Jun 112011
 

monit If you are in charge of some services probably you have set up some monitoring system to notify you if something go wrong (email, sms or a Tweet), and so you can fix it quickly. But do you really want to be always available 24×7 every day of the year ?

I’m not for sure, so let’s see Monit, a fantastic tool that can manage some problems for you and let you enjoy your free time.



monit_features
Monit is a free open source utility for managing and monitoring, processes, files, directories and filesystems on a UNIX system. Monit conducts automatic maintenance and repair and can execute meaningful causal actions in error situations.

What Monit can do

Monit can start a process if it does not run, restart a process if it does not respond and stop a process if it uses too much resources. You can use Monit to monitor files, directories and filesystems for changes, such as timestamp changes, checksum changes or size changes. You can also monitor remote hosts; Monit can ping a remote host and can check TCP/IP port connections and server protocols. Monit is controlled via an easy to use control file based on a free-format, token-oriented syntax. Monit logs to syslog or to its own log file and notifies you about error conditions and recovery status via customizable alert.

This is also useful for security reasons you can monitor the md5 checksum of files that should not change.

Installation

Monit it’s available on many distributions, it’s available for ubuntu and Debian, in my tests i’ve used a Debian 6.

aptitude install monit

Configuration

The main configuration file it’s located at /etc/monit/monitrc
These are some of the main configurations:

1) Set up Monit to work as Daemon and wake up every 5 minutes to make his checks:

set daemon 300

2) Set syslog logging with the ‘daemon’ facility. If the FACILITY option is omitted, Monit will use ‘user’ facility by default. If you want to log to a standalone log file instead, specify the full path to the log file

set logfile syslog facility log_daemon

3) Setup the emails server, the format and mail address for notifications:

set mailserver localhost
set mail-format { from: monit@linuxaria.com }
set alert  admin@linuxaria.com

The Mail server can be also Gmail, if you have it use these options:

set mailserver smtp.gmail.com port 587 username "address@hidden"
password "password" using tlsv1 with timeout 30 seconds

mailformat can be much more complex and you can use some tag, for example:

mail-format {
    from: monit@linuxaria.com
    subject: $SERVICE $EVENT at $DATE
    message: Monit $ACTION $SERVICE at $DATE on $HOST,
 
    Yours sincerely,
    Monit.
    }

Save the file, after that i’ll add a single file for every service that i want to put under the control of monit under /etc/monit/conf.d/ in that way you can keep the things more organised.

4) ssh, file /etc/monit/conf.d/sshd.conf

check process sshd with pidfile /var/run/sshd.pid
start program "/etc/init.d/ssh start"
stop program "/etc/init.d/ssh stop"
if failed host 127.0.0.1 port 22 protocol ssh then restart
if 5 restarts within 5 cycles then timeout

As you can see the options are really readable, perhaps there is only one need for an explanation:
if 5 restarts within 5 cycles then This means that if monit cannot restart it for 5 times; just time out to avoid race condition.

5) mysql, file /etc/monit/conf.d/mysql.conf

check process mysqld with pidfile /var/run/mysqld/mysqld.pid
start program = "/etc/init.d/mysql start"
stop program = "/etc/init.d/mysql stop"
if failed host 127.0.0.1 port 3306 then restart
if 5 restarts within 5 cycles then timeout

6) nginx , file /etc/monit/conf.d/nginx.conf

check process nginx with pidfile /var/run/nginx.pid
group www-data
start program = "/etc/init.d/nginx start"
stop program = "/etc/init.d/nginx stop"
if failed host 127.0.0.1 port 80
protocol http then restart
if 5 restarts within 5 cycles then timeout

At the moment i’m trying to find a good setup with php5-fpm.

After modifying the configuration file you should check for the syntax to make sure they are correct. To do this run:

#monit -t
Control file syntax OK

On Debian you must also edit /etc/default/monit and set startup option to 1:

And now you can start monit and go on your holidays.

/etc/init.d/monit start

References

Monit Site
Configuration examples
Monitor Debian servers with monit
Monitor and restart Apache or lighttpd webserver when daemon is killed

Popular Posts:

flattr this!

  One Response to “Monit – your best employee”

  1. [...] » Linuxaria – Everything about GNU/Linux and Open source Monit – your best employe… :security, tutorialRelated Posts:FreeSSHd & Polipo 操作備忘GnuPG 入門備忘eCryptfs 操作備忘iptables recent module 操作備忘PuTTY – SSH 連線應用備忘 [...]

 Leave a Reply

(required)

(required)


*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>