Nagios Configured by LDAP

[Allan Clark]

On Mon, Apr 21, 2008 at 1:55 AM, Joerg Linge <pitchfork at ederdrom.de> wrote:

> Am Montag, 21. April 2008 00:14 schrieb Allan Clark:
> > Hi;
> > In my company, we have a complex series of firewalled zones within each
> > datacenter.  We also intend to use Nagios from one datacenter to check
> > another's external services.  We use LDAP extensively, and deploy
> everything
> > -- including Nagios -- with a redundant.
> >
> > I've done some initial work to configure Nagios using LDAP based on
> > current-CVS Nagios-3.0.1.
> >
> > The only past work towards this that I found was an email from Benoit
> > Mortier [1], who I have contacted and he's interested in providing test
> > data.  The edits are in base/config.c, base/nagios.c, and
> > xdata/xoddefault.c.  I'm writing to:
> >
> > 1) advertise the short writeup:
> > http://www.nagioscommunity.org/wiki/index.php/LDAP-Configured_Nagios
> > 2) poll interest from other users who want to beta-test and argue over
> > schema
> > 3) verify that I'm not wasting my time.
>
> Why do you want to add the LDAP part to the Nagios core?
> I think its better to create the text based Nagios config from you LDAP
> data by using an external addon.
> So you dont have to patch the Nagios core and you can also mixup ldap and
> text based config.


Thanks for your comments; I've had issues with bolting text-manipulation
scripts in the past.  There's nothing stopping anyone from taking that
route, though, if they were more comfortable that way.

If I explained it well enough on the wiki, you'd see that the LDAP objects
are *added* to the config, so it allows mixed LDAP and traditional
configurations.  This would let us do quick-additions locally as well using
traditional config if we had a short-term problem to fix, or a SysAdmin
didn't feel confident or have access to write to the LDAP config.

There's still the issue of detecting added objects, causing the daemon to
re-verify (nagios -pv <config>), and restart.  I can see the desire for that
part to remain a manual process, too.  Short of turning the Nagios into a
syncrepl client, that would be quite difficult to automate.  Additionally, a
shell backend can re-verify the new data and report back to itself or
another Nagios whether it needs a restart or if the data is not sane.

Allan
-- 
allanc at chickenandporn.com "金鱼" http://linkedin.com/in/goldfish
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/developers/attachments/20080421/49c87933/attachment.html>
-------------- next part --------------
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
-------------- next part --------------
_______________________________________________
Nagios-devel mailing list
Nagios-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-devel