HostOnNet Blog

Installing Sensu with Uchiwa Dashboard on Ubuntu

Open a terminal window with a user that has root privileges.

Update the list of available apt-get packages.

apt-get update

Add the following keys and sources

RabbitMQ

curl -s http://www.rabbitmq.com/rabbitmq-signing-key-public.asc | apt-key add -
echo "deb http://www.rabbitmq.com/debian/ testing main" > /etc/apt/sources.list.d/rabbitmq.list

Elasticsearch

curl -s http://packages.elasticsearch.org/GPG-KEY-elasticsearch | apt-key add -
echo "deb http://packages.elasticsearch.org/elasticsearch/1.0/debian stable main" > /etc/apt/sources.list.d/elasticsearch.list

Sensuapp

wget -q http://repos.sensuapp.org/apt/pubkey.gpg -O- | sudo apt-key add -
echo "deb http://repos.sensuapp.org/apt sensu main" > /etc/apt/sources.list.d/sensu.list
apt-get update

Install Erlang, RabbitMQ and Redis-server.

apt-get install -y erlang-nox
apt-get install -y rabbitmq-server
apt-get install -y redis-server

Install Sensu and Uchiwa.

apt-get install -y sensu
apt-get install -y uchiwa

Sensu uses SSL for secure communication between its components and RabbitMQ. To generate certificates, download Sensu’s certificate generator to the /tmp directory and generate the SSL certificates.

cd /tmp
wget http://sensuapp.org/docs/0.13/tools/ssl_certs.tar
tar -xvf ssl_certs.tar
cd ssl_certs
./ssl_certs.sh generate

Create a RabbitMQ SSL directory and copy the certificates.

mkdir -p /etc/rabbitmq/ssl
cp /tmp/ssl_certs/sensu_ca/cacert.pem /tmp/ssl_certs/server/cert.pem /tmp/ssl_certs/server/key.pem /etc/rabbitmq/ssl

Create rabbitmq.config file.

vi /etc/rabbitmq/rabbitmq.config

Add the following lines to the file. This configures the RabbitMQ SSL listener to listen on port 5671 and to use the generated certificate authority and server certificate. It will also verify the connection and fail if there is no certificate.

[
    {rabbit, [
    {ssl_listeners, [5671]},
    {ssl_options, [{cacertfile,"/etc/rabbitmq/ssl/cacert.pem"},
                   {certfile,"/etc/rabbitmq/ssl/cert.pem"},
                   {keyfile,"/etc/rabbitmq/ssl/key.pem"},
                   {verify,verify_peer},
                   {fail_if_no_peer_cert,true}]}
  ]}
].

Create a RabbitMQ virtual host and user for Sensu. Change the password (password). You’ll need this password later when you configure the Sensu server and the clients to be monitored.

rabbitmqctl add_vhost /sensu
rabbitmqctl add_user sensu password
rabbitmqctl set_permissions -p /sensu sensu ".*" ".*" ".*"

Sensu needs the secure connection information to RabbitMQ. Make an SSL directory for Sensu and copy the generated certs.

mkdir -p /etc/sensu/ssl
cp /tmp/ssl_certs/client/cert.pem /tmp/ssl_certs/client/key.pem /etc/sensu/ssl

Now all of the components for Sensu monitoring are installed.

Configuration on Master

We will create configuration files in the /etc/sensu/conf.d folder for easier readability and management.

Create rabbitmq.json file.

vi /etc/sensu/conf.d/rabbitmq.json
{
  "rabbitmq": {
    "host": "localhost",
    "port": 5671,
    "vhost": "/sensu",
    "user": "sensu",
    "password": "password"
  }
}

Create redis.json file.

vi /etc/sensu/conf.d/redis.json
{
  "redis": {
    "host": "localhost",
    "port": 6379
  }
}

Create api.json file.

vi /etc/sensu/conf.d/api.json
{
  "api": {
    "host": "localhost",
    "port": 4567
  }
}

Rename default uchiwa.json to uchiwa.json-original

mv /etc/sensu/uchiwa.json /etc/sensu/uchiwa.json-original

Create and Edit uchiwa.json

vi /etc/sensu/uchiwa.json

Add the following lines. These include the connection information for the Uchiwa dashboard to access the Sensu API. You can optionally create a username and password in the uchiwa block for dashboard authentication.

{
    "sensu": [
        {
            "name": "Sensu",
            "host": "localhost",
            "ssl": false,
            "port": 4567,
            "path": "",
            "timeout": 5000
        }
    ],
    "uchiwa": {
        "port": 3000,
        "stats": 10,
        "refresh": 10000,
        "user": "admin",
        "pass": "adminpass"
    }
}

In this example, we’ll have the Sensu master server monitor itself as a client. So, create and edit the client.json file.

vi /etc/sensu/conf.d/client.json

Add the following lines and edit the name value for the Sensu client. This is the name for the server that you will see in the Uchiwa dashboard. The name cannot have spaces or special characters.

You can leave the address value as localhost since we are monitoring this server. We will be creating a similar file again later for every client host to be monitored.

{
  "client": {
    "name": "sensu.hostonnet.com",
    "address": "localhost",
    "subscriptions": [ "ALL" ]
  }
}

Restart all Sensu services.

service sensu-server restart
service sensu-client restart
service sensu-api restart
service uchiwa restart

After restarting the services, you can access Sensu at http://ip-address:3000

http://ip-address:3000

Username: admin
Password: adminpass

Enable Sensu services to start automatically

update-rc.d sensu-server defaults
update-rc.d sensu-client defaults
update-rc.d sensu-api defaults
update-rc.d uchiwa defaults

Sensu service commands

service sensu-server start | stop | restart
service sensu-client start | stop | restart
service sensu-api start | stop | restart
service uchiwa start | stop | restart
service rabbitmq-server start | stop | restart
service redis-server start | stop | restart

Posted in Ubuntu