Tool

edirmon - NWMON-like eDirectory monitor for Linux

Author Info

30 June 2008 - 1:22pm
Submitted by: tjbayly

Author Blog
Author Profile

Tags

Tags Map
tool
Reads:

6547

Score:
4.25
4.3
4
 
Comments:

17

license: 
Distributable

Overview

edirmon is a tool designed to provide nwmon.nlm functionality for eDirectory on linux. It collects information, evaluates eDirectory health based on the information, and places the information in its data logs.

edirmon can be run in interactive mode (with a screen showing data and health) or in daemon mode where it only logs information and health. The data logs are placed in the configured edirmon data directory. Program information and changes in health are sent to the system logger for processing. You can also optionally create an html health screen (edirmon does not contain a web server).

edirmon mimics nwmon in functionality and output.

Installation and Configuration

Install the RPM.

edirmon can pretty much run out of the box if eDirectory is installed using the default paths. The only setup that has to occur after installing the rpm is supplying credentials to use when pulling iMonitor data in /etc/opt/novell/edirmon/conf/secret. You may also want to make changes to /etc/opt/novell/edirmon/conf/edirmon.conf, depending on your setup.

Alerting

All program information is sent to the system logger for processing, so it is possible for the sysadmin to route information based on the syslog configuration. This allows edirmon to integrate with existing infrastructure for centralized logging or alerting.

All messages are sent as LOG_USER facility.
Program debug messages are LOG_DEBUG level.
Health status changes to HEALTHY are LOG_INFO level.
Health status changes to SUSPECT are LOG_WARNING level.
Health status changes to UNHEALTHY are LOG_ERR level.

Screen shots

HEALTHY

Click to view.

SUSPECT

Click to view.

UNHEALTHY

Click to view.

AttachmentSize
novell-edirmon-1.0-10.noarch.rpm33.85 KB

Author Info

30 June 2008 - 1:22pm
Submitted by: tjbayly

Author Blog
Author Profile

Tags

Tags Map


Related Articles


User Comments

Nice tool

Submitted by stegillard on 25 February 2008 - 6:56pm.

One thing I don't like is the auto setting of the log interval to a hard-coded 30 seconds if the server isn't "Healthy". Couldn't this be configurable?

Its also a little unpleasant to have the admin password stored in a clear text file.

Other than that, very useful!

Answers...

Submitted by tjbayly on 26 February 2008 - 6:33pm.

Version 1.0.8 will have a configuration option for the "unhealthy" interval - thanks for the idea.

As far as the credentials go, they have to be stored somewhere - and this file is readable only to root. This doesn't have to be the admin of your tree, though. It works with as little as a plain old user who has been put into the Operators role for the NCP server. No eDirectory rights beyond that are required. Version 1.0.8 will document this in the secret file.

Daemon

Submitted by rpiercey on 26 February 2008 - 10:58am.

Great information.

It would be nice to have a startup script top run as a daemon.

I have tried using "edirmon -D &" but it stops updating after a few intervals.

Also a single loop option would be helpful then edirmon could be integrated with Hobbit Server.

A daemon use case

Submitted by tjbayly on 27 February 2008 - 9:41am.

It appears that when edirmon is placed in the background it is eventually stopped by bash. As far as a daemon use case or script do something like this:

Edit the /etc/init.d/post_ndsd_start script and append:

/bin/openvt -c8 edirmon

Edit the edirmon.conf and enabled html output (available in 1.0.8), specified my apache document directory and set the edirmon.screen.interval to 5.

The net effect of these changes is that when ndsd starts edirmon launches in interactive mode on virtual terminal 8. You can access the edirmon screen directly from the server console at tty8. From any shell you can get the last logged data via report mode by executing edirmon. You can get the "live" interactive data by accessing the edirmon web page (served by Apache in this case) via a web browser - this page automatically refreshes at the screen interval to stay current.

Bambid's picture

eDir restart

Submitted by Bambid on 26 June 2008 - 4:20pm.

If you put
/bin/openvt -c8 edirmon

in the

/etc/init.d/post_ndsd_start script , then you should put in

/etc/init.d/post_ndsd_stop

killall edirmon ( I´m not Linux guru. Maybe, there is better way to stop edirmon )

When you don´t this you get this error after restarting eDir

"openvt: vt 8 is in use; command aborted
use `openvt -f' to force.
Validation failed in post_ndsd_start script.
Please refer to /etc/init.d/post_ndsd_start."

