Monitor a Centos 7 host

[JohnFLi]

it was already done.

Code: Select all

[root@G1VTWEBGITLAB01 libexec]# ps -ef | grep nrpe
nrpe      6310     1  0 Oct19 ?        00:00:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
root     22733  2452  0 13:08 pts/1    00:00:00 grep --color=auto nrpe
[root@G1VTWEBGITLAB01 libexec]# kill 6310

[root@G1VTWEBGITLAB01 libexec]# yum install xinetd
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.seas.harvard.edu
 * epel: mirror.oss.ou.edu
 * extras: mirror.lug.udel.edu
 * updates: mirror.hostduplex.com
Package 2:xinetd-2.3.15-12.el7.x86_64 already installed and latest version
Nothing to do

and I posted earlier of the nrpe file in /etc/xinetd.d/nrpe

Code: Select all

# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
        flags           = REUSE
        socket_type     = stream
        port            = 5666
        wait            = no
        user            = nagios
        group           = nagios
        server          = /usr/local/nagios/bin/nrpe
        server_args     = -c /usr/local/nagios/etc/nrpe.cfg --inetd
        log_on_failure  += USERID
        disable         = no
        only_from       = 127.0.0.1 G1VPNAG03
}

Code: Select all

[root@G1VTWEBGITLAB01 libexec]# service xinetd restart
Redirecting to /bin/systemctl restart  xinetd.service
[root@G1VTWEBGITLAB01 libexec]# ps -ef | grep nrpe
root     22816  2452  0 13:12 pts/1    00:00:00 grep --color=auto nrpe
[root@G1VTWEBGITLAB01 libexec]# netstat -at | grep nrpe
tcp6       0      0 [::]:nrpe               [::]:*                  LISTEN

[JohnFLi]

update:::



in the /etc/xinetd.d/nrpe file, I changed

Code: Select all

 only_from       = 127.0.0.1 G1VPNAG03

to

Code: Select all

 only_from       = 127.0.0.1 10.100.1.114

even though, the client machine was able to ping the server by name just fine and dandy

[jolson]

Did changing the name to an IP address work well for you?

The NRPE lookup behavior differs slightly depending on the daemon in question, but the exact behavior is as follows:

xinetd:

- At xinetd start time it does a forward lookup to get the address for "only_from" - this doesn't seem to matter though
- Every time a request comes in there is a reverse lookup. If the proper name isn't returned in the reverse lookup the connection fails with "CHECK_NRPE: Error - Could not complete SSL handshake."

nrpe -d:

- Every time a check_nrpe request comes in a forward lookup is done, if the IP matches it works, if the record doesn't match check_nrpe fails with "CHECK_NRPE: Error - Could not complete SSL handshake."

So both seem resilient to dynamic DNS. With xinetd you'll have to have a good functioning reverse lookup zone (for it to work at all), and with nrpe -d you'll need a quick to update forward lookup zone.

[hsmith]

Did that make it able to communicate?

[JohnFLi]

as soon as I switched the XI server name to it's IP and restarted xinetd.... items started clearing on the board.

[Box293]

Great. Is it OK to lock this up?

[JohnFLi]

yup yup