Monit : supervision de services
Rédigé par Nicolas Sulek
Aucun commentaire
Classé dans : Logiciel
Très adaptable, il fonctionne aussi bien avec des services locaux (apache, postfix, ...) qu'avec des daemons (cron, rsyslog, ...).
Il peut également nous alerter par mail pour chaque action qu'il entreprend (détection d'un service qui ne répond plus, redémarrage, changement de PID, ...).
Enfin, il supervise également la consommation de ressources de certains services et les relance en cas de forte consommation.
Cerise sur le gâteau, il dispose d'une interface web permettant de l'administrer.
Installation et configuration de Monit
Installation
Monit est disponible dans les dépôts Debian et Ubuntu. Pour l'installer, un simple
apt-get install monit
suffit
Configuration
Il faut ensuite éditer le fichier /etc/default/monit pour autoriser son démarrage en mettant startup=1.
Pour paramétrer le comportement de Monit, il faut passer par l'édition du fichier /etc/monit/conf.d/monitrc.
#lancement en tant que daemon pour 60s
set daemon 60
#détermination de l'emplacement des logs (ici dans syslog)
set logfile syslog facility log_daemon
#indication du serveur SMTP pour l'envoi des mails
set mailserver smtp.toto.fr
#définition de l'expéditeur des mails
set mail-format { from: toto@toto.fr }
#l'adresse mail du destinataire des mails
set alert tata@toto.fr
#activation du serveur HTTP embarqué permettant d'administrer avec une interface web Monit
set httpd port 2812 and
#définition du couple login/mot de passe pour l'interface web
allow utilisateur:motdepasse
Définition des services et daemons à surveiller
Il ne reste plus alors qu'à indiquer à Monit les services ou daemons qu'il va superviser. Des exemples sont fournis sur le site officiel de Monit.
Il faut créer pour chaque service un fichier dans /etc/monit/conf.d.
cron
check process cron with pidfile /var/run/crond.pid
group system
start program = "/etc/init.d/cron start"
stop program = "/etc/init.d/cron stop"
if 5 restarts within 5 cycles then timeout
RSyslog
check process rsyslogd with pidfile /var/run/rsyslogd.pid
start program = "/etc/init.d/rsyslog start"
stop program = "/etc/init.d/rsyslog stop"
if 5 restarts within 5 cycles then timeout
Mdadm
check process mdadm with pidfile /var/run/mdadm/monitor.pid
start program = "/etc/init.d/mdadm start"
stop program = "/etc/init.d/mdadm stop"
if 5 restarts within 5 cycles then timeout
PSAD
check process psad with pidfile /var/run/psad/psad.pid
start program = "/etc/init.d/psad start"
stop program = "/etc/init.d/psad stop"
if 5 restarts within 5 cycles then timeout
Clamav
check process clamd with pidfile /var/run/clamav/clamd.pid
group clamav
start program = "/etc/init.d/clamav-daemon start"
stop program = "/etc/init.d/clamav-daemon stop"
if failed unixsocket /var/run/clamav/clamd.ctl then restart
if 5 restarts within 5 cycles then timeout
Freshclam
check process freshclam with pidfile /var/run/clamav/freshclam.pid
group clamav
start program = "/etc/init.d/clamav-freshclam start"
stop program = "/etc/init.d/clamav-freshclam stop"
if 5 restarts within 5 cycles then timeout
NTP
check process ntpd with pidfile /var/run/ntpd.pid
start program = "/etc/init.d/ntp start"
stop program = "/etc/init.d/ntp stop"
if failed host 127.0.0.1 port 123 type udp then alert
if 5 restarts within 5 cycles then timeout
Chrony
check process chronyd with pidfile /var/run/chronyd.pid
start program = "/etc/init.d/chrony start"
stop program = "/etc/init.d/chrony stop"
if failed host 127.0.0.1 port 123 type udp then alert
if 5 restarts within 5 cycles then timeout
SSH
check process sshd with pidfile /var/run/sshd.pid
start program "/etc/init.d/ssh start"
stop program "/etc/init.d/ssh stop"
if failed host adresseip port 22 then restart
if 5 restarts within 5 cycles then timeout
Postfix
check process postfix with pidfile /var/spool/postfix/pid/master.pid
group mail
start program = "/etc/init.d/postfix start"
stop program = "/etc/init.d/postfix stop"
if failed host localhost port 25 protocol smtp then restart
