1.1.1. DELLserver硬件监控及DELL系统管理工具OMSA介绍

本文介绍採用使用Nagios和OMSA监控DELLserver的硬件健康状态,Nagios监控的方式是NRPE模式,须要配置check_openmanage脚本和安装DELL的OMSA工具。

使用OpenManage和Nagios监控DELLserver硬件部署手冊:

http://folk.uio.no/trondham/software/check_openmanage.html

1)        OMSA是什么

OMSA是Dell Openmanage Server Administrator的缩写。

Dell OpenManage Server Administrator (OMSA) provides acomprehensive, one-to-one systems management solution in two ways: from anintegrated, web browser-based graphical user interface (GUI) and from a commandline interface (CLI) through the operating system.
Server Administrator isdesigned for system administrators to manage systems locally and remotely on anetwork. It allows system administrators to focus on managing their entirenetwork by providing comprehensive one-to-one systems management.

2)        安装OMSA

DELL OpenManage的yum源地址:

http://linux.dell.com/repo/hardware/Linux_Repository_14.04.00/

配置OMSA的yum源:

创建/etc/yum.repos.d/dell-omsa-repository.repo源文件:

或者

运行命令自己主动配置:

wget -q -O -http://linux.dell.com/repo/hardware/Linux_Repository_14.04.00/bootstrap.cgi |bash

安装OMSA:

yum install srvadmin-all

配置OMSA服务开机自己主动:

/opt/dell/srvadmin/sbin/srvadmin-services.sh enable

启动OMSA的服务:

/opt/dell/srvadmin/sbin/srvadmin-services.sh start

查看omsa的服务状态:

/opt/dell/srvadmin/sbin/srvadmin-services.sh status

dell_rbu(module) is running

ipmidriver is running

dsm_sa_datamgrd(pid 1331 1197) is running

dsm_sa_eventmgrd(pid 1381) is running

dsm_sa_snmpd(pid 1440) is running

dsm_om_shrsvcd(pid 1508) is running...

dsm_om_connsvcd(pid  1562) is running...

查看omsa的服务的监听状态:

# netstat -npae | egrep -iv'mysql|ssh|xinetd|udevd|crond|syslogd|upstart|auditd'

我们注意到dsm_om_connsvc服务监听了TCP协议的1311port,而且提供了http訪问的功能。

3)        卸载OMSA工具包中的web组件

因为本案例中仅仅须要使用OMSA工具包监控硬件健康状态的功能,不须要使用OMSA提供的Web管理功能,所以为了避免因为系统防火墙或者web管理不当导致的问题,我们在本例中卸载掉OMSA的web组件。

查看OMSA组件的监听情况:

# netstat -npae | egrep -iv 'mysql|ssh|xinetd|udevd|crond|syslogd|upstart|auditd'

ActiveInternet connections (servers and established)

ProtoRecv-Q Send-Q Local Address              Foreign Address            State       User       Inode      PID/Program name

tcp        0     0 :::1311                     :::*                        LISTEN      0         656427     1563/dsm_om_connsvc

ActiveUNIX domain sockets (servers and established)

ProtoRefCnt Flags       Type       State         I-Node PID/Program name    Path

unix  2     [ ACC ]     STREAM    LISTENING     6555231197/dsm_sa_datamgr /opt/dell/srvadmin/var/lib/openmanage/.ipc/dcsmilpipea

unix  2     [ ACC ]     STREAM     LISTENING     655525 1197/dsm_sa_datamgr/opt/dell/srvadmin/var/lib/openmanage/.ipc/dcsmilpipep

unix  2     [ ACC ]     STREAM     LISTENING     655527 1197/dsm_sa_datamgr/opt/dell/srvadmin/var/lib/openmanage/.ipc/dcsmilpipeu

unix  2     [ ACC ]     STREAM     LISTENING     655770 1508/dsm_om_shrsvcd/opt/dell/srvadmin/var/lib/openmanage/shrsvc/dsm_om_shrsvc

unix  2     [ ACC ]     STREAM     LISTENING     655772 1508/dsm_om_shrsvcd/opt/dell/srvadmin/var/lib/openmanage/shrsvc/omintf5e4

unix  2     [ ]         STREAM     CONNECTED     656423 1563/dsm_om_connsvc

unix  2     [ ]         STREAM     CONNECTED     656015 1563/dsm_om_connsvc

unix  3     [ ]         STREAM     CONNECTED     655972 1197/dsm_sa_datamgr/opt/dell/srvadmin/var/lib/openmanage/.ipc/dcsmilpipea

