09. 04. 2018 Davide Bizzarri NetEye

How to Deploy NRPE on CentOS 7 with Ansible

Introduction

When you need to monitor multiple machines, it’s a lot of work to install each machine manually.  Instead, you want to run just a single command, or click a few buttons, to configure all those machines at once, and then keep them updated over time.  This can be achieved with a bash script, so why bother to use Ansible?  The main reason is simplicity.  Bash scripts tend to be long, unreadable and unwieldy, while Ansible provides a powerful set of modules that can be used to perform the most common tasks in just few lines of self-explanatory code.  Another important reason is that Ansible is agentless, using OpenSSH to execute tasks on remote machines.

1. Install Ansible

The first thing we need to do is install Ansible on a control machine.  I will show you how to do it on NetEye, just to keep everything in one place.

On CentOS 6, Ansible is available only in the EPEL repository.

# yum install epel-release
# yum-config-manager --disable epel
# yum install ansible --enablerepo=epel

It’s good practice to keep the EPEL repository disabled so that you don’t install unwanted packages from it accidentally.

2. Create the Inventory

Put the IPs of the remote machines on which you want to deploy NRPE in /etc/ansible/hosts, for example:

[nrpe-clients]
172.17.0.4
172.17.0.5
172.17.0.6

Ansible will connect to the remote machine using OpenSSH, but to do so it needs a way to authenticate itself on each machine.  The simplest way to do this is to install our public ssh key on each remote machine:

# ssh-copy-id root@172.17.0.4
# ssh-copy-id root@172.17.0.5
# ssh-copy-id root@172.17.0.6

3. Create the Playbook

Ansible playbooks are YAML configuration files that describe a list of tasks to execute.  In our case, the steps we want to perform are (1) to install NRPE, (2) install Nagios plugins, and (3) configure NRPE.

3.1 Install NRPE and Nagios plugins

Let’s create a new playbook, which we will call nrpe-deploy.yaml, containing the following tasks for steps (1) and (2):

---
- hosts: nrpe-clients
  remote_user: root

  tasks:
  - name: install epel
    yum:
      name: epel-release
      state: latest

  - name: install nrpe
    yum:
      name: nrpe
      state: latest

  - name: install nagios plugins
    yum:
      name: nagios-plugins-all
      state: latest

This playbook uses yum to install or update NRPE and the Nagios plugins.

Now run the playbook with Ansible:

# ansible-playbook nrpe-deploy.yaml

3.2 Configure NRPE

Next we create an NRPE configuration file to copy onto each remote machine.  Let’s call it nrpe.cfg:

# bind to all interfaces
server_address=0.0.0.0

# allow neteye
allowed_hosts=127.0.0.1,172.17.0.3

# allow command args
dont_blame_nrpe=1

# example of commands
command[check_diskspace_arg]=/usr/lib64/nagios/plugins/check_disk $ARG1$
command[check_load_arg]=/usr/lib64/nagios/plugins/check_load $ARG1$
command[check_procs_arg]=/usr/lib64/nagios/plugins/check_procs $ARG1$
command[check_users_arg]=/usr/lib64/nagios/plugins/check_users $ARG1$

Now we can add new tasks to nrpe-deploy.yaml that will deploy the NRPE configuration files on the remote machines.

[...]
  - name: deploy nrpe.cfg
    copy:
      src: nrpe.cfg
      dest: /etc/nrpe.d/nrpe.cfg
    register: deploy_nrpe

  - name: start/restart and enable nrpe
    systemd:
      name: nrpe
      state: restarted
      enabled: yes
    when: deploy_nrpe.changed

And we can execute Ansible again:

# ansible-playbook nrpe-deploy.yaml

Conclusion

You can add new commands to nrpe.cfg, or new machines to /etc/ansible/hosts, and then execute ansible-playbook nrpe-deploy.yaml again to update all your remote machines or install new machines.  You can learn more on Ansible here: Ansible Documentation

Davide Bizzarri

Davide Bizzarri

R&D Software Engineer at Würth Phoenix
Hi, I'm Davide! I’m a full stack developer at Würth Phoenix. I started to use a PC at the age of ten when my parents bought our first family PC: an old Windows 98. Then, in high school, my professor introduced me to the world of software development by teaching me my first programming language, C. Since then I began to study IT and programming languages alone. After one year, I started to develop my first website that reached over one thousand views per day. Once I finished high school, I changed my job twice, until Würth Phoenix has hired me. Here I have learned many interesting things, one of the most important once is the agile development methodology which we living every day.

Author

Davide Bizzarri

Hi, I'm Davide! I’m a full stack developer at Würth Phoenix. I started to use a PC at the age of ten when my parents bought our first family PC: an old Windows 98. Then, in high school, my professor introduced me to the world of software development by teaching me my first programming language, C. Since then I began to study IT and programming languages alone. After one year, I started to develop my first website that reached over one thousand views per day. Once I finished high school, I changed my job twice, until Würth Phoenix has hired me. Here I have learned many interesting things, one of the most important once is the agile development methodology which we living every day.

Leave a Reply

Your email address will not be published. Required fields are marked *

Archive