Rational Configuration Design John Murphy To Prevent Irrational Problem Solving.
Nagios Conference 2012 - John Murphy - Rational Configuration Design
-
Upload
nagios -
Category
Technology
-
view
912 -
download
2
description
Transcript of Nagios Conference 2012 - John Murphy - Rational Configuration Design
![Page 1: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/1.jpg)
Rational Configuration Design
John Murphy
To Prevent Irrational Problem Solving
![Page 2: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/2.jpg)
Introduction
Contacts
Hosts
Services
2012 2
Parents and dependencies
Managing exceptions
Automation
Basic Advanced
![Page 3: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/3.jpg)
Our Scenario
2012 3
![Page 4: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/4.jpg)
Contacts
![Page 5: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/5.jpg)
Contacts
Contact address for support.
Email, SMS, Ticketing, etc.
2012 5
Login account for an actual user.
No contact information.
Contact User
![Page 6: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/6.jpg)
Contacts
define contact { contact_name cu-contact contactgroups cg-main email [email protected] use contact-user } define contactgroup { contactgroup_name cg-main alias Kmart Contact contactgroup_members vg-team }
2012 6
define contact { name contact-
user host_notifications_enabled 1 service_notifications_enabled 1 host_notification_period 24x7 service_notification_period 24x7 host_notification_options d,u service_notification_options c host_notification_commands notify-h-
email service_notification_commands notify-s-email register 0 }
Contact Definition
![Page 7: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/7.jpg)
Contacts
define contact { contact_name vu-jsmurphy contactgroups vg-team use read-contact } define contactgroup { contactgroup_name vg-team alias Kmart Team }
define contactgroup { contactgroup_name cg-main alias Kmart Contact contactgroup_members vg-team }
2012 7
define contact { name read-
contact host_notifications_enabled 0 service_notifications_enabled 0 host_notification_period none service_notification_period none host_notification_options n service_notification_options n host_notification_commands
check_none service_notification_commands check_none register 0 }
User Definition
![Page 8: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/8.jpg)
Contacts
ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"<Directory "/usr/local/nagios/sbin"> SetEnv TZ "Australia/Melbourne" Options ExecCGI AllowOverride None Order allow,deny Allow from all AuthName "Nagios Core" AuthType Basic # AuthUserFile /usr/local/nagios/etc/htpasswd.users # Require valid-user
AuthBasicProvider ldap AuthName “Nagios server" AuthzLDAPAuthoritative off AuthLDAPBindDN "CN=bindAccount,OU=User,DC=domain,DC=com" AuthLDAPBindPassword xxxxxxxxx AuthLDAPURL ldaps://domain.com/OU=User,DC=Domain,DC=com?sAMAccountName?sub?(objectClass=user) AuthLDAPGroupAttribute member AuthLDAPGroupAttributeIsDN on Require ldap-group CN=NagiosAccessGroup,OU=Groups,DC=domain,DC=com</Directory>
2012 8
LDAP/AD For Nagios Core
![Page 9: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/9.jpg)
Contacts Summary
Distinguish between your users and your contacts.
Use an existing authentication source for your user logins.
Consider the end-user experience… try to ensure it’s easy to get the information they need.
2012 9
![Page 10: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/10.jpg)
Hosts
![Page 11: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/11.jpg)
Hosts
Focus on minimizing host configuration to make automation easier.
Use templates to assign user view information.
Create host groups based on shared monitoring profiles.
2012 11
![Page 12: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/12.jpg)
Hosts
define host { host_name exchange01 use srv-template alias Exchange server address exchange01 parents switch001,switch002 hostgroups srv-exchange, srv-windows icon_image exchange.png register 1 }
define hostgroup { hostgroup_name srv-windows alias Windows group }
2012 12
define host { name srv-template alias Server host template check_command check_icmp!250.0,60%!
500.0,80% max_check_attempts 3 check_interval 10 retry_interval 2 check_period 24x7 contact_groups cg-main notification_interval 60 notification_period 24x7 notification_options d,f notifications_enabled 1 register 0}
Host Definitions
![Page 13: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/13.jpg)
Hosts Summary
Minimize configuration in host objects to make automation easier.
Hostnames allow for easier maintenance than IP addresses.
Create logical host-groupings that will make service assignment easier e.g. OS type, Location, Applications it serves.
2012 13
![Page 14: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/14.jpg)
Services
![Page 15: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/15.jpg)
Services
Keep services as generic as possible to prevent the need for duplicate services.
Minimizing service templates allows for easier management and baseline changes.
Use service groups for applications.
2012 15
![Page 16: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/16.jpg)
Services
define service { service_description Windows C: usage use main-service-template hostgroup_name srv-windows,srv-v-
windows check_command
check_nt!USEDDISKSPACE!-w 80 -c 90 contact_groups cg-main,cg-main-SMS register 1 }
2012 16
define service { name main-service-template service_description main service template max_check_attempts 3 check_interval 10 retry_interval 2 check_period 24x7 notification_interval 60 notification_period 24x7 notification_options c register 0}
Service Definitions
![Page 17: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/17.jpg)
The puzzle completed
2012 17
![Page 18: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/18.jpg)
Services Summary
Strike a balance between your service-templates and your service definitions.
Service groups are a very useful feature when used appropriately, used inappropriately they are an administrative burden.
Device life-cycle happens, ensure your configuration isn’t burdened by over-complexity.
2012 18
![Page 19: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/19.jpg)
Advanced
![Page 20: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/20.jpg)
Good Parenting (or how to not get woken up 20 times at ~3am)
Use host parenting.
Use host parenting.
Use host parenting.
2012 20
Parent indirectly monitored services with service dependencies.
Parenting Service Dependencies
![Page 21: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/21.jpg)
Indirect Services
2012 21
…And the art of dependenciesA typical ESX monitoring setup…
Q. But what happens when the vSphere server fails?
![Page 22: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/22.jpg)
Indirect Services
2012 22
…And the art of dependenciesA. Something like this
![Page 23: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/23.jpg)
Indirect Services
define service { host_name vSphereServer service_description Ping dependency use main-service-template check_command check_ping!100,80%!200,90% register 1}
define service { service_description CPU Usage use main-service-template hostgroup_name srv-v-windows check_command check_esx!CPU contact_groups cg-main register 1}
2012 23
define servicedependency { dependent_hostgroup_name srv-v-windows dependent_service_description CPU Usage host_name vSphereServer service_description Ping
dependency inherits_parent 1 execution_failure_criteria w,u,c,p notification_failure_criteria w,u,c dependency_period 24x7}
…And the art of dependencies
![Page 24: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/24.jpg)
Managing Exceptions
Clearly label exceptions in your config.
Make sure you can use the same solution again if necessary.
2012 24
Image by Mike Bade: http://robotseatingpies.blogspot.com.au/2011/06/robots-dont-have-feelings_16.html
![Page 25: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/25.jpg)
Automation (or intrapreneurship ideas for the lazy)
Every piece of infrastructure is a potential data source… make use of it!
AD/LDAP Servers.
Virtual infrastructure API’s.
Patching systems.
Asset databases.
Network management platforms.
Network LLDP/CDP tables.
SNMP enabled servers.
Help I’m running out of space!
2012 25
![Page 26: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/26.jpg)
Q&A
![Page 27: Nagios Conference 2012 - John Murphy - Rational Configuration Design](https://reader035.fdocuments.us/reader035/viewer/2022081513/556315fbd8b42a5b498b4ea2/html5/thumbnails/27.jpg)
Thanks For Listening!