On 05/23/2013 12:36 PM, Michael Pasternak wrote:
On 05/23/2013 11:22 AM, Itamar Heim wrote:
On 05/23/2013 11:21 AM, René Koch (ovido) wrote:
On Thu, 2013-05-23 at 11:11 +0300, Itamar Heim wrote:
On 05/23/2013 11:07 AM, René Koch (ovido) wrote:
On Thu, 2013-05-23 at 10:55 +0300, Sasha Chuzhoy wrote:
On 05/22/2013 05:18 PM, Itamar Heim wrote: > On 05/22/2013 03:55 PM, René Koch (ovido) wrote: >> >> On Wed, 2013-05-22 at 14:59 +0300, Itamar Heim wrote: >>>> -------- Original Message -------- >>>> Subject: [Users] Nagios monitoring plugin check_rhev3 1.2 released >>>> Date: Thu, 16 May 2013 16:31:24 +0200 >>>> From: René Koch <r.koch@ovido.at> >>>> To: users <Users@ovirt.org> >>>> >>>> I'm happy to announce version 1.2 of check_rhev3. >>>> >>>> check_rhev3 is a monitoring plugin for Icinga/Nagios and it's forks, >>>> which is >>>> used to monitor datacenters, clusters, hosts, vms, vm pools and >>>> storage >>>> domains >>>> of Red Hat Enterprise Virtualization (RHEV) and oVirt virtualization >>>> environments. >>>> >>>> The download locations are >>>> * >>>> https://labs.ovido.at/download/check_rhev3/check_rhev3-1.2.tar.gz >>>> * >>>> https://labs.ovido.at/download/check_rhev3/nagios-plugins-rhev3-1.2-1.el6.i6... >>>> >>>> >>>> * >>>> https://labs.ovido.at/download/check_rhev3/nagios-plugins-rhev3-1.2-1.el6.x8... >>>> >>>> >>>> >>>> For further information on how to install this plugin visit: >>>> >>>> https://github.com/ovido/check_rhev3/wiki/Installation-Documentation >>>> >>>> A detailed usage documentation can be found here: >>>> https://github.com/ovido/check_rhev3/wiki/Usage-Documentation >>>> >>>> >>>> Changelog: >>>> >>>> - General: >>>> - Moved project to github: https://github.com/ovido/check_rhev3 >>>> >>>> - New features: >>>> - Verify RHEV-M certificate >>>> - Allow authentication sessions for authentication in RHEV >= 3.1 >>>> and >>>> oVirt >= 3.1 >>>> - Use option -n <nic> to check a specific nic >>>> >>>> - Bugs fixed: >>>> - Performance data issue with check_multi >>>> >>>> >>>> If you have any questions or ideas, please drop me an email: >>>> r.koch@ovido.at. >>>> >>>> Thank you for using check_rhev3. >>>> >>>> >>>> >>> >>> Hi Rene, >>> >>> we deployed the plugin and noticed its flooding the event log with >>> login >>> events for the user its using via the REST API. >>> can you please add persistent session to the REST API calls so login >>> will happen only once and won't flood the log? >>> >>> http://www.ovirt.org/Features/RESTSessionManagement >> >> >> It's one of the features in the latest version (1.2): >> >> -o, --cookie >> Use cookie based authenticated sessions (requires RHEV >= 3.1) >> >> >> I implemented it in the following way: >> - Plugin checks if file with session cookie exists (per default >> in /var/tmp) >> - If not: login with username and password (that's why you need to >> specify auth pair or authfile) and fetch JSESSIONID >> -- Writes ID into session cookie file >> - If cookie file is found: login using JSESSIONID and ignore username >> and password. So you can change username/password and login will still >> work. >> - If login using session ID fails and cookie file exists, it will be >> deleted and a login with username and password is tried the next time >> the plugin is executed >> >> If you start the script with -vvv you can see if login is down with auth >> session or with username/password... >> >> I didn't test it with oVirt 3.2 (yet), but works fine in RHEV 3.1. > > well, we are trying it with next version of RHEV actually :) > sasha - can you please start the script with -vvv to provide the log > for login behavior? > Here is all (I hope) the relevant data: [V] Starting