NRPE on Amazon Linux

An open discussion forum for obtaining help with Nagios Core. Nagios Core users of all experience levels are welcome here. Subforum have been created for the discussion of Nagios Core and Nagios Plugin development.

NOTE: The SourceForge.net mailing lists have been deprecated in favor of this forum in order to expedite support and provide additional features not available on the old mailing list.

NRPE on Amazon Linux

Postby cybergene » Fri Mar 10, 2017 10:34 am

I'm trying to get this working and I'm getting this error
CHECK_NRPE: Error - Could not connect to xx.xx.xx.xxx: Connection reset by peer

on Nagios Web.

The command I run is /usr/local/nagios/libexec/check_uptime 100 300

It works well on the remote itself but it seems there is a connection error between the remote and Nagios Core.

I tried to resolve it as in this document https://assets.nagios.com/downloads/nagiosxi/docs/NRPE-Troubleshooting-and-Common-Solutions.pdf and I recompiled it with enabling SSl.

I'm running it without xinetd, and already modified the allowed_hosts, made port 5666 open and I can ping it too.

Any help is appreciated,


Thanks!
cybergene
 
Posts: 12
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: NRPE on Amazon Linux

Postby mcapra » Fri Mar 10, 2017 3:15 pm

Can you share the full contents of the nrpe.cfg being leveraged on this machine? The full path should be presented by:
Code: Select all
ps aux | grep nrpe.cfg
Be sure to check out our Knowledgebase for helpful articles and solutions!

https://github.com/mcapra/
User avatar
mcapra
Support Tech
 
Posts: 1940
Joined: Thu May 05, 2016 3:54 pm
Location: Nagios Enterprises

Re: NRPE on Amazon Linux

Postby cybergene » Mon Mar 13, 2017 10:13 am

Here,
nrpe 21816 0.0 0.0 41676 1456 ? Ss 14:31 0:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
ec2-user 22104 0.0 0.0 110404 884 pts/0 S+ 14:46 0:00 grep nrpe.cfg



I solved the issue by installing this:
yum install nagios-plugins-all nagios-plugins-nrpe nrpe

As the NRPE package for AWS EC2 Linux.

But I don't like this since it installs NRPE v 2.15 and I'm not sure how to update it to V 3.0 and beyond. It might start generating packet version errors between the remote host and Nagios core.

Do you know why the NRPE doesn't work on Amazon Linux as usual?
cybergene
 
Posts: 12
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: NRPE on Amazon Linux

Postby mcapra » Mon Mar 13, 2017 3:50 pm

We don't have direct control over any particular repository's distribution of NRPE, which is to say that we don't have any control over whether or not those packages handle the NRPE v3 upgrade gracefully when they choose to update the package(s).

If you could tell me how you installed NRPE on this machine previously (specific guides, documentation, etc), I might be able to discern what caused the problems. However, since you've got things working using the package installation it'd be purely for informational purposes.
Be sure to check out our Knowledgebase for helpful articles and solutions!

https://github.com/mcapra/
User avatar
mcapra
Support Tech
 
Posts: 1940
Joined: Thu May 05, 2016 3:54 pm
Location: Nagios Enterprises

Re: NRPE on Amazon Linux

Postby cybergene » Tue Mar 14, 2017 7:18 am

These are the steps that I usually use to install NRPE on Linux, mind you; the one I'm having problems with is an Amazon Linux.


https://support.nagios.com/kb/article.php?id=92

Download the tarball and extract it in your /tmp directory:

cd /tmp
wget http://sourceforge.net/projects/nagios/ ... z/download
tar xfz download
cd nrpe*

Setup the nagios user:

useradd nagios
passwd nagios

Install NRPE pre-requisites:

yum install mod_ssl openssl-devel gcc make openssl perl
Configure and make NRPE. This will create the /usr/local/nagios directory, which is where NRPE will be located:

./configure
make all
make install

Make the NRPE config directory, and setup the example config file:

mkdir /usr/local/nagios/etc
cp sample-config/nrpe.cfg /usr/local/nagios/etc/nrpe.cfg
chown -R nagios:nagios /usr/local/nagios/etc

Open port 5666 in your firewall to allow your Nagios server through. The rule below limits access to a particular source IP:

iptables -A INPUT -s <nagiosserverip> -p tcp -m tcp --dport 5666 -m state --state NEW,ESTABLISHED -j ACCEPT
service iptables save

At this point, NRPE is ready to start:

/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d


##############################################
##############################################
Test:
I tried to upgrade through those steps: https://support.nagios.com/kb/article.php?id=515

and the result is:
/usr/local/nagios/libexec/check_nrpe -V

NRPE Plugin for Nagios
Copyright (c) 1999-2008 Ethan Galstad (nagios@nagios.org)
Version: 3.0.1
Last Modified: 09-08-2016
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: OpenSSL 0.9.6 or higher required


Now what worked with V 2.15 and the package installer fails:
No output on stdout) stderr: connect to address xx.xx.xx.xxx port 5666: Connection refused
connect to host xx.xx.xx.xxx port 5666: Connection refused


I'm not sure what is making it to fail....
Attachments
InkedScreenshot_32_LI.jpg
cybergene
 
Posts: 12
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: NRPE on Amazon Linux

Postby mcapra » Tue Mar 14, 2017 3:37 pm

Can you share the service and command definitions from the Nagios Core machine being leveraged for your checks? As well as the nrpe.cfg from the remote machine?
Be sure to check out our Knowledgebase for helpful articles and solutions!

https://github.com/mcapra/
User avatar
mcapra
Support Tech
 
Posts: 1940
Joined: Thu May 05, 2016 3:54 pm
Location: Nagios Enterprises

Re: NRPE on Amazon Linux

Postby cybergene » Wed Mar 15, 2017 7:36 am

Here you go:

Service Definition:

Code: Select all
define service{
        use                     generic-service
        host_name               remote_host
        service_description     Uptime
        check_command           check_nrpe!check_uptime
        contacts                contact_name
        }


No command definition, the check_nrpe will do the job.

nrpe.cfg file
Code: Select all
log_facility=daemon
debug=0
pid_file=/usr/local/nagios/var/nrpe.pid
server_port=5666
#listen_queue_size=5
nrpe_user=nagios
nrpe_group=nagios

# ALLOWED HOST ADDRESSES
allowed_hosts=127.0.0.1,xx.x.x.x,xxx.xx.x.x

# COMMAND ARGUMENT PROCESSING
dont_blame_nrpe=1

# BASH COMMAND SUBTITUTION
allow_bash_command_substitution=0

# COMMAND PREFIX
# command_prefix=/usr/bin/sudo

# COMMAND TIMEOUT
command_timeout=60

# CONNECTION TIMEOUT
connection_timeout=300

# WEAK RANDOM SEED OPTION
#allow_weak_random_seed=1

# SSL/TLS OPTIONS
# These directives allow you to specify how to use SSL/TLS.

# SSL VERSION
#ssl_version=SSLv2+

# SSL USE ADH
#ssl_use_adh=1

# SSL USE CLIENT CERTS
#ssl_client_certs=0
# SSL LOGGING
#ssl_logging=0x00

# INCLUDE CONFIG FILE

#include=<somefile.cfg>

# INCLUDE CONFIG DIRECTORY

# COMMAND DEFINITIONS
# The following examples use hardcoded command arguments...

command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
#command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20
command[check_hda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda1
command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c 200

###################################################
###### Currently used Command for NRPE ############
##################################################

#check_disk
command[check_disk]=/usr/local/nagios/libexec/check_disk -w 25% -c 10% -p /home

#check_load Average
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20

# Check memory
command[check_mem1]=/usr/local/nagios/libexec/check_memory -f -w 20 -c 10

# Check cpu usage
command[check_cpu]=/usr/local/nagios/libexec/check_cpu.sh -w 75 -c 90

# Check uptime
command[check_uptime]=/usr/local/nagios/libexec/check_uptime 100 300
cybergene
 
Posts: 12
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: NRPE on Amazon Linux

Postby tgriep » Wed Mar 15, 2017 4:41 pm

Did the Amazon security settings to allow inbound traffic on port 5666 get reset somehow?

You may want to look at this article for NRPE - v3 Compatibility With Previous Versions
Code: Select all
https://support.nagios.com/kb/article.php?id=516
Be sure to check out our Knowledgebase for helpful articles and solutions!
User avatar
tgriep
Madmin
 
Posts: 4304
Joined: Thu Oct 30, 2014 9:02 am

Re: NRPE on Amazon Linux

Postby cybergene » Thu Mar 16, 2017 7:04 am

tgriep wrote:Did the Amazon security settings to allow inbound traffic on port 5666 get reset somehow?

You may want to look at this article for NRPE - v3 Compatibility With Previous Versions
Code: Select all
https://support.nagios.com/kb/article.php?id=516


That is what I meant with the Packet error in the first post.

If I force NRPE to send V 2 packets, it will solve the issue until I upgrade.

No, Port 5666 is not reset. I can Ping the server and it is alive.
cybergene
 
Posts: 12
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: NRPE on Amazon Linux

Postby tgriep » Thu Mar 16, 2017 2:09 pm

If you are using the version 3.x of the check_nrpe plugin it should try using version 3 of the packet and switch over to version 2 if it cannot use 3.

In the remote server, can you run the following and post the output
Code: Select all
/usr/local/nagios/bin/nrpe
/usr/local/nagios/libexec/check_nrpe -V


Add this on the Nagios server
Code: Select all
/usr/local/nagios/libexec/check_nrpe -V


Adjust the paths if necessary.
Be sure to check out our Knowledgebase for helpful articles and solutions!
User avatar
tgriep
Madmin
 
Posts: 4304
Joined: Thu Oct 30, 2014 9:02 am

Next

Return to Nagios Core

Who is online

Users browsing this forum: harshvardhan.dave, reincarne, Yahoo [Bot] and 18 guests