On 05/23/2013 12:37 PM, Itamar Heim wrote: > On 05/23/2013 12:36 PM, Michael Pasternak wrote: >> On 05/23/2013 11:22 AM, Itamar Heim wrote: >>> On 05/23/2013 11:21 AM, René Koch (ovido) wrote: >>>> >>>> On Thu, 2013-05-23 at 11:11 +0300, Itamar Heim wrote: >>>>> On 05/23/2013 11:07 AM, René Koch (ovido) wrote: >>>>>> On Thu, 2013-05-23 at 10:55 +0300, Sasha Chuzhoy wrote: >>>>>>> On 05/22/2013 05:18 PM, Itamar Heim wrote: >>>>>>>> On 05/22/2013 03:55 PM, René Koch (ovido) wrote: >>>>>>>>> >>>>>>>>> On Wed, 2013-05-22 at 14:59 +0300, Itamar Heim wrote: >>>>>>>>>>> -------- Original Message -------- >>>>>>>>>>> Subject: [Users] Nagios monitoring plugin check_rhev3 1.2 released >>>>>>>>>>> Date: Thu, 16 May 2013 16:31:24 +0200 >>>>>>>>>>> From: René Koch <r.k...@ovido.at> >>>>>>>>>>> To: users <Users@ovirt.org> >>>>>>>>>>> >>>>>>>>>>> I'm happy to announce version 1.2 of check_rhev3. >>>>>>>>>>> >>>>>>>>>>> check_rhev3 is a monitoring plugin for Icinga/Nagios and it's forks, >>>>>>>>>>> which is >>>>>>>>>>> used to monitor datacenters, clusters, hosts, vms, vm pools and >>>>>>>>>>> storage >>>>>>>>>>> domains >>>>>>>>>>> of Red Hat Enterprise Virtualization (RHEV) and oVirt virtualization >>>>>>>>>>> environments. >>>>>>>>>>> >>>>>>>>>>> The download locations are >>>>>>>>>>> * >>>>>>>>>>> https://labs.ovido.at/download/check_rhev3/check_rhev3-1.2.tar.gz >>>>>>>>>>> * >>>>>>>>>>> https://labs.ovido.at/download/check_rhev3/nagios-plugins-rhev3-1.2-1.el6.i686.rpm >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> * >>>>>>>>>>> https://labs.ovido.at/download/check_rhev3/nagios-plugins-rhev3-1.2-1.el6.x86_64.rpm >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> For further information on how to install this plugin visit: >>>>>>>>>>> >>>>>>>>>>> https://github.com/ovido/check_rhev3/wiki/Installation-Documentation >>>>>>>>>>> >>>>>>>>>>> A detailed usage documentation can be found here: >>>>>>>>>>> https://github.com/ovido/check_rhev3/wiki/Usage-Documentation >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Changelog: >>>>>>>>>>> >>>>>>>>>>> - General: >>>>>>>>>>> - Moved project to github: https://github.com/ovido/check_rhev3 >>>>>>>>>>> >>>>>>>>>>> - New features: >>>>>>>>>>> - Verify RHEV-M certificate >>>>>>>>>>> - Allow authentication sessions for authentication in RHEV >= 3.1 >>>>>>>>>>> and >>>>>>>>>>> oVirt >= 3.1 >>>>>>>>>>> - Use option -n <nic> to check a specific nic >>>>>>>>>>> >>>>>>>>>>> - Bugs fixed: >>>>>>>>>>> - Performance data issue with check_multi >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> If you have any questions or ideas, please drop me an email: >>>>>>>>>>> r.k...@ovido.at. >>>>>>>>>>> >>>>>>>>>>> Thank you for using check_rhev3. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Hi Rene, >>>>>>>>>> >>>>>>>>>> we deployed the plugin and noticed its flooding the event log with >>>>>>>>>> login >>>>>>>>>> events for the user its using via the REST API. >>>>>>>>>> can you please add persistent session to the REST API calls so login >>>>>>>>>> will happen only once and won't flood the log? >>>>>>>>>> >>>>>>>>>> http://www.ovirt.org/Features/RESTSessionManagement >>>>>>>>> >>>>>>>>> >>>>>>>>> It's one of the features in the latest version (1.2): >>>>>>>>> >>>>>>>>> -o, --cookie >>>>>>>>> Use cookie based authenticated sessions (requires RHEV >= 3.1) >>>>>>>>> >>>>>>>>> >>>>>>>>> I implemented it in the following way: >>>>>>>>> - Plugin checks if file with session cookie exists (per default >>>>>>>>> in /var/tmp) >>>>>>>>> - If not: login with username and password (that's why you need to >>>>>>>>> specify auth pair or authfile) and fetch JSESSIONID >>>>>>>>> -- Writes ID into session cookie file >>>>>>>>> - If cookie file is found: login using JSESSIONID and ignore username >>>>>>>>> and password. So you can change username/password and login will still >>>>>>>>> work. >>>>>>>>> - If login using session ID fails and cookie file exists, it will be >>>>>>>>> deleted and a login with username and password is tried the next time >>>>>>>>> the plugin is executed >>>>>>>>> >>>>>>>>> If you start the script with -vvv you can see if login is down with >>>>>>>>> auth >>>>>>>>> session or with username/password... >>>>>>>>> >>>>>>>>> I didn't test it with oVirt 3.2 (yet), but works fine in RHEV 3.1. >>>>>>>> >>>>>>>> well, we are trying it with next version of RHEV actually :) >>>>>>>> sasha - can you please start the script with -vvv to provide the log >>>>>>>> for login behavior? >>>>>>>> >>>>>>> Here is all (I hope) the relevant data: >>>>>>> [V] Starting the main script. >>>>>>> [V] Checking which component to monitor. >>>>>>> [D] check_host: Called function check_host. >>>>>>> [V] Host: Checking host . >>>>>>> [V] Host: No subcheck is specified, checking memory usage. >>>>>>> [D] check_statistics: Called function check_statistics. >>>>>>> [V] Statistics: Checking statistics of hosts. >>>>>>> [D] check_statistics: Input parameter $component: hosts >>>>>>> [D] check_statistics: Input parameter $search: >>>>>>> [D] check_statistics: Input parameter $statistics: memory >>>>>>> [D] check_statistics: Converting variables. >>>>>>> [D] check_statistics: Converted variable $url: hosts >>>>>>> [D] get_result: Called function get_result. >>>>>>> [D] get_result: Input parameter $_[0]: /hosts?search= >>>>>>> [D] get_result: Input parameter $xml: hosts >>>>>>> [D] get_result: Input parameter $search: id >>>>>>> [D] rhev_connect: Called function rhev_connect. >>>>>>> [V] REST-API: Connecting to REST-API. >>>>>>> [D] rhev_connect: Input parameter: /hosts?search=. >>>>>>> [V] REST-API: RHEVM-API URL: https://<hostname>:8443/api/hosts?search= >>>>>>> [V] REST-API: RHEVM-API User: <username> >>>>>>> [V] REST-API: RHEVM-API Password: <password> >>>>>>> [V] REST-API: cookie filename: >>>>>>> bm90dDA0LmVuZy5sYWIudGx2LnJlZGhhdC5jb20tdmlld2VyQG5vdHQwNC5lbmcubGFiLnRsdi5y >>>>>>> ZWRoYXQuY29tCg== >>>>>>> [D] rhev_connect: Using username and password authentication. >>>>>>> [V] REST-API: Cache-Control: no-cache >>>>>>> Connection: close >>>>>>> Date: Thu, 23 May 2013 07:50:33 GMT >>>>>>> Pragma: No-cache >>>>>>> Server: Apache-Coyote/1.1 >>>>>>> Content-Type: application/xml >>>>>>> Expires: Thu, 01 Jan 1970 02:00:00 IST >>>>>>> Client-Date: Thu, 23 May 2013 07:50:33 GMT >>>>>>> Client-Peer: 10.35.16.97:8443 >>>>>>> Client-Response-Num: 1 >>>>>>> Client-SSL-Cert-Issuer: /C=US/O=Red Hat TLV/CN=CA-<FQDN>.31149 >>>>>>> Client-SSL-Cert-Subject: /C=US/O=Red Hat TLV/CN=<FQDN> >>>>>>> Client-SSL-Cipher: DHE-RSA-AES256-SHA >>>>>>> Client-SSL-Warning: Peer certificate not verified >>>>>>> Set-Cookie: JSESSIONID=8gUbxG1-uk8HOi2tq4krw7tq; Path=/api; Secure >>>>>>> [D] rhev_connect: <?xml version="1.0" encoding="UTF-8" >>>>>>> standalone="yes"?> >>>>>>> <hosts> >>>>>>> ##### The output is truncated ######## >>>>>> >>>>>> >>>>>> It seems to me that you did start the plugin without "-o" option... >>>>>> >>>>>> Without -o plugin uses username + password authentication (to be >>>>>> compatible with RHEV 3.0, oVirt 3.0 - especially to not break existing >>>>>> setups): >>>>>> $ ./check_rhev3 -H localhost -f authfile -D -vvv >>>>>> [V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK >>>>>> [D] rhev_connect: Using username and password authentication. >>>>>> >>>>>> With -o a cookie file it uses username + password when the cookie file >>>>>> is missing (first call): >>>>>> $ ./check_rhev3 -H localhost -f authfile -D -vvv -o >>>>>> [V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK >>>>>> [D] rhev_connect: Using cookie authentication. >>>>>> [D] rhev_connect: No cookie file found - using username and password >>>>>> >>>>>> And uses session cookie if it exists: >>>>>> $ ./check_rhev3 -H localhost -f authfile -D -vvv -o >>>>>> [V] REST-API: cookie filename: cmhldm0tYWRtaW5AaW50ZXJuYWwK >>>>>> [D] rhev_connect: Using cookie authentication. >>>>>> [D] rhev_connect: Using cookie: JSESSIONID=wbYehfrValieFzkv6GBWes-g >>>>>> >>>>>> Please try again with "-o". >>>>>> >>>>>> >>>>>> Regards, >>>>>> René >>>>>> >>>>>> >>>>>>>> Thanks, >>>>>>>> Itamar >>>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>> >>>>> Hi Rene, >>>>> >>>>> I expect most will fail on this -o. >>>>> maybe add auto-detection of version or engine capabilities to try and >>>>> use it, else failback to use/password? >>>>> >>>>> Thanks, >>>>> Itamar >>>> >>>> >>>> That sounds like a good idea - thanks! >>>> Will think on how I can implement it - either store engine >>>> version/capability into a temp file or query version/capability. >>>> I think a temp file is the better solutions as I don't need an >>>> additional API call... >>>> >>>> >>>> Regards, >>>> René >>>> >>>> >>>> >>>> >>> >>> michael - is there a rest api capability that can be used to test support >>> of user level api? >> >> api maintains <features> section for the features been added in the version, >> check if you see something >> related to the "user level api" (if you don't, - this is a bug). >> >> > > i want persistent session - not user level api?
my bad, didn't read entire tread, in <version major="3" minor="2"> we have: <feature> <name>Session Based Authentication</name> <description>Ability to maintain client-server session, to avoid login per request. Done by providing a header</description> </feature> -- Michael Pasternak RedHat, ENG-Virtualization R&D _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users