unix  3     [ ]         STREAM     CONNECTED     655971 1563/dsm_om_connsvc

unix  3     [ ]         STREAM     CONNECTED     655650 1197/dsm_sa_datamgr/opt/dell/srvadmin/var/lib/openmanage/.ipc/dcsmilpipea

unix  3     [ ]         STREAM     CONNECTED     655649 1440/dsm_sa_snmpd

unix  3     [ ]         STREAM     CONNECTED     655589 1197/dsm_sa_datamgr/opt/dell/srvadmin/var/lib/openmanage/.ipc/dcsmilpipea

unix  3      [ ]         STREAM     CONNECTED     655588 1381/dsm_sa_eventmg

OMSA组件的dsm_om_connsvc服务监听了TCP协议的1311port。

查看dsm_om_connsvc服务调用的程序:

lsof -p 1563  # 1563是dsm_om_connsvc服务进程的PID

查看dsm_om_connsvc调用的程序文件属于哪个rpm包:

# rpm -qf /opt/dell/srvadmin/lib64/openmanage/apache-tomcat/lib/tomcat-api.jar

srvadmin-tomcat-7.4.0-4.97.1.el6.x86_64

# rpm -qf /opt/dell/srvadmin/lib64/openmanage/jre/lib/jce.jar

srvadmin-jre-7.4.0-4.98.1.el6.x86_64

关闭OMSA的服务:

/opt/dell/srvadmin/sbin/srvadmin-services.sh stop

卸载srvadmin-tomcat和srvadmin-jre软件包:

# rpm -e srvadmin-tomcat-7.4.0-4.97.1.el6.x86_64

error: Failed dependencies:

srvadmin-tomcat = 7.4.0 is needed by (installed)srvadmin-webserver-7.4.0-4.1.1.el6.x86_64

# rpm -e srvadmin-webserver-7.4.0-4.1.1.el6.x86_64

error: Failed dependencies:

srvadmin-webserver = 7.4.0 is needed by (installed)srvadmin-all-7.4.0-4.1.1.el6.x86_64

卸载srvadmin-webserver软件包:

# rpm -e --nodeps srvadmin-webserver-7.4.0-4.1.1.el6.x86_64

# rpm -e srvadmin-tomcat-7.4.0-4.97.1.el6.x86_64

# rpm -e srvadmin-jre-7.4.0-4.98.1.el6.x86_64

删除appache-tomcat的文件夹:

# rm -rf /opt/dell/srvadmin/lib64/openmanage/apache-tomcat

启动OMSA的服务:

# /opt/dell/srvadmin/sbin/srvadmin-services.sh start

StartingSystems Management Device Drivers:

Startingdell_rbu:                                         [  OK  ]

Startingipmi driver: Already started                      [  OK  ]

StartingSystems Management Data Engine:

Startingdsm_sa_datamgrd:                                  [  OK  ]

Startingdsm_sa_eventmgrd:                                 [  OK  ]

Startingdsm_sa_snmpd:                                     [  OK  ]

Starting DSMSA Shared Services:                          [  OK  ]

測试check_openmanage脚本:

./check_openmanage -d

输出的检查项跟卸载OMSA的web组件之前是一样的。

查看卸载OMSA的web组件之后。OMSA的服务监听情况:

# netstat -npae | egrep -iv'mysql|ssh|xinetd|udevd|crond|syslogd|upstart|auditd'

此时,OMSA的服务仅仅进行了Unix domain sockets的监听,而Unix domain socket仅仅用于本操作系统中,进程之间的通信,比方check_openmanage脚本调用OMSA的服务进行DELLserver硬件健康状态检查。

至此,OMSA的Web组件卸载完成。

4)        安装check_openmanage安装包

下载地址:

http://folk.uio.no/trondham/software/check_openmanage.html#download

下载check_openmanage工具包:

wget http://folk.uio.no/trondham/software/files/check_openmanage-3.7.11.tar.gz

測试check_openmanage工具:

tar zxf check_openmanage-3.7.11.tar.gz

cd check_openmanage-3.7.11

./check_openmanage -d

./check_openmanage

假设提示"Storage Error"。则加上--no-storage參数:

./check_openmanage --no-storage

# check_openmanage会检查50~60项左右DELL服务的信息

5)        配置NRPE

编辑/usr/local/nagios/etc/nrpc.cfg文件。加入:

command[check_dell_openmanage]=/path/to/check_openmanage

或者

command[check_dell_openmanage]=/path/to/check_openmanage--no-storage

把check_openmanage脚本复制到/usr/local/nagios/libexec/文件夹:

cp check_openmanage-3.7.11/check_openmanage/usr/local/nagios/libexec/

測试命令:

check_nrpe -H IP -c check_dell_openmanage

6)        注意事项

check_openmanage是perl脚本。所以操作系统必须已经安装了perl。

7)        server没有外网怎么办

假设server没有外网,能够考虑在有外网的机器上做一个iptables的nat映射。把仅仅有内网的server配置的yum映射到公网,或者在机房内部署一个yum源;

8)        还能够用什么方法

假设不使用OMSA和check_openmanage来监控硬件健康状态。还能够使用ipmitool来监控,只是须要自己开发脚本。

9)        适用什么环境使用

假设在使用DELL厂商的server。都建议使用。

10)    关于OMSA组件安全性的补充说明

Dell OpenManage Server Administrator (OMSA) 7.1及更早版本号在实现上存在XSS漏洞,可同意远程攻击者注入Web脚本或HTML。DELL厂商已经公布了升级补丁来修复这个安全问题,请到厂商的主页下载,详见本文最后一部分的“本文相关资料的參考链接”部分的“OMSA组件安全补丁的下载地址”。

11)    DELL厂商提供的其他系统管理工具

DELL还提供用于Microsoft System Center管理配置工具、OracleEntreprise Manager 12c插件,以及支持HP和IBM的插件等工具。详情请登录DELL官方站点,依次进入Support--> Drivers & Downloads --> 选择server类型--> System Managements模块。

12)    DELL提供的用于OracleEnterprise Manager 12c的插件说明

Dell OpenManage Plug-in v1.0 for Oracle Enterprise Manager12c

Dell OpenManage Plug-in for Oracle Enterprise Managerprovides a proactive approach to data center management that delivers featuresfor monitoring Dell server, storage, and networking infrastructures inenvironment managed by Oracle Enterprise Manager (OEM).
It also supportsmapping of database workload to Dell hardware for quicker fault detection andconsole launch of Dell devices to perform troubleshooting, configuration, andmanagement activities. It protects customer’s existing investment in OEM consoleand helps
in ease of integration and management of Dell devices.

13)    什么是Unix domain socket

A Unixdomain socket or IPC socket (inter-process communication socket) is a datacommunications endpoint for exchanging data between processes executing withinthe same host operating system. While similar in functionality to named pipes,Unix domain sockets
may be created as connection‑mode(SOCK_STREAM or SOCK_SEQPACKET) or as connectionless (SOCK_DGRAM), while pipesare streams only. Processes using Unix domain sockets do not need to share acommon ancestry. The API for Unix domain sockets is similar to that of
anInternet socket, but it does not use an underlying network protocol forcommunication. The Unix domain socket facility is a standard component of POSIXoperating systems.Unixdomain sockets use the file system as their address name space. They arereferenced
by processes as inodes in the file system. This allows two processesto open the same socket in order to communicate. However, communication occursentirely within the operating system kernel.In addition to sending data, processes may send filedescriptors across
a Unix domain socket connection using the sendmsg() andrecvmsg() system calls.

14)    本文相关资料的參考链接

自己定义check_openmanage的阀值:

http://dreamway.blog.51cto.com/1281816/1048274

omreport命令使用:

http://www.sxszjzx.com/~t096/manual/sc/Dosa/CLI/report.htm

DELL厂商网址:

DELL厂商OMSA的yum源地址:

http://linux.dell.com/repo/hardware/Linux_Repository_14.04.00/

使用OpenManage和Nagios监控DELLserver硬件部署手冊:

http://folk.uio.no/trondham/software/check_openmanage.html

OMSA组件安全补丁的下载地址:

http://www.dell.com/support/drivers/us/en/19/DriverDetails/Product/poweredge-r710?

driverId=PCXMR&osCode=WNET&fileId=3082295344

DELL提供的用于Oracle Enterprise Manager 12c的插件地址:

DELL厂商提供的其他管理工具的网址:

http://www.dell.com/support/drivers/us/en/04/ProductSelector/Select/FamilySelection?CategoryPath=all-products%2Fesuprt_ser_stor_net%2Fesuprt_poweredge&Family=PowerEdge&DisplayCrumbs=Product%2520Type%40%2CServers%252C%2520Storage%252C%2520%2526%2520Networking%40%2CPowerEdge&rquery=na

Unix domain socket的解释说明:

http://en.wikipedia.org/wiki/Unix_domain_socket

04-19 15:10