Icinga is a modern open source monitoring tool that originated from a Nagios itself. The ICINGA tool is not much different from Nagios as they use the similar plugins as the Nagios uses but the major differences could be seen in Web UI and interface.
We will be going through entire deployment and installation process of Icinga Monitoring Tool for RHEL 7, using repoforge(Earlier known as RPMforge), EPEL & Icigna repositories for Apache and Nagios plugins which needs to be installed in the system.
1. Before proceeding with Icinga installation we need to configure RepoForge & ICINGA repositories on the sever by using below command
And also the ICINGA repositories:
2. The next step is to try to install Icinga web interface provided by icinga-gui package. Earlier CentOS/RHEL 7 has some issues with the package, but its fixed in latest version of CentOS/RHEL releases
3. After RepoForge & icinga repositories had been added on your system, start with Icinga deployment
4. Install Apache development packages:
4. As presented on this article introduction, your system needs to have Apache HTTP server and PHP installed in order to be able to run Icinga Web Interface.
After you finished the above steps, a new configuration file should be now present on Apache conf.d path named icinga.conf. In order to be able to access Icinga from a remote location from browser, open this configuration file and replace all its content with the following configurations.
Make sure you replace all file content with the following.
5. After you have edited Icinga httpd configuration file, add Apache system user to Icinga system group and use the following system permissions on next system paths.
6. Before starting Icinga system process and Apache server, make sure you also disable SELinux security mechanism by running 'setenforce 0' command and make the changes permanent by editing /etc/selinux/config file, changing SELINUX context from enforcing to disabled.
Modify SELINUX directive to look like this.
You can also use 'getenforce' command to view SELinux status.
7. As the last step before starting Icinga process and web interface, as a security measure you can now modify Icinga Admin password by running the following command, and then start both processes.
8. In order to start monitoring public external services on hosts with Icinga, such as HTTP, IMAP, POP3, SSH, DNS, ICMP ping and many others services accessible from internet or LAN you need to install Nagios Plugins package provided by EPEL Repositories.
9. To login on Icinga Web Interface, open a browser and point it to the URL http://Amazon_EC2_hostname/icinga/. Use icingaadmin as username and the password you chose earlier and you can now see your localhost system status.
That is the process of installing and configuring Icinga server on Red Hat enterprise linux 7.
Checkout below video for more practical representation:
We will be going through entire deployment and installation process of Icinga Monitoring Tool for RHEL 7, using repoforge(Earlier known as RPMforge), EPEL & Icigna repositories for Apache and Nagios plugins which needs to be installed in the system.
1. Before proceeding with Icinga installation we need to configure RepoForge & ICINGA repositories on the sever by using below command
# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
And also the ICINGA repositories:
# rpm --import http://packages.icinga.org/icinga.key
# curl -o /etc/yum.repos.d/ICINGA-release.repo http://packages.icinga.org/epel/ICINGA-release.repo
# yum makecache
2. The next step is to try to install Icinga web interface provided by icinga-gui package. Earlier CentOS/RHEL 7 has some issues with the package, but its fixed in latest version of CentOS/RHEL releases
# yum install icinga-gui
3. After RepoForge & icinga repositories had been added on your system, start with Icinga deployment
# yum install icinga icinga-doc
4. Install Apache development packages:
# yum install httpd-devel
4. As presented on this article introduction, your system needs to have Apache HTTP server and PHP installed in order to be able to run Icinga Web Interface.
After you finished the above steps, a new configuration file should be now present on Apache conf.d path named icinga.conf. In order to be able to access Icinga from a remote location from browser, open this configuration file and replace all its content with the following configurations.
# vim /etc/httpd/conf.d/icinga.conf
Make sure you replace all file content with the following.
ScriptAlias /icinga/cgi-bin "/usr/lib64/icinga/cgi"
<Directory "/usr/lib64/icinga/cgi">
# SSLRequireSSL
Options ExecCGI
AllowOverride None
AuthName "Icinga Access"
AuthType Basic
AuthUserFile /etc/icinga/passwd
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAll>
Require all granted
# Require local
Require valid-user
</RequireAll>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order allow,deny
Allow from all
# Order deny,allow
# Deny from all
# Allow from 127.0.0.1
Require valid-user
</IfModule>
</Directory>
Alias /icinga "/usr/share/icinga/"
<Directory "/usr/share/icinga/">
# SSLRequireSSL
Options None
AllowOverride All
AuthName "Icinga Access"
AuthType Basic
AuthUserFile /etc/icinga/passwd
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAll>
Require all granted
# Require local
Require valid-user
</RequireAll>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order allow,deny
Allow from all
# Order deny,allow
# Deny from all
# Allow from 127.0.0.1
Require valid-user
</IfModule>
</Directory>
5. After you have edited Icinga httpd configuration file, add Apache system user to Icinga system group and use the following system permissions on next system paths.
# usermod -aG icinga apache
# chown -R icinga:icinga /var/spool/icinga/*
# chgrp -R icinga /etc/icinga/*
# chgrp -R icinga /usr/lib64/icinga/*
# chgrp -R icinga /usr/share/icinga/*
6. Before starting Icinga system process and Apache server, make sure you also disable SELinux security mechanism by running 'setenforce 0' command and make the changes permanent by editing /etc/selinux/config file, changing SELINUX context from enforcing to disabled.
# nano /etc/selinux/config
Modify SELINUX directive to look like this.
SELINUX=disabled
You can also use 'getenforce' command to view SELinux status.
7. As the last step before starting Icinga process and web interface, as a security measure you can now modify Icinga Admin password by running the following command, and then start both processes.
# htpasswd -cm /etc/icinga/passwd icingaadmin (Type your preferred password)
# systemctl start icinga
# systemctl start httpd
8. In order to start monitoring public external services on hosts with Icinga, such as HTTP, IMAP, POP3, SSH, DNS, ICMP ping and many others services accessible from internet or LAN you need to install Nagios Plugins package provided by EPEL Repositories.
# rpm -Uvh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-6.noarch.rpm
# yum install nagios-plugins nagios-plugins-all
9. To login on Icinga Web Interface, open a browser and point it to the URL http://Amazon_EC2_hostname/icinga/. Use icingaadmin as username and the password you chose earlier and you can now see your localhost system status.
That is the process of installing and configuring Icinga server on Red Hat enterprise linux 7.
Checkout below video for more practical representation:
Hey Yogesh,
ReplyDeleteThanks for the post, can i have your email ?
I need to discuss something with you.
Here is my email amattahcj@yahoo.com
Hi Yogesh,
ReplyDeleteI am getting the below error while installing the rpmforge package. Could you please assist me on this.
[root@ip-172-31-74-182 ~]# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
Retrieving http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
curl: (7) Failed to connect to pkgs.repoforge.org port 80: Connection timed out
error: skipping http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm - transfer failed
Thanks