Linux (commonly pronounced LIH-N?ks in English; variants exist) is a Unix-like computer operating system. Linux is one of the most prominent examples of free software and open source development: typically all underlying source code can be freely modified, used, and redistributed by anyone.

Tags | |

Installing NRPE (Nagios Client) on CentOS 5

What is Nagios?



from nagios.org/about
Get proactive. Save time, money, and your sanity. Nagios is the industry standard in enterprise-class monitoring for good reason. It allows you to gain insight into your network and fix problems before customers know they even exist.

Basically Nagios is a Opensource network monitoring application that will allow you to monitor computers, servers, printers and switches from a web based administrative console.

Below I am going to list two ways to do this, one method is by adding a new repo, the other is by manually installing it from the nagios website.

Installing NRPE (Nagios Client) on CentOS 5 VIA repo



CentOS and Redhat do not natively support nagios in the default package manager repository (yum), so we need to get it from DAG.

First lets add DAG to our YUM configuration, DAG lists the different repositories for the different distros on http://dag.wieers.com/rpm/FAQ.php, so for a centos 5 64bit system I would use:

rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm



You can now install using:
sudo yum install nagios-nrpe-2.5.2-1.el5.rf.x86_64.rpm


If you installed via yum, skip down to the section on Check and configure NRPE.

Installing NRPE (Nagios Client) on CentOS 5 source



Grab the current NRPE installer from the nagios website http://www.nagios.org/download/addons/

In my case we are going to assume that I am getting nrpe-2.12.tar.gz

$ wget http://prdownloads.sourceforge.net/sourceforge/nagios/nrpe-2.12.tar.gz


Now we need to unpack that:

$ tar -xf nrpe-2.12.tar.gz


This will create a new directory for nrpe-2.12, go into that directory and we will compile the source.

./compile


This will start by outputting a series of checks, if it runs into any errors it will spit them out. In my case I was missing the SSL headers, so I will install them via yum.

# yum install openssl-devel


By default CentOS does not come with xinetd, so we need to grab that from YUM.

# yum install xinetd


Now we can complete the install:

# ./compile
# make all
# make install-plugin
# make install-daemon
# make install-daemon-config
# make install-xinetd
# cp src/nrpe /usr/local/nagios/libexec/
# cp src/check_nrpe /usr/local/nagios/libexec/


In the summary you'll see that nagios assumes that you will be running NRPE under the user "nagios", so lets add that user and group.

# /usr/sbin/adduser nagios
# /usr/sbin/groupadd nagios
# passwd nagios


The last command will set a password for the account, as always you should set a good password for this account.

Now we need to install the plug-ins so we will grab them from Nagios as well on the download page

# wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.14.tar.gz
# tar -xf nagios-plugins-1.4.14.tar.gz
# cd nagios-plugins-1.4.14
# ./configure -prefix=/usr/local/nagios
# make
# make install


Now in the configuration find and update the allowed hosts line to be the IP of your nagios server(s)

# vi /usr/local/nagios/etc/nrpe.cfg
....
allowed_hosts=192.168.10.186


If your server has more than one NIC you may also want to update the line "server_address" as well to reflect the interface you want the NRPE to work on.

Now we need to update the xinetd file to listed for our server:

# vi /etc/xinetd.d/nrpe
...
only_from = 127.0.0.1
CHANGE TO
only_from = 192.168.10.186


Last, we need to append the following line to /etc/services:

# vi /etc/services
....
nrpe 5666/tcp



Check and configure your NRPE client



First, and most important, if you are running iptables or a firewall between the server and host, make sure that the host is allowing port 5666 from the server's IP address.

Here is an example for the iptables entry:

iptables -I RH-Firewall-1-INPUT -p tcp -m tcp –dport 5666 -j ACCEPT


Last, lets set those permissions correctly:

# chown nagios.nagios /usr/local/nagios
# chown -R nagios.nagios /usr/local/nagios/libexec


Next lets start xinetd:

# /sbin/service xinetd restart


Lets check if NRPE is listening:

netstat -at | grep nrpe
....
tcp 0 0 *:nrpe *:* LISTEN


Now you should be able to add the host as normal to your nagios server config files.

Trouble shooting


One error that you may get when testing your NRPE connection on the remote host is:
CHECK_NRPE: Error - Could not complete SSL handshake.

This is due to one of two things, one, you didn't compile with SSL support, you can test this by trying the same command but adding the -n switch like this:

/usr/local/nagios/libexec/check_nrpe -n -H localhost


If that gives you an error that says:
CHECK_NRPE: Error receiving data from daemon.
This is because your config files only allow one server to talk to it.

First check that NRPE is listening:
netstat -ant|grep 5666

That should return 1 line that shows it as listening, if not you may want to double check the steps above.

Next check your config file(s)
# vi /usr/local/nagios/etc/nrpe.cfg
....
server_address=xxx.xxx.xxx.xxx
....
allowed_hosts=xxx.xxx.xxx.xxx

Make sure that the xxx is the ip address of your nagios server, not the ip address of your local host OR 127.0.0.1

Also double check /etc/xinetd.d/nrpe:
# vi /etc/xinetd.d/nrpe
...
only_from = xxx.xxx.xxx.xxx

That should be the same address as the one you used above.

At this point restart xinetd nrpe on the remote host then on the Nagios server run:
# /usr/local/nagios/libexec/check_nrpe -n -H xxx.xxx.xxx.xxx-p 5666


This time where xxx is the IP address of your remote host, you should get back the nagios version.




Comments

Feel free to leave a comment or question

Name: (Optional but appreciated):

Comment:

Use [code] [/code] for code block style



Security Code: