On 05/23/2013 11:07 AM, René Koch (ovido) wrote:
On Thu, 2013-05-23 at 10:55 +0300, Sasha Chuzhoy wrote:
On 05/22/2013 05:18 PM, Itamar Heim wrote:
On 05/22/2013 03:55 PM, René Koch (ovido) wrote:
On Wed, 2013-05-22 at 14:59 +0300, Itamar Heim wrote:
-------- Original Message --------
Subject: [Users] Nagios monitoring plugin check_rhev3 1.2 released
Date: Thu, 16 May 2013 16:31:24 +0200
From: René Koch <r.k...@ovido.at>
To: users <Users@ovirt.org>
I'm happy to announce version 1.2 of check_rhev3.
check_rhev3 is a monitoring plugin for Icinga/Nagios and it's forks,
which is
used to monitor datacenters, clusters, hosts, vms, vm pools and
storage
domains
of Red Hat Enterprise Virtualization (RHEV) and oVirt virtualization
environments.
The download locations are
*
https://labs.ovido.at/download/check_rhev3/check_rhev3-1.2.tar.gz
*
https://labs.ovido.at/download/check_rhev3/nagios-plugins-rhev3-1.2-1.el6.i686.rpm
*
https://labs.ovido.at/download/check_rhev3/nagios-plugins-rhev3-1.2-1.el6.x86_64.rpm
For further information on how to install this plugin visit:
https://github.com/ovido/check_rhev3/wiki/Installation-Documentation
A detailed usage documentation can be found here:
https://github.com/ovido/check_rhev3/wiki/Usage-Documentation
Changelog:
- General:
- Moved project to github: https://github.com/ovido/check_rhev3
- New features:
- Verify RHEV-M certificate
- Allow authentication sessions for authentication in RHEV >= 3.1
and
oVirt >= 3.1
- Use option -n <nic> to check a specific nic
- Bugs fixed:
- Performance data issue with check_multi
If you have any questions or ideas, please drop me an email:
r.k...@ovido.at.
Thank you for using check_rhev3.
Hi Rene,
we deployed the plugin and noticed its flooding the event log with
login
events for the user its using via the REST API.
can you please add persistent session to the REST API calls so login
will happen only once and won't flood the log?
http://www.ovirt.org/Features/RESTSessionManagement
It's one of the features in the latest version (1.2):
-o, --cookie
Use cookie based authenticated sessions (requires RHEV >= 3.1)
I implemented it in the following way:
- Plugin checks if file with session cookie exists (per default
in /var/tmp)
- If not: login with username and password (that's why you need to
specify auth pair or authfile) and fetch JSESSIONID
-- Writes ID into session cookie file
- If cookie file is found: login using JSESSIONID and ignore username
and password. So you can change username/password and login will still
work.
- If login using session ID fails and cookie file exists, it will be
deleted and a login with username and password is tried the next time
the plugin is executed
If you start the script with -vvv you can see if login is down with auth
session or with username/password...
I didn't test it with oVirt 3.2 (yet), but works fine in RHEV 3.1.
well, we are trying it with next version of RHEV actually :)
sasha - can you please start the script with -vvv to provide the log
for login behavior?
Here is all (I hope) the relevant data:
[V] Starting the main script.
[V] Checking which component to monitor.
[D] check_host: Called function check_host.
[V] Host: Checking host .
[V] Host: No subcheck is specified, checking memory usage.
[D] check_statistics: Called function check_statistics.
[V] Statistics: Checking statistics of hosts.
[D] check_statistics: Input parameter $component: hosts
[D] check_statistics: Input parameter $search:
[D] check_statistics: Input parameter $statistics: memory
[D] check_statistics: Converting variables.
[D] check_statistics: Converted variable $url: hosts
[D] get_result: Called function get_result.
[D] get_result: Input parameter $_[0]: /hosts?search=
[D] get_result: Input parameter $xml: hosts
[D] get_result: Input parameter $search: id
[D] rhev_connect: Called function rhev_connect.
[V] REST-API: Connecting to REST-API.
[D] rhev_connect: Input parameter: /hosts?search=.
[V] REST-API: RHEVM-API URL: https://<hostname>:8443/api/hosts?search=
[V] REST-API: RHEVM-API User: <username>
[V] REST-API: RHEVM-API Password: <password>
[V] REST-API: cookie filename:
bm90dDA0LmVuZy5sYWIudGx2LnJlZGhhdC5jb20tdmlld2VyQG5vdHQwNC5lbmcubGFiLnRsdi5y
ZWRoYXQuY29tCg==
[D] rhev_connect: Using username and password authentication.
[V] REST-API: Cache-Control: no-cache
Connection: close
Date: Thu, 23 May 2013 07:50:33 GMT
Pragma: No-cache
Server: Apache-Coyote/1.1
Content-Type: application/xml
Expires: Thu, 01 Jan 1970 02:00:00 IST
Client-Date: Thu, 23 May 2013 07:50:33 GMT
Client-Peer: 10.35.16.97:8443
Client-Response-Num: 1
Client-SSL-Cert-Issuer: /C=US/O=Red Hat TLV/CN=CA-<FQDN>.31149
Client-SSL-Cert-Subject: /C=US/O=Red Hat TLV/CN=<FQDN>
Client-SSL-Cipher: DHE-RSA-AES256-SHA
Client-SSL-Warning: Peer certificate not verified
Set-Cookie: JSESSIONID=8gUbxG1-uk8HOi2tq4krw7tq; Path=/api; Secure
[D] rhev_connect: <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<hosts>
##### The output is truncated ########
It seems to me that you did start the plugin without "-o" option...
Without -o plugin uses username + password authentication (to be
compatible with RHEV 3.0, oVirt 3.0 - especially to not break existing
setups):
$ ./check_rhev3 -H localhost -f authfile -D -vvv
[V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK
[D] rhev_connect: Using username and password authentication.
With -o a cookie file it uses username + password when the cookie file
is missing (first call):
$ ./check_rhev3 -H localhost -f authfile -D -vvv -o
[V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK
[D] rhev_connect: Using cookie authentication.
[D] rhev_connect: No cookie file found - using username and password
And uses session cookie if it exists:
$ ./check_rhev3 -H localhost -f authfile -D -vvv -o
[V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK
[D] rhev_connect: Using cookie authentication.
[D] rhev_connect: Using cookie: JSESSIONID=wbYehfrValieFzkv6GBWes-g
Please try again with "-o".
Regards,
René
Thanks,
Itamar
Hi Rene,
I expect most will fail on this -o.
maybe add auto-detection of version or engine capabilities to try and
use it, else failback to use/password?
Thanks,
Itamar
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
