Cheap VPS & Xen Server


Residential Proxy Network - Hourly & Monthly Packages

Server monitoring with Icinga 2 and Icingaweb 2 on CentOS 7


Icinga 2 is a scalable OpenSource monitoring software. This tutorial describes the installation of Icinga 2 together with Icingaweb on a CentOS 7 server.

1. Requirements

To install such a system you will need the following:

  • A Centos 7 minimal server system. This can be a server installed from scratch as described in the Centos 7.1 minimal server tutorial or a virtual-server or root-server from a hosting company that has a minimal Centos 7 setup installed.
  • A fast Internet connection.

2. Preliminary notes

  • In this tutorial, I use the hostname icinga2.domain.tld with the IP address 192.168.250.100/24 and the gateway 192.168.250.254. These settings might differ for you, so you have to replace them where appropriate.
  • The outputs shown here is just an example and might differ on your system, depending on your base system and the packages already installed.
  • The database server will be maria db and will be installed on the same host.
  • A user administrator exists and is in the sudoers list.
  • We will disable SELinux for this tutorial.

3. Preparation

Login as administrator

login as: administrator
administrator@192.168.250.100's password:
[administrator@icinga2 ~]$

Check network connectivity

we will test if our internet connection is established and name resolution is working:

ping www.google.de -c3

The output will be like:

[administrator@icinga2 ~]$ ping www.google.de -c3
PING www.google.de (172.217.20.67) 56(84) bytes of data.
64 bytes from fra02s27-in-f3.1e100.net (172.217.20.67): icmp_seq=1 ttl=57 time=19.2 ms
64 bytes from fra02s27-in-f3.1e100.net (172.217.20.67): icmp_seq=2 ttl=57 time=19.3 ms
64 bytes from fra02s27-in-f3.1e100.net (172.217.20.67): icmp_seq=3 ttl=57 time=19.6 ms

--- www.google.de ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 19.276/19.430/19.649/0.195 ms
[administrator@icinga2 ~]$

Change to root

Now we will make ourself root. To do so enter:

sudo su

The output will be like:

[administrator@icinga2 ~]$ sudo su

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

         #1) Respect the privacy of others.
         #2) Think before you type.
         #3) With great power comes great responsibility.

[sudo] password for administrator:
[root@icinga2 administrator]#

Install preliminary software

We will now install some preliminary software:

  • deltarpm will lower the amount to be downloaded, by checking if there is just a differential file, instead of the whole package
  • nano is a text-editor
  • wget is needed to download files from URLs
  • net-tools is needed for certain checks on network-processes
  • gcc is the GNU Compiler

yum -y install deltarpm

The output will be like:

Loaded plugins: fastestmirror
base                                                                             | 3.6 kB  00:00:00
extras                                                                           | 3.4 kB  00:00:00
updates                                                                          | 3.4 kB  00:00:00
(1/4): extras/7/x86_64/primary_db
...
...
Total download size: 82 k
Installed size: 209 k
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/deltarpm-3.6-3.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for deltarpm-3.6-3.el7.x86_64.rpm is not installed
deltarpm-3.6-3.el7.x86_64.rpm                                                    |  82 kB  00:00:00
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
 Userid     : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
 Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
 Package    : centos-release-7-2.1511.el7.centos.2.10.x86_64 (@anaconda)
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : deltarpm-3.6-3.el7.x86_64                                                            1/1
  Verifying  : deltarpm-3.6-3.el7.x86_64                                                            1/1

Installed:
  deltarpm.x86_64 0:3.6-3.el7

Complete!

yum -y install nano wget net-tools gcc

The output will be like:

Loaded plugins: fastestmirror
base                                                                             | 3.6 kB  00:00:00
extras                                                                           | 3.4 kB  00:00:00
updates                                                                          | 3.4 kB  00:00:00
(1/4): extras/7/x86_64/primary_db
...
...
Installed:
  gcc.x86_64 0:4.8.5-4.el7      nano.x86_64 0:2.3.1-10.el7 net-tools.x86_64 0:2.0-0.17.20131004git.el7
  wget.x86_64 0:1.14-10.el7_0.1

Dependency Installed:
  cpp.x86_64 0:4.8.5-4.el7                         glibc-devel.x86_64 0:2.17-106.el7_2.4
  glibc-headers.x86_64 0:2.17-106.el7_2.4          kernel-headers.x86_64 0:3.10.0-327.13.1.el7
  libmpc.x86_64 0:1.0.1-3.el7                      mpfr.x86_64 0:3.1.1-4.el7

Dependency Updated:
  glibc.x86_64 0:2.17-106.el7_2.4                 glibc-common.x86_64 0:2.17-106.el7_2.4

Complete!

