nagios monitoring ang amazon [ aws ] internal external dns name vs ipaddress
NOTE:
How do you monitor an aws ec2 host if it is a spot instance and the internal ip keep changing and you are on ec2 classic network [ not the vpn ]
so, when you are monitoring the remote host, the remote host nrpe cfg file need to permit your nagios server host. But when you have to monitor the a server, you can use the internal ip to monitor and it will work fine, but when in the above case, even if your security group allow using the external IP or public dns or using the elastic ip, the monitoring will fail. In that case you need to use the public dns name.
Example:
NOTE: The following [ using public dns name ] will work.
Lets say your nagios server belongs to "security-group-x" and its allow for your nagios communication port. [ default 5666 ]and your nagios server address is updated at your nrpe.cfg's allow host list.
define host{
use generic-host
host_name spot-ec2-in-classic-network
alias spot-ec2-in-classic-network
address ec2-23-10-100-200.compute-1.amazonaws.com
}
NOTE: In the following example it will not work.
Why?: In the above example I have given the address as the public-dns name provided by AWS and AWS can get the further information, like from which security group it is comming from and migh be in the following example, its doing the reverse dig and getting a different dns name [ if you have set ] or not doing that even?
define host{
use generic-host
host_name spot-ec2-in-classic-network
alias spot-ec2-in-classic-network
address 23.10.100.200
}
NOTE: So, if you have above type requirement, then will suggest to use the Amazon [ AWS ] DNS names. Some time I believe, you should use the amazon dns name for all the communication, even if it for internal ip :)
No comments:
Post a Comment