Configuring the Remote Server for Nagios Monitoring – Setting Up a Master and Remote Server with Nagios on CentOS 7 Using Vagrant – Part 3

In this final part, we’ll set up the remote server to be monitored by the Nagios master server. This involves installing necessary software, configuring NRPE, and ensuring that the remote server is ready for monitoring.

Preparing the Remote Server

First, log in to your remote server where you intend to monitor various services. The following steps will guide you through updating the system, installing essential packages, and configuring NRPE.

Step 1: Update and Upgrade the System

Begin by updating the package lists and upgrading the installed packages:

sudo yum update
sudo yum upgrade

Explanation:

• yum update: Refreshes the package index to reflect the latest versions available in repositories.
• yum upgrade: Upgrades all installed packages to their latest versions.

Example:
This ensures that your system has the latest security updates and features.

Step 2: Install Necessary Packages

Next, install the necessary packages that Nagios will use for monitoring:

sudo yum install httpd php php-cli gcc unzip wget glibc glibc-common gd gd-devel net-snmp -y
sudo yum install glibc-common make openssl-devel xinetd vim -y

Explanation:

• The packages include essential tools like httpd (Apache), php (for web scripts), gcc (compiler), and libraries like glibc and gd for compiling and running Nagios plugins.

Example:
You might need Apache and PHP for specific Nagios plugins or web interfaces on the remote server.

Step 3: Install NRPE and Nagios Plugins

Just like on the master server, you need to install NRPE and the necessary Nagios plugins on the remote server:

cd /opt
sudo rpm -Uvh http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
sudo yum --enablerepo=epel -y install nrpe nagios-plugins nagios-plugins-all
sudo yum install -y nagios-plugins-nrpe
sudo yum --enablerepo=epel -y list nagios-plugins*

Explanation:

• cd /opt: Navigates to the /opt directory, a common place for third-party software installations.
• rpm -Uvh: Installs the EPEL repository, enabling access to additional packages.
• nagios-plugins-all: Ensures that all available Nagios plugins are installed, allowing for comprehensive monitoring capabilities.

Example:
Listing all plugins with yum list confirms that the necessary monitoring tools are available.

Configuring NRPE on the Remote Server

Now that NRPE is installed, we need to configure it to allow communication with the Nagios master server.

Step 4: Configure NRPE

Edit the NRPE configuration file to allow the Nagios master server to communicate with NRPE on the remote server:

sudo vim /etc/nagios/nrpe.cfg

Locate the allowed_hosts directive and modify it as follows:

allowed_hosts=127.0.0.1, 192.100.10.10

Explanation:

• allowed_hosts: Specifies the IP addresses that are allowed to communicate with NRPE on the remote server. 127.0.0.1 is the localhost, and 192.100.10.10 is the IP address of your Nagios master server.

Example:
This configuration ensures that only your Nagios server can send commands to the NRPE daemon on the remote server.

Step 5: Enable and Start NRPE

Enable and start the NRPE service so that it automatically starts on boot and begins running immediately:

sudo systemctl enable nrpe.service
sudo systemctl start nrpe.service

Explanation:

• systemctl enable: Configures the NRPE service to start at boot.
• systemctl start: Starts the NRPE service immediately.

Example:
You can check the status of the service with sudo systemctl status nrpe.service to confirm it’s running.

Configuring the Firewall

To ensure that NRPE traffic is allowed, we need to configure the firewall on the remote server.

Step 6: Install and Configure Firewalld

If the firewall is not already installed, you need to install it:

sudo yum install firewalld
sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo systemctl status firewalld

Explanation:

• firewalld: A firewall management tool that provides a dynamic interface for managing firewall rules.
• systemctl: Commands to start, enable, and check the status of firewalld.

Example:
This ensures your firewall is active and configured to manage network traffic securely.

Step 7: Allow NRPE Port in the Firewall

Open the necessary port (TCP 5666) for NRPE communication:

sudo firewall-cmd --zone=public --add-port=5666/tcp --permanent
sudo firewall-cmd --reload

Explanation:

• firewall-cmd: A command-line tool for managing firewalld.
• --add-port=5666/tcp: Opens TCP port 5666, the default port for NRPE.
• --permanent: Makes the rule persistent across reboots.
• --reload: Reloads the firewall rules to apply the changes immediately.

Example:
You can verify that the port is open by running sudo firewall-cmd --list-ports.

Step 8: Verify Network Configuration

Finally, check the network configuration to ensure everything is set correctly:

ifconfig

Explanation:

• ifconfig: Displays the current network configuration, showing IP addresses and other details for your network interfaces.

Example:
Ensure that the IP address matches what you’ve configured in your Nagios server and NRPE settings.

By following these steps, you have successfully configured your remote server for monitoring by Nagios. With NRPE installed and configured, your Nagios master server can now monitor services on this remote server, ensuring that you have a comprehensive overview of your network’s health.