elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Monitor OpenLDAP with netdata.

This commit is contained in:
Zhang Huangbin 2018-11-29 11:52:59 +08:00
parent 00ea8ed1a6
commit 42e244aa0d
6 changed files with 314 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
en_US/integrations/0-integration.netdata.freebsd.md
View File

@ -66,6 +66,73 @@ files don't need your attention at all, including:
But some applications do require extra settings, we will cover them below.
### Monitor OpenLDAP
OpenLDAP supports an optional monitoring interface you can use to obtain
information regarding the current state of your OpenLDAP server. For instance,
the interface allows you to determine how many clients are connected to the
server currently. The monitoring information is provided by a specialized
backend, the `monitor` backend. A manual page, `slapd-monitor(5)` is available.
netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through
its `monitor` backend.
To enable `monitor` backend in OpenLDAP, please append lines below in
`/usr/local/etc/openldap/slapd.conf`:
!!! attention
You must replace `dc=example,dc=com` by the real LDAP suffix that you use.
```
database monitor
access to dn="cn=monitor"
by dn.exact="cn=Manager,dc=example,dc=com" read
by dn.exact="cn=vmail,dc=example,dc=com" read
by * none
```
It enables OpenLDAP backend `monitor`, also grant `read` access to dn
`cn=Manager,dc=example,dc=com` and `cn=vmail,dc=example,dc=com`. Again, you
must replace `dc=example,dc=com` by the real LDAP suffix that you use.
Also find lines in `slapd.conf` like below:
```
modulepath /usr/local/libexec/openldap
moduleload back_mdb
```
Append a new `moduleload` directive right after `moduleload back_mdb` like
below:
```
moduleload back_monitor
```
Now restart OpenLDAP service.
Create file `/usr/local/etc/netdata/python.d/openldap.conf` with content below:
!!! attention
* You must replace `dc=example,dc=com` by the real LDAP suffix that you use.
* You must replace `<password-of-vmail>` by the real password of
`cn=vmail`. You can find it in files under `/usr/local/etc/postfix/ldap/`.
```
update_every: 5
local:
username : "cn=vmail,dc=example,dc=com"
password : "<password-of-vmail>"
server : "localhost"
port : 389
timeout : 1
```
Now restart netdata service.
### Monitor Nginx and php-fpm
We need to enable `stub_status` in Nginx to get detailed server info, also
@ -299,3 +366,7 @@ in file `/usr/local/etc/nginx/netdata.users` to login.
This is what you see after successfully logged in:
![](./images/netdata/system-overview.png){: width="900px" }
## See Also
* [Integrate netdata monitor (on Linux server)](./integration.netdata.linux.html)

