Per-Ola Mård's picture

Hello!

I have virtualized 32 TKL LAMP servers that I would like to monitor using the excellent Observium tool.

Is there anything I need to do to each LAMP before it can be found by Observium? Is there anything that needs to be prepped at the Observium server before I may add the LAMPS as devices and start to monitor each of them?

Any clues or pointers greatly appreciated!

Please advice.

Cheers,

   ///peo

Forum: 
Eric (tssgery)'s picture

Nothing needs to be prepped on the Observium end, but the snmp agent should be running on the LAMP servers (which I do not think it is by default?)

You can try adding the hosts to observium to see if snmp is enabled. If it is not, here's a slightly older thread that is probably still relevant. http://www.turnkeylinux.org/forum/support/20131018/tkl-120-file-server-i...

 

Per-Ola Mård's picture

Hello Eric, Thank you!

Doing the:

apt-get install snmpd

did the trick.

After this was run, I could do:

service snmpd status 

- Getting OK back.

and then do a walk with:

snmpwalk -v 2c -c public localhost

I will repeat this on all systems.

BTW is there a simple way to run "apt-get install snmpd" in paralell on all machines from one machine w/ having to log in, instead using a simple script that I prepare? rsh?

Cheers,

   ///peo

Eric (tssgery)'s picture

It depends

 

I know that's not what you want to hear, but there are way to run commands opn many hosts at a time but they all take an initial visit to each host by hand. You can use tools like chef, puppet, cfengine and others to enforce common configurations (same user accounts, enable snmpd on each one, etc...) but you have to set them up first. 

If you have deployed the same ssh keys for root user on each host, then you can blast out commands with something like:

for host in "host1 host2 host3 host4"; do

     ssh root@$host "apt-get install snmpd; service snmpd status"

done

 If you haven't setup ssh keys on the hosts, you'll be prompted for a password for each host (still better than typing EVERYTHING in)!

Per-Ola Mård's picture

Hi Eric,

I did a variation on your theme listed all servers in a file where each ssh command was:

ssh root@IP_OF_EACH_HOST "apt-get install snmpd; service snmpd status; 
apt-get install snmp; snmpwalk -v 2c -c public localhost"

SO now each of the servers are SNMP capable. Doing it this way I, as you stated, I had to enter the passphrase once for each server and also answer Y and yes, but still no typos got in my way. The last command of course is verifying that the SNMP is working. That was what I thought anyway. But I was wrong: it works only with "localhost".

- I can snmpwalk each host locally.

- I can add other network devices like the NetGear XSM7224S switches to the Observium host.

- But I can not smnpwalk any one of the hosts from any other host.

- Nor can I reach any of the LAMP servers from Observium as I try to add the device using the Web GUI.

Observium and snmpwalk are consistent which is good. I was thinking perhaps this is a firewall blockage, but it seems like the FW is in fact not switched on.

- How do I verify the state of the FW in the LAMP? I can manage the filter rules from the WebMin GUI, but is it on or off?

- How do I turn it off? (not needed in my lab environment)

Any other thoughts or suggestions are greatly appreceated.

Cheers,

   ///peo

 

Eric (tssgery)'s picture

I should have told you to do "apt-get install --assume-yes snmpd" which would avoid the prompted to confirm you want to install things. Sorry about that.

I don't have access to a lamp server (or other TKL image) right now but believe that iptables is ON by default. I could be wrong though.

I can try and check this out in a couple of days once I get back to my systems

Jeremy Davis's picture

So unless you have turned it on it should be off.

I tried to recreate your issue and OOTB you are right.

However, have you configured snmpd at all? Like I said on initial install it doesn't work, but I adjusted /etc/snmp/snmpd.conf and allowed instances other than localhost to connect - commented out the default agentAddress (localost only) and uncommented the other default agentAddress (which listens for connections on all interfaces). I also changed the monitoring to SNMPv2 traps (which appears to be Observiums default) although I doubt that would be required... Also it's probably a good idea to adjust the System Info too...

Oh and one other thing... You either need to add the servers to be monitored to DNS or to /etc/hosts on your Observium server. Observium needs to be able to find them via DNS (or hosts) - see here.

Per-Ola Mård's picture

Thank you for pointing this out! What you say makes alot of sense looking at the

netstat -lu

command output:

Active Internet connections (only servers)                                                
Proto Recv-Q Send-Q Local Address           Foreign Address         State                 
udp        0      0 *:12321                 *:*                                           
udp        0      0 localhost:snmp          *:*                                           
udp        0      0 *:41227                 *:*                                           

and after opening the /etc/snmp/snmpd.conf in vi and do:

<esc>15Gww10x<esc>:wq<enter>

kick the snmpd (e.g. reboot) and I get:

Active Internet connections (only servers)                                                
Proto Recv-Q Send-Q Local Address           Foreign Address         State                 
udp        0      0 *:58879                 *:*                                           
udp        0      0 *:12321                 *:*                                           
udp        0      0 *:snmp                  *:*                                           

I also got the FW out of the way on each TKL LAMP like so:

iptables -P INPUT ACCEPT
iptables –F
iptables --list

After doing this on all my puppets and listing each one of them in the DNS I was able to pick them all up and put them in the Observium basket.

All well and good. Almost. 

The Turnkey Linux machines are not giving away near as much information as for instance the physical supermicro running pfSense does. Why is that?

Is there something that needs to be done to the MIB's with respect to the virtualised TKL LAMP servers? If so where, presumably on each client?

Getting there!

Further clues or pointers greatly appreceated.

Many thanks!

Cheers,

  ///peo

Jeremy Davis's picture

This area is not an area of expertise for me at all... I only discovered all this via a bit of googling (I have Observium running at my work but it is only monitoring Win machines which I found tons of info on...).

Thanks for providing the info that you have. I think it would be great to keep looking at this and tweak as much as possible and document an ideal setup for TKL to get the best out of Observium and TKL as a client. In fact i have just lodged it as a feature request...

Per-Ola Mård's picture

there seems to be a MIB for each OS, surely starting out by using a mib for the OS used by the core TKL should work as a starting point?

I really just want to monitor the load of the TKL (CPU/MEM/STORAGE/NET) i.e. the basix stuff as is delivered by e.g. the PfSense systems MIB, or as you state the regular Windows machines.

Thank you for bringing this up and initializing a feature request!

On that note, are there any plans for a TKL Puppet Appliance in the infrastructure section any time soon? http://puppetlabs.com/ This would be very useful I think.

Many thanks for you prompt response and support on this earlier, I gues this is as far as this thread goes.

I have created a document decribing the steps taken, I would be happy share it, just let me know how/where?

Cheers,

   ///peo

Per-Ola Mård's picture

http://www.observium.org/wiki/NetSNMPd_Client_Configuration

I have not done this yet, perhaps worth a try?

Cheers,

  ///peo

Add new comment