Архитектура Sensu
Установка Sensu Go на CentOS 8 / RHEL 8
Существует три основных раздела инструмента мониторинга Sensu.
Шаг 1: Установка бэкэнда Sensu на CentOS 8 / RHEL 8
Добавьте бэкэнд-репозиторий:
curl -s https://packagecloud.io/install/repositories/sensu/stable/script.rpm.sh | sudo bash
Если конфигурация репозитория прошла успешно, вывод будет выглядеть следующим образом:
Complete!
Generating yum cache for sensu_stable...
Importing GPG key 0x0A3F7426:
Userid : "https://packagecloud.io/sensu/stable (https://packagecloud.io/docs#gpg_signing) <support@packagecloud.io>"
Fingerprint: CB16 05C4 E988 C91F 4382 49E3 A5BC 3FB7 0A3F 7426
From : https://packagecloud.io/sensu/stable/gpgkey
Generating yum cache for sensu_stable-source...
The repository is setup! You can now install packages.
..
После добавления репозитория установите бэкэнд Sensu на CentOS 8 / RHEL 8:
sudo yum install sensu-go-backend
Примите запрос на установку:
Dependencies resolved.
========================================================================================================================================================
Package Architecture Version Repository Size
========================================================================================================================================================
Installing:
sensu-go-backend x86_64 5.20.1-12427 sensu_stable 14 M
Transaction Summary
========================================================================================================================================================
Install 1 Package
Total download size: 14 M
Installed size: 38 M
Is this ok [y/N]: y
Шаг 2: Настройка Sensu Backend на CentOS 8 / RHEL 8
Скопируйте шаблон конфигурации из документации:
sudo curl -L https://docs.sensu.io/sensu-go/latest/files/backend.yml -o /etc/sensu/backend.yml
Отредактируйте его по своему вкусу:
sudo vi /etc/sensu/backend.yml
Вот так выглядит моя конфигурация:
---
# Sensu backend configuration
# backend configuration
state-dir: "/var/lib/sensu/sensu-backend"
cache-dir: "/var/cache/sensu/sensu-backend"
config-file: "/etc/sensu/backend.yml"
debug: false
log-level: "debug" # available log levels: panic, fatal, error, warn, info, debug
##
# agent configuration
##
agent-port: 8081
##
# api configuration
##
api-listen-address: "[::]:8080" # listen on all IPv4 and IPv6 addresses
#api-url: "http://localhost:8080"
##
# dashboard configuration
##
#dashboard-cert-file: "/path/to/ssl/cert.pem"
#dashboard-key-file: "/path/to/ssl/key.pem"
dashboard-host: "[::]" # listen on all IPv4 and IPv6 addresses
dashboard-port: 3000
##
# ssl configuration
##
#cert-file: "/path/to/ssl/cert.pem"
#key-file: "/path/to/ssl/key.pem"
#trusted-ca-file: "/path/to/trusted-certificate-authorities.pem"
#insecure-skip-tls-verify: false
##
# store configuration
##
#etcd-advertise-client-urls: "http://localhost:2379"
#etcd-cert-file: "/path/to/ssl/cert.pem"
#etcd-client-cert-auth: false
#etcd-initial-advertise-peer-urls: "http://127.0.0.1:2380"
#etcd-initial-cluster: "default=http://127.0.0.1:2380"
#etcd-initial-cluster-state: "new" # new or existing
#etcd-initial-cluster-token: "sensu"
#etcd-key-file: "/path/to/ssl/key.pem"
#etcd-listen-client-urls: "http://127.0.0.1:2379"
#etcd-listen-peer-urls: "http://127.0.0.1:2380"
#etcd-name: "default"
#etcd-peer-cert-file: "/path/to/ssl/cert.pem"
#etcd-peer-client-cert-auth: false
#etcd-peer-key-file: "/path/to/ssl/key.pem"
#etcd-peer-trusted-ca-file: "/path/to/ssl/key.pem"
#etcd-trusted-ca-file: "/path/to/ssl/key.pem"
#no-embed-etcd: false
#etcd-cipher-suits
# - TLS_EXAMPLE
Запустите бэкэнд-сервис Sensu:
sudo systemctl enable --now sensu-backend
Проверьте статус службы:
systemctl status sensu-backend
● sensu-backend.service - The Sensu Backend service.
Loaded: loaded (/usr/lib/systemd/system/sensu-backend.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2020-05-19 21:45:05 CEST; 14s ago
Main PID: 2194 (sensu-backend)
Tasks: 11 (limit: 26213)
Memory: 25.8M
CGroup: /system.slice/sensu-backend.service
└─2194 /usr/sbin/sensu-backend start -c /etc/sensu/backend.yml
May 19 21:45:11 sensu-backend[2194]: {"backend_id":"861176a0-1874-4007-be62-c41f1b048dfe","component":"metricsd","level":"d>
May 19 21:45:12 sensu-backend[2194]: {"backend_id":"861176a0-1874-4007-be62-c41f1b048dfe","component":"metricsd","level":"d>
May 19 21:45:13 sensu-backend[2194]: {"backend_id":"861176a0-1874-4007-be62-c41f1b048dfe","component":"metricsd","level":"d>
May 19 21:45:16 sensu-backend[2194]: {"component":"cache","level":"debug","msg":"rebuilding the cache for resource type *v2>
May 19 21:45:16 sensu-backend[2194]: {"component":"cache","level":"debug","msg":"rebuilding the cache for resource type *v2>
May 19 21:45:16 sensu-backend[2194]: {"component":"cache","level":"debug","msg":"rebuilding the cache for resource type *v2>
May 19 21:45:16 sensu-backend[2194]: {"component":"tessend","level":"debug","metric_name":"auth_provider_count","metric_val>
May 19 21:45:16 sensu-backend[2194]: {"backend_id":"861176a0-1874-4007-be62-c41f1b048dfe","component":"metricsd","level":"d>
May 19 21:45:17 sensu-backend[2194]: {"backend_id":"861176a0-1874-4007-be62-c41f1b048dfe","component":"metricsd","level":"d>
May 19 21:45:18 sensu-backend[2194]: {"backend_id":"861176a0-1874-4007-be62-c41f1b048dfe","component":"metricsd","level":"d>
Шаг 3: Инициализация бэкэнда Sensu
Теперь вам нужно настроить имя пользователя и пароль администратора Sensu.
Выполните следующую команду для инициализации бэкэнда Sensu:
export SENSU_BACKEND_CLUSTER_ADMIN_USERNAME=admin
export SENSU_BACKEND_CLUSTER_ADMIN_PASSWORD=StrongAdminP@ssw0rd
sensu-backend init
Вывод выполнения команды:
{"component":"backend.seeds","level":"info","msg":"seeding etcd store with intial data","time":"2020-05-19T21:50:07+02:00"}
Вы также можете запустить команду init sensu-backend в интерактивном режиме, если вы предпочитаете отвечать на запросы ввода имени пользователя и пароля:
sensu-backend init --interactive
Шаг 4. Доступ дашборду Sensu
Веб-интерфейс Sensu предоставляет унифицированное представление о ваших событиях мониторинга.
Убедитесь, что сервисный порт пользовательского интерфейса работает.
$ sudo ss -tunelp | grep 3000
tcp LISTEN 0 128 *:3000
Проверьте, работает ли бэкэнд, запросив работоспособность API:
$ curl http://127.0.0.1:8080/health
{"Alarms":null,"ClusterHealth":[{"MemberID":9882886658148554927,"MemberIDHex":"8927110dc66458af","Name":"default","Err":"","Healthy":true}],"Header":{"cluster_id":4255616304056076734,"member_id":9882886658148554927,"raft_term":2}}
sudo firewall-cmd --add-port=3000/tcp --permanent
sudo firewall-cmd --reload