80
en_US/integrations/0-integration.netdata.linux.md
View File

@ -4,7 +4,7 @@
!!! attention
* This tutorial is tested on CentOS 7, Debian 9, Ubuntu 16.04.
* This tutorial has been tested on CentOS 7, Debian 9, Ubuntu 16.04/18.04.
For FreeBSD, please check this tutorial instead:
[Integrate netdata on FreeBSD](./integration.netdata.freebsd.html).
* netdata is an optional component since iRedMail-0.9.8.
@ -105,6 +105,76 @@ files don't need your attention at all, including:
But some applications do require extra settings, we will cover them below.
### Monitor OpenLDAP
OpenLDAP supports an optional monitoring interface you can use to obtain
information regarding the current state of your OpenLDAP server. For instance,
the interface allows you to determine how many clients are connected to the
server currently. The monitoring information is provided by a specialized
backend, the `monitor` backend. A manual page, `slapd-monitor(5)` is available.
netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through
its `monitor` backend.
To enable `monitor` backend in OpenLDAP, please append lines below in
`slapd.conf`:
* on RHEL/CentOS, it's `/etc/openldap/slapd.conf`
* on Debian/Ubuntu, it's `/etc/ldap/slapd.conf`
!!! attention
You must replace `dc=example,dc=com` by the real LDAP suffix that you use.
```
database monitor
access to dn="cn=monitor"
by dn.exact="cn=Manager,dc=example,dc=com" read
by dn.exact="cn=vmail,dc=example,dc=com" read
by * none
```
It enables OpenLDAP backend `monitor`, also grant `read` access to dn
`cn=Manager,dc=example,dc=com` and `cn=vmail,dc=example,dc=com`. Again, you
must replace `dc=example,dc=com` by the real LDAP suffix that you use.
On Debian/Ubuntu, please also find lines in `slapd.conf` like below:
```
modulepath /usr/lib/ldap
moduleload back_mdb
```
Append a new `moduleload` directive right after `moduleload back_mdb` like
below:
```
moduleload back_monitor
```
Now restart OpenLDAP service.
Create file `/opt/netdata/etc/netdata/python.d/openldap.conf` with content below:
!!! attention
* You must replace `dc=example,dc=com` by the real LDAP suffix that you use.
* You must replace `<password-of-vmail>` by the real password of
`cn=vmail`. You can find it in files under `/etc/postfix/ldap/`.
```
update_every: 5
local:
username : "cn=vmail,dc=example,dc=com"
password : "<password-of-vmail>"
server : "localhost"
port : 389
timeout : 1
```
Now restart netdata service.
### Monitor Nginx and php-fpm
We need to enable `stub_status` in Nginx to get detailed server info, also
@ -373,8 +443,8 @@ This is what you see after successfully logged in:
## Update netdata
To update netdata, just download new version of the prebuilt package, then run
it:
To update netdata, just download new version of the prebuilt package from its
[github page](https://github.com/netdata/netdata/releases), then run it:
```
chmod +x netdata-latest.gz.run
@ -382,3 +452,7 @@ chmod +x netdata-latest.gz.run
```
That's it.
## See Also
* [Integrate netdata monitor (on FreeBSD server)](./integration.netdata.freebsd.html)

15
en_US/upgrade/0-upgrade.iredmail.0.9.8-0.9.9.md
View File

@ -29,7 +29,7 @@ so that you can know which version of iRedMail you're running. For example:
Please follow below tutorial to upgrade iRedAPD to the latest stable release:
[Upgrade iRedAPD to the latest stable release](./upgrade.iredapd.html)
### Upgrade iRedAdmin (open source edition) to the latest stable release (1.0)
### Upgrade iRedAdmin (open source edition) to the latest stable release (0.9.2)
Please follow this tutorial to upgrade iRedAdmin open source edition to the
latest stable release:
@ -301,6 +301,19 @@ string `maildir` as default value.
For more details about changing mailbox format, please check our tutorial:
[Change mailbox format](./change.mailbox.format.html).
### [OPTIONAL] Monitoring OpenLDAP with netdata
netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through its `monitor` backend.
Please follow this tutorial to upgrade netdata and configure both OpenLDAP and netdata for monitoring.
* On Linux:
* [Upgrade netdata](./integration.netdata.linux.html#update-netdata)
* [Monitor OpenLDAP](./integration.netdata.linux.html#monitor-openldap)
* On FreeBSD:
* Please update netdata with ports tree first, make sure you're running
netdata-1.11.1 or later release.?
* [Monitor OpenLDAP](./integration.netdata.freebsd.html#monitor-openldap)
## MySQL/MariaDB special
### SQL structure changes in `vmail` database

