Red Hat Training

A Red Hat training course is available for Red Hat Satellite

8.2. Red Hat Network Monitoring Daemon (rhnmd)

To get the most out of your monitoring entitlement, Red Hat suggests installing the Red Hat Network monitoring daemon on your client systems. Based upon OpenSSH, rhnmd enables the RHN Satellite to communicate securely with the client system to access internal processes and retrieve probe status.
Please note that the Red Hat Network monitoring daemon requires that monitored systems allow connections on port 4545. You may avoid opening this port and installing the daemon altogether by using sshd instead. Refer to Section 8.2.3, “Configuring SSH” for details.

8.2.1. Probes requiring the daemon

An encrypted connection, either through the Red Hat Network monitoring daemon or sshd, is required on client systems for the following probes to run:
  • Linux::CPU Usage
  • Linux::Disk IO Throughput
  • Linux::Disk Usage
  • Linux::Inodes
  • Linux::Interface Traffic
  • Linux::Load
  • Linux::Memory Usage
  • Linux::Process Counts by State
  • Linux::Process Count Total
  • Linux::Process Health
  • Linux::Process Running
  • Linux::Swap Usage
  • Linux::TCP Connections by State
  • Linux::Users
  • Linux::Virtual Memory
  • LogAgent::Log Pattern Match
  • LogAgent::Log Size
  • Network Services::Remote Ping
  • Oracle::Client Connectivity
  • General::Remote Program
  • General::Remote Program with Data
Note that all probes in the Linux group have this requirement.

8.2.2. Installing the Red Hat Network Monitoring Daemon

Install the Red Hat Network monitoring daemon to prepare systems for monitoring with the probes identified in Section 8.2.1, “Probes requiring the daemon”. Note that the steps in this section are optional if you intend to use sshd to allow secure connections between the RHN monitoring infrastructure and the monitored systems. Refer to Section 8.2.3, “Configuring SSH” for instructions.
The rhnmd package can be found in the RHN Tools channel for all Red Hat Enterprise Linux distributions. To install it:
  1. Subscribe the systems to be monitored to the RHN Tools channel associated with the system. This can be done individually through the System Details ⇒ Channels ⇒ Software subtab or for multiple systems at once through the Channel Details ⇒ Target Systems tab.
  2. Once subscribed, open the Channel Details ⇒ Packages tab and find the rhnmd package (under 'R').
  3. Click the package name to open the Package Details page. Go to the Target Systems tab, select the desired systems, and click Install Packages.
  4. Install the SSH public key on all client systems to be monitored, as described in Section 8.2.4, “Installing the SSH key”.
  5. Start the Red Hat Network monitoring daemon on all client systems using the command: 
    service rhnmd start
  6. When adding probes requiring the daemon, accept the default values for RHNMD User and RHNMD Port: nocpulse and 4545, respectively.

8.2.3. Configuring SSH

If you wish to avoid installing the Red Hat Network monitoring daemon and opening port 4545 on client systems, you may configure sshd to provide the encrypted connection required between the systems and RHN. This may be especially desirable if you already have sshd running. To configure the daemon for monitoring use:
  1. Ensure the SSH package is installed on the systems to be monitored: 
    rpm -qi openssh-server
  2. Identify the user to be associated with the daemon. This can be any user available on the system, as long as the required SSH key can be put in the user's ~/.ssh/authorized_keys file.
  3. Identify the port used by the daemon, as identified in its /etc/ssh/sshd_config configuration file. The default is port 22.
  4. Install the SSH public key on all client systems to be monitored, as described in Section 8.2.4, “Installing the SSH key”.
  5. Start the sshd on all client systems using the command: 
    service sshd start
  6. When adding probes requiring the daemon, insert the values derived from steps 2 and 3 in the RHNMD User and RHNMD Port fields.

8.2.4. Installing the SSH key

Whether you use rhnmd or sshd, you must install the Red Hat Network monitoring daemon public SSH key on the systems to be monitored to complete the secure connection. To install it:
  1. Navigate to the Monitoring ⇒ Scout Config Push page on the Satellite interface and click the name of the Scout that will monitor the client system. The SSH id_dsa.pub key is visible on the resulting page.
  2. Copy the character string (beginning with ssh-dss and ending with the hostname of the RHN Server).
  3. Choose which systems to send the key to. Select Systems from the left menu, and click the checkbox next to the systems you want to send the SSH key to. Click the Manage button at the top to finish.
  4. From the System Set Manager, click Run remote commands, then in the Script text box, type the following line: 
    #!/bin/sh
cat <<EOF >> ~nocpulse/.ssh/authorized_keys
    Then, press Enter and paste the SSH Key. The result should look similar to the following: 
    #!/bin/sh
cat <<EOF >> /var/lib/nocpulse/.ssh/authorized_keys                  
ssh-dss AABBAB3NzaC3kc3MABCCBAJ4cmyf5jt/ihdtFbNE1YHsT0np0SYJz7xk
hzoKUUWnZmOUqJ7eXoTbGEcZjZLppOZgzAepw1vUHXfa/L9XiXvsV8K5Qmcu70h0
1gohBIder/1I1QbHMCgfDVFPtfV5eedau4AAACAc99dHbWhk/dMPiWXgHxdI0vT2
SnuozIox2klmfbTeO4Ajn/Ecfxqgs5diat/NIaeoItuGUYepXFoVv8DVL3wpp45E
02hjmp4j2MYNpc6Pc3nPOVntu6YBv+whB0VrsVzeqX89u23FFjTLGbfYrmMQflNi
j8yynGRePIMFhI= root@satellite.example.com
EOF
  5. Set the date and time you want for the action to take place, then click Schedule Remote Command.
Once the key is in place and accessible, all probes that require it should allow ssh connections between the monitoring infrastructure and the monitored system. You may then schedule probes requiring the monitoring daemon to run against the newly configured systems.