Thursday, July 28, 2011

Installing Munin On CentOS

Configuring Munin On CentOS  x86_64 :

Munin is a monitoring tool for servers. It uses RRDtool to log and graph data from your servers. The plugin API is very easy to grasp. Actually, I haven’t read the API documentation yet. I just looked at the output of the plugins and it looks easy to achieve. The data can be accessed through the web.
Munin works by polling your servers for the data hence two applications, Munin and Munin Node. The former periodically gathers data (crond) and the latter serves the data to the former. Please refer to the following for our example configuration. You can make up a domain if you want Munin to group your servers similar to the live demo.
  • Munin “Munin Server” – (
  • A Munin Node – (
 In this section, we set it up on

mkdir ~/downloads
cd ~/downloads

ls ~/downloads

-Install dag repo to get dependencies:
rpm -ivh

-To install Munin server:
yum localinstall munin-1.2.5-2.el5.rf.noarch.rpm --nogpgcheck -y

-After installing above rpm list /var/www/munin. If it exists refer /etc/httpd/conf.d/munin.conf to set apache configuration.

vim /etc/httpd/conf.d/munin.conf

ScriptAlias /munin/cgi "/var/www/munin/cgi/"

#  SSLRequireSSL
   Options ExecCGI
   AllowOverride None
   Order allow,deny
   Allow from all
#  Order deny,allow
#  Deny from all
#  Allow from
   AuthName "Munin Access"
   AuthType Basic
   AuthUserFile /var/www/munin/passwd
   Require valid-user

Alias /munin "/var/www/munin/"

#  SSLRequireSSL
   Options None
   AllowOverride None
   Order allow,deny
   Allow from all
#  Order deny,allow
#  Deny from all
#  Allow from
   AuthName "Munin Access"
   AuthType Basic
   AuthUserFile /var/www/munin/passwd
   Require valid-user

-Create a user for UI authentication using following:
htpasswd -c /var/www/munin/passwd munin

- Set permission to munin user:
chown -R munin:munin /var/www/munin

-Start apache/httpd and crond service
service httpd start && service crond restart
chkconfig httpd on

-You can check if it’s working through your browser (i.e. It will prompt for user/password which we defined above with htpasswd. So put user/password accordingly to access munin UI.



- Make sure you have installed dag repo before following below steps.

cd ~/downloads

yum localinstall munin-node-1.2.5-2.el5.rf.noarch.rpm --nogpgcheck -y

-Edit Munin’s configuration on the graph ( server (/etc/munin/munin.conf) and add following.
use_node_name  yes
- Edit munin-node config file:
vim /etc/munin/munin-node.conf
  allow ^127\.0\.0\.1$

service munin-node start

chkconfig munin-node on

 -Now wait for 5minutes and check your browser with for localhost. It will show default graphs for localhost.  If you are willing to add other graphs for apache and so which is explained next while adding other host as node.


Add a Node        (i.e.

-    Make sure you have installed Dag repo and munin-node rpms, follow above steps to do so.

After installing above, edit /etc/munin/munin-node.conf on remote host (i.e.
allow ^192\.168\.1\.1$
hostname  # required only if you don’t have DNS in-place

Start  munin-node service:
service munin-node start

chkconfig munin-node on

Check log file to make sure it works fine:
tail -f /var/log/munin/munin-node.log
2011/07/28-12:00:05 CONNECT TCP Peer: "" Local: ""

If you find something unusual, resolve the dependency issue related to plug-ins which can be found at /usr/share/munin/plugins

-Now wait for five minutes and check your browser with for


Suppose this host is running httpd/apache service and we want to get graphs for it, here we go:

ln -s /usr/share/munin/plugins/apache_* /etc/munin/plugins/

It doesn’t work default by just adding apache plug-ins to path to make it work.
mod_status  module provides performance during load testing or for allowing a monitoring program like munin or mrtg to gather activity data for later aggregation. We need to configure apache to “ExtendedStatus”, let’s see how:
To make sure about mod_status “LoadModule status_module modules/” in /etc/httpd/conf/httpd.conf. And refer next.

- Edit using vi or nano /etc/httpd/conf/httpd.conf and search for server-status, you will find:

#    SetHandler server-status
#    Order deny,allow
#    Deny from all
#    Allow from

- Change it to below:
SetHandler server-status
Order deny,allow
Deny from all
Allow from localhost

One more change we may want to make is to enable the ExtendedStatus setting in apache. This setting adds more information to the status page apache returns, like CPU use and requests per second. Enabling ExtendedStatus makes apache do a little extra work when it gets a status request, so you might weigh the extra information gained against the potential performance hit to a busy server.

Many monitoring applications that record performance over time, like munin, require that ExtendedStatus be enabled before they can monitor apache.

The ExtendedStatus setting must be set at the server level and applies to all virtual hosts running under apache. To enable it edit the httpd.conf file and look for the following entry:

#ExtendedStatus On

Uncomment that last line to enable ExtendedStatus, changing the configuration block to:

ExtendedStatus On

Restart apache, now that we've made sure the apache server status page is enabled and configured the way we want it, we'll need to restart apache:

service httpd restart

Install lynx

With apache's server status page restricted to localhost-only access we won't be able to see the page from our desktop's web browser. Luckily the server status page is just a bunch of text with no graphics, letting us use a simple approach: Run a text-based web browser while logged into the slice itself.

To try this option out we'll need to install a browser on the slice first. The browser we'll use is called "lynx", and you can install it with the following command:

yum install lynx   

No configuration is necessary, but lynx is keyboard-controlled so it's handy to know a few basic keystrokes when using it. There is a list of the most frequently-used commands at the bottom of the screen while lynx is running. If you visit a site with lynx you can navigate with the up and down keys and follow a highlighted link by hitting enter. Hit "q" to quit (and hit "y" to confirm the quit). Hit "h" to access lynx's documentation.

View the status page

The URL of the apache status page will be your domain name with "/server-status" tacked onto the end. In this section we're assuming you've configured your default server instance or virtual host to accept connections from the localhost only. Tell lynx to view your apache status page with the following command:

lynx http://localhost/server-status

You will see something like the following page if you have ExtendedStatus enabled (the example server was running, but it should look similar for all recent versions of Linux and Apache). With ExtendedStatus disabled the page will look similar, but with a few lines missing.

Srv  PID      Acc     M  CPU    SS   Req Conn  Child    Slot   Client            VHost                      Request
   0-0 10742 0/209/4209  _ 39.22  393   0   0.0  636.62  5435.21 king.example.comGET /server-status?auto HTTP/1.1
   1-0 4096  0/1006/5006 _ 1.98   93    0   0.0  1.03    2424.31 king.example.comGET /server-status?auto HTTP/1.1
   2-0 4095  0/1076/5076 _ 40.79  94    0   0.0  638.28  1678.18 king.example.comGET /server-status?auto HTTP/1.1

So, if above things go fine. Let’s move to apache plug-in for Munin:
ln -s /usr/share/munin/plugins/apache_* /etc/munin/plugins/

service munin-node restart

Now, wait for five minutes and you will be able to see apache related graphs.

Friday, June 3, 2011

PNP4Nagios with CentOS

PNP4Nagios with CentOS:

PNP is an addon to Nagios which analyzes performance data provided by plugins and stores them automatically into RRD-databases


RRDtool is the OpenSource industry standard, high performance data logging and graphing system for time series data. Use it to write your custom monitoring shell scripts or create whole applications using its Perl, Python, Ruby, TCL or PHP bindings.
Our CentOS server needed a few devel libraries installed for RRDtool:

yum -y install cairo-devel glib2-devel pango-devel

Download the latest source for RRDtool

mkdir ~/downloads && cd ~/downloads
tar zxf rrdtool-1.4.3.tar.gz
cd rrdtool-1.4.3

Configure it with a few adjustments for our setup:

./configure --prefix=/usr/local/rrdtool

If everything is ok, then build and install it

make install

Zlib support for PHP -

Download the
latest version of PNP4Nagios:

cd /extra/src
zxf pnp4nagios-0.6.3.tar.gz
cd pnp4nagios-0.6.3

Configure it:

./configure \
--with-rrdtool=/usr/local/rrdtool/bin/rrdtool \
--with-httpd-conf=/usr/local/apache2/conf/extra \