63
html/integration.netdata.freebsd.html
View File

@ -22,6 +22,7 @@
<li><a href="#whats-netdata">What's netdata</a></li>
<li><a href="#install-netdata">Install netdata</a></li>
<li><a href="#configure-netdata">Configure netdata</a><ul>
<li><a href="#monitor-openldap">Monitor OpenLDAP</a></li>
<li><a href="#monitor-nginx-and-php-fpm">Monitor Nginx and php-fpm</a></li>
<li><a href="#monitor-dovecot">Monitor Dovecot</a></li>
<li><a href="#monitor-mysqlmariadb-server">Monitor MySQL/MariaDB server</a></li>
@ -29,6 +30,7 @@
</ul>
</li>
<li><a href="#configure-nginx-to-forward-requests-to-netdata">Configure Nginx to forward requests to netdata</a></li>
<li><a href="#see-also">See Also</a></li>
</ul>
</li>
</ul>
@ -91,6 +93,61 @@ files don't need your attention at all, including:</p>
<li>...</li>
</ul>
<p>But some applications do require extra settings, we will cover them below.</p>
<h3 id="monitor-openldap">Monitor OpenLDAP</h3>
<p>OpenLDAP supports an optional monitoring interface you can use to obtain
information regarding the current state of your OpenLDAP server. For instance,
the interface allows you to determine how many clients are connected to the
server currently. The monitoring information is provided by a specialized
backend, the <code>monitor</code> backend. A manual page, <code>slapd-monitor(5)</code> is available.</p>
<p>netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through
its <code>monitor</code> backend.</p>
<p>To enable <code>monitor</code> backend in OpenLDAP, please append lines below in
<code>/usr/local/etc/openldap/slapd.conf</code>:</p>
<div class="admonition attention">
<p class="admonition-title">Attention</p>
<p>You must replace <code>dc=example,dc=com</code> by the real LDAP suffix that you use.</p>
</div>
<pre><code>database monitor
access to dn=&quot;cn=monitor&quot;
by dn.exact=&quot;cn=Manager,dc=example,dc=com&quot; read
by dn.exact=&quot;cn=vmail,dc=example,dc=com&quot; read
by * none
</code></pre>
<p>It enables OpenLDAP backend <code>monitor</code>, also grant <code>read</code> access to dn
<code>cn=Manager,dc=example,dc=com</code> and <code>cn=vmail,dc=example,dc=com</code>. Again, you
must replace <code>dc=example,dc=com</code> by the real LDAP suffix that you use.</p>
<p>Also find lines in <code>slapd.conf</code> like below:</p>
<pre><code>modulepath /usr/local/libexec/openldap
moduleload back_mdb
</code></pre>
<p>Append a new <code>moduleload</code> directive right after <code>moduleload back_mdb</code> like
below:</p>
<pre><code>moduleload back_monitor
</code></pre>
<p>Now restart OpenLDAP service.</p>
<p>Create file <code>/usr/local/etc/netdata/python.d/openldap.conf</code> with content below:</p>
<div class="admonition attention">
<p class="admonition-title">Attention</p>
<ul>
<li>You must replace <code>dc=example,dc=com</code> by the real LDAP suffix that you use.</li>
<li>You must replace <code>&lt;password-of-vmail&gt;</code> by the real password of
<code>cn=vmail</code>. You can find it in files under <code>/usr/local/etc/postfix/ldap/</code>.</li>
</ul>
</div>
<pre><code>update_every: 5
local:
username : &quot;cn=vmail,dc=example,dc=com&quot;
password : &quot;&lt;password-of-vmail&gt;&quot;
server : &quot;localhost&quot;
port : 389
timeout : 1
</code></pre>
<p>Now restart netdata service.</p>
<h3 id="monitor-nginx-and-php-fpm">Monitor Nginx and php-fpm</h3>
<p>We need to enable <code>stub_status</code> in Nginx to get detailed server info, also
update php-fpm config file to enable similar feature.</p>
@ -322,7 +379,11 @@ replace <code>your-server</code> by the real domain name), it will ask you to in
username and password for authentication, please use the account we just added
in file <code>/usr/local/etc/nginx/netdata.users</code> to login.</p>
<p>This is what you see after successfully logged in:</p>
<p><img alt="" src="./images/netdata/system-overview.png" width="900px" /></p><div class="footer">
<p><img alt="" src="./images/netdata/system-overview.png" width="900px" /></p>
<h2 id="see-also">See Also</h2>
<ul>
<li><a href="./integration.netdata.linux.html">Integrate netdata monitor (on Linux server)</a></li>
</ul><div class="footer">
<p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2">download the latest version</a> for offline reading. If you found something wrong, please do <a href="https://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
</div>
<!-- Global site tag (gtag.js) - Google Analytics -->

