIEU CHUNG 1.1. Gidi thigu Network mornitoring hay tiéng viét hidu la gidm sat, theo doi mang li mét trong. nhimng van dé hign nay tré én rat quan trong trong viée quan trj céc hé théng mang. 6 han ché t6i da vige mang bi gidn doan trong qué trinh hoat déng. Né dam bao vige khai thac tai nguyén c6 higu qua, dim bao an toan, tin cdy cho nhimg dich vu cung cap... Hign nay cé rat nhiéu céng cu gidm sat mang hé tro cho céng viée cla nguéi quan tri. Chéte ning cia ching la gidm sit thang thai hoat dng ca céc thiét bj mang, cde dich vy mang, va cée may dau cudi tham gia vio mang va thdng béo cho ngudti quan tr] khi c6 sy cé hode kha nang sé say ra sy c6. C6 ca nhing hé théng thuong mai nhu HPopen View... Hay nguén mé nhu openNMS, Cacti, Nagios... Mai hé théng lai c6 nhimg wu nhuge diém riéng. Tuy nhién kha ning cia ching lai khéng hon nhau nhiéu lim. Bai khéa luan nay tap trung vao viée nghién ctu mét hé théng gidm sat dua trén Nagios, mét sin pham nguén mé duge str dung rong rai, Tir khi ra doi 2002 dén nay Nagios da lién tue phat trién va rat duge quan tam. C6ng déng quan tim va sir dung Nagios cho dén nay theo thong ké ciia http://nagios.org 1a vao khong 250.000 nguoi. Tir phién ban 1.0 dau tién, dén nay Nagios da phat trién nén phién ban 3.x va van lién tue cho ra nhiing phién ban méi véi tinh ning manh mé hon. Dic biét Nagios c6 kha nang phan tan. Vi vay né c6 thé gidm sat cdc mang khéng 14, dat co 100.000 node. 1.2. Muc dich cua khéa luan Khéa luan sé tap trung vio tim hiéu kha ning cla hé théng Nagios. Né dap img duge nhimng gi cho céng vige quan tri mang. Cach thite né hoat déng nhu thé ndo va trién khai thir nghiém hé théng 46 trén mang ciia trudmg dai hoc cong nghé. 1.3. Két qua dat duoc Sau mét théi gian nghién city, tim hiéu, t6i da nim bat duge cdc chite ning va dac diém cia Nagios, tim hiéu duge cach thitc t6 chire va hoat déng cia hé théng. Tdi 44 tridn khai thir nghiém hé théng 46 trén mang eta trudng dai hoe Cong Nghé va bude diu cé nhing nhan xét va danh gid vé hoat dng cia h héng. 1.4. B6 cuc khéa luan Chwong 1: Gidi thigu chung vé khéa ludn, dé tdi, muc dich thuc hién va két qua dat duge. Chwong 2: Giéi thigu tong quan vé Nagios, dua ra cai nhin khai quat vé hé thong Nagios. Chwong 3: Gidi thigu co ban vé dic diém va cach thir cdu hinh trong Nagios. Chwong 4: Chi tiét cdc chite ning cla hé thény agios. Chuong 5: Cac khai nigm, van dé lién quan dén hé thong Nagios. Chuong 6: Diém lai két qua dat duge sau khi nghién ciru, cai dat va trién khai hé théng Nagios CHUNG 2. TONG QUAN VE NAGIOS 2.1. Chire nang clla Nagios + Gidm sat trang thai hoat déng ctta cac dich vu mang (SMTP, POP3, IMAP, HTTP, ICMP, FTP, SSH, DHCP, LDAP, DNS, name server, web proxy, TCP port, UDP port, e& s6 dit ligu: mysql, portgreSQL, oracle) + Gidm sat cdc tai nguyén céc may phuc vu va cdc thiét bj dau cudi (chay hé digu hanh Unix/Linux, Windows, Novell netware): tinh trang st: dung CPU, ngudi ding dang log on, tinh trang st dung é dia cimg, tinh trang sit dung bé nhé trong va swap, ig: ‘rinh dang chay, cdc tép log hé 1 + Gidm sat cdc théng sé an toan thiét bi phan cing trén host nhu: nhiét 46 CPU, téc d6 quat, pin, gid hé théng.. +» Gidm sat cdc thiét bj mang cé IP nhu router, switch va may in, V6i Router, Switch, Nagios cé thé theo doi duge tinh trang hoat ddng, trang thai bat tat cua timg céng, hr long bang théng qua méi céng, théi gian hoat d6ng lién tuc (Uptime) cia thiét bi. V6i may in, Nagios cé thé nhdn biét duoc nhiéu trang thai, tinh hudng say ra nhu ket gidy, hét muc... + Canh béo cho ngudéi quan trj bing nhiéu hinh thtte nhu email, tin nhan te thei (IM), am thanh ...néu nhu c6 thiét bi, dich vu gp true tric + Téng hgp, luu giit vi béo cdo dinh ky vé tinh trang hogt déng cia