Then build and install:

make all
make install

Copy the sample config files:

make install-config

Add pnp4nagios to your Apache configuration:

Install the Apache config file into /etc/httpd/conf.d/pnp4nagios.conf:

make install-webconf

Then edit /etc/httpd/conf/httpd.conf and add a line to load the PNP4Nagios conf file:

Include conf.d/pnp4nagios.conf

or can add the contents of httpd.conf to your Nagios VirtualHost directive:

Alias /pnp4nagios "/usr/local/pnp4nagios/share"

AllowOverride None
Order allow,deny
Allow from all
# Use the same value as defined in nagios.conf
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user

# Turn on URL rewriting
RewriteEngine On
Options FollowSymLinks
# Installation directory
RewriteBase /pnp4nagios/
# Protect application and system files from being viewed
RewriteRule ^(application|modules|system) - [F,L]
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Rewrite all other URLs to index.php/URL
RewriteRule .* index.php/$0 [PT,L]

- It might show error related to php-5.2, if it shows such issue add CentOS-Test repository and add following configuration as:

vi /etc/yum.repos.d/CentOS-Test-repo


name=CentOS-5 Testing





update php:

yum update php

Restart httpd service:

service httpd restart

Access the PNP4Nagios Environment Tests by going to http://localhost/pnp4nagios. If it passes all the tests, remove the install.php file:

mv /usr/local/pnp4nagios/share/install.php /usr/local/pnp4nagios/share/old.install.php

NPCD Daemon

Copy the sample NPCD config file:

cp /usr/local/pnp4nagios/etc/npcd.cfg-sample /usr/local/pnp4nagios/etc/npcd.cfg

Data Collection :
Nagios needs to be
configured to trigger the data collector by editing /usr/local/nagios/etc/nagios.cfg and editing/uncommenting some lines:


Edit /usr/local/nagios/etc/objects/commands.cfg and remove the existing process-service-perfdata and process-host-perfdatacommands. Then add the new PNP4Nagios commands for service and host performance data logging:

define command {
command_name process-service-perfdata
command_line /usr/bin/perl /usr/local/pnp4nagios/libexec/

define command {
command_name process-host-perfdata
command_line /usr/bin/perl /usr/local/pnp4nagios/libexec/ -d HOSTPERFDATA

Nagios Web Front-End Integration :
In order to easily view the graphs from your Nagios server, we can take advantage of Nagios' external URL features in extended info configs. There are two ways of doing it - regular links or Javascript pop-ups:

Regular Links
Edit /usr/local/nagios/etc/objects/templates.cfg and add:

# PNP4Nagios host/service definitions
define host {
name host-pnp
action_url /pnp4nagios/graph?host=$HOSTNAME$&srv=_HOST_
register 0

define service {
name srv-pnp
action_url /pnp4nagios/graph?host=$HOSTNAME$&srv=$SERVICEDESC$
register 0


Javascript pop-ups :
status-header.ssi to your Nagios web files:

cp /downloads/pnp4nagios-0.6.3/contrib/ssi/status-header.ssi \

Edit /usr/local/nagios/etc/objects/templates.cfg and add:

define host {
name host-pnp
action_url /pnp4nagios/graph?host=$HOSTNAME$&srv=_HOST_' class='tips' rel='/pnp4nagios/popup?host=$HOSTNAME$&srv=_HOST_
register 0

define service {
name srv-pnp
action_url /pnp4nagios/graph?host=$HOSTNAME$&srv=$SERVICEDESC$' class='tips' rel='/pnp4nagios/popup?host=$HOSTNAME$&srv=$SERVICEDESC$
register 0

To use them, add them to your host/service definitions with something similiar to:

define host{
use linux-server,host-pnp ; Name of host templates to use
; This host definition will inherit all variables that are defined
; in (or inherited by) the linux-server host template definition.
host_name localhost
alias localhost

define service{
use local-service,srv-pnp ; Name of service template to use
host_name localhost
service_description PING
check_command check_ping!100.0,20%!500.0,60%

Wednesday, June 1, 2011

SWAP Memory (Creating Swap file)

What is swap?

Swap space is an area on disk that temporarily holds a process memory image. When physical memory demand is sufficiently low, process memory images are brought back into physical memory from the swap area on disk. Having sufficient swap space enables the system to keep some physical memory free at all times.

There are three types of swap: device swap, file system swap and pseudo swap. Device swap is a separate partition allocated when the disk is configured. File system swap allows you to use the existing file system to allocate swap space. Pseudo swap is allocated from system memory on some systems.

How can I create swap on these machines?

Though we cannot create device swap, we can still create create file system swap. Steps are given below to create swap file:log-in as root and check your existing mounted partitions to create swap file using disk usage utility :

[root@shah-lp ~]# df -h

Filesystem Size Used Avail Use% Mounted on

/dev/sda1 9.9G 7.8G 1.6G 84% /

none 7.6G 0 7.6G 0% /dev/shm

/dev/sdb1 414G 32G 362G 8% /share

As we can see above /dev/sdb1 is mounted at /share and it got enough space to create swap file.

Assume my machine got 4GB physical RAM & 2GB of SWAP. Now we are looking to increase it to 8GB, 6GB more. follow below steps:

[root@shah-lp ~]# dd if=/dev/zero of=/share/swapfile bs=1G count=5

5+0 records in

5+0 records out

5368709120 bytes (5.4 GB) copied, 64.3235 seconds, 83.5 MB/s

[root@shah-lp ~]# mkswap /share/swapfile

[root@shah-lp ~]# swapon /share/swapfile

[root@shah-lp ~]# echo " /share/swapfile swap swap defaults 0 0" >> /etc/fstab

[root@shah-lp ~]# mount -a

To confirm run :

[root@shah-lp ~]# free -m

total used free shared buffers cached

Mem: 15367 11428 3938 0 53 10378

-/+ buffers/cache: 996 14370

Swap: 23551 0 23551

[root@shah-lp ~]# swapon -s

total used free shared buffers cached

Mem: 15367 11428 3938 0 53 10378

-/+ buffers/cache: 996 14370

Swap: 23551 0 23551

Thursday, April 14, 2011

Pre-Commit Hook Script for Subversion


use strict;
# config section
my $minchars = 4;
my $svnlook = '/usr/bin/svnlook';

my $repos = $ARGV[0];
my $txn = $ARGV[1];
my @comment = `$svnlook log -t "$txn" "$repos"`;
my @reviewer = ();
my @unit = ();
my @tp = ();
my @reviewer1 = ();
my @unit1 = ();
my @tp1 = ();

foreach my $line (@comment)
@reviewer1=split(':', $line) if ($line =~/Reviewer/i);
@reviewer=split(/\s+/, $reviewer1[1]);
@unit1=split(':', $line) if ($line =~/Unit/i);
@unit=split(/\s+/, $unit1[1]);
@tp1=split(':', $line) if ($line =~/TP/i);
@tp=split(/\s+/, $tp1[1]);

if ( length($comment[0]) == 0 ) {
print STDERR "A comment is required!";
if ( $#reviewer == 0 ) {
print STDERR "A code reviewer is required! e.g. Code reviewer: some text";
if(!($reviewer[1] =~ /\w/i))
print STDERR "A code reviewer name is required! e.g. Code reviewer: some text";
print $unit[0];
if ( $#unit == 0 ) {
print STDERR "A Unit Test is required! e.g. Unit Test: N/A";
if(!($unit[1] =~ /\w/i))
print STDERR "A unit test value is required! e.g. Unit Test: N/A";
if ( $#tp == 0 ) {
print STDERR "A Nature of TP is required! e.g. Nature of change (TP#): some text ";
if(!($tp[1] =~ /\w/i))
print STDERR "A nature of tp value is required! e.g. Nature of change (TP#): some text";

Friday, March 25, 2011

Configuring SAMBA on CentOS/RHEL

Configuring Samba on CentOS/RHEL to share data with Windows

suppose we want to share one directory with multiple users e.g. shah and king.

