From 42e244aa0d55f5472fe903b7b5f88c2dabbc42f6 Mon Sep 17 00:00:00 2001 From: Zhang Huangbin Date: Thu, 29 Nov 2018 11:52:59 +0800 Subject: [PATCH] Monitor OpenLDAP with netdata. --- .../0-integration.netdata.freebsd.md | 71 ++++++++++++++++ .../0-integration.netdata.linux.md | 80 ++++++++++++++++++- .../upgrade/0-upgrade.iredmail.0.9.8-0.9.9.md | 15 +++- html/integration.netdata.freebsd.html | 63 ++++++++++++++- html/integration.netdata.linux.html | 73 ++++++++++++++++- html/upgrade.iredmail.0.9.8-0.9.9.html | 25 +++++- 6 files changed, 314 insertions(+), 13 deletions(-) diff --git a/en_US/integrations/0-integration.netdata.freebsd.md b/en_US/integrations/0-integration.netdata.freebsd.md index 26788789..14cd1eec 100644 --- a/en_US/integrations/0-integration.netdata.freebsd.md +++ b/en_US/integrations/0-integration.netdata.freebsd.md @@ -66,6 +66,73 @@ files don't need your attention at all, including: But some applications do require extra settings, we will cover them below. +### Monitor OpenLDAP + +OpenLDAP supports an optional monitoring interface you can use to obtain +information regarding the current state of your OpenLDAP server. For instance, +the interface allows you to determine how many clients are connected to the +server currently. The monitoring information is provided by a specialized +backend, the `monitor` backend. A manual page, `slapd-monitor(5)` is available. + +netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through +its `monitor` backend. + +To enable `monitor` backend in OpenLDAP, please append lines below in +`/usr/local/etc/openldap/slapd.conf`: + +!!! attention + + You must replace `dc=example,dc=com` by the real LDAP suffix that you use. + +``` +database monitor +access to dn="cn=monitor" + by dn.exact="cn=Manager,dc=example,dc=com" read + by dn.exact="cn=vmail,dc=example,dc=com" read + by * none +``` + +It enables OpenLDAP backend `monitor`, also grant `read` access to dn +`cn=Manager,dc=example,dc=com` and `cn=vmail,dc=example,dc=com`. Again, you +must replace `dc=example,dc=com` by the real LDAP suffix that you use. + +Also find lines in `slapd.conf` like below: + +``` +modulepath /usr/local/libexec/openldap +moduleload back_mdb +``` + +Append a new `moduleload` directive right after `moduleload back_mdb` like +below: + +``` +moduleload back_monitor +``` + +Now restart OpenLDAP service. + +Create file `/usr/local/etc/netdata/python.d/openldap.conf` with content below: + +!!! attention + + * You must replace `dc=example,dc=com` by the real LDAP suffix that you use. + * You must replace `` by the real password of + `cn=vmail`. You can find it in files under `/usr/local/etc/postfix/ldap/`. + +``` +update_every: 5 + +local: + username : "cn=vmail,dc=example,dc=com" + password : "" + server : "localhost" + port : 389 + timeout : 1 +``` + +Now restart netdata service. + ### Monitor Nginx and php-fpm We need to enable `stub_status` in Nginx to get detailed server info, also @@ -299,3 +366,7 @@ in file `/usr/local/etc/nginx/netdata.users` to login. This is what you see after successfully logged in: ![](./images/netdata/system-overview.png){: width="900px" } + +## See Also + +* [Integrate netdata monitor (on Linux server)](./integration.netdata.linux.html) diff --git a/en_US/integrations/0-integration.netdata.linux.md b/en_US/integrations/0-integration.netdata.linux.md index 16a97a67..dbd9e46e 100644 --- a/en_US/integrations/0-integration.netdata.linux.md +++ b/en_US/integrations/0-integration.netdata.linux.md @@ -4,7 +4,7 @@ !!! attention - * This tutorial is tested on CentOS 7, Debian 9, Ubuntu 16.04. + * This tutorial has been tested on CentOS 7, Debian 9, Ubuntu 16.04/18.04. For FreeBSD, please check this tutorial instead: [Integrate netdata on FreeBSD](./integration.netdata.freebsd.html). * netdata is an optional component since iRedMail-0.9.8. @@ -105,6 +105,76 @@ files don't need your attention at all, including: But some applications do require extra settings, we will cover them below. +### Monitor OpenLDAP + +OpenLDAP supports an optional monitoring interface you can use to obtain +information regarding the current state of your OpenLDAP server. For instance, +the interface allows you to determine how many clients are connected to the +server currently. The monitoring