SUSE Manager/Monitoring

From MicroFocusInternationalWiki
Jump to: navigation, search

SUSE Manager Main Page



Monitoring in SUSE Manager is implemented via quite a simple mechanism: A so-called monitoring scout will execute commands via ssh on the client and gather data from the output. So the configuration of monitoring mainly consists in allowing the server to remotely execute commands on the clients.

Server Setup

In order to setup monitoring for SUSE Manager, the following steps are required:

Log in as administrator and go to Admin/SUSE Manager configuration. Check the checkbox labeled "Monitoring". After that, SUSE Manager needs to be restarted.

Now it is advisable to also enable the monitoring scout on the server. The clients to be monitored. If you are using proxies in your installation, you can use them as monitoring scout. But for a simple setup it is required for the server to run a monitoring scout.

Again go to Admin/SUSE Manager configuration. Now click on "monitoring" and you can activate the monitoring scout. After that, the monitoring subsystem will be started.

Client configuration

Make sure the package "rhnmd" is installed on every client to be monitored. This package contains a demon called "rhnmd" which is basically a copy of the ssh demon and its configuration files (the monitoring demon by default runs on a different port than regular ssh).

Next you need to make sure the port for the rhnmd demon is open in the firewall. If you are using the default configuration, rhnmd will listen on port 4545.

Finally the public key of the user to run the monitoring commands needs to be added to the respective configuration file on the client. Please note that all the monitoring commands are run as user "nocpulse". So you need to add the public key of the monitoring scout to ~nocpulse/.ssh/authorized_keys on the client. The public key can be found on the server under Monitoring/Monitoring Scout (or in the SUSE Manager Filesystem : /var/lib/nocpulse/.ssh/

Monitoring not working on RHEL6

To make monitoring work on RHEL6 clients, two things need to be done:

Open port 4545 in the firewall: This can be achieved by adding the following line to /etc/sysconfig/iptables:

 -A INPUT -m state --state NEW -m tcp -p tcp --dport 4545 -j ACCEPT

Additionally SELinux needs to be configured so that it allows the sshd (rhnmd) access to the nocpulse identity files. Either disable SELinux altogether or simply install the package rhnmd-selinux which contains a tiny module that grants just these permissions.