smokeping_centos6
Table of Contents
CentOS 6 - Smokeping
Had to install SmokePing in a RHEL 6 environment. This is how i installed it.
- Stop, start, status
- Stop:
service smokeping stop
- Start:
service smokeping start
- Status:
service smokeping status
- Modify configuration
- Modify configuration:
/opt/smokeping/etc/config
. - Restart SmokePing:
service smokeping restart
.
- Installation
- Create a new VM with, 1vCPU, 1GB memory and 32GB disk.
- Install the latest RHEL 6.
- Update the OS:
yum clean all yum update
- Check NTP and DNS configuration.
- Create a nice MOTD:
_____ _ _____ _ / ____| | | | __ (_) | (___ _ __ ___ ___ | | _____| |__) | _ __ __ _ \___ \| '_ ` _ \ / _ \| |/ / _ \ ___/ | '_ \ / _` | ____) | | | | | | (_) | < __/ | | | | | | (_| | |_____/|_| |_| |_|\___/|_|\_\___|_| |_|_| |_|\__, | __/ | |___/
- Install the needed packages:
yum groupinstall "Development tools" yum install rrdtool rrdtool-perl fping wget curl bind-utils mod_fcgid mod_ssl httpd httpd-devel perl-CPAN lynx ncftp perl perl-YAML perl-parent perl-Test-Simple perl-Net-SSLeay
- Configure CPAN:
perl -MCPAN -e shell Would you like me to configure as much as possible automatically? [yes] no Choose the defaults, configure a proxy if needed. # If you want to reconfigure CPAN: o conf init
- I had some problems when using the Perl packages from the repo. Install the Perl modules via CPAN:
cpan install LWP install IO::Pty install Config::Grammar install Digest::HMAC_MD5 install Net::Telnet install Net::OpenSSH install Net::DNS install Net::LDAP install Net::SNMP # Don't install the optional packages. install FCGI install CGI::Fast
- Download SmokePIng:
cd /var/tmp wget http://oss.oetiker.ch/smokeping/pub/smokeping-2.6.11.tar.gz
- Install SmokePing:
tar -zxvf smokeping-2.6.11.tar.gz -C /var/tmp cd /var/tmp/smokeping-2.6.11 ./configure --prefix=/opt/smokeping-2.6.11 /usr/bin/gmake install ln -s /opt/smokeping-2.6.11 /opt/smokeping mkdir /opt/smokeping-2.6.11/{cache,data,var} chmod 660 /opt/smokeping-2.6.11/etc/smokeping_secrets.dist useradd -u <uid> smokeping chown -R smokeping. /opt/smokeping*
- Post install config
- SmokePing
- Modify
/opt/smokeping/etc/config.dist
.cp /opt/smokeping/etc/config.dist /opt/smokeping/etc/config vi config
- Modify
/opt/smokeping/htdocs/smokeping.fcgi.dist
:mv /opt/smokeping/htdocs/smokeping.fcgi.dist /opt/smokeping/htdocs/smokeping.fcgi vi /opt/smokeping/htdocs/smokeping.fcgi
- Change the template sidebar width (if needed)
/opt/smokeping/etc/basepage.html.dist
:<TD class="menubar" align="left" width="230" valign="top">
- TLS self signed certificate
- Change
/etc/pki/tls/openssl.cnf
countryName_default = ... stateOrProvinceName_default = ... localityName_default = ... 0.organizationName_default = ... organizationalUnitName_default = ... commonName = <fqdn> [ req ] distinguished_name = req_distinguished_name req_extensions = v3_req [ v3_req ] basicConstraints = CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment subjectAltName = @alt_names [alt_names] DNS.1 = <fqdn1> DNS.2 = <fqdn2> IP.1 = <ip1> IP.2 = <ip2>
- Generate private key:
openssl genrsa -out /etc/pki/tls/private/<hostname>.key 2048
- Generate CSR:
openssl req -new \ -out /etc/pki/tls/certs/<hostname>.csr \ -key /etc/pki/tls/private/<hostname>.key \ -config /etc/pki/tls/openssl.cnf
- Check:
openssl req -text -noout -in /etc/pki/tls/certs/<hostname>.csr
- Sign:
openssl x509 -req -days 3650 \ -in /etc/pki/tls/certs/<hostname>.csr \ -signkey /etc/pki/tls/private/<hostname>.key \ -out /etc/pki/tls/certs/<hostname>.crt \ -extensions v3_req \ -extfile /etc/pki/tls/openssl.cnf
- Apache
- Remove the default virtual host:
/etc/httpd/conf.d/smokeping.conf
. - Edit
/etc/httpd/conf/httpd.conf
:ServerAdmin <email address> NameVirtualHost *:443
- Create the following config:
/etc/httpd/conf.d/smokeping.conf
