Configuration of NConf 1.3.0.0 Deployment module (local)

NConf 1.3.0.0 has a built-in deployment module for Nagios configurations. Here´s a small tutorial on how to make a working configuration for local deployment in OMD (Open Monitoring Distribution).

 

First step: Edit NConf´s deployment.ini

In this file you enter all you deployment information. My implementation:

[extract config];
type        = local
source_file = “/omd/sites/<sitename>/way/toyour/nconf/output/NagiosConfig.tgz”
target_file = “/tmp/”
action      = extract

[copy collector config]
type        = local
source_file = “/tmp/Default_collector/”
target_file = “/omd/sites/<sitename>/etc/nagios/conf.d/Default_collector/”
action      = copy

[copy global config]
type        = local
source_file = “/tmp/global/”
target_file = “/omd/sites/<sitename>/etc/nagios/conf.d/global/”
action      = copy
reload_command = “sudo -u root /omd/sites/<sitename>/bin/omd restart <sitename> nagios”

In the first step the NagiosConfig.tgz, which is generated by NConf, gets extracted into a temporary path called /tmp/. Make sure that the OMD User (usually <sitename>) has write rights there. After the extraction you have two folders in /tmp/: Default_collector and global. Both of them have to be copied into the configuration folder of the OMD-site. This is done by the following two statements (This could also be done in one step – but for debugging purposes it may be better to do it separately).

The reload_command is executed as the last step of the deployment process. As described later, we have to execute the command as root. This is done by the ‘sudo –u root’ command.

Second step: Give the OMD user permissions to restart nagios as root user

As mentioned above the command for restarting nagios has to be executed by the root user. Why? Because it actually doesn´t work as OMD-site-user. In my first approach I set the following configuration in the deployment.ini:

reload_command = “/omd/sites/<sitename>/bin/omd restart <sitename> nagios”

This didn´t work for me and gave me errors in the apache log:

sh: /omd/sites/<sitename>/etc/init.d/<sitename>: No such file or directory

If anyone has an idea why – pls. comment/twitter/email!

To fix that, I followed the directions in the NConf tutorial and did the following:

Command visudo to edit sudoers file.

Added the following lines under section # User privilege specification:

<OMD-site-user>  ALL=NOPASSWD: /omd/sites/<sitename>/bin/omd restart <sitename> nagios

This gives the OMD-site-user the permissions to run the restart command as the root user.

Third step: Editing nconf.php

In the section ‘config deployment’ I edited the following lines:

define(‘ALLOW_DEPLOYMENT’, 1);
#define(‘CONF_DEPLOY_URL’,  “https://webserver.mydomain.com/incoming_config.php&#8221;);
#define(‘CONF_DEPLOY_USER’, “deployUser”);
#define(‘CONF_DEPLOY_PWD’,  “deployPass”);
define(‘CHECK_STATIC_SYNTAX’,  1);
#define(‘CONF_DEPLOY_PWD’,  “deployPass”);
define(‘DEBUG_GENERATE’,  2);

Line 1 allows the deployment (otherwise you won´t see a deployment button in NConf)
Line 2, 3 and 4 are not needed for local deployment.
Line 6 is for setting a debug-level.

That´s it. Comments appreciated!

 

Advertisements

About sitweak
Monitoring, Network, Firewall, Mobile Security. I´m totally into that stuff!

2 Responses to Configuration of NConf 1.3.0.0 Deployment module (local)

  1. Hello,

    Currious about the restart. The site user can start and stop a site using :

    $omd restart

    It will ONLY restart the site. Have you tried this ?

    As well,

    will nconf get copied when upgrading the site (omd update site)

    And thank you for posting this.

    • sitweak says:

      Hey,
      First of all: thanks for your reply.

      You can restart a particular site with omd restart

      As a site user you are only allowed to restart the users’s site. So omd restart alone should restart one site only. As root user it will restart all sites.

      Regarding your other question: you have to manually recopy nconf into the updated folder structure. Please remember that this article is some months old. I switched from nconf to the in-build Wato configuration utility. It’s now fully working and gives some cool features like auto-inventory . Feel free to contact me for further information 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: