Agenda: exercises-smokeping.txt

File exercises-smokeping.txt, 17.6 KB (added by admin, 7 years ago)
Line 
1Network Management & Monitoring
2Smokeping
3
4Notes:
5------
6* Commands preceded with "$" imply that you should execute the command as
7  a general user - not as root.
8* Commands preceded with "#" imply that you should be working as root.
9* Commands with more specific command lines (e.g. "RTR-GW>" or "mysql>")
10  imply that you are executing commands on remote equipment, or within
11  another program.
12
13Exercises
14----------
15
160. Connect to your PC as the sysadm user
17
18
191. Install Smokeping
20--------------------
21
22        $ sudo apt-get install smokeping
23
24
252. Initial Configuration
26------------------------
27
28        $ cd /etc/smokeping/config.d
29        $ ls -l
30
31    -rwxr-xr-x 1 root root  578 2010-02-26 01:55 Alerts
32    -rwxr-xr-x 1 root root  237 2010-02-26 01:55 Database
33    -rwxr-xr-x 1 root root  413 2010-02-26 05:40 General
34    -rwxr-xr-x 1 root root  271 2010-02-26 01:55 pathnames
35    -rwxr-xr-x 1 root root  859 2010-02-26 01:55 Presentation
36    -rwxr-xr-x 1 root root  116 2010-02-26 01:55 Probes
37    -rwxr-xr-x 1 root root  155 2010-02-26 01:55 Slaves
38    -rwxr-xr-x 1 root root 8990 2010-02-26 06:30 Targets
39
40The files that you'll need to change, at a minimum, are:
41
42    * Alerts
43    * General
44    * Probes
45    * Targets
46
47Now open the General file:   
48 
49        $ sudo vi General
50
51Change the following lines (don't leave them indented):
52
53        owner    = NOC
54        contact  = sysadmin@localhost
55        cgiurl   = http://localhost/cgi-bin/smokeping.cgi
56        mailhost = localhost
57        # specify this to get syslog logging
58        syslogfacility = local5
59
60Save the file and exit. Now let's restart the Smokeping service to verify
61that no mistakes have been made before going any further:
62
63        $ sudo /etc/init.d/smokeping stop
64        $ sudo /etc/init.d/smokeping start
65
66Warning! The "restart" option is not reliable. Use "stop" and "start" instead.
67
68
693. Configure monitoring of devices
70----------------------------------
71
72The majority of your time and work configuring Smokeping will be done in the
73file /etc/smokeping/config.d/Targets.
74       
75For this class please do the following:
76
77Use the default FPing probe to check:
78
79      - all the student NOC PCs
80      - classroom NOC
81      - switches
82      - routers
83     
84You can use the classroom Network Diagram on the classroom wiki to figure out addresses
85for each item, etc.
86
87Create some hierarchy to the Smokeping menu for your checks. For example, the Targets
88file is already partially preconfigured. To start we are going to add some entries to
89this file. Start with:
90
91        $ sudo bash
92        # vi Targets
93
94You can take the section from *** Targets *** to the end of the LocalMachine and make it
95look something like this. Feel free to use your own "remark", "menu" text and titles.
96
97The ">>>>>>>>" are not in the file, this indicates start of text, then "<<<<<<<<" is end
98of text:
99
100
101>>>>>>>>
102
103*** Targets ***
104
105probe = FPing
106
107## You have to edit and uncomment all what you want below this.
108# Please, refer to smokeping_config man page for more info
109# The given adresses aren't real to avoid DoS.
110
111menu = Top
112title = Network Latency Grapher
113remark = Welcome to the SmokePing Latency Grapher for \
114         the GARNET-AfNOG-KNUST-NSRC Workshop
115
116+Local
117
118menu = Network Monitoring and Management
119title = NOC Server for Network Monitoring Class
120
121++LocalMachine
122
123menu = localhost
124title = localhost
125host = localhost
126
127<<<<<<<
128
129
130Now, below the "localhost" we start with the configuration of items for our class.
131We can start simple and add just the first 4 PCs that are in Group 1 as well as an
132entry for our classroom NOC machine and our three Mac Mini server boxes.
