上次碰Nagios好像是四月份的時候
今天又摸了一下
順帶解決老妖提的"CHECK_NRPE: Error - Could not complete SSL handshake."
問題
因為Nagios預設是走SSL去pooling取得各主機的資訊
記得剛開始的時候我都會下"-n"
的參數來規避SSL
/usr/local/nagios/libexec/check_nrpe -n -H 主機位置 -c 指令
主要原因還是因為他就是不過啊
今天有比較仔細看了一下nrpe.cfg
ALLOWED HOST ADDRESSES
This is an optional comma-delimited list of IP address or hostnames
that are allowed to talk to the NRPE daemon.
#
Note: The daemon only does rudimentary checking of the client's IP
address. I would highly recommend adding entries in your /etc/hosts.allow
file to allow only the specified host to connect to the port
you are running this daemon on.
#
NOTE: This option is ignored if NRPE is running under either inetd or xinetd
allowed_hosts=127.0.0.1,120.101.10.202
所以只好去編輯/etc/xinetd.d/nrpe
service nrpe
{
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = 127.0.0.1 120.101.10.202
}
接著就重跑監控端的nagios看有那些問題需要解決
我主要是因為之前都會多帶一個"-n"
的參數
所以都必須要拿掉
然後看看設定檔有沒有問題
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
確定沒問題後再讓nagios吃進新的設定
/usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg
接著重啟nagios服務
service nagios restart
大致上應該就正常了