Check NRPE on another port

[lraymond]

I am testing a few webservers (off network) that are behind a load balancer. Rather than trying to get a bunch of public IP's, I would like to simply define the servers by name, and use a different port I guess which is how I test the site right now via snmp and not sure if that is the correct approach. Looking through the doc (http://nagios.sourceforge.net/docs/nrpe/NRPE.pdf) there is no mention of how to do this (if you even can).

Basically I want to say web1, web2, web3. BUT in each host; (using their example)
define host{
use linux-box ; Inherit default values from a template
host_name remotehost ; The name we're giving to this server
alias Fedora Core 6 ; A longer name for the server
address 192.168.0.1 ; IP address of the server
port 5667; ## added this
}

Basically in the load balancer, I remap, so all servers can use one IP to test on, but the LB knows, if it sees 5667, send to server1, if it sees 5668, send to server2, etc.

Is this or any workaround possible? I have 6 webservers, 4 tomcat servers, 4 database servers and don't have all the public IP's to put each behind just for testing wich is why the LB comes in handy. At the worst case, the LB supports l7 so I could create DNS names, web1, web2, then move based on that, but the port would be much easier!

Tnx

[nscott]

Are you using xinetd on those webservers? Or are you running NRPE as a daemon? There are a couple ways you could do this.

Nagios Side Setup

You'll need to edit your service definitions to have the hardcoded -p <portnumber>, you could get fancy with host macros if you wanted to though.

NRPE Server Side

Running NRPE as a Daemon

In the nagios/etc/nrpe.cfg file simply change the server_port directive to the port you're going to keep open. Simple

Using xinetd

The xinetd config could be changed like so:

Code: Select all

# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
        flags           = REUSE
        socket_type     = stream
        port            = 5666 # <<= YOU CAN CHANGE THIS PORT
        wait            = no
        user            = nagios
        group           = nagios
        server          = /usr/local/nagios/bin/nrpe
        server_args     = -c /usr/local/nagios/etc/nrpe.cfg --inetd
        log_on_failure  += USERID
        disable         = no
        only_from       = 127.0.0.1 <== CHANGE THIS FOR ALLOWED HOST
}

That would allow NRPE to listen on whichever port you wanted to.

On a side note, have you considered passive checks? This is a situation that utterly excel at.

[lraymond]

I have 3 windows servers (our only ones) running the NSclient++ and working well. Now I have, well over 50+ linux servers and trying to play to see which is best. I could do SSh key's to some, but the webservers would get a bit tricky due to the off network servers running behind a loadbalancer, so I figured running running NRPE as a daemon and when I was set to test I realized my port problem. So I will make the .cfg change, restart and test.

have you considered passive checks?

- No actually I haven't. I tried doing a nagios install 2 years ago and it was a bear. Not that it was any easier this time, but I had a bit more patience to read a bit more. I have PNP4Nagios running,a few JS bugs on the mouseovers, but reading as I learn, so will take a look at that as well.

Report back once I have a little progress.

Thanx

[lraymond]

Actually I submitted a bit early before I thought it out. I have another option would save me a lot of work, but not sure if it's posssible. Since the LB has l7 content switching, I can leave everything as is with the default port. I would like to use the NAME as opposed to the ADDRESS, but don't know if it's possible. The linux client is listening on 5666, and the public IP will have numberour servers behind. So when the nagios servers attempts to connect, it hits the loadbalancer with web1.domain.com. The LB looks, matches web1 and sends it to the private IP on the correct port.

*edit* reading up here (http://nagios.sourceforge.net/docs/3_0/ ... tions.html) it does say I can use a FQDN so attempting that now.

Tnx again