133
134Warning! If you do not have properly functioning DNS resolution, then you will
135need to use the complete Fully Qualified Domain Name (FQDN) for each machine you are
136monitoring. Thus, instead of "host = pc1" you will need to specificy
137"host = pc1.ws.nsrc.org"
138
139
140>>>>>>>>
141
142#
143# ********* Classroom Servers **********
144#
145
146++Servers
147
148menu = Servers
149title = Network Management Servers
150
151+++noc
152
153menu = noc
154title = Workshop NOC
155host = noc
156
157+++s1
158
159menu = s1
160title = s1 (Host MacMini for Student PCs)
161host = s1
162
163+++s2
164
165menu = s2
166title = s2 (Host MacMini for Student PCs)
167host = s2
168
169+++s3
170
171menu = s3
172title = s3 (Host MacMinit for Student PCs)
173host = s3
174
175#
176# ******** Student Machines (VMs) ***********
177#
178
179++PCs
180
181menu = Lab PCs
182title = Virtual PCs Network Management
183
184+++pc1
185
186menu = pc1
187title = Virtual Machine 1
188host = pc1
189
190
191+++pc2
192
193menu = pc2
194title = Virtual Machine 2
195host = pc2
196
197
198+++pc3
199
200menu = pc3
201title = Virtual Machine 3
202host = pc3
203
204
205+++pc4
206
207menu = pc4
208title = Virtual Machine 4
209host = pc4
210
211<<<<<<<<
212
213
214OK. Let's see if we can get Smokeping to stop and start with the changes we have
215made, so far. Save and exit from the Targets file. Now try doing:
216
217        # /etc/init.d/smokeping stop
218        # /etc/init.d/smokeping start
219
220If you see error messages, then read them closely and try to correct the problem
221in the Targets file. In addition, Smokeping is now sending log message to the file
222/var/log/messages. You can view what Smokeping is saying by typing:
223
224        # tail /var/log/messages
225
226If you want to see all smokeping related messages in the file /var/log/message you
227can do this:
228
229        # grep smokeping /var/log/messages
230
231If there are no errors you can view the results of your changes by going to:
232
233        http://pcN.ws.nsrc.org/cgi-bin/smokeping.cgi
234
235When you are read you can edit the Targets file again and continue to add machines.
236At the bottom of the file you can add the next group of PCs:
237
238
239>>>>>>>>
240
241+++pc5
242
243menu = pc5
244title = Virtual Machine 5
245host = pc5
246
247
248+++pc6
249
250menu = pc6
251title = Virtual Machine 6
252host = pc6
253
254
255+++pc7
256
257menu = pc7
258title = Virtual Machine 7
259host = pc7
260
261
262+++pc8
263
264menu = pc8
265title = Virtual Machine 8
266host = pc8
267
268<<<<<<<<
269
270
271Add as many PCs as you want, then Save and exit from the Targets file and verify
272that the changes you have made are working:
273
274        # /etc/init.d/smokeping stop
275        # /etc/init.d/smokeping start
276
277You can continue to view the updated results of your changes on the Smokeping
278web page. It may take up to 5 minutes before graphs beging to appear.
279
280        http://pcN.ws.nsrc.org/cgi-bin/smokeping.cgi
281
282
283
2844. Configure monitoring of routers and switches
285-----------------------------------------------
286
287Once you have configured as many PCs as you want to configure, then it's time to
288add in some entries for the classroom routers and switch(es).
289
290        # cd /etc/smokeping/config.d            (just to be sure :-))
291        # vi Targets
292
293Go to the bottom of the file and add in some entries for routers and switches:
294
295
296>>>>>>>>
297
298#
299# ********** Classroom Backbone Switch *********
300#
301
302++Switches
303
304menu = Switches
305title = Switches Network Management
306
307+++sw
308
309menu = sw
310title = Backbone Switch
311host = sw
312
313#
314# ********** Virtual Routers: Cisco 7200 images *********
315#
316
317++Routers
318
319menu = Routers
320title = Virtual and Physical Routers Network Management
321
322+++gw
323
324menu = rtr
325title = Gateway Router
326host = rtr
327
328+++router1
329
330menu = router1
331title = Virtual Router 1
332host = rtr1
333
334+++router2
335
336menu = router2
337title = Virtual Router 2
338host = rtr2
339
340+++router3
341
342menu = router3
343title = Virtual Router 3
344host = rtr3
345
346<<<<<<<<
347
348
349If you wish you can continue and add in entries for routers 4 to 6, or to 9.
350When you are ready Save and Exit from the Targets file and verify your work:
351
352        # /etc/init.d/smokeping stop
353        # /etc/init.d/smokeping start
354
355If you want you might consider adding the Wireless Access Points:
356
357        # vi Targets
358
359
360>>>>>>>>
361
362+++ap1
363
364menu = ap1
365title = Wireless Access Point 1
366host = ap1
367
368+++ap2
369
370menu = ap2
371title = Wireless Access Point 2
372host = ap2
373
374<<<<<<<<
375
376
3775. Add new probes to Smokeping
378------------------------------
379
380The current entry in the Probes file is fine, but if you wish to use additional
381Smokeping checks you can add them in here and you can specify their default
382behavior. You can do this, as well, in the Targets file if you wish.
383
384To add a probe to check for HTTP latency as well as DNS lookup latency add the
385following to the end of the Probes file:
386
387        # vi Probes
388
389
390>>>>>>>>
391
392+ EchoPingHttp
393
394+ DNS
395binary = /usr/bin/dig
396pings = 5
397step = 180
398lookup = www.nsrc.org
399
400<<<<<<<<
401
402
403The DNS probe will look up the IP address of www.nsrc.org using any other open
404DNS server you specify in the Targets file. You will see this a bit futher on.
405Now Save and exit from the file and verify that your changes are working:
406
407        # /etc/init.d/smokeping stop
408        # /etc/init.d/smokeping start
409 
410
4116. add HTTP latency checks for the classroom PCs
412------------------------------------------------
413
414Edit the Targets file again and go to the end of the file:
415
416        # vi Targets
417
418At the end of the file add:
419
420
421>>>>>>>>
422
423#
424# Web server response
425#
426
427++HTTP
428
429menu = HTTP Response
430title = HTTP Response Student PCs
431
432+++pc1
433
434menu = pc1
435title = pc1 HTTP response time
436probe = EchoPingHttp
437host = pc1
438
439+++pc2
440
441menu = pc2
442title = pc2 HTTP response time
443probe = EchoPingHttp
444host = pc2
445
446+++pc3
447
448menu = pc3
449title = pc3 HTTP response time
450probe = EchoPingHttp
451host = pc3
452
453+++pc4
454
455menu = pc4
456title = pc1 HTTP response time
457probe = EchoPingHttp
458host = pc4
459
460<<<<<<<<
461
462
463You could actually just use the "probe = EchoPingHttp" statement once for pc1,
464and then this would be the default probe until another "probe = " statement is
465seen in the Targets file.
466
467You can add more PC entries if you wish, or you could consider checking the
468latency on remote machines - these are likely to be more interesting. Machines
469such as your own publicly accessible servers are a good choice, or, perhaps other
470web servers you use often (Google, Yahoo, Government pages, stores, etc.?).
471
472Once you are done, save and exit from the Targets file and verify your work:
473
474        # /etc/init.d/smokeping stop
475        # /etc/init.d/smokeping start
476
477
4787. Add DNS latency checks
479-------------------------
480
481At the end of the Targets file we are going to add some entries to verify the
482latency from our location to remote recursive DNS servers to look up an entry
483for nsrc.org. You would likely substitue an important address for your institution
484in the Probes file instead. In addition, you can change the address you are looking
485up inside the Targets file as well. For more information see:
486
487        http://oss.oetiker.ch/smokeping/probe/DNS.en.html
488
489and
490
491        http://oss.oetiker.ch/smokeping/probe/index.en.html
492
493Now edit the Targets file again. Be sure to go to the end of the file:
494
495        # cd /etc/smokeping/config.d                    (just to be sure...)
496        # vi Targets
497
498At the end of the file add:
499
500
501>>>>>>>>
502
503#
504# Sample DNS probe
505#
506
507+DNS
508
509probe = DNS
510menu = DNS Latency
511title = DNS Latency Probes
512
513++LocalDNS1
514menu = 10.10.0.250
515title =  DNS Delay for local DNS Server on noc.ws.nsrc.org
516host = noc.ws.nsrc.org
517
518++GoogleA
519menu = 8.8.8.8
520title = DNS Latency for google-public-dns-a.google.com
521host = google-public-dns-a.google.com
522
523++GoogleB
524
525menu = 8.8.8.4
526title = DNS Latency for google-public-dns-b.google.com
527host = google-public-dns-b.google.com
528
529++OpenDNSA
530
531menu = 208.67.222.222
532title = DNS Latency for resolver1.opendns.com
533host = resolver1.opendns.com
534
535++OpenDNSB
536
537menu = 208.67.220.220
538title = DNS Latency for resolver2.opendns.com
539host = resolver2.opendns.com
540
541<<<<<<<<
542
543
544Now save the Targets file and exit and verify your work:
545
546        # /etc/init.d/smokeping stop
547        # /etc/init.d/smokeping start
548
549Look at additional Smokeping probes and consider implementing some of
550them if they are useful to your ogranization:
551
552        http://oss.oetiker.ch/smokeping/probe/index.en.html
553
554
555
5568. MultiHost graphing
557---------------------
558
559Once you have defined a group of hosts under a single probe type in your
560/etc/smokeping/config.d/Targets file, then you can create a single graph
561that will show you the results of all smokeping tests for all hosts that
562you define. This has the advantage of letting you quickly compare, for
563example, a group of hosts that you are monitoring with the FPing probe.
564
565The MultiHost graph function in Smokeping is extremely picky - pay close
566attention!
567
568To create a MultiHost graph first edit the file Targets:
569
570        # vi Targets
571
572Find the end of your initial PC definitions. It should be just before you
573started to configure your routers and switches. That section starts with:
574
575
576>>>>>>>>
577
578#
579# ********** Classroom Backbone Switch *********
580#
581
582<<<<<<<<
583
584
585So, just _before_ this we'll create two MultiHost entries. One will be for
586PCs number 1-12, or all the PCs in groups 1 to 3, and the other will be for
587PCs number 13-24, or all the PCs in groups 4 to 7.
588
589Warning! If you have not already configured PCs 1 to 24, then do not configure
590any entries with PCs that are not yet defined.
591
592Now add the two MultiHost entries. They look like this:
593
594
595>>>>>>>>
596
597+++MultihostHTTPGroups1-3
598
599menu = MultihostHTTPGroups1-3
600title = Combined HTTP Results
601host = /Local/HTTP/pc1 /Local/HTTP/pc2 /Local/HTTP/pc3 /Local/HTTP/pc4 /Local/HTTP/pc5 /Local/HTTP/pc6 \
602       /Local/HTTP/pc7 /Local/HTTP/pc8 /Local/HTTP/pc9 /Local/HTTP/pc10 /Local/HTTP/pc11 /Local/HTTP/pc12
603
604+++MultihostHTTPGroups4-6
605
606menu = MultihostHTTPGroups4-6
607title = Combined HTTP Results
608host = /Local/HTTP/pc13 /Local/HTTP/pc14 /Local/HTTP/pc15 /Local/HTTP/pc16 /Local/HTTP/pc17 /Local/HTTP/pc18 \
609       /Local/HTTP/pc19 /Local/HTTP/pc20 /Local/HTTP/pc21 /Local/HTTP/pc22 /Local/HTTP/pc23 /Local/HTTP/pc24
610       
611<<<<<<<<
612
613
614Save and exit from the Targets file. Now attempt to restart Smokeping:
615
616        # /etc/init.d/smokeping stop
617        # /etc/init.d/smokeping start
618
619If this fails you almost certainly have an error in the entries. If you cannot figure out what the error
620is (remember to try "tail /var/log/messages" first!) ask your instructor for some help.
621
622If things work and you want to add a MultiHost entry for your DNS servers, then edit the file Targets,
623but go to the very end of the file and add:
624
625
626>>>>>>>>
627
628#
629# Multihost Graph of all DNS latency checks
630#
631
632++MultiHostDNS
633
634menu = MultiHost DNS
635title = Consolidated DNS Responses
636host = /DNS/LocalDNS1 /DNS/GoogleA /DNS/GoogleB /DNS/OpenDNSA /DNS/OpenDNSB \
637       /DNS/DNSAdvantageA /DNS/DNSAdvantageB
638<<<<<<<<
639
640And, as always, save and exit from the file Targets and test your new configuration.
641
642
6439. Send Smokeping alerts
644------------------------
645
646If you wish to receive an email when an alert condition is met on one of the
647Smokeping checks first do this:
648
649        # cd /etc/smokeping/config.d
650        # vi Alerts
651
652Update the top of the file where it says:
653
654        *** Alerts ***
655        to = alertee@address.somewhere
656        from = smokealert@company.xy
657
658to include a proper "to" and "from" field for your server. Something like:
659
660        *** Alerts ***
661        to = sysadm@localhost
662        from = smokeping-alert@localhost
663
664Now you must update your device entries to include a line that reads:
665
666        alerts = alertName1, alertName2, etc, etc...
667
668For instance, the alerts named, "startloss", "bigloss", and "rttdetect" have already been
669defined in the file Alerts:
670
671To read about Smokeping alerts and what they are detecting, how to create your own, etc. see:
672
673        http://oss.oetiker.ch/smokeping/doc/smokeping_config.en.html
674
675and at the bottom of the page is a section titled, "*** Alerts ***"
676
677To place some alert detection on some of your hosts open the file Targets:
678
679        # vi Targets
680
681and go near the start of the file where we defined our PCs. Just under the "host =" line add
682another line that looks like this:
683
684        alerts = startloss,bigloss,rttdetect
685
686So, for example, the pc1 entry would not look like this:
687
688>>>>>>>>
689
690+++pc1
691
692menu = pc1
693title = Virtual Machine 1
694host = pc1
695alerts = startloss,bigloss,rttdetect
696
697<<<<<<<<
698
699If you want to add an alerts option to other hosts go ahead. Once you are done save and
700exit from the Targets file and then verify that your configuration works:
701
702        # /etc/init.d/smokeping stop
703        # /etc/init.d/smokeping start
704
705If any of the hosts that have the "alerts = " option set meet the conditions to set off the
706alert, then an email will arrive to the sysadm user's mailbox on the Smokeping server
707machine (localhost). It's not likely that an alert will be set off for most machines. To
708check you can read the email for the sysadm user by using an email client like "mutt" -
709
710        # apt-get install mutt
711        # mutt
712
713Say yes to mailbox creation when prompted, then see if you have email from the
714smokeping-alerts@localhost user.
715
716
71710. Slave instances - Informational Only
718----------------------------------------
719
720This is a description only for informational purposes in case you wish
721to attempt this type of configuration once the workshop is over.
722
723The idea behind this is that you can run multiple smokeping instances
724at multiple locations that are monitoring the same hosts and/or services
725as your master instance. The slaves will send their results to the
726master server and you will see these results side-by-side with your
727local results. This allows you to view how users outside your network
728see your services and hosts.
729
730This can be a powerful tool for resolving service and host issues that
731may be difficult to troubleshoot if you only have local data.
732
733Graphically this looks this:
734
735          [slave 1]     [slave 2]      [slave 3]
736                |             |              |
737                +-------+     |     +--------+
738                        |     |     |
739                        v     v     v
740                        +---------------+
741                        |    master     |
742                        +---------------+
743
744You can see example of this data here:
745
746http://oss.oetiker.ch/smokeping-demo/
747
748Look at the various graph groups and notice that many of the graphs
749have multiple lines with the color code chart listing items such as
750"median RTT from mipsrv01" - These are not MultiHost graphs, but rather
751graphs with data from external smokeping servers.
752
753To configure a smokeping master/slave server you can see the documentation
754here:
755
756    http://oss.oetiker.ch/smokeping/doc/smokeping_master_slave.en.html
757
758In addition, a sample set of steps for configuring this is available in
759the file sample-smokeping-master-slave.txt which should be lisetd as an
760additional reference at the bottom of the Agenda page on your classroom wiki.
761