David

Redirect stdin

Submitted by stegillard on 27 February 2008 - 9:00pm.

Redirecting stdin prevents it from being stopped. Here's how I'm running it:

nohup edirmon -D </dev/null >/dev/null 2>&1 &

Fixed

Submitted by tjbayly on 28 February 2008 - 12:24pm.

I changed edirmon v 1.0.9 to automatically close STDIN and ignore SIGHUP when in daemon mode, so now you can just put it in the background like you were attempting. Thanks to Steven for solving this particular puzzle.

2 ways to run edirmon

Submitted by Dieseloreo on 1 April 2008 - 3:49pm.

try adding a file edirmon in /etc/xinet.d with all the needed args to run as a server from xinet.d

then restart xinet.d

or start the binary

edirmon -D /dev/null 2>&1 &

hit contrl -z
use command bg to send to background

then use disown -h to disown the process.

logout and the program will stay running.

Save Credential in CASA

Submitted by mkoeppl on 30 April 2008 - 1:19am.

Hello,

it would be fine to use CASA to store the username/password if running as daemon.

But really a nice tool.

logging

Submitted by aterea on 9 June 2008 - 4:17pm.

any possiblity of allowing the log facility to be configurable?

Logging

Submitted by aterea on 9 June 2008 - 6:17pm.

is it possible to make hte logging facility configurable?
Instead of using LOG_USER we would like LOG_LOCAL0 or something like that so we can configure syslog to send these messages to a separate file from the main log file.

Configurable syslog

Submitted by tjbayly on 12 June 2008 - 12:53pm.

It would certainly be possible to make it configurable in a new version but since it's specified in only one place in code, it's also easy to change directly for yourself. Edit /opt/novell/edirmon/lib/environment.pl. The line in question is openlog("edirmon","ndelay,pid","LOG_USER"). Change LOG_USER to whatever valid facility you'd like.

Also, you didn't mention what flavor of Linux you are using, but if your distro uses syslog-ng it's pretty trivial to get edirmon messages into a separate file even if using the LOG_USER facility along with other processes. Something along the lines of:

filter f_edirmon { program('^edirmon); };
destination edirmon { file("/var/log/edirmon"); };
log { source(src); filter(f_edirmon); destination(edirmon); };

That would put them into a new /var/log/edirmon file. Eliminating it from the /var/log/messages file would be a question of modifying the filter f_messages to include:

and not filter(f_edirmon)

Bambid's picture

Option

Submitted by Bambid on 19 June 2008 - 11:10am.

maybe this can be nice option to put edirmon messages to separate file.

David

Bambid's picture

eDir 8.7.3

Submitted by Bambid on 19 June 2008 - 11:04am.

Even with oldie but goodie eDir 8.7.3 works this perfectly, good job.

David

Notification via email

Submitted by samthendsgod on 2 July 2008 - 12:59pm.

How difficult would it be to have an email sent when suspect or unhealthy state is reached? Maybe specify an smtp server, and an address to send an alert to? (I'm not a programmer - this may be trivial to do, or may cause a huge amount of rewrite....) I've got about 200 servers and 900 replicas to monitor, so checking all of the proactively would be unfeasible. But to get an email when a monitored server got itself into a bad state would be most-excellent.

Great product by the way!

Sam

email notification

Submitted by tjbayly on 7 July 2008 - 10:23pm.

It wouldn't be terribly difficult to add a sendmail module and have edirmon send e-mail directly, but it would violate one of the design principles. edirmon is written to be very minimal - it only uses stock perl so that the sysadmin doesn't have to install and compile a bunch of extras to use it.

In your case I'd look at accomplishing e-mail through the syslog: setting up a pipe to mail, implementing swatch, Novell Sentinel, etc.

Glad to hear that you find the tool useful.

Any development news and big problem

Submitted by davidkrotil on 14 December 2008 - 3:48pm.

Hi,
are they any development news ? If not, I found after running this tool for a long time major design problem. You use ndsrepair to catch problems of edir, but you don't care about ndsrepair.log which is after long run very huge. I needed to delete this log while it has 15 GB.
You should change name of the log and put some rollover mechanism, that this log doesn't fill entire partition.

Regards

© 2009 Novell, Inc. All Rights Reserved.