<VirtualHost *:443> SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite DEFAULT:!EXP:!SSLv2:!DES:!IDEA:!SEED:+3DES SSLCertificateFile /etc/pki/tls/certs/<hostname>.crt SSLCertificateKeyFile /etc/pki/tls/private/<hostname>.key <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 ServerName <fqdn> DocumentRoot "/var/www/html/" ErrorLog logs/ssl_error_log TransferLog logs/ssl_access_log LogLevel warn CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" SuexecUserGroup smokeping smokeping ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" <Directory "/var/www/cgi-bin/"> SSLOptions +StdEnvVars Options FollowSymLinks AllowOverride None Options None Order allow,deny Allow from all </Directory> Alias /cache/ "/opt/smokeping-2.6.11/cache/" <Location /> Options None Order deny,allow Deny from all Allow from <subnet> AuthType Basic AuthBasicProvider ldap AuthName "LDAP authentication" AuthLDAPURL ... AuthLDAPBindDN ... AuthLDAPBindPassword ... Require ldap-attribute gidNumber=... Require valid-user </Location> </VirtualHost>
- Create an index.html redirect
/var/www/html/index.html
:<meta http-equiv="refresh" content="1;url=https://<fqdn>/cgi-bin/smokeping.fcgi">
- Copy
smokeping.fcgi
(for suexec):cp /opt/smokeping/htdocs/smokeping.fcgi /var/www/cgi-bin/
- Modify suexec rights:
chown -R smokeping. /var/www/cgi-bin/
- Start Apache at boot:
chkconfig httpd on
- Start Apache:
service httpd start
Start/stop script
- Create start/stop script:
/etc/init.d/smokeping
#!/bin/sh # # chkconfig: - 86 14 # description: smokeping init script # processname: smokeping # config: /opt/smokeping/etc/smokeping.conf # pidfile: /opt/smokeping/var/smokeping.pid # Source function library. . /etc/rc.d/init.d/functions # the path to your PID file # path to smokeping script smokeping=/opt/smokeping/bin/smokeping smokeping_config=/opt/smokeping/etc/config smokeping_logfile=/opt/smokeping/var/smoke.log pidfile=/opt/smokeping/var/smokeping.pid lockfile=/var/lock/subsys/smokeping smokeping_opts="--config=${smokeping_config} --logfile=${smokeping_logfile}" prog=smokeping run_user=smokeping RETVAL=0 STOP_TIMEOUT=10 start() { echo -n $"Starting $prog: " daemon --pidfile=${pidfile} --user $run_user $smokeping $smokeping_opts RETVAL=$? echo [ $RETVAL = 0 ] && touch ${lockfile} return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc -p ${pidfile} -d ${STOP_TIMEOUT} $smokeping RETVAL=$? echo [ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile} } reload() { echo -n $"Reloading $prog: " if ! $smokeping $smokeping_opts --check >&/dev/null; then echo $"not reloading due to configuration syntax error" failure $"not reloading $smokeping due to configuration syntax error" else $smokeping $smokeping_opts --reload RETVAL=$? if [ $RETVAL -ne 0 ]; then failure $"smokeping reloading" fi fi echo } restart() { echo -n $"Restarting $prog: " if ! $smokeping $smokeping_opts --check >&/dev/null; then echo $"not restarting due to configuration syntax error" failure $"not restarting $smokeping due to configuration syntax error" else $smokeping $smokeping_opts --restart RETVAL=$? if [ $RETVAL -ne 0 ]; then failure $"smokeping restarting" fi fi echo } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) status -p ${pidfile} $smokeping RETVAL=$? ;; reload) reload ;; restart) restart ;; *) echo $"Usage: $prog {start|stop|restart|reload|status}" RETVAL=2 esac
- Set executable bit:
chmod +x /etc/init.d/smokeping
- Start at boot:
chkconfig --add smokeping chkconfig smokeping on
Remote fping
- Create a user account and install fping on the client:
useradd -u <uid> smokeping yum install fping
- Place the smokeping user's public key and root's public key on the client, in the
authorized_keys
file. - Test login with key.
- Add the RemoteFPing probe to the SmokePing configuration:
# Config +RemoteFPing binary = /usr/bin/ssh blazemode = true hostinterval = 1.5 #mininterval = 0.001 offset = 50% packetsize = 56 pings = 20 rbinary = /usr/sbin/fping rhost = <ip or fqdn> ruser = smokeping #sourceaddress = <ip> step = 300 timeout = 1.5 #tos = 0x20 usestdout = false #*** Slaves *** #secrets=/opt/smokeping-2.6.11/etc/smokeping_secrets.dist #+boomer #display_name=boomer #color=0000ff # #+slave2 #display_name=another #color=00ff00
- Add remote hosts:
+++ Name probe=Name host=<fqdn>
smokeping_centos6.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1