Cool Solution - Install and integration of Munin
From Univention Wiki
If your UCS servers are running critical apps and services, you want those and other network resources to be readily available when users need them. In such environment it is important to quickly identify the source of a problem, to prevent saturation and to avoid wasting resources.
Munin collects and graphs data about your network resources to help you analyze trends in resource utilization. It sends alerts when their status changes (OK, Warning, Critical, or Unknown - O/W/C/U). Such alert could be send directly to the configured contacts or given to nagios which comparatively offers more advanced alerts.
This article introduces you to the usage of Munin. It covers the installation of Munin and the configuration to integrate it into your domain. Munin has a master-nodes architecture (see Munin’s Architecture). We provide two Munin packages:
- univention-munin-server - install the Munin server and configure it
- univention-munin-node - install the Munin node package and is required on the systems you like to monitor.
The univention-munin-* packages are available in the Cool Solutions Repository.
The Munin packages are present in the unmaintained-Repository. Therefore you need to additionally activate the unmaintained-Repository on every server you'd like to install univention-munin-server or univention-munin-node.
ucr set repository/online/unmaintained='yes'
You can also create a system-wide policy to activate this repository (see Policies).
This section will cover the preparation and installation of Munin on the system. Please make sure that every command is executed as root user.
The Munin server is only required once in your domain. Please take advantage that this server will perform a lot of transactions depends on the number of installed nodes in your environment. You can install Munin server on every UCS role.
You have to register every node in the munin server settings. The preferred way is to create for every node a file under /etc/munin/munin-conf.d/.
[master.munin.example.com] address 192.168.0.11
Note that IPv6 addresses have to be given in brackets:
[master.munin.example.com] address [::1]
For more information about the settings see the Munin node definitions documentation.
The univention-munin-node package is the meta package for the node. It will install only the munin-node package and configure the system as a node to perform checks. A Munin server will connect and fetch the monitoring results.
Hint: After installing
univention-munin-node, Munin must create the webpage for the new node. A cronjob is executed every five minutes to take care of this step. A command to manually perform this step is mentioned in section Usage below.
In the default configuration only the UCS Master of the domain is allowed to fetch data from a node. If you install univention-munin-server at a different system you have to adjust the following UCR variable to your Munin server IP. Please notice that you have to set the IP in CIDR notation.
ucr set munin/node/allowedhosts='127.0.0.1/32,192.168.0.11/32'
You can also allow connections over IPv6. Note that you have to either configure your node with IPv4 OR IPv6. The protocol versions can't be mixed.
Also note that an additional colon has to be put at the beginning of IP addresses, if they begin with colons themselves. This ensures the correct parsing through a munin-node parser (The IPv6 localhost address would be ':::1/128'; [More information]).
ucr set munin/node/allowedhosts=':::1/128,fd0b:9f91:db77:1fda::11/128'
You have to set this UCR variable on all Munin nodes (include the Munin server). This can also be done by a system-wide policy (see Policies). In rare cases, you might want to have more than one Munin server. In this case you can separate the addresses with a comma.
You will find the web interface at the UMC overview-page of the Munin server system or by go to:
http://<FQDN or IP of your Munin server>/munin
The default setting is, that you have to Login with Administrator or a User of the Domain Admin group. To allow additional users or groups you can set the following UCR variables at the Munin server to yes:
To deactivate login restrictions set the following UCR variable:
ucr set munin/server/authenticate='no'
A cronjob obtains the needed information of all nodes all 5 minutes. The following command can manually perform this task:
sudo -u munin /usr/bin/munin-cron
- Munin - http://munin-monitoring.org/
- Munin Docs - https://munin.readthedocs.org/en/latest/
- Munin IPv6 - http://munin-monitoring.org/wiki/MuninConfigurationNetworkIPv6
- Extended Attributes - http://docs.software-univention.de/manual-4.3.html#central:extendedattrs