如何在Ubuntu/Debian Linux服务器上安装和使用Monit作为流程监控工具
时间:2020-01-09 10:39:17 来源:igfitidea点击:
如何在Debian或Ubuntu Linux上失败时安装和配置监控程序,以重新启动Nginx/Apache/OpenVPN服务器等服务?
Monit是一个免费的开源软件,可充当过程监督。
它具有重启失败服务的能力。
您可以出于相同目的使用Systemd,daemontools或任何其他此类工具。
本教程显示了如何在Debian或Ubuntu Linux上将monit安装和配置为进程监督。
monit的作用是什么?
Monit是用于管理和监视Unix系统的小型开源实用程序。
Monit会进行自动维护和修复,并且可以在错误情况下执行有意义的因果操作。
具有系统监视和错误恢复所需的所有功能。
就像在服务器上使用带有工具箱的看门狗一样。
监视与本地主机或远程主机上的各种服务器的网络连接。
支持TCP,UDP和Unix域套接字。
网络测试可以在协议级别执行; Monit具有针对主要Internet协议(例如HTTP,SMTP等)的内置测试。
如果发生错误情况,例如,Monit可以采取行动。
如果sendmail未运行,则Monit可以自动再次启动sendmail,或者apache使用的资源过多(例如,正在进行DoS攻击),Monit可以停止或重新启动apache并向您发送警报消息。
安装monit
执行以下apt-get命令/apt命令:
$ sudo apt-get install monit
如何在启动时启用监控服务?
执行以下命令:
$ sudo systemctl enable monit
如何启动/停止/重启监控服务?
语法为:
$ sudo systemctl status monit $ sudo systemctl stop monit $ sudo systemctl restart monit $ sudo systemctl start monit
配置监控
您需要编辑以下文件:
- 主配置文件:/etc/monit/monitrc
- 进程/服务器特定文件的目录:/etc/monit/conf-available /和/etc/monit/conf-enabled /
让我们使用诸如vim命令或nano命令之类的文本编辑器来编辑/etc/monit/monitrc:
$ sudo vi /etc/monit/monitrc
或者
$ sudo nano /etc/monit/monitrc
首先设置警报接收者的电子邮件地址(必须将您的Linux框配置为路由电子邮件。
set alert admin@your-domain-name-here
使用以下语法可能只获得有关安全性的警报:
set alert security@your-domain-name-here on { checksum, permission, uid, gid }
请注意,默认情况下,monit在服务失败时仅发送一封电子邮件通知,而在服务恢复时则仅发送一封电子邮件通知。
例如,如果您希望在服务保持失败状态时每五个周期收到一次通知,则可以使用:
alert [email protected] with reminder on 5 cycles
启用嵌入式HTTP接口,该接口可用于查看监视的服务状态并通过Web界面管理服务:
set httpd port 2812 and
use address localhost # only accept connection from localhost
allow localhost # allow localhost to connect to the server and
allow admin:monit # require user 'admin' with password 'monit'
保存并关闭文件。
如何配置监视我自己的名为foo的进程的monit?
创建一个名为/etc/monit/conf-available/foo的文件:
$ sudo vi /etc/monit/conf-available/foo
追加以下配置:
check process foo
matching "foo"
start program = "/etc/init.d/foo start"
stop program = "/usr/bin/killall foo"
保存并关闭文件。
启用它:
$ sudo ln -s /etc/monit/conf-available/foo /etc/monit/conf-enabled/
检查并运行monit控件/配置文件的语法检查:
$ monit -t `Control file syntax OK`
重新加载monit,运行:
$ sudo /etc/init.d/monit reload
或者
$ sudo systemctl reload monit
如何为OpenVPN服务器配置监控程序?
OpenVPN是一个免费的开源VPN服务器,适用于Linux和类似Unix的系统。
确保OpenVPN由于某种原因死亡时启动:
$ sudo vi /etc/monit/conf-available/openvpn
追加以下配置:
check process openvpn with pidfile /var/run/openvpn/server.pid group nogroup start program = "/etc/init.d/openvpn start" stop program = "/etc/init.d/openvpn stop" if failed host localhost port 1194 then restart if 5 restarts with 5 cycles then timeout depend on openvpn_bin check file openvpn_bin with path /usr/sbin/openvpn group nogroup include /etc/monit/templates/rootbin
保存并关闭文件。
启用它:
$ sudo ln -s /etc/monit/conf-available/openvpn /etc/monit/conf-enabled/
检查并运行monit控件/配置文件的语法检查:
$ monit -t `Control file syntax OK`
重新加载monit,运行:
$ sudo /etc/init.d/monit reload
或者
$ sudo systemctl reload monit
如何配置监视MariaDB/MySQL服务器的监控程序?
