1.1.1. DELLserver硬件监控及DELL系统管理工具OMSA介绍
本文介绍採用使用Nagios和OMSA监控DELLserver的硬件健康状态,Nagios监控的方式是NRPE模式,须要配置check_openmanage脚本和安装DELL的OMSA工具。
使用OpenManage和Nagios监控DELLserver硬件部署手冊:
http://folk.uio.no/trondham/software/check_openmanage.html
1) OMSA是什么
OMSA是Dell Openmanage Server Administrator的缩写。
Dell OpenManage Server Administrator (OMSA) provides acomprehensive, one-to-one systems management solution in two ways: from anintegrated, web browser-based graphical user interface (GUI) and from a commandline interface (CLI) through the operating system.
Server Administrator isdesigned for system administrators to manage systems locally and remotely on anetwork. It allows system administrators to focus on managing their entirenetwork by providing comprehensive one-to-one systems management.
2) 安装OMSA
DELL OpenManage的yum源地址:
http://linux.dell.com/repo/hardware/Linux_Repository_14.04.00/
配置OMSA的yum源:
创建/etc/yum.repos.d/dell-omsa-repository.repo源文件:
或者
运行命令自己主动配置:
wget -q -O -http://linux.dell.com/repo/hardware/Linux_Repository_14.04.00/bootstrap.cgi |bash
安装OMSA:
yum install srvadmin-all
配置OMSA服务开机自己主动:
/opt/dell/srvadmin/sbin/srvadmin-services.sh enable
启动OMSA的服务:
/opt/dell/srvadmin/sbin/srvadmin-services.sh start
查看omsa的服务状态:
/opt/dell/srvadmin/sbin/srvadmin-services.sh status
dell_rbu(module) is running
ipmidriver is running
dsm_sa_datamgrd(pid 1331 1197) is running
dsm_sa_eventmgrd(pid 1381) is running
dsm_sa_snmpd(pid 1440) is running
dsm_om_shrsvcd(pid 1508) is running...
dsm_om_connsvcd(pid 1562) is running...
查看omsa的服务的监听状态:
# netstat -npae | egrep -iv'mysql|ssh|xinetd|udevd|crond|syslogd|upstart|auditd'
我们注意到dsm_om_connsvc服务监听了TCP协议的1311port,而且提供了http訪问的功能。
3) 卸载OMSA工具包中的web组件
因为本案例中仅仅须要使用OMSA工具包监控硬件健康状态的功能,不须要使用OMSA提供的Web管理功能,所以为了避免因为系统防火墙或者web管理不当导致的问题,我们在本例中卸载掉OMSA的web组件。
查看OMSA组件的监听情况:
# netstat -npae | egrep -iv 'mysql|ssh|xinetd|udevd|crond|syslogd|upstart|auditd'
ActiveInternet connections (servers and established)
ProtoRecv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 :::1311 :::* LISTEN 0 656427 1563/dsm_om_connsvc
ActiveUNIX domain sockets (servers and established)
ProtoRefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 6555231197/dsm_sa_datamgr /opt/dell/srvadmin/var/lib/openmanage/.ipc/dcsmilpipea
unix 2 [ ACC ] STREAM LISTENING 655525 1197/dsm_sa_datamgr/opt/dell/srvadmin/var/lib/openmanage/.ipc/dcsmilpipep
unix 2 [ ACC ] STREAM LISTENING 655527 1197/dsm_sa_datamgr/opt/dell/srvadmin/var/lib/openmanage/.ipc/dcsmilpipeu
unix 2 [ ACC ] STREAM LISTENING 655770 1508/dsm_om_shrsvcd/opt/dell/srvadmin/var/lib/openmanage/shrsvc/dsm_om_shrsvc
unix 2 [ ACC ] STREAM LISTENING 655772 1508/dsm_om_shrsvcd/opt/dell/srvadmin/var/lib/openmanage/shrsvc/omintf5e4
unix 2 [ ] STREAM CONNECTED 656423 1563/dsm_om_connsvc
unix 2 [ ] STREAM CONNECTED 656015 1563/dsm_om_connsvc
unix 3 [ ] STREAM CONNECTED 655972 1197/dsm_sa_datamgr/opt/dell/srvadmin/var/lib/openmanage/.ipc/dcsmilpipea
unix 3 [ ] STREAM CONNECTED 655971 1563/dsm_om_connsvc
