Red Hat Training
A Red Hat training course is available for Red Hat Satellite
8.2. Red Hat Network Monitoring Daemon (rhnmd)
To get the most out of your monitoring entitlement, Red Hat suggests installing the Red Hat Network monitoring daemon on your client systems. Based upon OpenSSH,
rhnmd
enables the RHN Satellite to communicate securely with the client system to access internal processes and retrieve probe status.
Please note that the Red Hat Network monitoring daemon requires that monitored systems allow connections on port 4545. You may avoid opening this port and installing the daemon altogether by using
sshd
instead. Refer to Section 8.2.3, “Configuring SSH” for details.
8.2.1. Probes requiring the daemon
An encrypted connection, either through the Red Hat Network monitoring daemon or
sshd
, is required on client systems for the following probes to run:
- Linux::CPU Usage
- Linux::Disk IO Throughput
- Linux::Disk Usage
- Linux::Inodes
- Linux::Interface Traffic
- Linux::Load
- Linux::Memory Usage
- Linux::Process Counts by State
- Linux::Process Count Total
- Linux::Process Health
- Linux::Process Running
- Linux::Swap Usage
- Linux::TCP Connections by State
- Linux::Users
- Linux::Virtual Memory
- LogAgent::Log Pattern Match
- LogAgent::Log Size
- Network Services::Remote Ping
- Oracle::Client Connectivity
- General::Remote Program
- General::Remote Program with Data
Note that all probes in the Linux group have this requirement.
8.2.2. Installing the Red Hat Network Monitoring Daemon
Install the Red Hat Network monitoring daemon to prepare systems for monitoring with the probes identified in Section 8.2.1, “Probes requiring the daemon”. Note that the steps in this section are optional if you intend to use
sshd
to allow secure connections between the RHN monitoring infrastructure and the monitored systems. Refer to Section 8.2.3, “Configuring SSH” for instructions.
The
rhnmd
package can be found in the RHN Tools channel for all Red Hat Enterprise Linux distributions. To install it:
- Subscribe the systems to be monitored to the RHN Tools channel associated with the system. This can be done individually through the System Details ⇒ Channels ⇒ Software subtab or for multiple systems at once through the Channel Details ⇒ Target Systems tab.
- Once subscribed, open the Channel Details ⇒ Packages tab and find the
rhnmd
package (under 'R'). - Click the package name to open the Package Details page. Go to the Target Systems tab, select the desired systems, and click Install Packages.
- Install the SSH public key on all client systems to be monitored, as described in Section 8.2.4, “Installing the SSH key”.
- Start the Red Hat Network monitoring daemon on all client systems using the command:
service rhnmd start
- When adding probes requiring the daemon, accept the default values for RHNMD User and RHNMD Port:
nocpulse
and4545
, respectively.
8.2.3. Configuring SSH
If you wish to avoid installing the Red Hat Network monitoring daemon and opening port 4545 on client systems, you may configure
sshd
to provide the encrypted connection required between the systems and RHN. This may be especially desirable if you already have sshd
running. To configure the daemon for monitoring use:
- Ensure the SSH package is installed on the systems to be monitored:
rpm -qi openssh-server
- Identify the user to be associated with the daemon. This can be any user available on the system, as long as the required SSH key can be put in the user's
~/.ssh/authorized_keys
file. - Install the SSH public key on all client systems to be monitored, as described in Section 8.2.4, “Installing the SSH key”.
- Start the
sshd
on all client systems using the command:service sshd start
- When adding probes requiring the daemon, insert the values derived from steps 2 and 3 in the RHNMD User and RHNMD Port fields.
8.2.4. Installing the SSH key
Whether you use
rhnmd
or sshd
, you must install the Red Hat Network monitoring daemon public SSH key on the systems to be monitored to complete the secure connection. To install it:
- Copy the character string (beginning with
ssh-dss
and ending with the hostname of the RHN Server). - Choose which systems to send the key to. Select Systems from the left menu, and click the checkbox next to the systems you want to send the SSH key to. Click the Manage button at the top to finish.
- From the System Set Manager, click Run remote commands, then in the Script text box, type the following line:
#!/bin/sh cat <<EOF >> ~nocpulse/.ssh/authorized_keys
Then, press Enter and paste the SSH Key. The result should look similar to the following:#!/bin/sh cat <<EOF >> /var/lib/nocpulse/.ssh/authorized_keys ssh-dss AABBAB3NzaC3kc3MABCCBAJ4cmyf5jt/ihdtFbNE1YHsT0np0SYJz7xk hzoKUUWnZmOUqJ7eXoTbGEcZjZLppOZgzAepw1vUHXfa/L9XiXvsV8K5Qmcu70h0 1gohBIder/1I1QbHMCgfDVFPtfV5eedau4AAACAc99dHbWhk/dMPiWXgHxdI0vT2 SnuozIox2klmfbTeO4Ajn/Ecfxqgs5diat/NIaeoItuGUYepXFoVv8DVL3wpp45E 02hjmp4j2MYNpc6Pc3nPOVntu6YBv+whB0VrsVzeqX89u23FFjTLGbfYrmMQflNi j8yynGRePIMFhI= root@satellite.example.com EOF
- Set the date and time you want for the action to take place, then click Schedule Remote Command.
Once the key is in place and accessible, all probes that require it should allow
ssh
connections between the monitoring infrastructure and the monitored system. You may then schedule probes requiring the monitoring daemon to run against the newly configured systems.