I this post I'm going to deploy Xymon in amazon cloud ( AWS ) for off-site monitoring.
Running “external” monitor in the cloud is efficient alternative for third-party services ( search for "External Website Monitoring" ). Easy installation, small footprint (no database) and flexibility of xymon makes it very attractive instrument for such project.
Bellow is just a some notes for a minimal setup:
Logon to AWS and launch the smallest instance ( t1.micro ) using Basic 32-bit Amazon Linux AMI. Make sure that SSH, HTTP ( or/and HTTPs ) connections are permitted in the security group.
Now let’s add all packages we need for the build
Get source code from repository ( or download archive from xymon.com ).
OK, application is installed and can be started, but currently it will be checking localhost only and reporting to log files.
Let's prepare front-end - Apache web server.
Create a web user and restrict access to /xymon/
Review /etc/httpd/conf.d/xymon-apache.conf ( and httpd.conf ) files, and start/restart apache service;
sudo to xymon and add monitoring targets to ~/server/etc/hosts.cfg ( read manpage )
as an example we cat test some Google sites, in future connection to google.com could be used as a "always up" service. Adding dependency allows avoid noise form hiccups on AWS network.
More sophisticated examples are available on http://xymon.com
Now start xymon server ( as user xymon )
~/server/xymon.sh start and check your page http://ec2-XX.compute-1.amazonaws.com/xymon/
Now - tricky part.
Web interface is nice, trends, etc …, but what about alert notifications ?
It's easy to add a record in ~xymon/server/etc/alerts.cfg, but most likely e-mails from AWS host will be delivered to a spam folder …
One solution - use amazon email service,
another - use any public e-mail provider who support smtp authorization.
For example:
- create new mail account on mail.google.com
- compile mutt on your virtual server ( the one from aws yum repositories won’t work ... )
-- get recent source from http://www.mutt.org/download.html
create .muttrc in ~xymon with following contents:
Verify that it really works:
Long story, many steps, but in reality should take less then an hour to have basic monitoring running.
Operational cost of this setup will be definitely lower then comparable services from “remote site monitoring” providers.
PS. Before real usage, don't forget switch to HTTPs, review all config files ...
Subscribe to the Xymon mailing list ( http://xymon.com/xymon/help/known-issues.html ) for friendly support, ask for help and give help to others.
Running “external” monitor in the cloud is efficient alternative for third-party services ( search for "External Website Monitoring" ). Easy installation, small footprint (no database) and flexibility of xymon makes it very attractive instrument for such project.
Bellow is just a some notes for a minimal setup:
Logon to AWS and launch the smallest instance ( t1.micro ) using Basic 32-bit Amazon Linux AMI. Make sure that SSH, HTTP ( or/and HTTPs ) connections are permitted in the security group.
ssh -i YourKey.pem ec2-user@ec2-XX.compute-1.amazonaws.com [ec2-user@mon ~]$ sudo -i [root@mon ~]# yum -y update … ( reboot if needed ) ... [root@mon ~]# useradd -m xymon
Now let’s add all packages we need for the build
[root@mon ~]# yum -y install subversion fping gcc gcc-c++ openssl-devel make \
binutils rrdtool rrdtool-devel pcre-devel httpd cyrus-sasl-devel \
ncurses-devel
Get source code from repository ( or download archive from xymon.com ).
[root@mon ~]# mkdir src [root@mon ~]# cd src [root@mon ~]# svn co https://xymon.svn.sourceforge.net/svnroot/xymon/branches/4.3.5 [root@mon ~]# cd 4.3.5 [root@mon ~]# ./configure ... I found fping in /usr/sbin/fping Do you want to use it [Y/n] ? Y … Do you want to be able to test SSL-enabled services (y) ? Y … What group-ID does your webserver use [nobody] ? apache … [root@mon ~]# make && make install
OK, application is installed and can be started, but currently it will be checking localhost only and reporting to log files.
Let's prepare front-end - Apache web server.
Create a web user and restrict access to /xymon/
[root@mon ~]# htpasswd -c /etc/httpd/xymonpasswd admin [root@mon ~]# cp ~xymon/server/etc/xymon-apache.conf /etc/httpd/conf.d/xymon-apache.conf [root@mon ~]# sed -i 's/\/home\/xymon\/server\/etc\/xymonpasswd/\/etc\/httpd\/xymonpasswd/g' /etc/httpd/conf.d/xymon-apache.conf [root@mon ~]# sed -i 's/AuthGroupFile/#AuthGroupFile/g' /etc/httpd/conf.d/xymon-apache.conf
Review /etc/httpd/conf.d/xymon-apache.conf ( and httpd.conf ) files, and start/restart apache service;
sudo to xymon and add monitoring targets to ~/server/etc/hosts.cfg ( read manpage )
as an example we cat test some Google sites, in future connection to google.com could be used as a "always up" service. Adding dependency allows avoid noise form hiccups on AWS network.
group-compress Web services 0.0.0.0 www.google.com # http://www.google.com 0.0.0.0 encrypted.google.com # https://encrypted.google.com/ group-compress DNS 8.8.8.8 google-public-dns-a.google.com # dns=A:www.google.com,MX:google.com group-compress Local 127.0.0.1 localhost # bbd http://localhost/
More sophisticated examples are available on http://xymon.com
Now start xymon server ( as user xymon )
~/server/xymon.sh start and check your page http://ec2-XX.compute-1.amazonaws.com/xymon/
Now - tricky part.
Web interface is nice, trends, etc …, but what about alert notifications ?
It's easy to add a record in ~xymon/server/etc/alerts.cfg, but most likely e-mails from AWS host will be delivered to a spam folder …
One solution - use amazon email service,
another - use any public e-mail provider who support smtp authorization.
For example:
- create new mail account on mail.google.com
- compile mutt on your virtual server ( the one from aws yum repositories won’t work ... )
-- get recent source from http://www.mutt.org/download.html
./configure --enable-imap --enable-smtp --with-sasl --with-ssl &&; make &&; make install
create .muttrc in ~xymon with following contents:
# SENDING MAIL set copy=yes set smtp_url="smtp://NEW.EMAIL@smtp.gmail.com:587/" set smtp_pass="EMAIL.PASS" set from="NEW.EMAIL@gmail.com" set realname="Xymon in the Cloud" # RECEIVING MAIL set imap_user = "NEW.EMAIL@gmail.com" set imap_pass = "EMAIL.PASS" set folder = "imaps://imap.gmail.com:993" set spoolfile="imaps://imap.gmail.com/INBOX" set postponed="imaps://imap.gmail.com/Drafts" set record="imaps://imap.gmail.com/Sent" set message_cachedir=~/.mutt/cache/bodies set certificate_file=~/.mutt/certificates set move = no
Verify that it really works:
And create a script for alert notifications like:date | mutt -s test you_real_address@provider.com
Finally, add alert rules ( ~xymon/server/etc/alerts.cfg )[xymon@mon ~]# cat ~xymon/bin/m.sh #!/bin/bash if [ ${RECOVERED} = 1 ] then export BBCOLORLEVEL="RECOVERED" export BBCOLOR="green" else export BBCOLOR=$BBCOLORLEVEL fi S=$BBHOSTSVC:$BBCOLOR echo $BBALPHAMSG | mutt -s $S $RCPT
DONEHOST=* COLOR=red SCRIPT /home/xymon/bin/m.sh you_real_address@provider.com FORMAT=TEXT REPEAT=3h RECOVERED
Long story, many steps, but in reality should take less then an hour to have basic monitoring running.
Operational cost of this setup will be definitely lower then comparable services from “remote site monitoring” providers.
PS. Before real usage, don't forget switch to HTTPs, review all config files ...
Subscribe to the Xymon mailing list ( http://xymon.com/xymon/help/known-issues.html ) for friendly support, ask for help and give help to others.
1 comment:
Great post!!
We have been using nagios for monitoring our instances in cloud but now definitely I'll give a try to xymon.
Post a Comment