unix 3 [ ] STREAM CONNECTED 655650 1197/dsm_sa_datamgr/opt/dell/srvadmin/var/lib/openmanage/.ipc/dcsmilpipea
unix 3 [ ] STREAM CONNECTED 655649 1440/dsm_sa_snmpd
unix 3 [ ] STREAM CONNECTED 655589 1197/dsm_sa_datamgr/opt/dell/srvadmin/var/lib/openmanage/.ipc/dcsmilpipea
unix 3 [ ] STREAM CONNECTED 655588 1381/dsm_sa_eventmg
OMSA组件的dsm_om_connsvc服务监听了TCP协议的1311port。
查看dsm_om_connsvc服务调用的程序:
lsof -p 1563 # 1563是dsm_om_connsvc服务进程的PID
查看dsm_om_connsvc调用的程序文件属于哪个rpm包:
# rpm -qf /opt/dell/srvadmin/lib64/openmanage/apache-tomcat/lib/tomcat-api.jar
srvadmin-tomcat-7.4.0-4.97.1.el6.x86_64
# rpm -qf /opt/dell/srvadmin/lib64/openmanage/jre/lib/jce.jar
srvadmin-jre-7.4.0-4.98.1.el6.x86_64
关闭OMSA的服务:
/opt/dell/srvadmin/sbin/srvadmin-services.sh stop
卸载srvadmin-tomcat和srvadmin-jre软件包:
# rpm -e srvadmin-tomcat-7.4.0-4.97.1.el6.x86_64
error: Failed dependencies:
srvadmin-tomcat = 7.4.0 is needed by (installed)srvadmin-webserver-7.4.0-4.1.1.el6.x86_64
# rpm -e srvadmin-webserver-7.4.0-4.1.1.el6.x86_64
error: Failed dependencies:
srvadmin-webserver = 7.4.0 is needed by (installed)srvadmin-all-7.4.0-4.1.1.el6.x86_64
卸载srvadmin-webserver软件包:
# rpm -e --nodeps srvadmin-webserver-7.4.0-4.1.1.el6.x86_64
# rpm -e srvadmin-tomcat-7.4.0-4.97.1.el6.x86_64
# rpm -e srvadmin-jre-7.4.0-4.98.1.el6.x86_64
删除appache-tomcat的文件夹:
# rm -rf /opt/dell/srvadmin/lib64/openmanage/apache-tomcat
启动OMSA的服务:
# /opt/dell/srvadmin/sbin/srvadmin-services.sh start
StartingSystems Management Device Drivers:
Startingdell_rbu: [ OK ]
Startingipmi driver: Already started [ OK ]
StartingSystems Management Data Engine:
Startingdsm_sa_datamgrd: [ OK ]
Startingdsm_sa_eventmgrd: [ OK ]
Startingdsm_sa_snmpd: [ OK ]
Starting DSMSA Shared Services: [ OK ]
測试check_openmanage脚本:
./check_openmanage -d
输出的检查项跟卸载OMSA的web组件之前是一样的。
查看卸载OMSA的web组件之后。OMSA的服务监听情况:
# netstat -npae | egrep -iv'mysql|ssh|xinetd|udevd|crond|syslogd|upstart|auditd'
此时,OMSA的服务仅仅进行了Unix domain sockets的监听,而Unix domain socket仅仅用于本操作系统中,进程之间的通信,比方check_openmanage脚本调用OMSA的服务进行DELLserver硬件健康状态检查。
至此,OMSA的Web组件卸载完成。
4) 安装check_openmanage安装包
下载地址:
http://folk.uio.no/trondham/software/check_openmanage.html#download
下载check_openmanage工具包:
wget http://folk.uio.no/trondham/software/files/check_openmanage-3.7.11.tar.gz
測试check_openmanage工具:
tar zxf check_openmanage-3.7.11.tar.gz
cd check_openmanage-3.7.11
./check_openmanage -d
./check_openmanage
假设提示"Storage Error"。则加上--no-storage參数:
./check_openmanage --no-storage
# check_openmanage会检查50~60项左右DELL服务的信息
5) 配置NRPE
编辑/usr/local/nagios/etc/nrpc.cfg文件。加入:
command[check_dell_openmanage]=/path/to/check_openmanage
或者
command[check_dell_openmanage]=/path/to/check_openmanage--no-storage
把check_openmanage脚本复制到/usr/local/nagios/libexec/文件夹:
cp check_openmanage-3.7.11/check_openmanage/usr/local/nagios/libexec/
測试命令:
check_nrpe -H IP -c check_dell_openmanage
6) 注意事项
check_openmanage是perl脚本。所以操作系统必须已经安装了perl。
7) server没有外网怎么办
假设server没有外网,能够考虑在有外网的机器上做一个iptables的nat映射。把仅仅有内网的server配置的yum映射到公网,或者在机房内部署一个yum源;
8) 还能够用什么方法
假设不使用OMSA和check_openmanage来监控硬件健康状态。还能够使用ipmitool来监控,只是须要自己开发脚本。
9) 适用什么环境使用
假设在使用DELL厂商的server。都建议使用。
10) 关于OMSA组件安全性的补充说明
Dell OpenManage Server Administrator (OMSA) 7.1及更早版本号在实现上存在XSS漏洞,可同意远程攻击者注入Web脚本或HTML。DELL厂商已经公布了升级补丁来修复这个安全问题,请到厂商的主页下载,详见本文最后一部分的“本文相关资料的參考链接”部分的“OMSA组件安全补丁的下载地址”。
11) DELL厂商提供的其他系统管理工具
DELL还提供用于Microsoft System Center管理配置工具、OracleEntreprise Manager 12c插件,以及支持HP和IBM的插件等工具。详情请登录DELL官方站点,依次进入Support--> Drivers & Downloads --> 选择server类型--> System Managements模块。
12) DELL提供的用于OracleEnterprise Manager 12c的插件说明
Dell OpenManage Plug-in v1.0 for Oracle Enterprise Manager12c
Dell OpenManage Plug-in for Oracle Enterprise Managerprovides a proactive approach to data center management that delivers featuresfor monitoring Dell server, storage, and networking infrastructures inenvironment managed by Oracle Enterprise Manager (OEM).
It also supportsmapping of database workload to Dell hardware for quicker fault detection andconsole launch of Dell devices to perform troubleshooting, configuration, andmanagement activities. It protects customer’s existing investment in OEM consoleand helps
in ease of integration and management of Dell devices.
13) 什么是Unix domain socket
A Unixdomain socket or IPC socket (inter-process communication socket) is a datacommunications endpoint for exchanging data between processes executing withinthe same host operating system. While similar in functionality to named pipes,Unix domain sockets
may be created as connection‑mode(SOCK_STREAM or SOCK_SEQPACKET) or as connectionless (SOCK_DGRAM), while pipesare streams only. Processes using Unix domain sockets do not need to share acommon ancestry. The API for Unix domain sockets is similar to that of
anInternet socket, but it does not use an underlying network protocol forcommunication. The Unix domain socket facility is a standard component of POSIXoperating systems.Unixdomain sockets use the file system as their address name space. They arereferenced
by processes as inodes in the file system. This allows two processesto open the same socket in order to communicate. However, communication occursentirely within the operating system kernel.In addition to sending data, processes may send filedescriptors across
a Unix domain socket connection using the sendmsg() andrecvmsg() system calls.
14) 本文相关资料的參考链接
自己定义check_openmanage的阀值:
http://dreamway.blog.51cto.com/1281816/1048274
omreport命令使用:
http://www.sxszjzx.com/~t096/manual/sc/Dosa/CLI/report.htm
DELL厂商网址:
DELL厂商OMSA的yum源地址:
http://linux.dell.com/repo/hardware/Linux_Repository_14.04.00/
使用OpenManage和Nagios监控DELLserver硬件部署手冊:
http://folk.uio.no/trondham/software/check_openmanage.html
OMSA组件安全补丁的下载地址:
http://www.dell.com/support/drivers/us/en/19/DriverDetails/Product/poweredge-r710?
driverId=PCXMR&osCode=WNET&fileId=3082295344
DELL提供的用于Oracle Enterprise Manager 12c的插件地址:
DELL厂商提供的其他管理工具的网址:
Unix domain socket的解释说明: