Feature #7895
closed
Add a script for CARP monitoring to NRPE
100%
Description
- SNMP does not provide MIBs for checking on CARP, and IF-MIB do not provide enough information to infer whether an interface is "MASTER but should be BACKUP" or the opposite.
- Default NRPE plugins do not provide any good information
ifconfigis the only reliable source of information
Therefore, I decided to use NRPEv2 and to create a custom script to check the NIC CARP status.
I don't mind contributing it to pfSense, but I was not sure how to integrate it in the new package repository.
I wanted first to make a system patch that would create the file in /usr/local/libexec/nagios, but the patching system is not appropriate for "adding new files", since it will view the diff as always both applicable/removable.
Files
Updated by Stéphane Lapie about 7 years ago
- File check_carp_freebsd.sh check_carp_freebsd.sh added
Little fix, the current plugin did not set the return code upon exiting.
Updated by Phillip Hernandez about 7 years ago
I agree that it would be very helpful if there was a way to monitor carp status via SNMP.
I ran your script on my pfsense box that is 2.4... this was the output... Is the formatting correct?
I would love to use this script to integrate with my zabbix monitoring.
/root: sh check_carp_freebsd.sh
[: 0
0
0: bad number
UNKNOWN - CARP Status : vmx0 is MASTER
MASTER
MASTER (UNKNOWN); vmx1 is MASTER (OK); vmx3_vlan300 is MASTER (OK);
This is the output of ifconfig...vmx0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=60009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
ether 00:50:56:84:2e:e6
hwaddr 00:50:56:84:2e:e6
inet6 fe80::250:56ff:fe84:2ee6%vmx0 prefixlen 64 scopeid 0x1
inet x.x.x.218 netmask 0xfffffff8 broadcast x.x.x.x
inet x.x.x.217 netmask 0xfffffff8 broadcast x.x.x.x vhid 5
inet x.x.x.220 netmask 0xfffffff8 broadcast x.x.x.x vhid 6
inet x.x.x.221 netmask 0xfffffff8 broadcast x.x.x.x vhid 7
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect
status: active
carp: MASTER vhid 5 advbase 1 advskew 0
carp: MASTER vhid 6 advbase 1 advskew 0
carp: MASTER vhid 7 advbase 1 advskew 0
vmx1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 9000
options=60009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
ether 00:50:56:84:28:84
hwaddr 00:50:56:84:28:84
inet6 fe80::250:56ff:fe84:2884%vmx1 prefixlen 64 scopeid 0x2
inet x.x.20.2 netmask 0xffffff00 broadcast x.x.20.255
inet x.x.20.1 netmask 0xffffff00 broadcast x.x.20.255 vhid 10
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect
status: active
carp: MASTER vhid 10 advbase 1 advskew 0
vmx2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=60009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
ether 00:50:56:84:a1:ca
hwaddr 00:50:56:84:a1:ca
inet6 fe80::250:56ff:fe84:a1ca%vmx2 prefixlen 64 scopeid 0x3
inet x.x.50.2 netmask 0xffffff00 broadcast x.x.50.255
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect
status: active
vmx3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=61009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,VLAN_HWFILTER,RXCSUM_IPV6,TXCSUM_IPV6>
ether 00:50:56:84:5a:ee
hwaddr 00:50:56:84:5a:ee
inet6 fe80::250:56ff:fe84:5aee%vmx3 prefixlen 64 scopeid 0x4
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect
status: active
Updated by Stéphane Lapie about 7 years ago
Ah, I think I see. I did not handle the case of multiple VHIDs on one interface, I will fix it right now.
Updated by Stéphane Lapie about 7 years ago
- File check_carp_freebsd.sh check_carp_freebsd.sh added
Here is a fixed version, I tested it based on your above output.
It now gives the following result :
OK - CARP Status : vmx0 (vhid 5) is MASTER (OK) vmx0 (vhid 6) is MASTER (OK) vmx0 (vhid 7) is MASTER (OK); vmx1 (vhid 10) is MASTER (OK);
Updated by Viktor Gurov almost 5 years ago
Updated by Jim Pingle almost 5 years ago
- Status changed from New to Pull Request Review
Updated by Ronald Schellberg almost 5 years ago
I'm getting a build error with the addition of the script:
===> Staging for Test_Build-pkg-nrpe-3.1_1 ===> Generating temporary packing list /bin/mkdir -p /wrkdirs/usr/ports/net-mgmt/Test_Build-pkg-nrpe/work/stage/usr/local/pkg /bin/mkdir -p /wrkdirs/usr/ports/net-mgmt/Test_Build-pkg-nrpe/work/stage/etc/inc/priv /bin/mkdir -p /wrkdirs/usr/ports/net-mgmt/Test_Build-pkg-nrpe/work/stage/usr/local/share/Test_Build-pkg-nrpe install -m 0644 -m 0644 /usr/ports/net-mgmt/Test_Build-pkg-nrpe/files/usr/local/pkg/nrpe.xml /wrkdirs/usr/ports/net-mgmt/Test_Build-pkg-nrpe/work/stage/usr/local/pkg install -m 0644 /usr/ports/net-mgmt/Test_Build-pkg-nrpe/files/usr/local/pkg/nrpe.inc /wrkdirs/usr/ports/net-mgmt/Test_Build-pkg-nrpe/work/stage/usr/local/pkg install -m 0644 /usr/ports/net-mgmt/Test_Build-pkg-nrpe/files/etc/inc/priv/nrpe.priv.inc /wrkdirs/usr/ports/net-mgmt/Test_Build-pkg-nrpe/work/stage/etc/inc/priv install -m 0644 /usr/ports/net-mgmt/Test_Build-pkg-nrpe/files/usr/local/share/Test_Build-pkg-nrpe/info.xml /wrkdirs/usr/ports/net-mgmt/Test_Build-pkg-nrpe/work/stage/usr/local/share/Test_Build-pkg-nrpe install -m 555 /usr/ports/net-mgmt/Test_Build-pkg-nrpe/files/usr/local/libexec/nagios/check_carp_freebsd.sh /usr/local/libexec/nagios/ install: /usr/local/libexec/nagios/check_carp_freebsd.sh: Permission denied *** Error code 71
Missing the Libexec directory?
Updated by Viktor Gurov almost 5 years ago
fix that adds ${MKDIR} ${STAGEDIR}${PREFIX}/libexec/nagios line to Makefile:
https://github.com/pfsense/FreeBSD-ports/pull/766
Updated by Renato Botelho almost 5 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
- % Done changed from 0 to 100
Fixed on version 3.1_2
Updated by Viktor Gurov almost 5 years ago
- Status changed from Feedback to Resolved
tested on pfSense 2.5.0.a.20200211.1811 with nrpe 3.1_2
ok now