73
html/integration.netdata.linux.html
View File

@ -23,6 +23,7 @@
<li><a href="#install-packages-required-by-netdata">Install packages required by netdata</a></li>
<li><a href="#install-netdata">Install netdata</a></li>
<li><a href="#configure-netdata">Configure netdata</a><ul>
<li><a href="#monitor-openldap">Monitor OpenLDAP</a></li>
<li><a href="#monitor-nginx-and-php-fpm">Monitor Nginx and php-fpm</a></li>
<li><a href="#monitor-dovecot">Monitor Dovecot</a></li>
<li><a href="#monitor-mysqlmariadb-server">Monitor MySQL/MariaDB server</a></li>
@ -32,6 +33,7 @@
<li><a href="#system-tuning">System tuning</a></li>
<li><a href="#configure-nginx-to-forward-requests-to-netdata">Configure Nginx to forward requests to netdata</a></li>
<li><a href="#update-netdata">Update netdata</a></li>
<li><a href="#see-also">See Also</a></li>
</ul>
</li>
</ul>
@ -39,7 +41,7 @@
<div class="admonition attention">
<p class="admonition-title">Attention</p>
<ul>
<li>This tutorial is tested on CentOS 7, Debian 9, Ubuntu 16.04.
<li>This tutorial has been tested on CentOS 7, Debian 9, Ubuntu 16.04/18.04.
For FreeBSD, please check this tutorial instead:
<a href="./integration.netdata.freebsd.html">Integrate netdata on FreeBSD</a>.</li>
<li>netdata is an optional component since iRedMail-0.9.8.</li>
@ -130,6 +132,65 @@ files don't need your attention at all, including:</p>
<li>...</li>
</ul>
<p>But some applications do require extra settings, we will cover them below.</p>
<h3 id="monitor-openldap">Monitor OpenLDAP</h3>
<p>OpenLDAP supports an optional monitoring interface you can use to obtain
information regarding the current state of your OpenLDAP server. For instance,
the interface allows you to determine how many clients are connected to the
server currently. The monitoring information is provided by a specialized
backend, the <code>monitor</code> backend. A manual page, <code>slapd-monitor(5)</code> is available.</p>
<p>netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through
its <code>monitor</code> backend.</p>
<p>To enable <code>monitor</code> backend in OpenLDAP, please append lines below in
<code>slapd.conf</code>:</p>
<ul>
<li>on RHEL/CentOS, it's <code>/etc/openldap/slapd.conf</code></li>
<li>on Debian/Ubuntu, it's <code>/etc/ldap/slapd.conf</code></li>
</ul>
<div class="admonition attention">
<p class="admonition-title">Attention</p>
<p>You must replace <code>dc=example,dc=com</code> by the real LDAP suffix that you use.</p>
</div>
<pre><code>database monitor
access to dn=&quot;cn=monitor&quot;
by dn.exact=&quot;cn=Manager,dc=example,dc=com&quot; read
by dn.exact=&quot;cn=vmail,dc=example,dc=com&quot; read
by * none
</code></pre>
