[Users] Fwd: Nagios monitoring plugin check_rhev3 1.2 released

Michael Pasternak mpastern at redhat.com
Thu May 23 10:07:11 UTC 2013


On 05/23/2013 01:04 PM, Michael Pasternak wrote:
> On 05/23/2013 12:37 PM, Itamar Heim wrote:
>> On 05/23/2013 12:36 PM, Michael Pasternak wrote:
>>> On 05/23/2013 11:22 AM, Itamar Heim wrote:
>>>> On 05/23/2013 11:21 AM, René Koch (ovido) wrote:
>>>>>
>>>>> On Thu, 2013-05-23 at 11:11 +0300, Itamar Heim wrote:
>>>>>> On 05/23/2013 11:07 AM, René Koch (ovido) wrote:
>>>>>>> On Thu, 2013-05-23 at 10:55 +0300, Sasha Chuzhoy wrote:
>>>>>>>> On 05/22/2013 05:18 PM, Itamar Heim wrote:
>>>>>>>>> On 05/22/2013 03:55 PM, René Koch (ovido) wrote:
>>>>>>>>>>
>>>>>>>>>> On Wed, 2013-05-22 at 14:59 +0300, Itamar Heim wrote:
>>>>>>>>>>>> -------- Original Message --------
>>>>>>>>>>>> Subject: [Users] Nagios monitoring plugin check_rhev3 1.2 released
>>>>>>>>>>>> Date: Thu, 16 May 2013 16:31:24 +0200
>>>>>>>>>>>> From: René Koch <r.koch at ovido.at>
>>>>>>>>>>>> To: users <Users at ovirt.org>
>>>>>>>>>>>>
>>>>>>>>>>>> I'm happy to announce version 1.2 of check_rhev3.
>>>>>>>>>>>>
>>>>>>>>>>>> check_rhev3 is a monitoring plugin for Icinga/Nagios and it's forks,
>>>>>>>>>>>> which is
>>>>>>>>>>>> used to monitor datacenters, clusters, hosts, vms, vm pools and
>>>>>>>>>>>> storage
>>>>>>>>>>>> domains
>>>>>>>>>>>> of Red Hat Enterprise Virtualization (RHEV) and oVirt virtualization
>>>>>>>>>>>> environments.
>>>>>>>>>>>>
>>>>>>>>>>>> The download locations are
>>>>>>>>>>>>        *
>>>>>>>>>>>> https://labs.ovido.at/download/check_rhev3/check_rhev3-1.2.tar.gz
>>>>>>>>>>>>        *
>>>>>>>>>>>> https://labs.ovido.at/download/check_rhev3/nagios-plugins-rhev3-1.2-1.el6.i686.rpm
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>        *
>>>>>>>>>>>> https://labs.ovido.at/download/check_rhev3/nagios-plugins-rhev3-1.2-1.el6.x86_64.rpm
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> For further information on how to install this plugin visit:
>>>>>>>>>>>>
>>>>>>>>>>>> https://github.com/ovido/check_rhev3/wiki/Installation-Documentation
>>>>>>>>>>>>
>>>>>>>>>>>> A detailed usage documentation can be found here:
>>>>>>>>>>>> https://github.com/ovido/check_rhev3/wiki/Usage-Documentation
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Changelog:
>>>>>>>>>>>>
>>>>>>>>>>>> - General:
>>>>>>>>>>>> -   Moved project to github: https://github.com/ovido/check_rhev3
>>>>>>>>>>>>
>>>>>>>>>>>> - New features:
>>>>>>>>>>>> -   Verify RHEV-M certificate
>>>>>>>>>>>> -   Allow authentication sessions for authentication in RHEV >= 3.1
>>>>>>>>>>>> and
>>>>>>>>>>>> oVirt >= 3.1
>>>>>>>>>>>> -   Use option -n <nic> to check a specific nic
>>>>>>>>>>>>
>>>>>>>>>>>> - Bugs fixed:
>>>>>>>>>>>> -   Performance data issue with check_multi
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> If you have any questions or ideas, please drop me an email: ​
>>>>>>>>>>>> r.koch at ovido.at.
>>>>>>>>>>>>
>>>>>>>>>>>> Thank you for using check_rhev3.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Hi Rene,
>>>>>>>>>>>
>>>>>>>>>>> we deployed the plugin and noticed its flooding the event log with
>>>>>>>>>>> login
>>>>>>>>>>> events for the user its using via the REST API.
>>>>>>>>>>> can you please add persistent session to the REST API calls so login
