NRPE on Amazon Linux

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
User avatar
tgriep
Madmin
Posts: 9177
Joined: Thu Oct 30, 2014 9:02 am

Re: NRPE on Amazon Linux

Post by tgriep »

The nrpe.cfg file does have the 127.0.0.1 address so that is not it.
Is the firewall setup to allow inbound traffic on port 5666?
Can you run the following commands and post the output?

Code: Select all

nmap 127.0.0.1 -p 5666
netstat -apn |grep 5666
Can you check the following folders for a nrpe configuration file and if you find one, post it so I can view it?

Code: Select all

/etc/init.d
/etc/xinetd.d
/etc/inetd.d
Be sure to check out our Knowledgebase for helpful articles and solutions!
cybergene
Posts: 92
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: NRPE on Amazon Linux

Post by cybergene »

nmap 127.0.0.1 -p 5666

Code: Select all

nmap 127.0.0.1 -p 5666

Starting Nmap 6.40 ( http://nmap.org ) at 2017-04-05 14:41 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000027s latency).
PORT     STATE  SERVICE
5666/tcp closed nrpe

Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds

netstat -apn |grep 5666

Code: Select all

[root@ip~]# netstat -apn |grep 5666
[root@ip- ~]#

/etc/init.d; doesn't have nrpe file


/etc/xinetd.d; doesn't have nrpe file

/etc/inetd.d doesn't exit.

I think this is the problem, no nrpe file?
User avatar
tgriep
Madmin
Posts: 9177
Joined: Thu Oct 30, 2014 9:02 am

Re: NRPE on Amazon Linux

Post by tgriep »

The output of the nmap and netstat command shows that the NRPE Agent is not running on the server so that is why it is failing.
Since there is not a startup script on your server, you would have to run the Agent in daemon mode by running the following.

Code: Select all

/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
After it is started, try and test it by running the following.

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
Be sure to check out our Knowledgebase for helpful articles and solutions!
cybergene
Posts: 92
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: NRPE on Amazon Linux

Post by cybergene »

tgriep wrote:Lets stop and start the NRPE agent on the server by running the following as root

Code: Select all

kill 22019
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
Then run this to test the Agent

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
If it fails, please post this file

Code: Select all

/usr/local/nagios/etc/nrpe.cfg 
We did this earlier but it didn't start it./usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d

I'm confused, it works now, but I don't get what changed?

Code: Select all

ec2-user@ip- libexec]$ /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
NRPE v3.0.1
[ec2-user@ip- libexec]$ ./check_nrpe -H localhost -c check_load
OK - load average: 0.00, 0.01, 0.05|load1=0.000;15.000;30.000;0; load5=0.010;10.000;25.000;0; load15=0.050;5.000;20.000;0;
[ec2-user@ip- libexec]$ nmap 127.0.0.1 -p 5666

Starting Nmap 6.40 ( http://nmap.org ) at 2017-04-05 18:04 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000023s latency).
PORT     STATE SERVICE
5666/tcp open  nrpe

User avatar
tgriep
Madmin
Posts: 9177
Joined: Thu Oct 30, 2014 9:02 am

Re: NRPE on Amazon Linux

Post by tgriep »

That is strange.
Take a look at the /var/log/messages file for any errors from when you tried to start it earlier.
Be sure to check out our Knowledgebase for helpful articles and solutions!
cybergene
Posts: 92
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: NRPE on Amazon Linux

Post by cybergene »

The only Difference is that whne you asked me to run nmap, it wasn't installed so I had to install it. IT installed the required packages:

Code: Select all

Apr  5 14:41:32 ip-xx-xx-xx-xx- yum[24195]: Installed: 14:libpcap-1.4.0-1.20130826git2dbcaa1.10.amzn1.x86_64
Apr  5 14:41:32 ip-xx-xx-xx-xx- yum[24195]: Installed: 2:nmap-ncat-6.40-7.19.amzn1.x86_64
Apr  5 14:41:32 ip-xx-xx-xx-xx- yum[24195]: Installed: 2:nmap-6.40-7.19.amzn1.x86_64
So when I ran the start NRPE As Daemon /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d, it did start and started working.

Are any of the packages above required for NRPE Agent?
User avatar
tgriep
Madmin
Posts: 9177
Joined: Thu Oct 30, 2014 9:02 am

Re: NRPE on Amazon Linux

Post by tgriep »

No, none of those packages are required to run the NRPE Agent.
Be sure to check out our Knowledgebase for helpful articles and solutions!
cybergene
Posts: 92
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: NRPE on Amazon Linux

Post by cybergene »

Okay then, it works now.

I will test it again on another AWS LInux box and see if it will work following the same steps.

Thanks @tgriep!
User avatar
tgriep
Madmin
Posts: 9177
Joined: Thu Oct 30, 2014 9:02 am

Re: NRPE on Amazon Linux

Post by tgriep »

Your welcome.
Be sure to check out our Knowledgebase for helpful articles and solutions!
cybergene
Posts: 92
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: NRPE on Amazon Linux

Post by cybergene »

I tried it again and it works with those following steps:

Code: Select all

Install prerequisites:
yum install mod_ssl openssl-devel gcc make openssl perl
yum install -y gcc glibc glibc-common openssl-devel perl wget

sudo wget http://liquidtelecom.dl.sourceforge.net/project/nagios/nrpe-3.x/nrpe-3.0.1.tar.gz
sudo tar xzf nrpe-3.0.1.tar.gz
cd nrpe-3.0.1

sudo make install-groups-users

./configure --enable-command-args --with-ssl-lib=/usr/lib/x86_64-linux-gnu/

sudo make all
sudo make install
sudo make install-config
sudo make install-plugin
sudo make install-daemon

sudo iptables -I INPUT -p tcp --destination-port 5666 -j ACCEPT
sudo service iptables save

sudo /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d

Test it:
/usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
 
Result: 

NRPE v3.0.1
And I Kill the process and then run the last command to restart.
The missing part from our discussion yesterday is that the last time I installed it, I ran make install-plugin and make install-daemon which installed the daemon and it starts properly afterwards without running xinetd.

We can close this as resolved.

Thanks again @tgriep!
Locked