User: Dclark/Events
Contents
John Rouillard - Nagios and SEC
- Slides: http://www.bblisa.org/slides/200701-rouillard.pdf
- SEC: http://www.estpak.ee/~risto/sec/
- Nagios: http://www.nagios.org/
Nagios
Nagios, unlike some other FLOSS software, has Correlation - parents and others
- Limited cause/effect detection
- Don't use host_name in "define service" stanza -- use hostgroup_name instead!
- Has test on each host where it looks up it's own name to make sure dns is working on that host
- Flap detection is problematical - he leaves it turned off
- Nagios can put performance data "somewhere" - DB, RRD etc.
- is_volitile useful in special cases
- read the manual - twice
Correlation - find the fingerprint - only be notified of things that matter
Nagios 3 will support defining own variables - write up on hack to do this now how to monitor SSL is on nagios-users list (find post) check_ldaps
- I think this post is: http://article.gmane.org/gmane.network.nagios.user/40093/match=ldaps
Servicegroup - bundle of group of services that provide a customer-visable server (e.g. db2, websphere app server, apache)
Serviceextifo/Hostextinfo going away in Nagios 3 -- info shifts to becoming attributes of service and host objects
Nagios 3 in alpha now.
- Nagios really a service monitoring program, not a host monitoring system
Many other monitoring projects are missing correlation.
Nagios 2 - host checks are done in series (In Nagios 3, they will be in paralel)
Correlation includes (slide) Topology, Thresholds, Service, Cluster (meta) plugin, Flap detection (doesn't quite work, but SEC replaces it)
Tricks:
- Links to TWiki for a knowlege base for services, hosts, addl commands
- Can change html pages - he has "Unack Svc Probs" - on call person lives in this screen
- Downtime scheduling
- He uses cacti and rt integrated with twiki - interesting feature - find last ticket in RT that mentions system
- connect via (ajaxterm?)
- look at nagios definitiaons
- (cacti not from nagios - he doesn't like nagios for rrd suff - he uses drraw instead)
- Also have wiki pages for services
- Nagios just has link - no dual-way automation, but don't really need it in this case - wiki-side template for hosts and services do exist however
SEC
- Is very passive
- often times you may need to hook rule types together -- in groups
- only useable in real time at the moment
- can do everything that nagios does except topoplgy
Plugin talks to device, sec determines severity level, gives data back to nagios (nagios not time aware, sec is)
- He has created patch to Nagios that allows te active events to be passed through to sec - patch is in beta this month, still 2 open slots for more beta testers - beta period will last at least 2 months.
When used with nagios his patch adds:
- counting ok states before reamrming
- differeent triggers or polling interval on analysis of error not just non-ok severity
- changing trouble thresholds per time period/activity
- SEC also monitors nagios log file - often this file will show nagios configuration errors
Contexts
- See ssh example in 2004 lisa paper (http://www.cs.umb.edu/~rouilj/sec/)
Nagios is good at "what is hapening now"; sec is good at figuring out "how I got to now"
- His patch will be released under GPL
- Personal Website: www.cs.umb.edu/~rouilj
- easy: passive service event -> nagios
- trick here is getting active stream from Nagios
OpenNMS (in 2004) - didn't have good correlation compared to nagios, and certainly not comperable to SEC
- Does it have correlation now?
- It used to have thresholding issues as well, and may still
ZenOSS:
- He couldn't see correlation aspects that he really needed.
Temperature censors - lmsensors and smartcontrol can be used instead of stand-alone devices in some cases
Some tricks:
- Rack as host - if 3 boxes in rack have high temp, rack is overheated
- Room as host - "room is on fire' alert if 3 racks have high temp
- But really needed "room is underwater" alert :-)
- Q: lots of host - does he manual edit? A: Yes, but working towards defining every host once in config (his config mgmt app, akin to cfengine/puppet/bcfg2/lcfg)
- automation issue: Think of a host group as a set, nagios only has set subtraction - makes automation very difficult
- could just not use hostgroups, but then that makes the nagios web GUI suck
- hostgroups for admin data
- Groundworks stuff may be pretty good for automating config for lots if machines - http://www.groundworkopensource.com/products/os-overview.html
- Nagios 3 isn't going to push config into DB - Nagios 4 might.
- Oreon graphical interface for nagios - out of france - might be nice - http://www.oreon-project.org/
Cool wiki integration stuff
These are notes from a follow-up email I sent John (John's writing).
> BTW is your neat TWIKI integration with nagios et al doc'ed anywhere > >public? Not the code, just would be interested in the list of things you > >integrated / screenshots. Hmm, I don't think so. I was doing a live demo for BBLISA, I suppose I could doc it up. Basically add: #generic serviceextinfo entry template define serviceextinfo { register 0 name generic-service notes_url /twiki/bin/view/Main/NagSvc$SERVICEDESC$?templatetopic=NagSvcTemplate&host=$HOSTNAME$&service=$SERVICEDESC$&alias=$HOSTALIAS$ action_url /twiki/bin/view/Main/NagSvc$SERVICEDESC$?host=$HOSTNAME$&service=$SERVICEDESC$&state=$SERVICESTATE$&output=$SERVICEOUTPUT$&alias=$HOSTALIAS$&templatetopic=NagSvcTemplate#ServiceFunctions } This add notes and services links for the service. e.G. for service FooStuff it adds a link to the NagSvcFooStuff page. It passes in the hostname, alias, service name and uses as a templatetopic when the page doesn't exist NagSvcTemplate. If you are using the action link it jumps to the ServiceFunctions bookmark. For all your serviceextinfo declarations use generic service: define serviceextinfo{ service_description SomeTwikiWord hostgroup_name ... notes ... use generic-service } Also I did something similar for the hostextinfo setup. In TWiki I had to modify as the TWiki.WebTopicViewTemplate so that the link to create the new page read: * Continue to <a href="%SCRIPTURLPATH%/edit%SCRIPTSUFFIX%/%WEB%/%TOPIC%?templatetopic=%URLPARAM{"templatetopic" default =""}%&host=%URLPARAM{"host" default =""}%&formtemplate=%URLPARAM{"formtemplate" default =""}%&alias=%URLPARAM{"alias" default =""}%"><b>Create the new page</b></a> as the oops page wasn't passing the query parameters along and the edit box wasn't getting some of the parameters set. The 4 templates: NagSvcTemplate NagSvcFunctionsTemplate NagHostTemplate NagHostFunctionsTemplate are in the attached tar file. Hopefully those will give you some idea of what we do with them. We have a few auxilary twiki pages that have embedded searches in them that allow us to aggregate machine name, serial number, asset tag and purchase date for our accounting people and for audit use. Also we have other pages that list our rack layouts (basic 5 column twiki table with U number, front of rack equipment, rear of rack equipment, left and right power strip info). The equipment is put in the racks using the twiki NagHost page name so we can click on it and get more info. But this also means we can pull the info from the rack page to id the U that the piece of equipment is at. (Ideally we would have seperate SiteRackOne SiteRackTwo .. pages that we could search so we wouldn't have to manually enter the site and rack info but...) Anyway if you have more questions feel free to shoot them over here. I'll be traveling for the next couple of days but I'll get around to them.
Python meetup 2008-06-18
3 Presentations:
- Brian - Google Apps Engine
- PK - Django
- Nate - Pylons
Google Apps Engine
- Tim Bernes-Lee uses Python
- Download SDK - also check license
- Supports their own web platform, and Django
- Brett Canon - Sandbox mode python
- -> -> Talk to guy who was interested in this stuff - looks a bit like desai - send link to clipperz (?) project
- Check: Google a member of dataportability.org?
J2EE to Django: Ready for the Enterprise?
- QuerySet - lazy, chainable
- use new forms package (but it's really limited) - under active discussion
- Lack of AJAX support (vs. RoR great support) - position is you get to decide on AJAX package - JQuery recommended
- Lack of IDE support
- Dynamic typing makes development with large #s of people difficult
- Waiting for 1.0 - email support, ORM, newforms, mail, argument names, textile - Sep 2008!
Cool things to try:
- Write a custom tag - application specific, helper tags
- Write a context processor
- Test client - unit tests as web browser - works well, trick is that if URLs change, have to change all tests.
If something breaks, get stack trace, pretty useless. Pet peeve.
Pylons
- DevHouseBoston / BetaHouse - All day coding jam session - Python, Ruby, etc.
- Ian Bicking - VirtualM - little python sandbox - local vs global python
MIT SIPB IAP 2009 Debian Packaging
Class Link
General Documentation
Random Notes
diffstat < (gunzup -c .. ; cat ...) debian/control file - want "Replaces" for -fsf3 linux debhelper (dh_) is old; newer / simpler is cdbs "common debian build system" libpam-afs-session (lenny or later) to get package not in your repo: * copy link for dsc file ---> * dget (path to dsc file) upstream-debian revision number (how debian package releases are named) "ubuntu1debathena3" is legal ---> So gNewSense needs things like "ubuntuXgnewsenseY" Make sure that new upstream versions superscede your own New changelog entry: "dch" dch -v 1.5-1broder1 (opens editor with correct formatting for new entry) 2 environmnet variables: DEBEMAIL="" DEBFULLNAME="" (export in .bashrc) wc -l rules (94 lines long) for libpam-afs-session from hardy ... so we want to make it into a cdbs rules file instead #!/usr/bin/make -f include /usr/share/cdbs/1/rules/debhelper.mk include /usr/share/cdbs/1/class/autotools.mk DEB_CONFIGURE_EXTRA_FLAGS := --enable-... yada yada To build a package: debuild -us -uc "-i -I" -- don't include version control files (.svn etc) -- See also debathena doc. Can ignire changelog-should-mention-nmu and source-nmu-had-incorrect-version-number "missing-build-dependancy" *does* matter aptitude show build-essential --> shows what the packages are that you prob don't need to specify in depends. dpkg -c -->> what does this do? make file not installing your files? Use dh_install 1: use the command line: dh_install yada.so lib/security 2: look at file to do it - more normal (in man page of the debhelper util - "man dh_install") - so debian/packagename.install looks like: pam_afs_session.so lib/security man page install: dh_installman ; so packagname.manpages like: man_page_name.5 invirt - behind xvm invirt-vnc-client (has patches dir under debian - via quilt) - handles a series of patches that should be installed in a certain order. ~/.quiltrc need certain line - see debathena doc quilt new {patchname} quilt edit (to edit a file under a certain patch) -- IMPORTANT quilt pop (-a for all) quilt push (-a for all) other trick you need to use: add include /usr/share/cdbs/1/rules/patchsys-quilt.mk in your debian/rules file install/yada: (look in it) -- to doa mod before deiified DEB_PYTHON_SYSTEM=pysupport (sipb prefers this to pycentral - may be push to merge the 2) debathena-quota DEB_AUTO_UPDATE_DEBIAN_CONTROL = 1 (need to have a control.in file with @cdbs@) - catch is that it is very frowned upon by debian archive maintainers because it changs source package at build time. debathena may be removing it soon. DO NOT USE - ENDS UP JUST BEING CONFUSING if confifure.in but no configure - DEB_AUTO_UPDATE_AUTOCONF = 1 - has to be *before* include ALSO debhelper.mk needs to be included before other things. common-install-impl:: target (reference cdbs doc) ---> buildcore.png -- get a massive poster of this In debathena, clean:: target is often used to try to restore orignial package state - eg rm configure debpackaging/exercises http://web.mit.edu/sipb-iap/www/debpackaging/exercises/EXERCISES To see if got right: use debdiff (two .deb files), will tell you how they differ. Can also diffstat - see if need to work on clean target. debathena often has ~debian4.0 to end of string to make them all be able to be in same apt repository. ~ = binary nmus -- WEIRD sorting in debian on tilde. Followed by other things also strange. Odd. + = specific to env version QUESTION: how does debuild differ from dpkg-buildpackage? debuild creates all the files necessary for uploading a Debian package. It first runs dpkg-buildpackage, then runs lintian and/or linda on the .changes file created (assuming that lintian and/or linda is installed), and finally signs the .changes and/or .dsc files as appro- priate (using debsign(1) to do this instead of dpkg-buildpackage(1) itself; all relevant key-signing options are passed on). Parameters Double colon rule can have multiple times - cdbs only uses :: rules so you can always add more.
See Also
- xxv: http://staticfree.info/projects/deboxify/
- http://debathena.mit.edu/config-package-dev/ (topic for Thursday's 2 of 2 class, which I won't be able to make)
Libreplanet 2009
Day 1 Talks
- sysadmin help for http://www.codecpatents.org/ - talk to rob of gnash fame
James Duncan, Free Software Cloud
- http://www.joyeur.com/2009/03/18/speaking-at-the-fsf-meeting-libre-planet-09
- http://www.rightscale.com/
- http://www.vyatta.com/
- http://aws.amazon.com/ec2/
- http://code.google.com/appengine/
- http://www.joyent.com/connector/
- http://dev.joyent.com/
- http://eucalyptus.cs.ucsb.edu/ ***
- http://www.ubuntu.com/products/whatisubuntu/serveredition/features/ec2
Free GMail, Free Google Reader (Yocto Reader)
- fmail
- google app engine
Free Facebook / social Networking
Matt wants this on av gnu org
- Jamendo (by author of gnash)
Misc
- webhooks
- mozilla plugin that redirect from non-free to free
- Need to look at http://www.canonical.com/projects/landscape
- bkuhn: spam assasin not that good; suggests dspam
- bkuhn: http://projects.serverzen.com/pm/p/cluemapper
Misc 2
- http://portal.insoshi.com/
- http://tinyvid.tv/
- http://en.flossmanuals.net/CommandLineIntro/print
- http://candrews.integralblue.com/
- http://autonomo.us/wiki/Wish_list
- http://autonomo.us/ has prominent participation links now - yay! - get code put there when it's done as well...