Thursday, June 02, 2011

Munin - Monitoring Tools

A few days ago, a friend of mine tell me about Munin. A monitoring tool. It was really fantastic. I can monitor almost every key sector of the server. Disk utilization, memory, CPU, etc. So I tried to install it on real server and virtual server.

So here's the steps that I did when installing Munin Server at Ubuntu 10.04 Server x64
---------------
Server Side
---------------
1. Install munin server ; sudo apt-get install munin
2. Configure /etc/munin.conf
    #
     dbdir  /var/lib/munin
     htmldir /var/cache/munin/www
     logdir /var/log/munin
     rundir  /var/run/munin 
    includedir /etc/munin/munin-conf.d 
    contact.someuser.command mail -s "Munin notification" yourname@youremail.com 
    [hostname or FQDN]
        address a.b.c.d
        use_node_name yes 
    [other host or FQDN]
        address 1.2.3.4
        use_node_name yes
    3. Configure /etc/munin/munin-node.conf
    log_level 4
    log_file /var/log/munin/munin-node.log
    pid_file /var/run/munin/munin-node.pid
    background 1
    setsid 1
    user root
    group root
    # Regexps for files to ignore
    ignore_file ~$
    #ignore_file [#~]$  # FIX doesn't work. '#' starts a comment
    ignore_file DEADJOE$
    ignore_file \.bak$
    ignore_file %$
    ignore_file \.dpkg-(tmp|new|old|dist)$
    ignore_file \.rpm(save|new)$
    ignore_file \.pod$
    allow ^127\.0\.0\.1$
    allow ^202\.51\.99\.38$
    allow ^202\.51\.99\.36$
    host * 
    port 4949
    4. Done

    ---------------
    Client Side
    ---------------

    1. Install munin-node ; sudo apt-get install munin-node
    2. Configure munin-node ; sudo vi /etc/munin/munin-node.conf

    log_level 4
    log_file /var/log/munin/munin-node.log
    pid_file /var/run/munin/munin-node.pid
    background 1
    setsid 1
    user root
    group root
    # Regexps for files to ignore
    ignore_file ~$
    #ignore_file [#~]$  # FIX doesn't work. '#' starts a comment
    ignore_file DEADJOE$
    ignore_file \.bak$
    ignore_file %$
    ignore_file \.dpkg-(tmp|new|old|dist)$
    ignore_file \.rpm(save|new)$
    ignore_file \.pod$
    allow ^127\.0\.0\.1$ --> Change it to your IP Address
    # Which address to bind to;
     host *
    # And which port
    port 4949
    3. Done

    ---------------
    Final Steps
    ---------------
    1. Make sure, at server side, there is a parameter for munin-node. [Host-name or FQDN]. Otherwise, munin won't work.
    2. Don't forget to restart munin-node. sudo /etc/init.d/munin-node restart
    3. Test your munin instalation. Go to http://your_ip_address/munin . If you see it, Congratulations !! :D
    ---------------------------------------
    Add Password-protected Page
    ---------------------------------------

    In order to make the page more secure, you can give them password protected page. It's better to use Auth_digest, since the password will be passed from client to server as an encrypted password.

    1. Add password-protect directory for Munin
    • Activate digest support for Apache
      • sudo a2enmod auth_digest
    • Create password for Munin realm. (Must be exactly same with AuthName parameter in munin apache.conf file)
      • sudo htdigest -c /etc/munin/.htpasswd Munin admin ;  /etc/munin/.htpasswd is the location of htpasswd file. Dot sign mean that the file is hidden. Admin is the user for login
    • Edit /etc/munin/apache.conf, so it will look like this :
    Alias /munin /var/cache/munin/www

           Order allow,deny
            Allow from all
            Options FollowSymLinks
            AllowOverride None
            AuthUserFile /etc/munin/.htpasswd
            AuthName "Munin"
            AuthType Digest
            require valid-user
       
            ExpiresActive On
            ExpiresDefault M310
       
    3. Restart Apache
       a. sudo /etc/init.d/apache2 restart

    ---------------------
    Troubleshooting
    ---------------------

    1.  If the you dont see the graph, check :
    • File permission. Make those are accessible for munin user.
    • Run cron manually. Do sudo -u munin /usr/bin/munin-cron
    • If you got password error, then you need to give munin user a password.
      • sudo -i
      • passwd munin
      • sudo vi /etc/passwd
      • Find munin user
      • Change /bin/false ---> /bin/bash (or your favorite shell)
      • No need to restart :)
      • su munin
      • /usr/bin/munin-cron
    • Restart your cron service if necessary. sudo /etc/init.d/cron restart
    • Do not forget to check logs of course :)
    2. If you found notification like this :
    This is caused from this error :
     
    your_server :: your_server :: Connections through firewall
    UNKNOWNs: Total is unknown.
    The message is clear. Connections through firewall. Make sure port 4949 is open, not block by your firewall.

    Post a Comment