Disable SELinux

edit the /etc/selinux/config

nano /etc/selinux/config

Find

SELINUX=enforcing

change it to

SELINUX=disabled

Save the file

Update system and reboot

Now we will update the system.

yum -y update && yum -y upgrade

This may take some time. After that reboot.

reboot

4. Install icinga2 and additional Software

Install additional repositories

After the system has restarted login as administrator and make yourself root again.

Change directory to /tmp

cd /tmp

Install epel repository

yum install -y epel-release

Install icinga repository

rpm –import http://packages.icinga.org/icinga.key
wget http://packages.icinga.org/epel/ICINGA-release.repo -O /etc/yum.repos.d/ICINGA-release.repo

Rebuild yum cache (May take some time)

yum makecache

Install icinga2, icinga2 mysql connector and nagios plugins

yum install -y nagios-plugins-all icinga2 icinga2-ido-mysql icinga-idoutils-libdbi-mysql

Installing Apache, php and preparing php.ini

yum install -y httpd

yum install -y php-cli php-pear php-xmlrpc php-xsl php-pdo php-soap php-gd php-ldap

Edit php.ini

Find

; Defines the default timezone used by the date functions
; http://php.net/date.timezone
;date.timezone =

change it to

; Defines the default timezone used by the date functions
; http://php.net/date.timezone
date.timezone = "Europe/Berlin"

Save the file

Enable Apache at startup

systemctl enable httpd

[root@icinga2 tmp]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

systemctl start httpd

Check if Apache is running

netstat -nlp | grep 80

[root@icinga2 tmp]# netstat -nlp | grep 80
tcp6       0      0 :::80                   :::*                    LISTEN      10360/httpd

Installing and configuring mariadb

yum install -y mariadb-server

systemctl start mariadb

systemctl enable mariadb

Output:

[root@icinga2 tmp]# systemctl enable mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.

Check if mariadb is running

netstat -nlp | grep 3306

Output:

[root@icinga2 tmp]# netstat -nlp | grep 3306
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      11623/mysqld

Set Password for user ‘root’

mysql -u root

Output:

[root@icinga2 tmp]# mysql -u root
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 2
Server version: 5.5.47-MariaDB MariaDB Server

Copyright (c) 2000, 2015, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>

[MariaDB [(none)]> use mysql

Output:

[MariaDB [(none)]> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
MariaDB [mysql]>

[MariaDB [(mysql)]> update user set password=PASSWORD(“root_password”) where User=’root’;

Output:

update user set password=PASSWORD("root_password") where User='root';
Query OK, 4 rows affected (0.00 sec)
Rows matched: 4  Changed: 4  Warnings: 0

[MariaDB [(mysql)]> flush privileges;

Output:

MariaDB [mysql]> flush privileges;
Query OK, 0 rows affected (0.00 sec0

[MariaDB [(mysql)]> exit;

Output:

MariaDB [mysql]> exit;
Bye

Restart MariaDB

systemctl restart mariadb

Create and populate database for icinga2

Logon to MySQL with password for root.

mysql -u root -p

Output:

[root@icinga2 tmp]# [root@icinga2 tmp]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 7
Server version: 5.5.47-MariaDB MariaDB Server

Copyright (c) 2000, 2015, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>

[MariaDB [(none)]>CREATE DATABASE icinga2;

Output:

MariaDB [(none)]> CREATE DATABASE icinga2;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]>

[MariaDB [(none)]>GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icinga2.* TO ‘icinga2’@’localhost’ IDENTIFIED BY ‘icinga2_password’;

Output:

MariaDB [(none)]> GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icinga2.* TO 'icinga2'@'localhost' IDENTIFIED BY 'icinga2_password';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]>

[MariaDB [(none)]>flush privileges;;

Output:

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]>

[MariaDB [(none)]> exit;

Output:

MariaDB [none]> exit;
Bye

Populate database

mysql -u root -p icinga2 < /usr/share/icinga2-ido-mysql/schema/mysql.sql

Modify ido-mysql.conf

In order to make icinga2 connect to our mariadb Database we have to modify /etc/icinga2/ido-mysql.conf

nano /etc/icinga2/features-available/ido-mysql.conf

Find

/**
 * The db_ido_mysql library implements IDO functionality
 * for MySQL.
 */

library "db_ido_mysql"

object IdoMysqlConnection "ido-mysql" {
  //user = "icinga"
  //password = "icinga"
  //host = "localhost"
  //database = "icinga"
}

change it to

/**
 * The db_ido_mysql library implements IDO functionality
 * for MySQL.
 */

library "db_ido_mysql"

object IdoMysqlConnection "ido-mysql" {
  user = "icinga2"
  password = "icinga2_password"
  host = "localhost"
  database = "icinga2"
}

Enable and start icinga2 at startup

enable icinga2 at startup

systemctl enable icinga2

Output:

[root@icinga2 tmp]# systemctl enable icinga2
Created symlink from /etc/systemd/system/multi-user.target.wants/icinga2.service to /usr/lib/systemd/system/icinga2.service.

