This guide will go over setting up an additional Sensu
Client that will communicate over SSL and be outside your network.  (I assume you have the ability to port
forward traffic from outside your network to your Sensu master)
I currently have a set up with a Sensu Master, with its own
client running on the same machine, and two other client Sensu machine one
sends data via SSL and the other does not. 
All these servers are in my network.
I put up articles on how I set these up at http://www.whiteboardcoder.com/2014/10/sensu-getting-started.html
Creating another Sensu Client with SSL 
Before I get too far, the
server I am installing this on is running Ubuntu 10.04 (it's an older server I
have had running in AWS for a few years) 
My other Sensu Servers, including the Master, are all running on Ubuntu
14.04.
| 
    > sudo apt-get update 
    > sudo apt-get upgrade | 
Install Sensu
Edit to /etc/apt/sources.list
| 
    > sudo vi /etc/apt/sources.list | 
Append this to the end
| 
deb http://repos.sensuapp.org/apt sensu main | 
Add an ssl key
| 
    > wget -q
  http://repos.sensuapp.org/apt/pubkey.gpg 
    > sudo apt-key add pubkey.gpg 
    > sudo apt-get update | 
Install Sensu
| 
    > sudo apt-get install sensu | 
Create the client.json file
Create the
client.json file
| 
    > sudo vi
  /etc/sensu/conf.d/client.json | 
And place the
following in it
| 
{ 
  "client": { 
    "name": "aws-client", 
    "address": "www.example.com", 
    "subscriptions": [  "aws-client" ], 
    "safe_mode":true 
  } 
} | 
Create the rabbitmq.json file
Create the
rabbitmq.json file.
| 
    > sudo vi
  /etc/sensu/conf.d/rabbitmq.json | 
Put the following in
it, host contains the Master Sensu hostname or IP address, make sure to change
it to your setup.
| 
{ 
  "rabbitmq": { 
    "ssl": { 
     
  "cert_chain_file": "/etc/sensu/ssl/cert.pem", 
     
  "private_key_file": "/etc/sensu/ssl/key.pem" 
    },   
    "host": "sensu-master.example.com", 
    "port": 5671, 
    "vhost": "/sensu", 
    "user": "sensu", 
    "password":
  "mypassword" 
  } 
} | 
Copy over the SSL certificates from the Sensu Master Server
to this server. 
From the Sensu Master run something like this
| 
    > scp /etc/sensu/ssl/* sensu-master.example.com: | 
Then from the new client, something like this
| 
    > sudo mkdir /etc/sensu/ssl 
    > sudo cp *.pem /etc/sensu/ssl/ | 
Install Ruby
I had to change how I
installed ruby from my last tutorial.  If
I had done the following
| 
    > sudo apt-get install ruby ruby-dev
  build-essential | 
It only installs ruby 1.8.7 and I don't seem to have access
to gems. (I am new to ruby so forgive me if that sounds ignorant)
I found this guide https://github.com/Hack56/Rails-Template/wiki/Installing-Ruby-via-RVM-on-Ubuntu-Lucid-10.04
[1] showing how to install Ruby 1.9.3 using RVM. 
Here are the steps I used.
Download the rvm installer
and run it
| 
    > sudo bash -s stable < <(curl
  -s https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer) | 
Install build essentials it
needs
| 
    > sudo apt-get install build-essential
  bison openssl libreadline6 libreadline6-dev curl git-core zlib1g zlib1g-dev
  libssl-dev libyaml-dev libsqlite3-0 libsqlite3-dev sqlite3 libxml2-dev
  autoconf libxslt-dev | 
Log out and back in.
Add users to the rvm group
| 
    > sudo usermod -a -G rvm patman | 
Install RVM
| 
    > rvmsudo rvm install 1.9.3 | 
Set the default version to use.
| 
    > rvm use 1.9.3 --default | 
Make sure it worked.
| 
    > ruby --version | 
It worked!
If I do a quick check on gem
| 
    > which gem | 
I see that is working too.
But, if I run
| 
    > sudo ruby --version | 
I am still getting 1.8.7
How do I fix this?  I
logged in as root and update the symbolic links
| 
    > sudo su root 
    > rm /usr/bin/ruby 
    > ln -s
  /usr/local/rvm/rubies/default/bin/ruby /usr/bin/ruby 
    > ln -s
  /usr/local/rvm/rubies/default/bin/gem 
  /usr/bin/gem | 
Now it works J 
Install the sensu-plugin gem
Install the sensu-plugin gem
| 
    > sudo gem install sensu-plugin | 
Next I need to install the
mixlib-cli gem
| 
    > sudo gem install mixlib-cli | 
Add Checks
I have two current checks that I want to add this new
caws-client as a subscriber.  I am going
to update the file on the Sensu Master (adding the new subscriber) and then
copy them over to the new remote sensu client. 
From the Master server edit
the following check
| 
    > sudo vi
  /etc/sensu/conf.d/check_file.json | 
Adding the client-2 as a new
subscriber
| 
{ 
   
  "checks": { 
       
  "check_file": { 
           
  "handlers": [ 
               
  "default" 
           
  ],   
           
  "command": "/etc/sensu/plugins/check-file.rb
  -f /home/patman/test.txt", 
           
  "interval": 60,  
           
  "occurrences": 3, 
           
  "subscribers": [ 
              
  "check-from-sensu-master", 
              
  "client-1", 
              
  "client-2", 
              
  "aws-client" 
           
  ]    
       
  }    
    }    
} | 
And edit the second check
| 
    > sudo vi
  /etc/sensu/conf.d/check_second_file.json | 
Adding the client-2 as a new
subscriber
| 
{ 
   
  "checks": { 
       
  "check_file_2": { 
           
  "handlers": [ 
               
  "default" 
           
  ],   
           
  "command": "/etc/sensu/plugins/check-file.rb
  -f /home/patman/test-2.txt", 
           
  "interval": 60,  
           
  "occurrences": 3, 
           
  "subscribers": [ 
            
    "client-1" , 
              
  "client-2", 
              
  "aws-client" 
           
  ]         
       
  }    
    }    
} | 
Restart the Sensu Master Services
| 
    > sudo
  service sensu-server restart && sudo service sensu-api restart | 
Now I need to copy these checks and the actual ruby code
over from Master to the new remote client.
Here is the check-file.rb file (just in case you don't
already have it from the prior tutorial)
| 
#!/usr/bin/env ruby 
require
  'sensu-plugin/check/cli' 
class CheckFile
  < Sensu::Plugin::Check::CLI 
  option :file, 
         :description => "Path to
  file", 
         :short => '-f FILE', 
         :long => '--file FILE', 
         :required => true 
  def initilize 
    super 
  end 
  def run 
    #ok("its fine") 
    if(File.exists?(config[:file])) 
      ok("The file '" +
  config[:file] + "' Exists! 
  :)") 
    else 
      critical("The file '" +
  config[:file] + "' dose not Exists! :(") 
    end 
  end 
end | 
And the two checks
check_file.json  (you may need to change the path, unless your
username is patman too)
| 
{ 
    "checks": { 
        "check_file": { 
            "handlers": [ 
                "default" 
            ], 
            "command": "/etc/sensu/plugins/check-file.rb
  -f /home/patman/test.txt", 
            "interval": 60, 
            "occurrences": 3, 
            "subscribers": [ 
              
  "check-from-sensu-master", 
               "client-1", 
               "client-2", 
               "aws-client" 
            ] 
        } 
    } 
} | 
check_second_file.json (you
may need to change the path, unless your username is patman too)
| 
{ 
    "checks": { 
        "check_file_2": { 
            "handlers": [ 
                "default" 
            ], 
            "command": "/etc/sensu/plugins/check-file.rb
  -f /home/patman/test-2.txt", 
            "interval": 60, 
            "occurrences": 3, 
            "subscribers": [ 
               "client-1", 
               "client-2", 
               "aws-client" 
            ] 
        } 
    } 
} | 
Or if you already have them
on the Sensu Master server copy them over.
| 
  > scp /etc/sensu/conf.d/check_*.json sensu-master.example.com: 
  > scp /etc/sensu/plugins/check-file.rb sensu-master.example.com: | 
Then from the new Sensu Client move then to the correct
place.
| 
  > sudo cp check_*.json
  /etc/sensu/conf.d/ 
  > sudo cp check-file.rb
  /etc/sensu/plugins/ | 
Start up the client Sensu service
| 
  > sudo
  service sensu-client restart | 
Enable the services
to start automatically
Run the following
command
| 
  > sudo update-rc.d sensu-client defaults | 
At this point it
should try to connect and fail.  Looking
at the sensu client log on the remote server.
| 
  > tail
  -f /var/log/sensu/sensu-client.log | 
This is because I am
not forwarding the correct ports from outside my network to my Sensu Server.
I forwarded port 5671 to my
Sensu server.  I could show you how I did this but I doubt
you have the same DSL modem I do J
Restart the Sensu
client on the remote server.
| 
  > sudo update-rc.d sensu-client defaults | 
Opening my Uchiwa
Sensu dashboard at http://192.168.0.150:3000/ 
I now have 4
clients, which in my case is one more than I had a minute ago!  I think its talking to it.
In fact if I look at
RabbitMQ at  http://192.168.0.150:15672/#/connections
RabbitMQ is getting data from the remote server.
The new server client is triggering two alerts.  
I need to create two files to remove these alerts.  (Each of my two Sensu checks are looking for
a File to exists on my system)
Let me quickly create them.
| 
  > touch
  ~/test.txt 
  >
  touch  ~/test-2.txt | 
Now my dashboard is clean.
I can see the new AWS remote server is communicating via SSL
to my Sensu server.
That's it for this tutorial.
References
Epic Goal: My goal is to figure out how to use Sensu to moni
Epic Goal: My goal is to figure out how to use Sensu to moni
 












No comments:
Post a Comment