if 5 restarts within 5 cycles then timeout
Dovecot
check process dovecot with pidfile /var/run/dovecot/master.pid
group dovecot
start program = "/etc/init.d/dovecot start"
stop program = "/etc/init.d/dovecot stop"
if failed host adresseip port 143 protocol imap then restart
if failed host adresseip port 993 type tcpssl sslauto protocol imap then restart
if 5 restarts within 5 cycles then timeout
MailScanner
check process MailScanner with pidfile /var/run/MailScanner/MailScanner.pid
group mail
start program = "/etc/init.d/mailscanner start"
stop program = "/etc/init.d/mailscanner stop"
if 5 restarts within 5 cycles then timeout
if cpu usage > 99% for 5 cycles then alert
if mem usage > 99% for 5 cycles then alert
OpenDKIM
check process opendkim with pidfile /var/run/opendkim/opendkim.pid
group opendkim
start program = "/etc/init.d/opendkim start"
stop program = "/etc/init.d/opendkim stop"
if failed host localhost port 12345 type tcp then restart
if 5 restarts within 5 cycles then timeout
Postgrey
check process postgrey with pidfile /var/run/postgrey.pid
group postgrey
start program = "/etc/init.d/postgrey start"
stop program = "/etc/init.d/postgrey stop"
if failed host 127.0.0.1 port 10023 type tcp then restart
if 5 restarts within 5 cycles then timeout
SpamAssassin
check process spamd with pidfile /var/run/spamd.pid
group mail
start program = "/etc/init.d/spamassassin start"
stop program = "/etc/init.d/spamassassin stop"
if 5 restarts within 5 cycles then timeout
if cpu usage > 99% for 5 cycles then alert
if mem usage > 99% for 5 cycles then alert
vsFTPd
check process vsftpd with pidfile /var/run/vsftpd/vsftpd.pid
start program = "/etc/init.d/vsftpd start"
stop program = "/etc/init.d/vsftpd stop"
if failed port 21 protocol ftp then restart
if 5 restarts within 5 cycles then timeout
Apache 2
check process apache2 with pidfile /var/run/apache2.pid
group www-data
start program = "/etc/init.d/apache2 start"
stop program = "/etc/init.d/apache2 stop"
if failed host toto.fr port 80 protocol http
and request "/index.php" then restart
if cpu is greater than 60% for 2 cycles then alert
if cpu > 80% for 5 cycles then restart
if totalmem > 500 MB for 5 cycles then restart
if children > 250 then restart
if loadavg(5min) greater than 10 for 8 cycles then stop
if 3 restarts within 5 cycles then timeout
Memcached
check process memcached with pidfile /var/run/memcached.pid
group memcached
start program = "/etc/init.d/memcached start"
stop program = "/etc/init.d/memcached stop"
if failed host localhost port 11211 type tcp then restart
if 5 restarts within 5 cycles then timeout
MySQL
check process mysql with pidfile /var/run/mysqld/mysqld.pid
group mysql
start program = "/etc/init.d/mysql start"
stop program = "/etc/init.d/mysql stop"
if failed host localhost port 3306 then restart
if 5 restarts within 5 cycles then timeout
MaraDNS
check process maradns with pidfile /var/run/maradns.etc_maradns_mararc.pid
start program = "/etc/init.d/maradns start"
stop program = "/etc/init.d/maradns stop"
if failed host adresseip port 53 type udp protocol dns then restart
if 5 restarts within 5 cycles then timeout
Munin
check process munin with pidfile /var/run/munin/munin-node.pid
group munin
start program = "/etc/init.d/munin-node start"
stop program = "/etc/init.d/munin-node stop"
if failed host adresseip port 4949 then restart
if 5 restarts within 5 cycles then timeout
Mumble
check process murmurd with pidfile /var/run/mumble-server/mumble-server.pid
group mumble-server
start program = "/etc/init.d/mumble-server start"
stop program = "/etc/init.d/mumble-server stop"
if failed host adresseip port 64738 type tcp then restart
if failed host adresseip port 64738 type udp then restart
if 5 restarts within 5 cycles then timeout
Urban Terror
check process UrbanTerror with pidfile /var/run/urbanterror/urbanterror.pid
group utuser
start program = "/etc/init.d/urbanterror start"
stop program = "/etc/init.d/urbanterror stop"
if failed host adresseip port 27960 type udp then restart
if 5 restarts within 5 cycles then timeout