the main script. [V] Checking which component to monitor. [D] check_host: Called function check_host. [V] Host: Checking host . [V] Host: No subcheck is specified, checking memory usage. [D] check_statistics: Called function check_statistics. [V] Statistics: Checking statistics of hosts. [D] check_statistics: Input parameter $component: hosts [D] check_statistics: Input parameter $search: [D] check_statistics: Input parameter $statistics: memory [D] check_statistics: Converting variables. [D] check_statistics: Converted variable $url: hosts [D] get_result: Called function get_result. [D] get_result: Input parameter $_[0]: /hosts?search= [D] get_result: Input parameter $xml: hosts [D] get_result: Input parameter $search: id [D] rhev_connect: Called function rhev_connect. [V] REST-API: Connecting to REST-API. [D] rhev_connect: Input parameter: /hosts?search=. [V] REST-API: RHEVM-API URL: https://<hostname>:8443/api/hosts?search= [V] REST-API: RHEVM-API User: <username> [V] REST-API: RHEVM-API Password: <password> [V] REST-API: cookie filename: bm90dDA0LmVuZy5sYWIudGx2LnJlZGhhdC5jb20tdmlld2VyQG5vdHQwNC5lbmcubGFiLnRsdi5y ZWRoYXQuY29tCg== [D] rhev_connect: Using username and password authentication. [V] REST-API: Cache-Control: no-cache Connection: close Date: Thu, 23 May 2013 07:50:33 GMT Pragma: No-cache Server: Apache-Coyote/1.1 Content-Type: application/xml Expires: Thu, 01 Jan 1970 02:00:00 IST Client-Date: Thu, 23 May 2013 07:50:33 GMT Client-Peer: 10.35.16.97:8443 Client-Response-Num: 1 Client-SSL-Cert-Issuer: /C=US/O=Red Hat TLV/CN=CA-<FQDN>.31149 Client-SSL-Cert-Subject: /C=US/O=Red Hat TLV/CN=<FQDN> Client-SSL-Cipher: DHE-RSA-AES256-SHA Client-SSL-Warning: Peer certificate not verified Set-Cookie: JSESSIONID=8gUbxG1-uk8HOi2tq4krw7tq; Path=/api; Secure [D] rhev_connect: <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <hosts> ##### The output is truncated ########
It seems to me that you did start the plugin without "-o" option...
Without -o plugin uses username + password authentication (to be compatible with RHEV 3.0, oVirt 3.0 - especially to not break existing setups): $ ./check_rhev3 -H localhost -f authfile -D -vvv [V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK [D] rhev_connect: Using username and password authentication.
With -o a cookie file it uses username + password when the cookie file is missing (first call): $ ./check_rhev3 -H localhost -f authfile -D -vvv -o [V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK [D] rhev_connect: Using cookie authentication. [D] rhev_connect: No cookie file found - using username and password
And uses session cookie if it exists: $ ./check_rhev3 -H localhost -f authfile -D -vvv -o [V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK [D] rhev_connect: Using cookie authentication. [D] rhev_connect: Using cookie: JSESSIONID=wbYehfrValieFzkv6GBWes-g
Please try again with "-o".
Regards, René
> Thanks, > Itamar >
Hi Rene,
I expect most will fail on this -o. maybe add auto-detection of version or engine capabilities to try and use it, else failback to use/password?
Thanks, Itamar
That sounds like a good idea - thanks! Will think on how I can implement it - either store engine version/capability into a temp file or query version/capability. I think a temp file is the better solutions as I don't need an additional API call...
Regards, René
michael - is there a rest api capability that can be used to test support of user level api?
api maintains <features> section for the features been added in the version, check if you see something related to the "user level api" (if you don't, - this is a bug).
i want persistent session - not user level api?