mang, 2.2 Dac diém cua Nagios “4c hoat dong kiém tra duge thyc hign bai cée plugin cho may phye vu Nagios va cde mé dun client trén cdc thiét bj ela nguéi ding cudi, Nagios chi dinh ky nhén cdc théng tin tir cc plugin va xit ly nhiing thdng tin dé (thng bao cho nguéi quan ly, ghi vao tép log, hién thi lén giao dign web...). + Thiét ké plugin don gian cho phép ngudi ding cé thé tu dinh nghia va phat trién cic plugin kiém tra cée dich vu theo nhu edu rigng bing scripts, C/C++, Perl, Ruby, Python, PHP, CH, céng cu lp trinh nur shell + Cé kha nang kiém tra song song trang thai hoat dng cia cdc dich vu( déng thoi kiém tra nhiéu dich vu). + Hé tr khai bao kién trac mang. Nagios khéng cé kha nang nhat dang duge topo ctia mang. toan bé cac thiét bi, dich vu mudén duge gidm sat du phai khai bao va dinh ng iia trong cdu hinh. + Giti thong bao dén ngudi/nhom ngudi duge chi dinh sin khi dich vwhost duge gidm sat gap van dé va khi ching khéi phyc hoat dng binh thudémg.(qua e-mail, pager, SMS, IM...) + Kha nang dinh nghia b9 xir ly su kién thye thi ngay khi 6 sw kign say ra véi host/ dich vu. + Giao dign web cho phép xem trang thdi cla mang, thong bao, history, tgp log. 2.3. Kién tric va té chirc hoat déng 2.3.1 Kién tric cia Nagios Hé théng Nagios gdm hai phan chinh: 1. Loi Nagios 2. Plugin Phan Idi nagios cé chire nang quan ly cc host/dich vu duge giam sat, thu thap cde két qua kiém tra (check) host/dich vy tir cdc plugin giti vé, biéu dién trén giao dién chuong trinh, luu trit vi théng bao cho ngudi quan tri. Ngoai ra né con téng hop va dua ra cdc béo céo vé tinh hinh hoat dng chung hoge cia timg host/djch vu trong mot Khoang thai gian nao 46. Plugin li b6 phan urge tiép thye hign kiém tra hosvdich vu. Méi mét loai dich vu du c6 mét plugin rigng bigt dugc viét dé phyc vy riéng cho céng vige kiém tra dich va 6, Plugin 1a cdc script (Perl, C ...) hay céc tép da duge bién dich (executable). Khi can thyc hign kiém tra mét host/dich vu nao dé Nagios chi viée goi plugin tong tng va nat két qua kiém tra tir ching. Voi thiét ké niu thé niy, hé théng Nagios rit dé dang duge mé rng va phat trién. Bat ki mot thiét bi hay dich vu nao eting 6 thé duge gidm sat néu nhu viét dugc plugin cho né. Hinh bén duéi cho ta thdy su tong quan giita cdc thanh phan trong Nagios, Monitaring Loge Monitoring Abstraction Layer Monitaced Enter Hinh 2.1 So dé té chite ctia Nagios 2.3.2. Cach thite té chite hoat dng Nagios cé 5 cach thuc thi cdc hanh d6ng kiém tra: 2.3.2.1. Kiém tra dich vy trye tiép. ‘Déi véi cdc dich vu mang c6 giao thite giao tiép qua mang nhu smtp, http, fip... Nagios cé thé tién hanh kiém tra tryc tiép mét dich vu xem né dang hoat déng hay khéng bang cach giti truy vin két néi dich vu dén server dich vu va doi két qua tra vé. Céc plugin phuc vu kiém tra nay duge dat ngay trén server Nagi 2.3.2.2. Chay cde plugin trén may 6 xa bing secure shell Nagios server khéng cé cach nao cé thé truy cap truc tiép client dé theo doi nhimg théng tin nhw tinh trang sir dung 6 dia, swap, tién trinh ... Dé lim duge viée nay thi trén may duge gidm sat phai cai plugin cuc b6. Nagios sé diéu khién céc plugin cue bé trén client qua secure shell ssh bing plugin check_by_ssh. Phuong php nay yéu cau mét tai khodn truy cp host duge gidm sat nhung né c6 thé thye thi duge tit ca ce plugin duge cai trén host dé. 2.3.2.3. BO thye thi plugin tir xa (NRPE - Nagios Remote Plugin Executor) NRPE 1a mot addon di kém véi Nagios. Né trg gitip vige thu thi céc plugin duge ci dat trén may/thiét bj duge giém sat, NRPE duge ci trén céc host duge gidm sat. Khi nhan duge truy van tir Nagios server thi nd goi cdc plugin cuc b6 phi hgp trén host nay, thuc hign kiém tra va tra vé két qua cho Nagios server. Phuong phap nay Khdng di h6i tai khodn truy cdp host duge gidm sat nhu sit dung ssh. Tuy nhign cing hu ssh cdc plugin phuc vu gidm sét phai duge cai dit trén host duge gidm sét, NRPE c6 thé thu thi dugc tat cd céc loai plugin gidm sat. Nagios cé thé digu khién may cai NRPE kiém tra cdc théng sé phan cimg, cdc tai nguyén, tinh trang hoat déng cia may dé hode sit dung NRPE dé thyc thi cdc plugin yéu cau truy van dich vu mang dén mot may thir 3 dé kiém tra hoat déng ciia cde dich va mang nhu http, ftp, mail. 2.3.2.4 Gidm sit qua SNMP Cét 1di cia giao thire SNMP (SimpleNetwork Management Protocol )la tap hop don gidn cdc hoat déng gittp nha quan tri mang cé thé quan ly, thay déi trang thai thiét bi. Hign nay rit nhiéu thiét bi mang hé tro giao thre SNMP nhu Switch, router, may in, firewall ... Nagios cing e6 kha nang sit dung giao thie SNMP dé theo doi trang thai cia cdc client, cdc thiét bi mang o6 hé try SNMP. Qua SNMP, Nagios c6 duge théng tin vé tinh trang hién thi cua thiét bi. Vi du nhu voi SNMP, Nagios cé thé biét duge cdc céng cita Switch, router cé mé hay khéng, thi gian Uptime (chay lign tuc) la bao nhieu... 2.3.2.5. NSCA (Nagios Service Check Acceptor) ‘Nagios dugc coi 1a mét phan mém rat manh vi né dé ding duge mé rong va két hgp vai cdc phan mém khac. Né c6 thé tng hop théng tin ti cdc phan mém kiém tra cia hang thit ba hoac cac tién trinh Nagios khac vé trang thai cta host/dich vu. Nh thé Nagios khéng can phai lap lich va chay cdc hanh d6ng kiém tra host/dich vu ma ce img dung khde sé thyc hign diéu nay va béo e4o thong tin vé cho né. Va cae img dung kiém tra 6 thé tan dung duge kha nang rat manh ciia Nagios 1 thong bio va téng hgp bao cdo. Nagios sir dung céng cy NSCA dé giti cae két qua kiém tra tir img dung ciia ban vé server Nagios. Céng cy nay gitp cho théng tin giti trén mang duge an toan hon vi né duge ma héa va xéc thu. Nagios server Nagios core logic} command file ‘check xyz plugin} (client) result of lservice chect} [3] (eient [4] (etiene [5] client Hinh 2.2 Cae cach thire thye kiém tra. Hinh trén cho ta cai nhin téng quan vé cc cach thite kiém tra dich véi nagios. C6 5 client duge gidm sit bing 5 céch thite khée nhau: * client 1: Nagios sir dung plugin ‘check_xyz’ duge cai dat ngay trén server Nagios dé giri truy van ki mitra dich vu trén client( http, fip, dns, smtp...) © client 2, 3: Nagios sit dung cée plugin trung gian dé chay plugin ‘check xyz’ giém sit duge cai dgt truc tiép trén client. (boi vi c6 nhiing dich vu khong c6 hé tro giao thire trao d4i qua mang, vi du khi ban muén kiém tra dung luong 6 dia img con trng trén client...) . client 4: Kiém tra djch vy qua giao thie snmp, nagios server sé sir dung plugin check_snmp dé kiém tra cac dich vy trén client cé hé trg giao thire SNMP. Rat nhiéu thiét bi mang nhu router, switch, may in... c6 hé tro giao thire SNMP. . Client 5: Day la phuong phap kiém tra bi déng. Nagios khéng cha déng kiém tra dich vu ma Id client cha déng giti két qua kiém tra dich vu vé cho Nagios théng qua plugin NSCA. Phuong phép nay duge ap dung nhiéu trong giém sit phan tan, Véi cdc mang cé quy mé Ién, nguai ta e6 thé ding nhieu server Nagios dé giém sat timg phan cia mang. Trong dé cé mét server Nagios trung tim thuc hién tng hop kkét qua tir céc server Nagios con théng qua plugin NSCA. CHU'ONG 3. TONG QUAN CAU HINH 3.1. Téng quan cau hinh 3.1. Cac tép cfu hinh chwong trinh Thu muc /usr/local/nagios/ete/ - Tép cdu hinh chinh nagios.cfg. Thiét dat nhimg tdy chon chung nhit cia Nagios, tac d6ng dén cach thitc hoat déng cia Nagios. Trong nagios.cfg ban cé thé khai bao dudng dan cdc tép cau hinh cén Iai, tép log, tép dém... . hoac bat tat cdc tay chon cdu hinh nhu cho phép théng bao, sir dung Iénh ngoai tra, kiém tra bi dng, cdch thite log, cp nhat, - Tép cdu hinh tai nguyén resource.cfg. Cac tép tai nguyén ding dé hu trit cic nhdn(macro) duge dinh nghia béi ngudi ding, va hru trit nhimg thong tin nhay cém( nhu mat khdu...), an véi CGls. Ban cé thé chi dinh mét hay nhiéu tiy chon tép tai nguyén bang cach sit dung chi thj resource_file trong tép cu hinh chinh. c dén hoat déng cia CGls va cach thitc hién thi théng tin trén giao dign web. ~ Tép cau hinh CGI egi.cfg. Tép cau aI chita tap céc chi thj anh huéng 3.1.2. Cac tép céu hinh déi twong Thu muc /usr/local/nagios/etc/objects = Noi luu tra ede tép edu hinh 46i tuong duge gidm sit va quan ly trong nagios. Cae tép dinh nghia déi tugng dugc sir dung dé dinh nghia host, dich vy, lién hG(contacts), nhém lién hé(contactgroups), Iénh... day 1a noi dinh nghia tat cd moi thir ‘ma ban muén gidm sat va cdch ma ban gidm sat ching. Ban cé thé chi dinh mét hay nhiéu tép dinh nghia déi tuong bing str dung cdc chi thi cfg_file va cfg_dir trong tép cdu hinh chinh. Cac tép cdu hinh san c6 1a: . Localhost.cfg _idinh nghia ede may linux . Contact.cfg fidn ngudi ding . Printer.cf Jidn ede may in . Switch.efg Han switch . Window.ofg dn may window . Command.cfg didn cae 1énh . Template.cfg Jimau dn ¢6 sin . Ti \eperiods.cfg —_//n cae chu ki théi gian Chi tiét cdc tty chon cdu hinh tham khao phan phu luc. 3.2. Cach thtrc dinh nghia déi twong trong cac tép cau hinh déi tuwong Cac d6i tugng (bao gém host, dich vu, ngwai lién hé, 16 ih, nhém, chu ky thoi gian) c6 thé duoc dinh nghia trong bat ki tp nao cé dui .cfg va khai béo duémg din trong tép cdu hinh chinh qua ty chon ef file. Tép template.cfiz di cé sin nhimg dinh nghia déi twong chuan, cdc dinh nghia di trong mdi cé thé ké thira khuén mau cia djnh nghia chuan va c6 thé thay déi di mdi sé tay chon cho pha hgp véi ting yéu cau str dung, 3.2.1. Dinh nghia host Host 1 mét trong nhing tuong co ban nhit duge gidm sat. Dac diém cia host li: - Host thurdng la cde thiét bj vat ly trén mang nhut server, workstation, router,switch, printer. = Host e6 dja chi xée djnh(IP hoe MAC). - Host thuéng cé it nhat mét dich vu lién quan dén né. = Mét host c6 thé cé méi quan hé cha/con, phu thudc véi host khac. Khi dinh nghia di tugng host ban ¢6 thé ké thira mau dinh nghia host c6 trong ju dinh nghia nay cé trong phan phy luc cui tai ligu. Tuy nhién {Gp template.cf V6i méi host duge dinh nghia méi thi e6 3 tay chon bit bude phai Khai bao cho phi hgp. Do 1a tén host, bi danh va dia chi IP cua host. define host{ use linux-server //ké thira dinh nghia mau cé sin host_name fedorato alias fo address 192,168.1.254 3.2.2, Dinh nghia dich vy Dinh nghia djch vy ding d8 khai bao dich vy duge gidm sit chay trén host. Dich vu 6 diy c6 thé higu 18 cdc dich va mang the sy nhu li POP, SMTP, HTTP 1a mot sé sé ligu hay li dl host nhu sé Iuong ngudi ding, 6 dia cén trong... Cac tay chon dudi day 1 bat bude khi dinh nghia mét dich vu méi. Céc thy chon c6n Tai e6 thé tham khao phan phu luc. define service{ host_name linux-server service_description checkdisk-sdat check_command check- hay chua. ‘Day la tuy chon cau hinh khoang théi gian gitra hai lan théng bao ké nhau. - Cuéi cing Nagios kiém tra cau hinh xem nhing nguai ding Nagios nao dugc nhin théng bao vé tinh trang ciia host/dich vu dang duoc kiém tra Chi tiét cdu hinh gui théng bao c6 trong phan phu luc cia tai ligu, 4.5. Tang hop bao cdo Ngoai chite nang gidm sat va cdnh bao cde trang thai hign théi cia cée thanh phan mang Nagios con cé thé lap bao cdo vé tinh trang hoat déng cita cdc thanh phan mang trong mt khoang thoi gian nat dinh. Bao céo o6 thé duge lap véi timg host/dich vy, tig nhém hoe todn b§ mang véi cée bd loc trang théi(SORT/HARD), tinh trang(OK, WARNING, CRITICAL, UNKNOWN). Tir cdc s6 ligu ‘trong bao cdo ngudi quan tri nm duge tinh trang hoat dng ciia cdc thanh phan mang trong mét khoang théi gian nhit dinh, danh gid duoc 46 én dinh cia cdc thinh phan mang. Viée tdng hop bio céo duge thye hign khé don giin qua giao dign web. Chwong 5. Cac van dé lién quan 5.1. Cac khai niém co ban trong Nagios 5.1.1, Kiém tra host Host duge kiém tra bai Nagios daemon khi: * Trong khoang thii gian duge dinh nghia trong tly chon check interval (khoang thdigian gitta hai lin kiém tra ké tiép) va retry_interval (Khodng théi gian thye hign kiém tra lai dé xéc nhan khi phat hién host thay ddi trang thai) ciia din nghia cdu hinh host. * Khi dich vu ma host 46 cung cdp thay déi trang thai. Thuég thi khi dich vu thay d6i trang thai thi host ciing thay déi trang thai, Vi du néu Nagios phat hign ra dich vu HTTP thay déi trang thai ti CRITICAL sang OK, thi rat cé thé la host cung cap dich vu nay vita khéi dong lai vi dang chay. * Khi c6 host con cua host d6 bj dat vao trang thai UNREARCHABLE. D6 la trang thai ma Nagios khdng lign lac duge véi host d6 hay c6 thé hiéu li mat duéng truyén dén host dé. Nagios phan loai host ra ba trang thai: * UP: hoat dng binh thug. * DOWN: tam ditng hoat déng. * UNREACHABLE: khong tim tl 5.1.2. Kiém tra dich vu Dich vy duge kié tra béi Nagios daemon khi: * Trong khoang thdi gian duge dinh nghia trong tly chon check interval (khoang thoi gian gidta hai lan kiém tra ké tiép) va retry_interval (Khoing théi gian thye hign kiém tra lai dé xéc nbn khi phat hign dich vu thay ddi trang thai) cua dinh nghia cdu hinh dich vu. ‘Nagios phan loai dich vu thinh bén trang thai: + OK: Hoat dong binh thudng. + WARNING: Cé thé hoat dng nhung chua chinh xée hoe c6 thé khéng hoat dong. + UNKNOWN: Khéng xée dinh duge. + CRITICAL: Khong hoat dng, 5.1.3. Khai nigm trang thai SORT/HARD Vi du ta c6 mot dinh nghia kiém tra dich vu DNS nhwr sau define service host_name proxy 26 service_description DNS normal_check interval 5 retry_check_interval 4 max_check_attempts 5 } Trong 46 normal_check interval: khoang théi gian giita cdc lin kiém tra binh thudng(la 5 phat). retry_check interval: néu gap 16i, sau 1 phat kiém tra lai dé xac nl in (soft state). -k_attempts: thy hién kiém tra lai $ Kin, néu Idi van say ra. Nagios két lun chic chan dich vu thay d6i trang thai (hard state), ox HARD. HARD WARNING | eaTICAL sorr | HARD y VY¥VY y y Y y wo 615200 khi Nagios chic chan vé trang thai ciia mot host/dich vu thi nd dat 1a HARD STATE. Théng thudmg khi bit d4u phat hién host/djch vu thay d6i trang théi ‘Nagios thy hign lai vai lin kiém tra dé xac nhdn, tiy vao cau hinh. Trong khodng thai gian dé host/dich vu duge dat la SOFT STATE. Khi host/dich vu duge dat vio tink trang SOFT STATE hoac khi né khdi phuc lai trang thai cii tir tinh trang SOFT STATE thi khdng c6 bat etr thong béo ndo duge giti. Tuy nhién nhiing sv kign ndy vin duge ghi vao tép log va ¢6 thé xem duge qua giao dign chuong trinh. 5.1.4, Khai nigm FLAP ‘Néu trang thai ciia host/ dich vu khéng én dinh, thay déi lién tuc. Newai quan tri sé nhdn duge rat nhiéu théng béo trong mt khong thoi gian ngan. Né khong chi gay khé chju ma c6n lim réi loan vige xéc dinh vin dé I6i. Nagios c6 thé phat hign van dé nay va dit trang thai dé 1a Napping. Dé phat hign tinh trang flap cia mt dich vu, Nagios lwu lai 21 két qua kiém tra dich vy gan nhat, tie 14 t6i da Iuu Iai 20 lan thay doi trang thai eta dich vy. Hinh duéi day m6 ta su thay d6i trang thai ctia mét dich vu: aT : . L| 22°34 5 6 7 8 9 1011.42 1314 15 16 17 18 19 20 _ Tir hinh trén ta c6 thé thay 1a trong 20 lan kiém tra, dich vu thay d6i trang thai 12 lin, Nagios dya vao sé ligu nay 48 théng bio dich vy dang roi vio tinh trang flapping hodc thot khdi tinh trang flapping. Khi flapping say ra, Nagios sé ghi sy kién nay vio tép log, dat théng tin flap vio phin comment cua dich vu va dimg hanh dong thong bao trang thai dich vu. Phat hign flap duge cu hinh & 2 vi tri; tép cu hinh chinh nagios.cfg (cai dat cau hinh néi chung) va trong dinh nghia cia tig dich vu cu thé, Trong tép cdu hinh chinh: #letcinagiosinagios.cig enable_flap_detection=1 I cho phép phat hign flap, low_service_flap_threshold=5.0. linguding dui flap high_service flap_threshold=20.0 _Inguéing trén flap Doan cu hinh trén c6 nghia 1a néu c6 tir § lan tré 1én dich vu duge ghi nhan 1a thay di trong 20 Lin kiém tra thi dich vu d6 duge dit vio tinh trang flapping. Ching ta c6 thé thiét dat tay chon phat hign flapping va dat nguéng flap cho timg dich vu trong phan dinh nghia di twgng dich vu. define service host_name linux01 flap_detection_enabled 1 low_flap_threshold 6.0 high_fap_threshold 20.0 } Tuong ty phat hién flapping 4éi véi host. 28 5.1.5. Méi quan hg cha/con gitra cée host vi phin bigt trang thai down/unrearchable Nagios la phan mém chua cé kha nang ty phat hign ra cdc node va kién trac cia mang. Céng vigc nay do ngudi ding tu dinh nghia va quyét dinh theo quy tac nhat inh. Nagios duge coi la trung tim gidm sat. Cac thiét bj(A) 6 duéng két ndi vat ly quan hé la con cia Nagios. Céc thiét bj két true tiép dén server Nagios duge 06 néi tric tiép dén A dugc coi 1a con cia A... Cit nhu vay kién tric mang duge dinh nghia va mé réng qua méi quan hé cha/con nay, véi Nagios la trung tam. Nagios | SS somenrabaie con Hinh 5.1 Méi quan hé host cha/con. Vi du mang c6 kién trie nur trén, Khi dé ta ¢6 Switch1 duge coi la con cia Nagios. Web, FTP, Router! 14 con cia Switch1, Switch duge coi li con ca Router! ‘Tt ca méi quan hé nay déu phai do ngudi ding dinh nghia qua tiy chon parents trong méi dinh nghia déi tugng. vi du: define host{ host_name 29 define host( host_name ‘Switch1 parents Nagios } define host{ host_name Web parents Switch } Nhu vi dy hinh bén dudi, ta t&t host web va router]. Mgt hanh déng kiém tra duge thyc hign va tra vé két qua cho Nagios. Truémg hgp nay Nagios két lun host web va routerl & trang thi DOWN bai vi host cha Switch! hogt dng binh thuéng. ‘Trong khi d6 cdc host nim sau router! duge két lun li UNREACHABLE. Vi Nagios khéng thé lién lac duge véi ching vi router! bj tat kéo theo mat dung két ndi dén cdc host nay. 30 Router] ] Nagios down kéo. theo cae oom host con somewsbaitecom somewebalt com Hinh 5.2 Phan bigt DOWN-UNREACHABLE. Vige phan biét trang thai DOWN-UNREACHABLE cia host gitip cée nha quan tri d8 dang hon trong vige xée dink duge nguyén nhan va vi tri eta 18i say ra trén mang Khi nhan duge théng béo sy 66. Ta xét mot vi dy nhu sau: Khi giém sat dich va DNS trén mt mang duge dinh nghia nhu hinh 5.2, Gia sir tinh huéng khi Nagios phat hign DNS khéng tra 1di truy van cia né. Né thyc hién kiém tra host cung cdp dich vy DNS( 4G day 1a proxy). Proxy khéng tra ldi. Host cha cia proxy 1a switch2 duge kiém tra. Switch? khéng tra ldi. Host cha eta Switch2 li switch] duge kiém tra, Switch! tra li. Tir dd Nagios két ludn Switch! UP. Con eta né 1a switeh2 DOWN. Con eta switeh bj DOWN li UNREARCHABLE. DNS khong host dng : CRITICAL. Két ludn nl hinh 5.3 31 Hinh 5.3 Vi du Xac dinh li 1. gate peor] [ene] [pos] [Sor] [aver] [reais] witcha) uP eos pcos, jswitch2] DOWN 3 06 nexceasie 2 PLR cxmca. 3 UNREACHABLE 5 firewall internet) uypeacHaBLe server hutp:/www.swobspace.de Hinh 5.4 Vi dy xéc dinh 151 2. 6 Vay trong truéng hgp nay khi khac phuc sy cé DNS, nguéi quan trj da x4 dinh dugc ngay nguyén nhan dau tién dan dén sy 6 1a do switch? bi DOWN. 5.1.6, Lap lich downtime Cé nhitng thiét bi chi hoat déng vao nhing khodng théi gian nhdt dinh trong |. Hanh déng tit bat duge thuc hién c6 ngay va ngoai khodng thdi gian dé né duge tinh chu ky va thuémg xuyén, Vi dy nhu thiét bi van phong, méy in ... Hoge 6 nhing server cn dimg hogt déng, nang cép, sita chita, Tém lai la trong thyc té ¢6 nhiéu truéng hgp trang thai cia thiét bi mang thay déi do sy chi dng tir phia ngudi quan tri hodc ngudi quan tri cé thé kiém soat duoc. Véi nhimg traong hop nay viéc giri canh s cho phép ngudi quan tr lap bao cho ngudi quan tri la khéng can thiét. Vi thé Nagic lich thai gian ngimg kiém tra cho timg host/dich vu. Khodng théi gian nay duge goi la downtime. Trong khodng thoi gian nay khéng ¢6 bat ett thong béo nao eta host/dich 1e cho host/dich vu kha don gian va vu duge lip lich duge giti di. Vige lap lich downti duge thyc hign ngay trén giao dign web cia chuong trink. 5.2. BO xir ly sw kién Khi trang théi cia host/djch vu thay di, nagios e6 thé chay mt chong trinh bat ki duge dinh sin v6i bo xit ly su kign (event handler) dé xi ly tinh huéng ma khéng can su can thigp cia nguéi quan 5.2.1. Thai gian chay bd xir ly sy kign Khi host/dich vu : + 6 trong trang thai mém + bat dau vao trang thai cimg iu khdi phuc lai binh thudng tir trang 16i(mém hodc cimg) 5.2.2. Vi dy event handler Vi dy djnh nghia mét script khi dng lai may in khi may in bat dau roi vao trang thai 16i va kiém tra lai dén Lan thar 3 tinh trang li van say ra. Sita dinh nghia dich vu gidm sit may in, khai béo lénh xir ly sy kign restart-Ipd define service host_name printserver service_description LPD event handler restartlpd } Dinh nghia trong tép Jénb Jénh restart-Ipd: define command command_name restart-pd command _line $USER‘$/eventhandlerirestart-Ipd.sh \ SSERVICESTATES SSERVICESTATETYPES SSERVICEATTEMPTS } Lénh nay s& goi mt script o6 tén I restart-Ipd.sh dat trong thu muc /ust/local/nagios/libexec/eventhandler (théng thudng céc script duge dat trong thir mye /ust/local/nagios/libexec/). Seript nay nhan 3 macro lam tham s6 dé 1a trang thai hign thai cua dich vu SSERVICESTATES (OK,WARNING, CRITICAL, hose UNKNOWN), loai trang thai $SERVICESTATETYPES (mém hoc cimng), va sé lin kiém tra lai hign thdi SSERVICEATTEMPTS ). Déi véi host thi SHOSTSTATES, SHOSTSTATETYPES, vi SHOSTATTEMPTS. ie macro nay la 2.3. Seript xir ly bin/bash #lusrllocal/nagios/libexec/eventhandlers/restart-Ipd.sh #$1= Status, $2 =status type, $3 =attempt case $1 in Ok) WARNING) CRITICAL) if [S2=="HARD" JIE echo "Restarting Ipd service” SOFT" && $3-eq 3]; then Justibin/sudo /etc/init.dilpd restart 34 UNKNOWN) esac exit 0 ‘Véi script nay néu trang thai dich vu la critical, loai trang thai li HARD hoac loai trang thai 1a SOFT va da kiém tra lai dén Lin thir 3 thi dich vu Ipd dugc goi véi tham s6 la restart. Script nay duge thuc thi véi quyén clia ngudi ding Nagios (cé thé khong 6 quyén tam dimg hode khdi déng lai dich vy hé théng). Vi vay phai sir dung lénh sudo dé ding quyén root khéi déng lai dich vy Ipd. Néu nhw ban muén ngudi ding nagios cé quyén véi dich vu Ipd thi thuc hign nh sau: linux” # visudo Thém dong sau va tép cdu hinh, nagios nagsrv={root]NOPASSWD: /etatinit.dipd Déng nay cho phép ngudi ding nagios cé quyén chay lénh /etc/init.d/Ipd trén host nagsrv va khéng can mat khdu. ‘Néu ban khéi déng lai dich vu khi né dang 6 trang thai mém thi ngwdi quan tri sé Khong nhdn duge bit ki thong béo nao. Tuy nhién sy kign vin duge ghi lai vao tép log. 5.3. Giam sat phan tan 5.3.1. Kiém tra chi déng Khi Nagios can kiém tra trang thai cua host/dich vu né goi mét plugin thuc hién hanh déng kiém tra d6. Nagios sé nhin két qua tir plugin dugc goi. Day Ia cach thite kiém tra co ban cia Nagios. Trong truéng hyp nay Nagios quyét dinh khi ndo hanh d6ng kiém tra duge thyc hién. Kiém tra cht dong la phuong thite kiém tra co ban va duge sir dung nhieu, Tuy nhién né van con cé mét sé nhuge diém vi dy nhu né c6 thei gian timeout cia méi hanh déng kiém tra la duge dinh truéc. Trong mét sé truéng hgp thai gian d6 cé thé khéng du dé cé két qua chinh xac. 5.5 Kiém tra chil dong 5.3.2. Kiém tra bi dng Hanh d6ng kiém tra host/dich vy duge thyc hign béi mot img dung/tién trinh bén ngoai. Két qua kiém tra s8 duge giri vé cho Nagios xr ly. Kiém tra bj dng duge ding khi gidm sat & cde ving mang khéc nhau cé6 tung lita ngin céch, ding trong giém sit phan tin. Céch thire kiém tra bj déng: Mét tmg dung bén ngoai thyc hién hanh dong kiém tra host/djch vy. Két qua dé duge ghi ra tép Iénh ngoai tra. Nagios dinh ky May két qua kiém tra tir tép nay va xt ly. Hinh 5.6 Kiém tra bj dong 36 5.3.3. Gidm sat phan tin Nagios cé thé phan tn vige gidm sit trén nhing mang lém bing céch sir dung mot server trung tm va nhiéu server con phan tan trén ede mang con(mang con 6 day 6 thé La mot mang WAN, cic ving mang ngain céch bai tuémg lta...). Nagios goi mdi ‘mang con nay 1a mét “cluster”. Server trung tam: nhan va xir ly két qua kiém tra tir server con phan tan (passive check), cdc két qua tu né kiém tra qua plugin (active check). Server con phan tan: thutc hign cae kiém tra chii dng (active check) host/dich vu va giti két qua vé cho server trung tam. Thudng thi véi mdi cluster nén dat mét server con Nagios. Server con giti két qua kiém tra vé server trung tam bing m6t plugin c6 tén NSCA. Chi tiét cach thite cai dat, giao tigp cia NSCA tham khdo phan phy luc cudi tai liga 37 CHUONG 6. KET QUA TRIEN KHAI THU'C TE TREN MANG CUA TRUONG DAI HOC CONG NGHE 6.1 Gidi thigu hé théng mang cua truong DH céng nghé(CTnet) Truéng Dai hoc Céng nghé hign cé 19 khéi/don vi bao gim cae phéng ban, cic khoa, cdc trung tam, phéng thi nghiém, phéng thyc hanh... Tat cd cdc don vi cia hé théng diéu hanh, quan ly, hoc tap, gidng day va nghién ctu, trudmg déu duge trang bj déu duge trang bj iy tinh phue vu cdng tae Internet (Ge trata Thanh vign va NUnet Route ~ thege HOS Switch J Lo Cae phing Lim vige Cie phing lim vige |_| Céc phong lam vige vva phong may tinh va phong may tinh va phong may tinh trong toa nha E3 trong toa nha E4 trong toa nha G2 Phin mang Truéng DHCN Hinh 6.1 : So ad hé thong mang CTnet Ngoai cac hé théng phéng may phuc vu diéu hanh, hoc tap, giang day va nghién iru thi truémg cing dang duy tri mét sé server va dich vu hé théng: - Server Web, 1 CPU P.4, 1 GB RAM, 2 6 cig 36 GB (tir phing HCQT) - Server quan ly ngudi ding, 1 CPU P.4, 1 GB RAM, 1 6 cimg 36 GB - Server phyc vu tép, | CPU P.4, 512 MB RAM, 3 6 cing 36 GB - Server phye vy cae tign ich, 1 CPU P.4, 512 MB RAM, 1 6 cig 36 GB ) - Server mail, cung cp dich vu th dign tir cho cén bé, sinh vién trong trudng. server hé try dns, proxy... Mang CTnet a mt mang ¢6 quy mé va cin phai e6 sw quan ly che ebé. 6.2. Cai dat trién khai Hé théng Nagios bit diu duge ngay 27/03/2009 trén server c6 dja chi mang n6i b6 1a 10.10.0,22 va dia chi Internet la 210.86.230.113. Dia chi truy cdp vao hé théng 1 hitp://10.10.0.22/nagios. V6i mye dich thé nghi phan gidm sat lén ngoai server nay hé théng cén cai server Nagios khdc tai tai trung tim méy tinh nha G2. Server nay gidm sat cdc thiét bi, dat va gidm sét nhimg dich vu dau tién vio méy ddu cudi cua trung tim may tinh va giri két qua vé cho server trung tam tai dat tai 10,10.0.22. Dén nay hé théng da duge cau hinh gidm sat hau hét tat ca céc dich vy cla cum méy chi cia trudmg dai hoc céng nghé nhu web, mail, Idap, ftp, dns. Cie phing ban Khic, VneNet,Intemet Mot sé méy tinh thyge tung tim iy tinh Hinh 6.2 Mt sé server, may tinh dug trién khai gidm sat. ‘Va gidm sat cdc thiét bj mang ciia Switch, router, may in, may dau cudi tai trung tm may tinh. 39

    You might also like