>>>>>>>>>>> will happen only once and won't flood the log?
>>>>>>>>>>>
>>>>>>>>>>> http://www.ovirt.org/Features/RESTSessionManagement
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> It's one of the features in the latest version (1.2):
>>>>>>>>>>
>>>>>>>>>>      -o, --cookie
>>>>>>>>>>         Use cookie based authenticated sessions (requires RHEV >= 3.1)
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> I implemented it in the following way:
>>>>>>>>>> - Plugin checks if file with session cookie exists (per default
>>>>>>>>>> in /var/tmp)
>>>>>>>>>> - If not: login with username and password (that's why you need to
>>>>>>>>>> specify auth pair or authfile) and fetch JSESSIONID
>>>>>>>>>> -- Writes ID into session cookie file
>>>>>>>>>> - If cookie file is found: login using JSESSIONID and ignore username
>>>>>>>>>> and password. So you can change username/password and login will still
>>>>>>>>>> work.
>>>>>>>>>> - If login using session ID fails and cookie file exists, it will be
>>>>>>>>>> deleted and a login with username and password is tried the next time
>>>>>>>>>> the plugin is executed
>>>>>>>>>>
>>>>>>>>>> If you start the script with -vvv you can see if login is down with auth
>>>>>>>>>> session or with username/password...
>>>>>>>>>>
>>>>>>>>>> I didn't test it with oVirt 3.2 (yet), but works fine in RHEV 3.1.
>>>>>>>>>
>>>>>>>>> well, we are trying it with next version of RHEV actually :)
>>>>>>>>> sasha - can you please start the script with -vvv to provide the log
>>>>>>>>> for login behavior?
>>>>>>>>>
>>>>>>>> Here is all (I hope) the relevant data:
>>>>>>>> [V] Starting the main script.
>>>>>>>> [V] Checking which component to monitor.
>>>>>>>> [D] check_host: Called function check_host.
>>>>>>>> [V] Host: Checking host .
>>>>>>>> [V] Host: No subcheck is specified, checking memory usage.
>>>>>>>> [D] check_statistics: Called function check_statistics.
>>>>>>>> [V] Statistics: Checking statistics of hosts.
>>>>>>>> [D] check_statistics: Input parameter $component: hosts
>>>>>>>> [D] check_statistics: Input parameter $search:
>>>>>>>> [D] check_statistics: Input parameter $statistics: memory
>>>>>>>> [D] check_statistics: Converting variables.
>>>>>>>> [D] check_statistics: Converted variable $url: hosts
>>>>>>>> [D] get_result: Called function get_result.
>>>>>>>> [D] get_result: Input parameter $_[0]: /hosts?search=
>>>>>>>> [D] get_result: Input parameter $xml: hosts
>>>>>>>> [D] get_result: Input parameter $search: id
>>>>>>>> [D] rhev_connect: Called function rhev_connect.
>>>>>>>> [V] REST-API: Connecting to REST-API.
>>>>>>>> [D] rhev_connect: Input parameter: /hosts?search=.
>>>>>>>> [V] REST-API: RHEVM-API URL: https://<hostname>:8443/api/hosts?search=
>>>>>>>> [V] REST-API: RHEVM-API User: <username>
>>>>>>>> [V] REST-API: RHEVM-API Password: <password>
>>>>>>>> [V] REST-API: cookie filename:
>>>>>>>> bm90dDA0LmVuZy5sYWIudGx2LnJlZGhhdC5jb20tdmlld2VyQG5vdHQwNC5lbmcubGFiLnRsdi5y
>>>>>>>> ZWRoYXQuY29tCg==
>>>>>>>> [D] rhev_connect: Using username and password authentication.
>>>>>>>> [V] REST-API: Cache-Control: no-cache
>>>>>>>> Connection: close
>>>>>>>> Date: Thu, 23 May 2013 07:50:33 GMT
>>>>>>>> Pragma: No-cache
>>>>>>>> Server: Apache-Coyote/1.1
>>>>>>>> Content-Type: application/xml
>>>>>>>> Expires: Thu, 01 Jan 1970 02:00:00 IST
