How to Deploy NRPE on CentOS 7 with Ansible
Introduction
When you need to monitor multiple machines, it’s a lot of work to install each machine manually. Instead, you want to run just a single command, or click a few buttons, to configure all those machines at once, and then keep them updated over time. This can be achieved with a bash script, so why bother to use Ansible? The main reason is simplicity. Bash scripts tend to be long, unreadable and unwieldy, while Ansible provides a powerful set of modules that can be used to perform the most common tasks in just few lines of self-explanatory code. Another important reason is that Ansible is agentless, using OpenSSH to execute tasks on remote machines.
1. Install Ansible
The first thing we need to do is install Ansible on a control machine. I will show you how to do it on NetEye, just to keep everything in one place.
On CentOS 6, Ansible is available only in the EPEL repository.
# yum install epel-release
# yum-config-manager --disable epel
# yum install ansible --enablerepo=epel
It’s good practice to keep the EPEL repository disabled so that you don’t install unwanted packages from it accidentally.
2. Create the Inventory
Put the IPs of the remote machines on which you want to deploy NRPE in /etc/ansible/hosts, for example:
[nrpe-clients]
172.17.0.4
172.17.0.5
172.17.0.6
Ansible will connect to the remote machine using OpenSSH, but to do so it needs a way to authenticate itself on each machine. The simplest way to do this is to install our public ssh key on each remote machine:
# ssh-copy-id root@172.17.0.4
# ssh-copy-id root@172.17.0.5
# ssh-copy-id root@172.17.0.6
3. Create the Playbook
Ansible playbooks are YAML configuration files that describe a list of tasks to execute. In our case, the steps we want to perform are (1) to install NRPE, (2) install Nagios plugins, and (3) configure NRPE.
3.1 Install NRPE and Nagios plugins
Let’s create a new playbook, which we will call nrpe-deploy.yaml, containing the following tasks for steps (1) and (2):
---
- hosts: nrpe-clients
remote_user: root
tasks:
- name: install epel
yum:
name: epel-release
state: latest
- name: install nrpe
yum:
name: nrpe
state: latest
- name: install nagios plugins
yum:
name: nagios-plugins-all
state: latest
This playbook uses yum to install or update NRPE and the Nagios plugins.
Now run the playbook with Ansible:
# ansible-playbook nrpe-deploy.yaml
3.2 Configure NRPE
Next we create an NRPE configuration file to copy onto each remote machine. Let’s call it nrpe.cfg:
# bind to all interfaces
server_address=0.0.0.0
# allow neteye
allowed_hosts=127.0.0.1,172.17.0.3
# allow command args
dont_blame_nrpe=1
# example of commands
command[check_diskspace_arg]=/usr/lib64/nagios/plugins/check_disk $ARG1$
command[check_load_arg]=/usr/lib64/nagios/plugins/check_load $ARG1$
command[check_procs_arg]=/usr/lib64/nagios/plugins/check_procs $ARG1$
command[check_users_arg]=/usr/lib64/nagios/plugins/check_users $ARG1$
Now we can add new tasks to nrpe-deploy.yaml that will deploy the NRPE configuration files on the remote machines.
[...]
- name: deploy nrpe.cfg
copy:
src: nrpe.cfg
dest: /etc/nrpe.d/nrpe.cfg
register: deploy_nrpe
- name: start/restart and enable nrpe
systemd:
name: nrpe
state: restarted
enabled: yes
when: deploy_nrpe.changed
And we can execute Ansible again:
# ansible-playbook nrpe-deploy.yaml
Conclusion
You can add new commands to nrpe.cfg, or new machines to /etc/ansible/hosts, and then execute ansible-playbook nrpe-deploy.yaml again to update all your remote machines or install new machines. You can learn more on Ansible here: Ansible Documentation
Davide Bizzarri
Author
