We are getting a lot of requests to remove the nrpe agent due to all kind of audit findings.
check_by_ssh works fine but not sure it will scale as we have over 15000 services.
I recall reading about ssh connection pooling.
Does anyone have any pointers / pitfalls on how to get this working right for large installation?
Thanks in advance.
check_by_shh - SSH Session Pool
check_by_shh - SSH Session Pool
5 x Nagios 5.6.9 Enterprise Edition
RHEL 6 & 7
rrdcached & ramdisk optimisation
RHEL 6 & 7
rrdcached & ramdisk optimisation
-
jdalrymple
- Skynet Drone
- Posts: 2620
- Joined: Wed Feb 11, 2015 1:56 pm
Re: check_by_shh - SSH Session Pool
I've read of some folks using check_multi through check_by_ssh, but that imposes some loss of fidelity in your results. Is NRDS or NCPA an option? It relies on more compliant security standards and (hopefully) is less likely to raise audit flags. Or alternatively NRPE can be performed securely using the nsclient client and server components in concert using certificate based security.
My best advice returning to the original question would be to roll out check_by_ssh to a test suite. You can monitor check execution performance on that group of hosts apart from the NRPE hosts and compare. Maybe no optimizations will be needed.
My best advice returning to the original question would be to roll out check_by_ssh to a test suite. You can monitor check execution performance on that group of hosts apart from the NRPE hosts and compare. Maybe no optimizations will be needed.
Re: check_by_shh - SSH Session Pool
Thanks for the pointers. We use active checks only in our environment.jdalrymple wrote:I've read of some folks using check_multi through check_by_ssh, but that imposes some loss of fidelity in your results. Is NRDS or NCPA an option? It relies on more compliant security standards and (hopefully) is less likely to raise audit flags. Or alternatively NRPE can be performed securely using the nsclient client and server components in concert using certificate based security.
My best advice returning to the original question would be to roll out check_by_ssh to a test suite. You can monitor check execution performance on that group of hosts apart from the NRPE hosts and compare. Maybe no optimizations will be needed.
I am pretty sure we will hit performance issues due to our install size.
So we would like to go for a scaleable option from day 1.
5 x Nagios 5.6.9 Enterprise Edition
RHEL 6 & 7
rrdcached & ramdisk optimisation
RHEL 6 & 7
rrdcached & ramdisk optimisation
Re: check_by_shh - SSH Session Pool
For those interested in implementing SSH connection pooling, here is a good resource I found
https://labs.consol.de/nagios/omd/2012/ ... ction.html
https://labs.consol.de/nagios/omd/2012/ ... ction.html
5 x Nagios 5.6.9 Enterprise Edition
RHEL 6 & 7
rrdcached & ramdisk optimisation
RHEL 6 & 7
rrdcached & ramdisk optimisation
Re: check_by_shh - SSH Session Pool
Thanks for sharing! Let us know when you try using check_by_ssh with a persistent connection. I am curious to see what the performance improvements would be with a large installation as yours.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: check_by_shh - SSH Session Pool
We are just starting with about 10 servers. So this is more like a preventive measure.lmiltchev wrote:Thanks for sharing! Let us know when you try using check_by_ssh with a persistent connection. I am curious to see what the performance improvements would be with a large installation as yours.
Will update once I get it to work.
5 x Nagios 5.6.9 Enterprise Edition
RHEL 6 & 7
rrdcached & ramdisk optimisation
RHEL 6 & 7
rrdcached & ramdisk optimisation
Re: check_by_shh - SSH Session Pool
Sounds good! I will keep this thread open.
Be sure to check out our Knowledgebase for helpful articles and solutions!