Xymon Proxy + Xymon Server
Hi all,
I was previously running an old version of hobbit and recently upgraded to Xymon (finally). I'm struggling again with the configuration of what must be an unusual case.
The setup: Xymon server running on the main monitoring server in the office, internal IP is 192.168.x.1 and external IP does NAT for port 1984 into this internal IP so remote xymon clients can report in.
At one location, the network consists of a linux based firewall, plus a bunch of servers. The firewall doesn't do NAT or any sort of forwarding, so all connections between the Internet and this bunch of servers must transit the squid proxy on the firewall (or similar). I also run a local xymon server on the linux firewall, and this works well. However, I want to forward all the status of everything back to the main xymon server in the office above.
So, the obvious solution is to use the xymon proxy to receive reports from the "bunch of servers" and then send the data to both the local xymon server as well as the office xymon server. To do this I've configured things like this:
From tasks.cfg:
Listen on 127.0.0.1 only
[xymond]
ENVFILE /usr/lib/xymon/server/etc/xymonserver.cfg
CMD xymond --pidfile=/var/run/xymon/xymond.pid
--restart=$XYMONTMP/xymond.chk
--checkpoint-file=$XYMONTMP/xymond.chk --checkpoint-interval=600
--log=$XYMONSERVERLOGS/xymond.log
--admin-senders=127.0.0.1,$XYMONSERVERIP
--store-clientlogs=!msgs
--listen=127.0.0.1
Listen on the internal LAN IP, and send data to both 127.0.0.1 and the
office xymon server [xymonproxy] ENVFILE /usr/lib/xymon/server/etc/xymonserver.cfg CMD $XYMONHOME/bin/xymonproxy --server=X.23.7.2,127.0.0.1 --listen=10.0.0.1 --report=$MACHINE.xymonproxy --no-daemon --pidfile=/var/run/xymon/xymonproxy.pid LOGFILE $XYMONSERVERLOGS/xymonproxy.log
All the other normal xymon server tasks are enabled as well, such as xymonnet etc...
However, if I set XYMONSERVERS=127.0.0.1 everything works well, except that most status reports from xymonnet and xymonclient don't get sent to the remote xymon server (since they don't get to the proxy).
If I set XYMONSERVERS to the LAN IP of the xymon proxy 10.0.0.1 then all the status reports are sent to both servers, but the web interface is broken. Clicking on a dot to see the current status gives a error message 403 Invalid host.
So, is there something I'm missing with my config? Should the proxy allow the www pages to work by passing whatever query through? How can I override XYMONSERVERS value depending on where it is used, and how do I know which parts I need to override?
Any suggestions?
Thanks, Adam
How I do it is have the xymond run on port 1985 and the proxy on 1984. I have one external script run from cron (not clientlaunch.cfg), that has issues with it, so it doesn't use xymoncmd like the rest. And in tasks.cfg on the primary server, we have redistribute turned on; here it is important to send the disable/drop/etc messages to port 1985, or you will get a infinite loop of the disable alert. That was fun to figure out. Otherwise, it works really well.
[xymond] ENVFILE /etc/xymon/xymonserver.cfg CMD xymond --listen=0.0.0.0:1985 --pidfile=$XYMONSERVERLOGS/xymond.pid --restart=$XYMONTMP/xymond.chk --checkpoint-file=$XYMONTMP/xymond.chk --checkpoint-interval=600 --log=$XYMONSERVERLOGS/xymond.log --admin-senders=127.0.0.1,$XYMONSERVERIP --store-clientlogs=!msgs
[xymonproxy] ENVFILE /etc/xymon/xymonserver.cfg
CMD $XYMONHOME/bin/xymonproxy --server=127.0.0.1:1985,204.155.129.160 --listen=0.0.0.0:1984 --report=$MACHINE.xymonproxy --no-daemon --pidfile=$XYMONSERVERLOGS/xymonproxy.pid
CMD $XYMONHOME/bin/xymonproxy --server=127.0.0.1:1985,151.119.9.117 --listen=0.0.0.0:1984 --report=$MACHINE.xymonproxy --no-daemon --pidfile=$XYMONSERVERLOGS/xymonproxy.pid
LOGFILE $XYMONSERVERLOGS/xymonproxy.log-----Original Message----- From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of Adam Goryachev Sent: Tuesday, October 13, 2015 6:14 AM To: xymon at xymon.com Subject: [Xymon] Xymon Proxy + Xymon Server
Hi all,
I was previously running an old version of hobbit and recently upgraded to Xymon (finally). I'm struggling again with the configuration of what must be an unusual case.
The setup: Xymon server running on the main monitoring server in the office, internal IP is 192.168.x.1 and external IP does NAT for port 1984 into this internal IP so remote xymon clients can report in.
At one location, the network consists of a linux based firewall, plus a bunch of servers. The firewall doesn't do NAT or any sort of forwarding, so all connections between the Internet and this bunch of servers must transit the squid proxy on the firewall (or similar). I also run a local xymon server on the linux firewall, and this works well. However, I want to forward all the status of everything back to the main xymon server in the office above.
So, the obvious solution is to use the xymon proxy to receive reports from the "bunch of servers" and then send the data to both the local xymon server as well as the office xymon server. To do this I've configured things like this:
From tasks.cfg:
Listen on 127.0.0.1 only
[xymond]
ENVFILE /usr/lib/xymon/server/etc/xymonserver.cfg
CMD xymond --pidfile=/var/run/xymon/xymond.pid
--restart=$XYMONTMP/xymond.chk
--checkpoint-file=$XYMONTMP/xymond.chk --checkpoint-interval=600
--log=$XYMONSERVERLOGS/xymond.log
--admin-senders=127.0.0.1,$XYMONSERVERIP
--store-clientlogs=!msgs
--listen=127.0.0.1
Listen on the internal LAN IP, and send data to both 127.0.0.1 and the
office xymon server [xymonproxy] ENVFILE /usr/lib/xymon/server/etc/xymonserver.cfg CMD $XYMONHOME/bin/xymonproxy --server=X.23.7.2,127.0.0.1 --listen=10.0.0.1 --report=$MACHINE.xymonproxy --no-daemon --pidfile=/var/run/xymon/xymonproxy.pid LOGFILE $XYMONSERVERLOGS/xymonproxy.log
All the other normal xymon server tasks are enabled as well, such as xymonnet etc...
However, if I set XYMONSERVERS=127.0.0.1 everything works well, except that most status reports from xymonnet and xymonclient don't get sent to the remote xymon server (since they don't get to the proxy).
If I set XYMONSERVERS to the LAN IP of the xymon proxy 10.0.0.1 then all the status reports are sent to both servers, but the web interface is broken. Clicking on a dot to see the current status gives a error message 403 Invalid host.
So, is there something I'm missing with my config? Should the proxy allow the www pages to work by passing whatever query through? How can I override XYMONSERVERS value depending on where it is used, and how do I know which parts I need to override?
Any suggestions?
Thanks, Adam
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
participants (2)
-
mailinglists@websitemanagers.com.au
-
Paul.Root@CenturyLink.com