>>>>>>>> Client-Date: Thu, 23 May 2013 07:50:33 GMT
>>>>>>>> Client-Peer: 10.35.16.97:8443
>>>>>>>> Client-Response-Num: 1
>>>>>>>> Client-SSL-Cert-Issuer: /C=US/O=Red Hat TLV/CN=CA-<FQDN>.31149
>>>>>>>> Client-SSL-Cert-Subject: /C=US/O=Red Hat TLV/CN=<FQDN>
>>>>>>>> Client-SSL-Cipher: DHE-RSA-AES256-SHA
>>>>>>>> Client-SSL-Warning: Peer certificate not verified
>>>>>>>> Set-Cookie: JSESSIONID=8gUbxG1-uk8HOi2tq4krw7tq; Path=/api; Secure
>>>>>>>> [D] rhev_connect: <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
>>>>>>>> <hosts>
>>>>>>>> ##### The output is truncated ########
>>>>>>>
>>>>>>>
>>>>>>> It seems to me that you did start the plugin without "-o" option...
>>>>>>>
>>>>>>> Without -o plugin uses username + password authentication (to be
>>>>>>> compatible with RHEV 3.0, oVirt 3.0 - especially to not break existing
>>>>>>> setups):
>>>>>>> $ ./check_rhev3 -H localhost -f authfile -D -vvv
>>>>>>> [V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK
>>>>>>> [D] rhev_connect: Using username and password authentication.
>>>>>>>
>>>>>>> With -o a cookie file it uses username + password when the cookie file
>>>>>>> is missing (first call):
>>>>>>> $ ./check_rhev3 -H localhost -f authfile -D -vvv -o
>>>>>>> [V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK
>>>>>>> [D] rhev_connect: Using cookie authentication.
>>>>>>> [D] rhev_connect: No cookie file found - using username and password
>>>>>>>
>>>>>>> And uses session cookie if it exists:
>>>>>>> $ ./check_rhev3 -H localhost -f authfile -D -vvv -o
>>>>>>> [V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK
>>>>>>> [D] rhev_connect: Using cookie authentication.
>>>>>>> [D] rhev_connect: Using cookie: JSESSIONID=wbYehfrValieFzkv6GBWes-g
>>>>>>>
>>>>>>> Please try again with "-o".
>>>>>>>
>>>>>>>
>>>>>>> Regards,
>>>>>>> René
>>>>>>>
>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>>       Itamar
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> Hi Rene,
>>>>>>
>>>>>> I expect most will fail on this -o.
>>>>>> maybe add auto-detection of version or engine capabilities to try and
>>>>>> use it, else failback to use/password?
>>>>>>
>>>>>> Thanks,
>>>>>>       Itamar
>>>>>
>>>>>
>>>>> That sounds like a good idea - thanks!
>>>>> Will think on how I can implement it - either store engine
>>>>> version/capability into a temp file or query version/capability.
>>>>> I think a temp file is the better solutions as I don't need an
>>>>> additional API call...
>>>>>
>>>>>
>>>>> Regards,
>>>>> René
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>> michael - is there a rest api capability that can be used to test support of user level api?
>>>
>>> api maintains <features> section for the features been added in the version, check if you see something
>>> related to the "user level api" (if you don't, - this is a bug).
>>>
>>>
>>
>> i want persistent session - not user level api?
> 
> my bad, didn't read entire tread, in <version major="3" minor="2"> we have:

btw the feature itself was introduced in 3.1

> 
> <feature>
>   <name>Session Based Authentication</name>
>   <description>Ability to maintain client-server session, to avoid login per request. Done by providing a header</description>
> </feature>
> 


-- 

Michael Pasternak
RedHat, ENG-Virtualization R&D



More information about the Users mailing list