Nagios capability questions

[tjyang]

Hi,

I called nagios sales and got directed to here since pre-sales folks are in Italy.
I need to find out capability of Nagios core/XI like followings,

1. Nagios Server High Availability support ?
So that there is no single point of failure in monitoring infrastructure that across WAN and global network.
To be specific, I am hoping to see the central nagios server located in Florida can failover the role to a backup nagios server in California.

2. Nagios client message caching support ?
Needed when WAN connection is broken for hours/days, client still can send in the old metrics information when network outage is recovered.

3. LDAP authentication support ?
So that we can hookup with our existing corporate LDAP server.
Looks like currently there is no LDAP authentication implemented currently according to the other post on this forum.
Ref: http://go.nagios.com/forum/24

4. Centralize configuration update support ?
so we don't need to login into thousands of machines to modify the client configuration.

5. Auto client binary and modules update from server side ?
same here, no need to login into each machine to update the client executable and extra modules.


Thanks for your time to answer these questions.


tj

[tonyyarusso]

1. Yes, although it's not a plug-and-play operation. The procedures for XI will be the same as Core, with some documentation to get you started at the URLs below:
http://nagios.sourceforge.net/docs/3_0/redundancy.html
http://nagios.sourceforge.net/download/ ... sHA_EN.pdf
http://www.iadis.net/dl/final_uploads/200504E006.pdf

2. Nagios sends out messages by e-mail, so everything will sit in the mail spool until it can be successfully sent. You'll just need to make sure the mail server is configured for the number of tries / duration you need, outside of Nagios itself.

3. Not yet, no, although it's an active area of interest.

4. Sort of. It is possible to maintain your configuration in the Core flat-file format, push those out, and have XI read those, although this sacrifices many of the nice features of XI. It may also be possible to insert settings directly into the database, although I doubt that's documented / learnable at all. Either way, this is another area we're looking to improve, possibly through a RESTful interface of some sort.

5. Not at this time.

[mmestnik]

3. For statistical information the current method uses a single push with no retry. However this is meant to be modular and it would be trivial to fall back to sending emails or using email as the primary transport. I recommend using email as an RPC in this manner because it's resilient to long outages and has all the logic to handle detection and recovery from an outage smoothly. Thus all your check information and graph data can be protected from such outages.

One thing to note is that as email does not preserver message order and the graphing tool(rdp) AFAIK can't handle unordered inserts. You would need to stamp each email with a sequence number and have a server on the pushing host to fetch missing segments. Should also be trivial to implement.

4&5. I'd unofficially recommend using Puppet for this task. Puppet is the last back-door you will ever need, it will solve all your I must configure this"A" on this"B" particular subset of these thousands of machines"C" or hey perhaps on all of them.

Though setting up an agent(these run on the thousands of machines) install remotely via a wizard is something we have interest in. The agent installs are currently static, though I could see we may upgrade these in the future. With any luck the horse will come b4 the cart and there will be a Wizard that could perform this upgrade.

[tjyang]

Thanks goes to Tony and mmestnik for the quick reply.

hmm, it is to my surprise to learn that naios clients and servers communicate via smtp port 25 to send in metrics messages.
Is there a more detail architecture diagram or text doc that I can read ?


tj

[mmestnik]

Not smtp by default, there is a specific client and server(NSCA).
http://nagios.sourceforge.net/docs/3_0/distributed.html
http://nagios.sourceforge.net/docs/3_0/redundancy.html

http://nagios.sourceforge.net/docs/3_0/toc.html

[tonyyarusso]

I misunderstood what you were asking about for the message sending - I was thinking about the server sending notifications rather than clients sending check results. Mike's answer is right on that.

[tjyang]

>3. For statistical information the current method uses a single push with no retry.

According to above statement, nagios client only try to send in the message once without 2nd retry.
So nagios client doesn't store metric(statistical) message (information) when nagios server is not reachable.
One suggestion to the diagram, can TCP/IP port number information to be added somewhere in those picture diagrams ?

Again thanks for clarification. I am happy with quick response.


tj yang

[mmestnik]

There is no default setup, you setup and configure NSCA or instead you can setup and configure sendmail/procmail.
As indicated the interfaces are better then modular. On one Nagios server you configure to run a command of your choosing with parameters you define after every service check. Then on another Nagios server you have some daemon or application send commands/messages to Nagios via a vary standard IPC. It's just a fifo, you can "echo $mycommand >> /path to fifo/" if you wanted.

The middle work is all up to you.

As indicated there are no standard/default port numbers. If you choose to use NSCA, then it's documentation has the port numbers.