On Thu, 2013-05-23 at 11:11 +0300, Itamar Heim wrote: > On 05/23/2013 11:07 AM, René Koch (ovido) wrote: > > On Thu, 2013-05-23 at 10:55 +0300, Sasha Chuzhoy wrote: > >> On 05/22/2013 05:18 PM, Itamar Heim wrote: > >>> On 05/22/2013 03:55 PM, René Koch (ovido) wrote: > >>>> > >>>> On Wed, 2013-05-22 at 14:59 +0300, Itamar Heim wrote: > >>>>>> -------- Original Message -------- > >>>>>> Subject: [Users] Nagios monitoring plugin check_rhev3 1.2 released > >>>>>> Date: Thu, 16 May 2013 16:31:24 +0200 > >>>>>> From: René Koch <r.k...@ovido.at> > >>>>>> To: users <Users@ovirt.org> > >>>>>> > >>>>>> I'm happy to announce version 1.2 of check_rhev3. > >>>>>> > >>>>>> check_rhev3 is a monitoring plugin for Icinga/Nagios and it's forks, > >>>>>> which is > >>>>>> used to monitor datacenters, clusters, hosts, vms, vm pools and > >>>>>> storage > >>>>>> domains > >>>>>> of Red Hat Enterprise Virtualization (RHEV) and oVirt virtualization > >>>>>> environments. > >>>>>> > >>>>>> The download locations are > >>>>>> * > >>>>>> https://labs.ovido.at/download/check_rhev3/check_rhev3-1.2.tar.gz > >>>>>> * > >>>>>> https://labs.ovido.at/download/check_rhev3/nagios-plugins-rhev3-1.2-1.el6.i686.rpm > >>>>>> > >>>>>> > >>>>>> * > >>>>>> https://labs.ovido.at/download/check_rhev3/nagios-plugins-rhev3-1.2-1.el6.x86_64.rpm > >>>>>> > >>>>>> > >>>>>> > >>>>>> For further information on how to install this plugin visit: > >>>>>> > >>>>>> https://github.com/ovido/check_rhev3/wiki/Installation-Documentation > >>>>>> > >>>>>> A detailed usage documentation can be found here: > >>>>>> https://github.com/ovido/check_rhev3/wiki/Usage-Documentation > >>>>>> > >>>>>> > >>>>>> Changelog: > >>>>>> > >>>>>> - General: > >>>>>> - Moved project to github: https://github.com/ovido/check_rhev3 > >>>>>> > >>>>>> - New features: > >>>>>> - Verify RHEV-M certificate > >>>>>> - Allow authentication sessions for authentication in RHEV >= 3.1 > >>>>>> and > >>>>>> oVirt >= 3.1 > >>>>>> - Use option -n <nic> to check a specific nic > >>>>>> > >>>>>> - Bugs fixed: > >>>>>> - Performance data issue with check_multi > >>>>>> > >>>>>> > >>>>>> If you have any questions or ideas, please drop me an email: > >>>>>> r.k...@ovido.at. > >>>>>> > >>>>>> Thank you for using check_rhev3. > >>>>>> > >>>>>> > >>>>>> > >>>>> > >>>>> Hi Rene, > >>>>> > >>>>> we deployed the plugin and noticed its flooding the event log with > >>>>> login > >>>>> events for the user its using via the REST API. > >>>>> can you please add persistent session to the REST API calls so login > >>>>> will happen only once and won't flood the log? > >>>>> > >>>>> http://www.ovirt.org/Features/RESTSessionManagement > >>>> > >>>> > >>>> It's one of the features in the latest version (1.2): > >>>> > >>>> -o, --cookie > >>>> Use cookie based authenticated sessions (requires RHEV >= 3.1) > >>>> > >>>> > >>>> I implemented it in the following way: > >>>> - Plugin checks if file with session cookie exists (per default > >>>> in /var/tmp) > >>>> - If not: login with username and password (that's why you need to > >>>> specify auth pair or authfile) and fetch JSESSIONID > >>>> -- Writes ID into session cookie file > >>>> - If cookie file is found: login using JSESSIONID and ignore username > >>>> and password. So you can change username/password and login will still > >>>> work. > >>>> - If login using session ID fails and cookie file exists, it will be > >>>> deleted and a login with username and password is tried the next time > >>>> the plugin is executed > >>>> > >>>> If you start the script with -vvv you can see if login is down with auth > >>>> session or with username/password... > >>>> > >>>> I didn't test it with oVirt 3.2 (yet), but works fine in RHEV 3.1. > >>> > >>> well, we are trying it with next version of RHEV actually :) > >>> sasha - can you please start the script with -vvv to provide the log > >>> for