Vous êtes ici : Accueil / Debian GNU/Linux / Applications Web / Supervision / Installer Monit sur Debian

Installer Monit sur Debian

Par Pierre-Yves Landuré Dernière modification 06/02/2013 17:48

Monit est un outil de supervision ayant la particularité de pouvoir redémarrer les services rencontrant des problèmes. Cette approche est particulièrement intéressante pour les démons rencontrant des crashs réguliers.

Ce guide est testé sur:

  • Debian 6.0 Squeeze

Prérequis

Ce guide nécessite :

Paramètres

Renseignez l'adresse e-mail notifiée en cas de problème:

ALERT_EMAIL="root@localhost"

Renseignez le nom de domaine où sera disponible l'application:

DOMAIN="monit.domain.com"

Renseignez le nom du certificat SSL à utiliser (créé via la procédure Créer un certificat SSL / TLS sur Debian) (optionnel, recommandé):

SSL_KEY_NAME="${DOMAIN}"

Installation

Préparation de l'environnement

Installez les logiciels:

command apt-get install monit apg

Configuration

Configurez le délai entre deux vérifications (ici, 2 minutes):

echo "# Delay in seconds between 2 polls:
set daemon 120" \
  > '/etc/monit/conf.d/000-base-configuration'

Configurez l'adresse email notifiée en cas de problème:

command echo "# Email notified when a service has errors.
set mailserver localhost
set alert ${ALERT_EMAIL}" \
> '/etc/monit/conf.d/000-alert-email'

Activez la journalisation des messages de monit par syslog:

command echo "# Log monit message to /var/log/syslog
set logfile syslog facility log_daemon" \
> '/etc/monit/conf.d/000-logging'

Déterminez un mot de passe aléatoire pour l'accès à l'interface Web du logiciel:

ADMIN_PASSWORD="$(command apg -m 16 -x 32 -n 1 -a 1 -M NCLS -E "\'\!$" )"

Configurez l'accès à l'interface Web affichant les statuts du logiciel:

command echo "# Enable HTTP status page.
set httpd port 2812 and
use address localhost # only accept connection from localhost
allow localhost # allow localhost to connect to the server and
allow admin:${ADMIN_PASSWORD}" \
> '/etc/monit/conf.d/000-http-status-page'

Activez le démon:

command sed -i \
-e 's/^startup=.*/startup=1/' \
'/etc/default/monit'

Démarrez le démon:

/etc/init.d/monit start

Configurez Apache pour afficher les données du logiciel sur le domaine choisi:

if [ -n "${SSL_KEY_NAME}" -a -e "/etc/ssl/private/${SSL_KEY_NAME}.key" ]; then
  command a2tools --template=reverse-proxy --ssl="${SSL_KEY_NAME}" "${DOMAIN}" "http://localhost:2812/"
  command a2tools --template=redirect "${DOMAIN}" "https://${DOMAIN}/"
else
  command a2tools --template=reverse-proxy "${DOMAIN}" "http://localhost:2812/"
fi

Utilisez ces informations pour vous connecter à l'interface Web de l'outil:

echo "URL: http://${DOMAIN}/
Login: admin
Password: ${ADMIN_PASSWORD}"

Surveillance des services

Système

Configurez la surveillance des ressources du système:

echo "# Check general system resources such as load average, cpu and memory
# usage. Each test specifies a resource, conditions and the action to be
# performed should a test fail.
check system $(command hostname --fqdn)
group base
if loadavg (1min) > 4 then alert
if loadavg (5min) > 2 then alert
if memory usage > 75% then alert
if cpu usage (user) > 70% then alert
if cpu usage (system) > 30% then alert
if cpu usage (wait) > 20% then alert" \
> '/etc/monit/conf.d/system'

Redémarrez le démon:

/etc/init.d/monit restart

Espace disque

Créez le fichier de configuration de la surveillance de l'espace disque:

echo '# Free disk space monitoring.