Start icinga2

systemctl start icinga2

In order to check if everything is working we will do tail -f /var/log/icinga2/icinga2.log. You can stop the output by hitting CTRL-C.

tail -f /var/log/icinga2/icinga2.log

The output should be something like this

[root@icinga2 tmp]# tail -f /var/log/icinga2/icinga2.log
[2016-05-10 23:21:50 +0200] information/DbConnection: Resuming IDO connection: ido-mysql
[2016-05-10 23:21:50 +0200] information/ConfigItem: Activated all objects.
[2016-05-10 23:21:50 +0200] information/ConfigCompiler: Compiling config file: /var/lib/icinga2/modified-attributes.conf
[2016-05-10 23:21:50 +0200] information/IdoMysqlConnection: MySQL IDO instance id: 1 (schema version: '1.14.0')
[2016-05-10 23:21:50 +0200] information/IdoMysqlConnection: Finished reconnecting to MySQL IDO database in 0.201981 second(s).

Make icinga2 start at boot:

systemctl enable icinga2

Output:

[root@icinga2 tmp]# systemctl enable icinga2
Created symlink from /etc/systemd/system/multi-user.target.wants/icinga2.service to /usr/lib/systemd/system/icinga2.service.

Enable icinga2 command module:

icinga2 feature enable command

Output:

[root@icinga2 tmp]# icinga2 feature enable command
Enabling feature command. Make sure to restart Icinga 2 for these changes to take effect.

Restart icinga2

systemctl restart icinga2

5. Install icingaweb2

Before installing icingaweb2 be sure to open port 80 on your firewall.

Install icingaweb2:

yum -y install icingaweb2

Install icingacli. We will need it later to create a setup token for the webbased part of the installation.

yum -y install icingacli

We will now check if the group icingaweb2 exists and if apache is a member of that group:

cat /etc/group | grep icingaweb2

Output:

[root@icinga2 tmp]# cat /etc/group | grep icingaweb2
icingaweb2:x:990:apache

icinga2 will report a warning for the http service because there is no index.hml file at the webroot.
To prevent this we will create an empty one:

touch /var/www/html/index.html

chown apache /var/www/html/index.html

We will now create the setup token for the webbased part of the installation.

icingacli setup config directory –group icingaweb2

Output:

[root@icinga2 tmp]# icingacli setup config directory --group icingaweb2
Successfully created configuration directory /etc/icingaweb2

icingacli setup token create

Output:

[root@icinga2 tmp]# icingacli setup token create
The newly generated setup token is: 1826XXXXXXXXXXXX

Write down or copy the setup token.

Restart apache.

systemctl restart httpd

Web based part of the installation

 

Insert the generated token and press

Continue (Weiter)

img002

Press

Weiter (Continue)

img003

img004

Check that all parts are green and press

Continue (Weiter)

img005

Keep the chosen type of authentication (SQL Database) press

Continue (Weiter)

img006

Insert the following values:

Resourcename = icingaweb2
Keep Databasetype (Datenbanktyp) to MySQL
Keep Host as localhost
Change Databasename (Datenbanknamen) to icingaweb2
Change Username to icingaweb2
Enter a password

Press

Validate Configuration

You should see

Configuration sucessfully validated

at the top of the page.

Press

Continue (Weiter)

 

 

To create the database and user specified insert the credentials for root here. Then press

Continue (Weiter)

Keep icingaweb2 as BackendName and press

Continue (Weiter)

img011

Create the user administrator. Enter username and password (twice). Then press

Continue (Weiter)

img012

Leave everything as suggested and press

Continue (Weiter)

img013

img014

This page contains a summary of your inputs.
Check everything then press

Continue (Weiter)

img015

Press

Continue (Weiter)

img016

Leave everything as suggested and press

Continue (Weiter)

img017

Leave everything as suggested and press

Continue (Weiter)

img018

Insert the following values:

If validation is ok press

Continue (Weiter)

img019

Leave everything as suggested and press

Continue (Weiter)

img020

Leave everything as suggested and press

Continue (Weiter)

img021

img022

This page contains a summary of your inputs.
Check everything then press

Continue (Weiter)

img023

Press

Login to icinga Web 2

img024

Login as administrator with the password defined.

img025

Done.

Comments

comments