login behavior? > >>> > >> Here is all (I hope) the relevant data: > >> [V] Starting the main script. > >> [V] Checking which component to monitor. > >> [D] check_host: Called function check_host. > >> [V] Host: Checking host . > >> [V] Host: No subcheck is specified, checking memory usage. > >> [D] check_statistics: Called function check_statistics. > >> [V] Statistics: Checking statistics of hosts. > >> [D] check_statistics: Input parameter $component: hosts > >> [D] check_statistics: Input parameter $search: > >> [D] check_statistics: Input parameter $statistics: memory > >> [D] check_statistics: Converting variables. > >> [D] check_statistics: Converted variable $url: hosts > >> [D] get_result: Called function get_result. > >> [D] get_result: Input parameter $_[0]: /hosts?search= > >> [D] get_result: Input parameter $xml: hosts > >> [D] get_result: Input parameter $search: id > >> [D] rhev_connect: Called function rhev_connect. > >> [V] REST-API: Connecting to REST-API. > >> [D] rhev_connect: Input parameter: /hosts?search=. > >> [V] REST-API: RHEVM-API URL: https://<hostname>:8443/api/hosts?search= > >> [V] REST-API: RHEVM-API User: <username> > >> [V] REST-API: RHEVM-API Password: <password> > >> [V] REST-API: cookie filename: > >> bm90dDA0LmVuZy5sYWIudGx2LnJlZGhhdC5jb20tdmlld2VyQG5vdHQwNC5lbmcubGFiLnRsdi5y > >> ZWRoYXQuY29tCg== > >> [D] rhev_connect: Using username and password authentication. > >> [V] REST-API: Cache-Control: no-cache > >> Connection: close > >> Date: Thu, 23 May 2013 07:50:33 GMT > >> Pragma: No-cache > >> Server: Apache-Coyote/1.1 > >> Content-Type: application/xml > >> Expires: Thu, 01 Jan 1970 02:00:00 IST > >> Client-Date: Thu, 23 May 2013 07:50:33 GMT > >> Client-Peer: 10.35.16.97:8443 > >> Client-Response-Num: 1 > >> Client-SSL-Cert-Issuer: /C=US/O=Red Hat TLV/CN=CA-<FQDN>.31149 > >> Client-SSL-Cert-Subject: /C=US/O=Red Hat TLV/CN=<FQDN> > >> Client-SSL-Cipher: DHE-RSA-AES256-SHA > >> Client-SSL-Warning: Peer certificate not verified > >> Set-Cookie: JSESSIONID=8gUbxG1-uk8HOi2tq4krw7tq; Path=/api; Secure > >> [D] rhev_connect: <?xml version="1.0" encoding="UTF-8" standalone="yes"?> > >> <hosts> > >> ##### The output is truncated ######## > > > > > > It seems to me that you did start the plugin without "-o" option... > > > > Without -o plugin uses username + password authentication (to be > > compatible with RHEV 3.0, oVirt 3.0 - especially to not break existing > > setups): > > $ ./check_rhev3 -H localhost -f authfile -D -vvv > > [V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK > > [D] rhev_connect: Using username and password authentication. > > > > With -o a cookie file it uses username + password when the cookie file > > is missing (first call): > > $ ./check_rhev3 -H localhost -f authfile -D -vvv -o > > [V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK > > [D] rhev_connect: Using cookie authentication. > > [D] rhev_connect: No cookie file found - using username and password > > > > And uses session cookie if it exists: > > $ ./check_rhev3 -H localhost -f authfile -D -vvv -o > > [V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK > > [D] rhev_connect: Using cookie authentication. > > [D] rhev_connect: Using cookie: JSESSIONID=wbYehfrValieFzkv6GBWes-g > > > > Please try again with "-o". > > > > > > Regards, > > René > > > > > >>> Thanks, > >>> Itamar > >>> > >> > >> > > > > Hi Rene, > > I expect most will fail on this -o. > maybe add auto-detection of version or engine capabilities to try and > use it, else failback to use/password? > > Thanks, > Itamar
That sounds like a good idea - thanks! Will think on how I can implement it - either store engine version/capability into a temp file or query version/capability. I think a temp file is the better solutions as I don't need an additional API call... Regards, René _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