$ cat /etc/monit/conf-available/mysql
输出示例:
check process mysqld with pidfile /var/run/mysqld/mysqld.pid group database group mysql start program = "/etc/init.d/mysql start" stop program = "/etc/init.d/mysql stop" if failed host localhost port 3306 protocol mysql with timeout 15 seconds for 3 times within 4 cycles then restart if failed unixsocket /var/run/mysqld/mysqld.sock protocol mysql for 3 times within 4 cycles then restart if 5 restarts with 5 cycles then timeout depend mysql_bin depend mysql_rc check file mysql_bin with path /usr/sbin/mysqld group mysql include /etc/monit/templates/rootbin check file mysql_rc with path /etc/init.d/mysql group mysql include /etc/monit/templates/rootbin
如何为Nginx服务器配置监控?
$ cat /etc/monit/conf-available/nginx
输出示例:
check process nginx with pidfile /var/run/nginx.pid group www group nginx start program = "/etc/init.d/nginx start" stop program = "/etc/init.d/nginx stop" if 5 restarts with 5 cycles then timeout depend nginx_bin depend nginx_rc check file nginx_bin with path /usr/sbin/nginx group nginx include /etc/monit/templates/rootbin check file nginx_rc with path /etc/init.d/nginx group nginx include /etc/monit/templates/rootbin
如何为Apache服务器配置监控程序?
$ cat /etc/monit/conf-available/apache2
输出示例:
check process apache with pidfile /var/run/apache2/apache2.pid group www group apache start program = "/etc/init.d/apache2 start" stop program = "/etc/init.d/apache2 stop" if 4 restarts within 20 cycles then timeout if failed host localhost port 80 with protocol http and request "/server-status" with timeout 25 seconds for 4 times within 5 cycles then restart depend apache_bin depend apache_rc check file apache_bin with path /usr/sbin/apache2 group apache include /etc/monit/templates/rootbin check file apache_rc with path /etc/init.d/apache2 group apache include /etc/monit/templates/rootbin
如何为OpenSSH SSHD服务器配置监控程序?
$ cat /etc/monit/conf-available/openssh-server
示例配置:
check process sshd with pidfile /var/run/sshd.pid group system group sshd start program = "/etc/init.d/ssh start" stop program = "/etc/init.d/ssh stop" if failed host localhost port 22 with proto ssh then restart if 5 restarts with 5 cycles then timeout depend on sshd_bin depend on sftp_bin depend on sshd_rc depend on sshd_rsa_key depend on sshd_dsa_key check file sshd_bin with path /usr/sbin/sshd group sshd include /etc/monit/templates/rootbin check file sftp_bin with path /usr/lib/openssh/sftp-server group sshd include /etc/monit/templates/rootbin check file sshd_rsa_key with path /etc/ssh/ssh_host_rsa_key group sshd include /etc/monit/templates/rootstrict check file sshd_dsa_key with path /etc/ssh/ssh_host_dsa_key group sshd include /etc/monit/templates/rootstrict check file sshd_rc with path /etc/ssh/sshd_config group sshd include /etc/monit/templates/rootrc
请记住,您必须使用ln命令链接这些文件并重新加载monit服务器。
$ cd /etc/monit/conf-enabled/ $ sudo ln -s /etc/monit/conf-available/openssh-server $ sudo ln -s /etc/monit/conf-available/nginx $ sudo ln -s /etc/monit/conf-available/mysql $ sudo ln -s /etc/monit/conf-available/apache2 $ sudo monit -t $ sudo /etc/init.d/monit reload
如何从CLI查看监控信息?
运行以下命令以查看monit的快速摘要:
$ sudo monit summary
输出示例:
The Monit daemon 5.16 uptime: 1h 9m Process 'openvpn' Running File 'openvpn_bin' Accessible System 'blr-theitroad-do-0001' Running
要查看监视运行的状态:
$ sudo monit status
输出示例:
打印服务状态信息。
要仅查看有关openvpn进程的详细信息,请执行以下操作:
$ sudo monit status openvpn
输出示例:
The Monit daemon 5.16 uptime: 1h 15m Process 'openvpn' status Running monitoring status Monitored pid 31577 parent pid 1 uid 65534 effective uid 65534 gid 65534 uptime 1h 17m threads 1 children 0 memory 6.1 MB memory total 6.1 MB memory percent 1.3% memory percent total 1.3% cpu percent 0.0% cpu percent total 0.0% port response time 2.091 ms to [localhost]:443 type TCP/IP protocol DEFAULT data collected Sun, 25 Jun 2016 00:12:40
如何查看监控日志文件?
您可以按以下方式使用tail命令:
$ sudo tail -f /var/log/monit.log
输出示例:
[IST Jun 24 23:54:40] info : Starting Monit HTTP server at [localhost]:2812 [IST Jun 24 23:54:40] info : Monit HTTP server started [IST Jun 24 23:54:40] info : 'blr-theitroad-do-0001' Monit reloaded
或按以下方式使用grep命令在日志文件中搜索内容:
$ grep foo /var/log/monit.log $ grep sshd /var/log/monit.log $ grep openvpn /var/log/monit.log
输出示例:
[IST Jun 24 22:55:28] info : 'openvpn' start: /etc/init.d/openvpn
要从Web浏览器查看和控制监控,请在浏览器中执行服务器url(前提是您如上所述配置了set http):
http://server1.theitroad.local:2812
