MUNIN - monitoring and graphing system

Munin version

1.2.3

Introduction

Munin is a tool for graphing all sorts of information about one or more servers and displaying it in a web interface. It uses the execellent RRDTool (written by Tobi Oetiker) and is written in Perl. Munin has a master/node architecture. The master connects to all the nodes at regular intervals, and asks them for data. It then stores the data in RRD-files, and (if needed) updates the graphs. One of the main goals has been ease of creating own "plugins" (graphs). -- from Munin homepage

Installation

To install master: aptitude install munin.
To install node: aptitude install munin-node.

Configuration

In general, configuration is easy and logging give plenty of information for debugging when it isn't working as expected. Documentation is at http://www.linpro.no/projects/munin/munin-doc.html .

Master

Edit /etc/munin/munin.conf to:

set htmldir to point to where you want reports to be written and served to the web from

add localhost first, as a local node (see attached munin.conf)

[myhost.mydomain.net]
  address 127.0.0.1
  use_node_name yes

Then, create virtual host for apache (see attached munin.socialtools.net vhost).

Localhost as a Node

Default config from debian package, /etc/munin/munin-node.conf, is enough to start with.

Remote Node

Log into remote node and install node package. Default config is fine, as long as ssh tunnel is used for remote conenction. Make sure that munin node is running:

me@myremotehost:~$ telnet localhost 4949
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
# munin node at myremotehost.mydomain.net

Back to the master server, add to the master config new node, where PORT is the port number that ssh tunnel will connect to on the localhost:

[myremotehost.mydomain.net]
    address 127.0.0.1 
    port PORT
    use_node_name yes

You need a system for the ssh tunnel which exists on both master and node server, and which has an ssh key created on the master its public key copied onto node server. As Munin FAQ states: You should protect against misuse of ssh by creating a special key (and possibly also a special user). On the node, put something like this in ~user/.ssh/authorized_keys: from="myhost.mydomain.net",command="/bin/false",no-pty,no-X11-forwarding,no-agent-forwarding,no-port-forwarding,permitopen="localhost:4949" ssh-dss AAAAB3...... See How can I use an SSH tunnel to connect to a node? from the munin FAQ for more.

On remote host, add a new user for remote logins by munin, limiting it to use of keys: adduser --disabled-password --shell /bin/false remunin

To set up ssh tunnel with (where PORT is the localhost port that munin master will connect to to reach the node):

ssh -L PORT:localhost:4949 -f -N -i user_key_file user@myremotehost.mydomain.net

Test connectivity:

me@mymaster$ sudo -u munin telnet localhost PORT
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
# munin node at myremotehost.mydomain.net
version 
munins node on myremotehost.mydomain.net version: 1.2.3

To test data being gathered by munin master from a remote node, do on the master server:

sudo -u munin /usr/share/munin/munin-update --host myremotehost.mydomain.net

Check log at /var/log/munin/munin-update.log for results of data collection by the munin-update command you just issued.

Node operations

connect to munin client

On the node server: telnet localhost 4949

On the master server: telnet localhost PORT with port being the port of the node you want to connect to, as specified in munin.conf

check available monitors

Asks client to list all items available for query for this host. If no host is given, default to host that runs the munin-node. Example of such telnet session:

me@myhost:~$ telnet localhost 4949
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
# munin node at myhost.net
list
open_inodes if_err_eth0 irqstats entropy processes if_eth0 df netstat
interrupts swap load cpu df_inode postfix_mailvolume forks iostat
open_files memory exim_mailstats exim_mailqueue vmstat

get current value of a monitor

fetch monitor

Session example:

me@myhost.net:~$ telnet localhost 4949
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
# munin node at myhost.net
fetch load
load.value 0.38
.

get configuration of a monitor

config monitor

Session example:

me@myhost:~$ telnet localhost 4949
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
# munin node at myhost.net
config load
graph_title Load average
graph_args --base 1000 -l 0
graph_vlabel load
graph_scale no
graph_category system
load.label load
load.warning 10
load.critical 120
graph_info The load average of the machine describes how many
processes are in the run-queue (scheduled to run "immediately").
load.info Average load for the five minutes.
.

Munin documentation on master/node API

http://munin.projects.linpro.no/file/trunk/README.api

Configuring additional monitors

Node: setup monitoring number of processes runing with user sympa

See documentation in the source code of the monitor. On the node, set it up:

ln -s /usr/share/munin/node/plugins-auto/psu_ /etc/munin/node.d/psu_sympa

Master: check

Run following on the master to gather value of the monitor you just setup, for the given host:

sudo -u munin /usr/share/munin/munin-update --service psu_sympa --host rabelais.socialtools.net --debug

In the munin-update log, in our case at /var/log/munin/munin-update.log, you should get:

Sep 24 19:39:43 [18685] - Fetching service: rabelais.socialtools.net->psu_sympa
Sep 24 19:39:43 [18685] - Updating /var/lib/munin/socialtools.net/rabelais.socialtools.net-psu_sympa-count-g.rrd with 7
Sep 24 19:39:43 [18685] - Fetched service: rabelais.socialtools.net -> psu_sympa (0.11 sec)

-- ToniPrug - 13 Aug 2005
to top