# root (/) file system.
check filesystem rootfs
with path /
group system
if space usage > 85% then alert' \
> '/etc/monit/conf.d/disks'

Ajoutez les partitions montées à la surveillance:

command mount \
  | command grep '^/dev' \
| command grep -v ' / ' \
| command grep -v 'swap' \ | command cut --delimiter=' ' --field=3 \
| while read FILE; do
command echo "
# ${FILE} filesystem.
check filesystem $(echo "${FILE}" | command sed -e 's|^/||')
with path ${FILE}
group system
if space usage > 95% then alert" \
>> '/etc/monit/conf.d/disks'
done

Redémarrez le démon:

/etc/init.d/monit restart

SSH

Configuration la surveillance du serveur SSH:

if [ -e '/etc/init.d/ssh' ]; then
SSH_PORT=$(command grep '^Port' '/etc/ssh/sshd_config' \
| command sed -e 's/^Port[\t ]*//g')
command echo "# SSH server monitoring check process sshd with pidfile /var/run/sshd.pid group base start program \"/etc/init.d/ssh start\" stop program \"/etc/init.d/ssh stop\" if failed host 127.0.0.1 port ${SSH_PORT} protocol ssh then restart if 5 restarts within 5 cycles then timeout" \
> '/etc/monit/conf.d/ssh'
fi

Redémarrez le démon:

/etc/init.d/monit restart

Apache 2

Configurez la surveillance d'Apache 2:

if [ -e '/etc/init.d/apache2' ]; then
command echo '# Apache 2 server monitoring check process apache2 with pidfile /var/run/apache2.pid group httpd start program = "/etc/init.d/apache2 start" with timeout 60 seconds stop program = "/etc/init.d/apache2 stop" if 3 restarts within 5 cycles then timeout if cpu is greater than 60% for 2 cycles then alert if cpu > 80% for 5 cycles then restart if children > 250 then restart
if loadavg(5min) greater than 10 for 8 cycles then stop
if failed host 127.0.0.1 port 80
protocol http
then restart' \
> '/etc/monit/conf.d/apache2'
fi

Redémarrez le démon:

/etc/init.d/monit restart

MySQL

Configurez la surveillance de MySQL:

if [ -e '/etc/init.d/mysql' ]; then
command echo '# MySQL server monitoring check process mysqld with pidfile /var/run/mysqld/mysqld.pid group database start program = "/etc/init.d/mysql start" stop program = "/etc/init.d/mysql stop" if failed host 127.0.0.1 port 3306 then restart if 5 restarts within 5 cycles then timeout' \
> '/etc/monit/conf.d/mysql'
fi

Redémarrez le démon:

/etc/init.d/monit restart

Exim 4

Configurez la surveillance d'Exim 4:

if [ -e '/etc/init.d/exim4' ]; then
 command echo '# Exim 4 server monitoring
check process exim4 with pidfile /var/run/exim4/exim.pid
group mail
start program = "/etc/init.d/exim4 start"
stop  program = "/etc/init.d/exim4 stop"
if failed port 25 protocol smtp then restart
if 5 restarts within 5 cycles then timeout'
  > '/etc/monit/conf.d/exim4'
fi

Redémarrez le démon:

/etc/init.d/monit restart

vsFTPd

Configurez la surveillance de vsFTPd:

if [ -e '/etc/init.d/vsftpd' ]; then
  command echo '# vsFTPd server monitoring
check process vsftpd with pidfile /var/run/vsftpd/vsftpd.pid
  group ftp
  start program = "/etc/init.d/vsftpd start"
  stop program  = "/etc/init.d/vsftpd stop"
  if failed port 21 protocol ftp then restart
  if 5 restarts within 5 cycles then timeout' \
> '/etc/monit/conf.d/vsftpd'
fi

Redémarrez le démon:

/etc/init.d/monit restart

rTorrent

Configurez la surveillance de rTorrent (fonctionnelle uniquement avec le port SCGI actif):

if [ -e '/etc/init.d/rtorrent' ]; then
SCGI_PORT="$(command grep '^scgi_port' '/etc/rtorrent.rc' \
| command cut --delimiter=: --fields=2)"
if [ -n "${SCGI_PORT}" ]; then
  command echo "# rTorrent daemon monitoring check process rtorrent with pidfile /var/run/rtorrent.pid group various start program = \"/etc/init.d/rtorrent start\" with timeout 60 seconds stop program = \"/etc/init.d/rtorrent stop\" if failed port ${SCGI_PORT} then restart if 5 restarts within 5 cycles then timeout" \
> '/etc/monit/conf.d/rtorrent'
fi
fi

Redémarrez le démon:

/etc/init.d/monit restart

Remerciements