<p>It enables OpenLDAP backend <code>monitor</code>, also grant <code>read</code> access to dn
<code>cn=Manager,dc=example,dc=com</code> and <code>cn=vmail,dc=example,dc=com</code>. Again, you
must replace <code>dc=example,dc=com</code> by the real LDAP suffix that you use.</p>
<p>On Debian/Ubuntu, please also find lines in <code>slapd.conf</code> like below:</p>
<pre><code>modulepath /usr/lib/ldap
moduleload back_mdb
</code></pre>
<p>Append a new <code>moduleload</code> directive right after <code>moduleload back_mdb</code> like
below:</p>
<pre><code>moduleload back_monitor
</code></pre>
<p>Now restart OpenLDAP service.</p>
<p>Create file <code>/opt/netdata/etc/netdata/python.d/openldap.conf</code> with content below:</p>
<div class="admonition attention">
<p class="admonition-title">Attention</p>
<ul>
<li>You must replace <code>dc=example,dc=com</code> by the real LDAP suffix that you use.</li>
<li>You must replace <code>&lt;password-of-vmail&gt;</code> by the real password of
<code>cn=vmail</code>. You can find it in files under <code>/etc/postfix/ldap/</code>.</li>
</ul>
</div>
<pre><code>update_every: 5
local:
username : &quot;cn=vmail,dc=example,dc=com&quot;
password : &quot;&lt;password-of-vmail&gt;&quot;
server : &quot;localhost&quot;
port : 389
timeout : 1
</code></pre>
<p>Now restart netdata service.</p>
<h3 id="monitor-nginx-and-php-fpm">Monitor Nginx and php-fpm</h3>
<p>We need to enable <code>stub_status</code> in Nginx to get detailed server info, also
update php-fpm config file to enable similar feature.</p>
@ -388,13 +449,17 @@ in file <code>/etc/nginx/netdata.users</code> to login.</p>
<p>This is what you see after successfully logged in:</p>
<p><img alt="" src="./images/netdata/system-overview.png" width="900px" /></p>
<h2 id="update-netdata">Update netdata</h2>
<p>To update netdata, just download new version of the prebuilt package, then run
it:</p>
<p>To update netdata, just download new version of the prebuilt package from its
<a href="https://github.com/netdata/netdata/releases">github page</a>, then run it:</p>
<pre><code>chmod +x netdata-latest.gz.run
./netdata-latest.gz.run --accept
</code></pre>
<p>That's it.</p><div class="footer">
<p>That's it.</p>
<h2 id="see-also">See Also</h2>
<ul>
<li><a href="./integration.netdata.freebsd.html">Integrate netdata monitor (on FreeBSD server)</a></li>
</ul><div class="footer">
<p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2">download the latest version</a> for offline reading. If you found something wrong, please do <a href="https://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
</div>
<!-- Global site tag (gtag.js) - Google Analytics -->

