Cool Solution - Install and integration of Munin

From Univention Wiki

Jump to: navigation, search
Produktlogo UCS Version 4.3

Note: Cool Solutions are articles documenting additional functionality based on Univention products. Packages provided by a Cool Solutions Repository are built by Univention, but will not be maintained. Not all of the shown steps in the article are covered by Univention Support. For questions about your support coverage contact your contact person at Univention before you want to implement one of the shown steps.

Also regard the legal notes at Terms of Service.

If your UCS servers are running critical apps and services, you want those and other network resources to be readily available when users need them. In such environment it is important to quickly identify the source of a problem, to prevent saturation and to avoid wasting resources.

Munin collects and graphs data about your network resources to help you analyze trends in resource utilization. It sends alerts when their status changes (OK, Warning, Critical, or Unknown - O/W/C/U). Such alert could be send directly to the configured contacts or given to nagios which comparatively offers more advanced alerts.

This article introduces you to the usage of Munin. It covers the installation of Munin and the configuration to integrate it into your domain. Munin has a master-nodes architecture (see Munin’s Architecture). We provide two Munin packages:

  • univention-munin-server - install the Munin server and configure it
  • univention-munin-node - install the Munin node package and is required on the systems you like to monitor.

Prerequisites

The univention-munin-* packages are available in the Cool Solutions Repository.

The Munin packages are present in the unmaintained-Repository. Therefore you need to additionally activate the unmaintained-Repository on every server you'd like to install univention-munin-server or univention-munin-node.

ucr set repository/online/unmaintained='yes'

You can also create a system-wide policy to activate this repository (see Policies).

Installation

This section will cover the preparation and installation of Munin on the system. Please make sure that every command is executed as root user.

Munin Server

The Munin server is only required once in your domain. Please take advantage that this server will perform a lot of transactions depends on the number of installed nodes in your environment. You can install Munin server on every UCS role.

univention-install univention-munin-server

Basic configuration

You have to register every node in the munin server settings. The preferred way is to create for every node a file under /etc/munin/munin-conf.d/.

An example:
/etc/munin/munin-conf.d/master.munin.example.com

[master.munin.example.com]
        address 192.168.0.11

Note that IPv6 addresses have to be given in brackets:

[master.munin.example.com]
        address [::1]

For more information about the settings see the Munin node definitions documentation.

Munin Node

The univention-munin-node package is the meta package for the node. It will install only the munin-node package and configure the system as a node to perform checks. A Munin server will connect and fetch the monitoring results.

univention-install univention-munin-node

Hint: After installing univention-munin-node, Munin must create the webpage for the new node. A cronjob is executed every five minutes to take care of this step. A command to manually perform this step is mentioned in section Usage below.

Basic configuration

In the default configuration only the UCS Master of the domain is allowed to fetch data from a node. If you install univention-munin-server at a different system you have to adjust the following UCR variable to your Munin server IP. Please notice that you have to set the IP in CIDR notation.
For example:

ucr set munin/node/allowedhosts='127.0.0.1/32,192.168.0.11/32'

You can also allow connections over IPv6. Note that you have to either configure your node with IPv4 OR IPv6. The protocol versions can't be mixed.
Also note that an additional colon has to be put at the beginning of IP addresses, if they begin with colons themselves. This ensures the correct parsing through a munin-node parser (The IPv6 localhost address would be ':::1/128'; [More information]).
For example:

ucr set munin/node/allowedhosts=':::1/128,fd0b:9f91:db77:1fda::11/128'

You have to set this UCR variable on all Munin nodes (include the Munin server). This can also be done by a system-wide policy (see Policies). In rare cases, you might want to have more than one Munin server. In this case you can separate the addresses with a comma.

Usage

You will find the web interface at the UMC overview-page of the Munin server system or by go to:

http://<FQDN or IP of your Munin server>/munin

The default setting is, that you have to Login with Administrator or a User of the Domain Admin group. To allow additional users or groups you can set the following UCR variables at the Munin server to yes:

auth/munin/user/'<USERNAME>'
auth/munin/group/'<GROUP NAME>'

To deactivate login restrictions set the following UCR variable:

ucr set munin/server/authenticate='no'


A cronjob obtains the needed information of all nodes all 5 minutes. The following command can manually perform this task:

sudo -u munin /usr/bin/munin-cron

Further links

Archive

  • There is a version of this article for UCS 4.2.
  • There is a version of this article for UCS 4.1.
  • There is a version of this article for UCS 4.0.
Personal tools