[Xymon] Xymon Proxy + Xymon Server

Root, Paul T Paul.Root at CenturyLink.com
Tue Oct 13 15:40:00 CEST 2015 

How I do it is have the xymond run on port 1985 and the proxy on 1984.
I have one external script run from cron (not clientlaunch.cfg), that has issues with it, so it doesn't use xymoncmd like the rest. And in tasks.cfg on the primary server, we have redistribute turned on; here it is important to send the disable/drop/etc messages to port 1985, or you will get a infinite loop of the disable alert. That was fun to figure out. Otherwise, it works really well.


[xymond]
        ENVFILE /etc/xymon/xymonserver.cfg
        CMD xymond --listen=0.0.0.0:1985 --pidfile=$XYMONSERVERLOGS/xymond.pid --restart=$XYMONTMP/xymond.chk --checkpoint-file=$XYMONTMP/xymond.chk --checkpoint-interval=600 --log=$XYMONSERVERLOGS/xymond.log --admin-senders=127.0.0.1,$XYMONSERVERIP --store-clientlogs=!msgs

[xymonproxy]
        ENVFILE /etc/xymon/xymonserver.cfg
#       CMD $XYMONHOME/bin/xymonproxy --server=127.0.0.1:1985,204.155.129.160 --listen=0.0.0.0:1984 --report=$MACHINE.xymonproxy --no-daemon --pidfile=$XYMONSERVERLOGS/xymonproxy.pid
        CMD $XYMONHOME/bin/xymonproxy --server=127.0.0.1:1985,151.119.9.117 --listen=0.0.0.0:1984 --report=$MACHINE.xymonproxy --no-daemon --pidfile=$XYMONSERVERLOGS/xymonproxy.pid
        LOGFILE $XYMONSERVERLOGS/xymonproxy.log


-----Original Message-----
From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of Adam Goryachev
Sent: Tuesday, October 13, 2015 6:14 AM
To: xymon at xymon.com
Subject: [Xymon] Xymon Proxy + Xymon Server

Hi all,

I was previously running an old version of hobbit and recently upgraded
to Xymon (finally). I'm struggling again with the configuration of what
must be an unusual case.

The setup:
Xymon server running on the main monitoring server in the office,
internal IP is 192.168.x.1 and external IP does NAT for port 1984 into
this internal IP so remote xymon clients can report in.

At one location, the network consists of a linux based firewall, plus a
bunch of servers. The firewall doesn't do NAT or any sort of forwarding,
so all connections between the Internet and this bunch of servers must
transit the squid proxy on the firewall (or similar). I also run a local
xymon server on the linux firewall, and this works well. However, I want
to forward all the status of everything back to the main xymon server in
the office above.

So, the obvious solution is to use the xymon proxy to receive reports
from the "bunch of servers" and then send the data to both the local
xymon server as well as the office xymon server. To do this I've
configured things like this:

 From tasks.cfg:
# Listen on 127.0.0.1 only
[xymond]
         ENVFILE /usr/lib/xymon/server/etc/xymonserver.cfg
         CMD xymond --pidfile=/var/run/xymon/xymond.pid \
                 --restart=$XYMONTMP/xymond.chk
--checkpoint-file=$XYMONTMP/xymond.chk --checkpoint-interval=600 \
                 --log=$XYMONSERVERLOGS/xymond.log \
                 --admin-senders=127.0.0.1,$XYMONSERVERIP \
                 --store-clientlogs=!msgs \
                 --listen=127.0.0.1

# Listen on the internal LAN IP, and send data to both 127.0.0.1 and the
office xymon server
[xymonproxy]
         ENVFILE /usr/lib/xymon/server/etc/xymonserver.cfg
         CMD $XYMONHOME/bin/xymonproxy --server=X.23.7.2,127.0.0.1
--listen=10.0.0.1 --report=$MACHINE.xymonproxy --no-daemon
--pidfile=/var/run/xymon/xymonproxy.pid
         LOGFILE $XYMONSERVERLOGS/xymonproxy.log


All the other normal xymon server tasks are enabled as well, such as
xymonnet etc...

However, if I set XYMONSERVERS=127.0.0.1 everything works well, except
that most status reports from xymonnet and xymonclient don't get sent to
the remote xymon server (since they don't get to the proxy).

If I set XYMONSERVERS to the LAN IP of the xymon proxy 10.0.0.1 then all
the status reports are sent to both servers, but the web interface is
broken. Clicking on a dot to see the current status gives a error
message 403 Invalid host.

So, is there something I'm missing with my config? Should the proxy
allow the www pages to work by passing whatever query through? How can I
override XYMONSERVERS value depending on where it is used, and how do I
know which parts I need to override?

Any suggestions?

Thanks,
Adam

_______________________________________________
Xymon mailing list
Xymon at xymon.com
http://lists.xymon.com/mailman/listinfo/xymon
This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.

More information about the Xymon mailing list