25
html/upgrade.iredmail.0.9.8-0.9.9.html
View File

@ -20,10 +20,10 @@
<ul>
<li><a href="#upgrade-iredmail-from-098-to-099">Upgrade iRedMail from 0.9.8 to 0.9.9</a><ul>
<li><a href="#changelog">ChangeLog</a></li>
<li><a href="#general-all-backends-should-apply-these-steps">General (All backends should apply these steps)</a><ul>
<li><a href="#general-all-backends-should-apply-these-changes">General (All backends should apply these changes)</a><ul>
<li><a href="#update-etciredmail-release-with-new-iredmail-version-number">Update /etc/iredmail-release with new iRedMail version number</a></li>
<li><a href="#upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release-23">Upgrade iRedAPD (Postfix policy server) to the latest stable release (2.3)</a></li>
<li><a href="#upgrade-iredadmin-open-source-edition-to-the-latest-stable-release-10">Upgrade iRedAdmin (open source edition) to the latest stable release (1.0)</a></li>
<li><a href="#upgrade-iredadmin-open-source-edition-to-the-latest-stable-release-092">Upgrade iRedAdmin (open source edition) to the latest stable release (0.9.2)</a></li>
<li><a href="#upgrade-roundcube-webmail-to-the-latest-stable-release-138">Upgrade Roundcube webmail to the latest stable release (1.3.8)</a></li>
<li><a href="#fix-improper-nginx-config-files-for-roundcube">Fix improper Nginx config files for Roundcube</a></li>
<li><a href="#improve-mlmmj-script-used-for-appending-footer-text">Improve mlmmj script used for appending footer text</a></li>
@ -34,6 +34,7 @@
<li><a href="#openldap-special">OpenLDAP special</a><ul>
<li><a href="#update-iredmail-ldap-schema-file">Update iRedMail LDAP schema file</a></li>
<li><a href="#dovecot-read-mailbox-format-from-ldap">Dovecot: read mailbox format from LDAP</a></li>
<li><a href="#optional-monitoring-openldap-with-netdata">[OPTIONAL] Monitoring OpenLDAP with netdata</a></li>
</ul>
</li>
<li><a href="#mysqlmariadb-special">MySQL/MariaDB special</a><ul>
@ -64,7 +65,7 @@ check <a href="https://www.iredmail.org/support.html">the details</a> and
<ul>
<li>Nov 2, 2018, initial release.</li>
</ul>
<h2 id="general-all-backends-should-apply-these-steps">General (All backends should apply these steps)</h2>
<h2 id="general-all-backends-should-apply-these-changes">General (All backends should apply these changes)</h2>
<h3 id="update-etciredmail-release-with-new-iredmail-version-number">Update <code>/etc/iredmail-release</code> with new iRedMail version number</h3>
<p>iRedMail stores the release version in <code>/etc/iredmail-release</code> after
installation, it's recommended to update this file after you upgraded iRedMail,
@ -75,7 +76,7 @@ so that you can know which version of iRedMail you're running. For example:</p>
<h3 id="upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release-23">Upgrade iRedAPD (Postfix policy server) to the latest stable release (2.3)</h3>
<p>Please follow below tutorial to upgrade iRedAPD to the latest stable release:
<a href="./upgrade.iredapd.html">Upgrade iRedAPD to the latest stable release</a></p>
<h3 id="upgrade-iredadmin-open-source-edition-to-the-latest-stable-release-10">Upgrade iRedAdmin (open source edition) to the latest stable release (1.0)</h3>
<h3 id="upgrade-iredadmin-open-source-edition-to-the-latest-stable-release-092">Upgrade iRedAdmin (open source edition) to the latest stable release (0.9.2)</h3>
<p>Please follow this tutorial to upgrade iRedAdmin open source edition to the
latest stable release:
<a href="./migrate.or.upgrade.iredadmin.html">Upgrade iRedAdmin to the latest stable release</a></p>
@ -315,6 +316,22 @@ line like below:</p>
string <code>maildir</code> as default value.</p>
<p>For more details about changing mailbox format, please check our tutorial:
<a href="./change.mailbox.format.html">Change mailbox format</a>.</p>
<h3 id="optional-monitoring-openldap-with-netdata">[OPTIONAL] Monitoring OpenLDAP with netdata</h3>
<p>netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through its <code>monitor</code> backend.
Please follow this tutorial to upgrade netdata and configure both OpenLDAP and netdata for monitoring.</p>
<ul>
<li>On Linux:<ul>
<li><a href="./integration.netdata.linux.html#update-netdata">Upgrade netdata</a></li>
<li><a href="./integration.netdata.linux.html#monitor-openldap">Monitor OpenLDAP</a></li>
</ul>
</li>
<li>On FreeBSD:<ul>
<li>Please update netdata with ports tree first, make sure you're running
netdata-1.11.1 or later release.?</li>
<li><a href="./integration.netdata.freebsd.html#monitor-openldap">Monitor OpenLDAP</a></li>
</ul>
</li>
</ul>
<h2 id="mysqlmariadb-special">MySQL/MariaDB special</h2>
<h3 id="sql-structure-changes-in-vmail-database">SQL structure changes in <code>vmail</code> database</h3>
<p>We've made some changes to <code>vmail</code> database:</p>