# groupadd share

# useradd -G share shah
# useradd -G share king

# mkdir /data

# chgrp share /data

# chmod g+rwx,o-rwx /data

Now if you are looking to enable group in-inheritance on directory:

# chmod g+s /data

If you want to enable sticky bit to keep data secure from other member of group or you do not want other members to delete sub-content of directory:

# chmod o+s /data

Now, install following rpms using Yum:

# yum install samba samba-client samba-common -y

Edit samba config file:

# vim /etc/samba/smb.conf

Put following content:

comment = Share Group's Stuff
path = /data
valid user= shah , king
public = yes
writable = yes
printable = no
write list = +staff

Details of Config:

[share] - #share name to be visible on windows
comment - #User prompt message for windows
valid user - #User name which you want to use for access
path - #Path of dir which you are looking to share
public - #share should be visible to other users
writable - #User should allowed to write from windows or smb shell
printable - #It is a share not printer
write list - #list of users or group who is allowed to write on share

Search for "hosts allow" in smb.conf to define hosts access :

hosts allow = 127. 192.168.12. 192.168.13.

Save and close the file. And define samba user's passwords:

# smbpasswd -a shah

# smbpasswd -a king

Start samba service:

# service smb start

Enable samba service at boot-up:

# chkconfig smb on

To verify shared dir or config:

# testparm

Now access share on windows:

Windows--> run --> \\

It will prompt for the user/password. Enter ;) and have fun.

Friday, January 14, 2011

Apache and Subversion authentication with Microsoft Active Directory

Apache and Subversion authentication with Microsoft Active Directory on CentOS:

1) Create an user account on AD as ldapbind under Users OU

2) On CentOS Box, Install following packages:

# yum install httpd subversion openldap openssl mod_dav_svn mod_authz_svn mod_ssl

3) Create a repo:

# svnadmin create /svn/repo1

4) Edit /etc/httpd/conf.d/subversion.conf file with following parameters:

# vim /etc/httpd/conf.d/subversion.conf

<(Location /svn)>
DAV svn
SVNParentPath /svn
AuthBasicProvider ldap
AuthType Basic
AuthzLDAPAuthoritative off
AuthName "My Subversion Server"
AuthLDAPURL "ldap://,DC=com?sAMAccountName?sub?(objectClass=*)"
AuthLDAPBindDN ""
AuthLDAPBindPassword "password"
require valid-user
Order allow,deny
AllowOverride None
Allow from all
< / L o c a t i o n >

5) Edit /etc/openldap/ldap.conf :


6) Restart httpd service and try to access on UI:

# service httpd start
# chkconfig httpd on

7) Access on UI:

Wednesday, December 29, 2010

NDOUtils installation on CentOS for Nagios

NDOUtils installation on CentOS

NDOUtils Requirements

  • GCC-C++
  • MySQL
  • MySQL-Devel
  • MySQL-Server

Installing MySQL

# yum -y install mysql mysql-devel mysql-server gcc-c++

# /etc/init.d/mysqld start

# chkconfig --add mysqld

-> make sure it's running

# ps -ef | grep mysql

-> Creating MySQL DB

mysql -u root

(no password

#Now, inside MySQL shell

mysql>create database nagios;

Query OK, 1 row affected (0.00 sec)

mysql>show databases;


| Database |


| database |

| mysql |

| nagios |

| test |


4 rows in set (0.01 sec)


Create a username/password that has at least the following privileges for the database: SELECT, INSERT, UPDATE, DELETE"

mysql> GRANT ALL ON nagios.* TO nagios@localhost IDENTIFIED BY "example";

Query OK, 0 rows affected (0.00 sec)


Query OK, 0 rows affected (0.00 sec)

mysql> quit

-> NDOUtils Install

Download and untar

# cd /usr/local/nagios/var/

# wget

# tar zxfv ndoutils-1.4b9.tar.gz

-> Compiling

# cd ndoutils-1.4b9

# ./configure

# make

Look through config.log for problems.

# less config.log

(If problems, run "make clean" to blow away bad binaries)

-> Copying Binaries


There are two different versions of the NDOMOD module that get compiled, so make sure you use the module that matches the version of Nagios you are running, and adjust the directions given below to fit the name of the module version you're using.

ndomod-2x.o = NDOMOD module for Nagios 2.x ndomod-3x.o = NDOMOD module for Nagios 3.x (unstable)

In our CentOS example, we use the stable 2.x version

# /usr/local/nagios/var/ndoutils-1.4b9/src/ndomod-2x.o

Copy the compiled NDOMOD module to your Nagios installation:

# cp /usr/local/nagios/var/ndoutils-1.4b9/src/ndomod-3x.o /usr/local/nagios/bin/ndomod.o


There are two different versions of the NDO2DB daemon that get compiled, so make sure you use the daemon that matches the version of Nagios you are running, and adjust the directions given below to fit the name of the daemon you're using.

ndo2db-2x.o = NDO2DB daemon for Nagios 2.x ndo2db-3x.o = NDO2DB daemon for Nagios 3.x (unstable)

Copy the compiled NDO2DB daemon to your Nagios installation:

# cp /usr/local/nagios/var/ndoutils-1.4b9/src/ndo2db-2x /usr/local/nagios/bin/ndo2db

-> Creating NDO database

It's time now to create the NDO MySql database Run the DB installation script in the /tmp/ndoutils-1.4b9/db/ subdirectory of the NDO distribution to create the necessary tables in the database.

(-u = user; -p = password; -h = name of computer; -d = MySQL DB)

# cd /usr/local/nagios/var/ndoutils-1.4b9/db

# ./installdb -u nagios -p password -h localhost -d nagios

DBD::mysql::db do failed: Table 'nagios.nagios_dbversion' doesn't exist at ./installdb line 51.

** Creating tables for version 1.4b9

Using mysql.sql for installation...

** Updating table nagios_dbversion


We'll need to later make sure that the database name, prefix, and username/password we created and setup match the variable specified in our NDO2DB config file (which will ultimately live in /etc/nagios/)

CFG File Changes for CentOS-MySQL Environment


# cp //usr/local/nagios/var/ndoutils-1.4b9/config/ndo2db.cfg /usr/local/nagios/etc/

->in ndo2db.cfg


# This option determines what type of socket the daemon will create

# an accept connections from.

# Value:

# unix = Unix domain socket (default)

# tcp = TCP socket



. . .


# This option determines the name and path of the UNIX domain

# socket that the daemon will create and accept connections from.

# This option is only valid if the socket type specified above

# is "unix".



. . .


# This is the username/password that will be used to authenticate to the DB.

# The user needs at least SELECT, INSERT, UPDATE, and DELETE privileges on

# the database.






Copy the sample NDOMOD config file to your Nagios installation

Note: this config is not ready yet; we will need to modify it later to our environment.

# cp //usr/local/nagios/var/ndoutils-1.4b9/config/ndomod.cfg /usr/local/nagios/etc/

Add a line similiar to the following to the *main* Nagios config file (usually /usr/local/nagios/etc/nagios.cfg):

nagios.cfg file (all one one line, this cfg_file!=confg_file variable)

broker_module=/usr/local/nagios/bin/ndomod.o config_file=/usr/local/nagios/etc/ndomod.cfg

The config directive above will cause Nagios to load the NDOMOD event broker the next time it starts. Of course, this requres that you compiled Nagios with support for the event broker in the first place, which is not a problem if we installed via package (via RPMforge repository).

Make sure you have a line similar to the following in the *main* Nagios config file (usually /usr/local/nagios/etc/nagios.cfg):


That directive will cause the Nagios daemon to send data to the NDOMOD module. Without that option, NDOMOD won't get any information. Finaly make sure that output parameter in ndomod.cfg is set up to


It's very important that output parameter has exactly the same value as socket_name parameter in ndo2db.cfg file. If not, you will get this message when starting nagios daemon.

[1192222122] ndomod: Error writing to data sink! Some output may get lost...

Start NDO2DB daemon

# /usr/local/nagios/bin/ndo2db -c /usr/local/Nagios/etc/nagios/ndo2db.cfg

[root@localhost nagios]# ps -ef | grep ndo2db

nagios 26516 1 0 19:36 ? 00:00:00 ndo2db -c /etc/nagios/ndo2db.cfg

root 26536 26460 0 19:40 pts/0 00:00:00 grep ndo

[root@localhost nagios]#

restart Nagios

# /etc/init.d/nagios restart

Proof it's working:

# tail /var/log/nagios/nagios.log

[1192222138] ndomod: Successfully reconnected to data sink! 0 items lost, 68 queued items to flush.

[1192222138] ndomod: Successfully flushed 68 queued items to data sink.