information is provided by a specialized +backend, the `monitor` backend. A manual page, `slapd-monitor(5)` is available. + +netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through +its `monitor` backend. + +To enable `monitor` backend in OpenLDAP, please append lines below in +`slapd.conf`: + +* on RHEL/CentOS, it's `/etc/openldap/slapd.conf` +* on Debian/Ubuntu, it's `/etc/ldap/slapd.conf` + +!!! attention + + You must replace `dc=example,dc=com` by the real LDAP suffix that you use. + +``` +database monitor +access to dn="cn=monitor" + by dn.exact="cn=Manager,dc=example,dc=com" read + by dn.exact="cn=vmail,dc=example,dc=com" read + by * none +``` + +It enables OpenLDAP backend `monitor`, also grant `read` access to dn +`cn=Manager,dc=example,dc=com` and `cn=vmail,dc=example,dc=com`. Again, you +must replace `dc=example,dc=com` by the real LDAP suffix that you use. + +On Debian/Ubuntu, please also find lines in `slapd.conf` like below: + +``` +modulepath /usr/lib/ldap +moduleload back_mdb +``` + +Append a new `moduleload` directive right after `moduleload back_mdb` like +below: + +``` +moduleload back_monitor +``` + +Now restart OpenLDAP service. + +Create file `/opt/netdata/etc/netdata/python.d/openldap.conf` with content below: + +!!! attention + + * You must replace `dc=example,dc=com` by the real LDAP suffix that you use. + * You must replace `` by the real password of + `cn=vmail`. You can find it in files under `/etc/postfix/ldap/`. + +``` +update_every: 5 + +local: + username : "cn=vmail,dc=example,dc=com" + password : "" + server : "localhost" + port : 389 + timeout : 1 +``` + +Now restart netdata service. + ### Monitor Nginx and php-fpm We need to enable `stub_status` in Nginx to get detailed server info, also @@ -373,8 +443,8 @@ This is what you see after successfully logged in: ## Update netdata -To update netdata, just download new version of the prebuilt package, then run -it: +To update netdata, just download new version of the prebuilt package from its +[github page](https://github.com/netdata/netdata/releases), then run it: ``` chmod +x netdata-latest.gz.run @@ -382,3 +452,7 @@ chmod +x netdata-latest.gz.run ``` That's it. + +## See Also + +* [Integrate netdata monitor (on FreeBSD server)](./integration.netdata.freebsd.html) diff --git a/en_US/upgrade/0-upgrade.iredmail.0.9.8-0.9.9.md b/en_US/upgrade/0-upgrade.iredmail.0.9.8-0.9.9.md index 74b5d902..729f9a96 100644 --- a/en_US/upgrade/0-upgrade.iredmail.0.9.8-0.9.9.md +++ b/en_US/upgrade/0-upgrade.iredmail.0.9.8-0.9.9.md @@ -29,7 +29,7 @@ so that you can know which version of iRedMail you're running. For example: Please follow below tutorial to upgrade iRedAPD to the latest stable release: [Upgrade iRedAPD to the latest stable release](./upgrade.iredapd.html) -### Upgrade iRedAdmin (open source edition) to the latest stable release (1.0) +### Upgrade iRedAdmin (open source edition) to the latest stable release (0.9.2) Please follow this tutorial to upgrade iRedAdmin open source edition to the latest stable release: @@ -301,6 +301,19 @@ string `maildir` as default value. For more details about changing mailbox format, please check our tutorial: [Change mailbox format](./change.mailbox.format.html). +### [OPTIONAL] Monitoring OpenLDAP with netdata + +netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through its `monitor` backend. +Please follow this tutorial to upgrade netdata and configure both OpenLDAP and netdata for monitoring. + +* On Linux: + * [Upgrade netdata](./integration.netdata.linux.html#update-netdata) + * [Monitor OpenLDAP](./integration.netdata.linux.html#monitor-openldap) +* On FreeBSD: + * Please update netdata with ports tree first, make sure you're running + netdata-1.11.1 or later release.? + * [Monitor OpenLDAP](./integration.netdata.freebsd.html#monitor-openldap) + ## MySQL/MariaDB special ### SQL structure changes in `vmail` database diff --git a/html/integration.netdata.freebsd.html b/html/integration.netdata.freebsd.html index d5160473..9a38e56c 100644 --- a/html/integration.netdata.freebsd.html +++ b/html/integration.netdata.freebsd.html @@ -22,6 +22,7 @@
  • What's netdata
  • Install netdata
  • Configure netdata
  • Configure Nginx to forward requests to netdata
    • +
  • See Also
    • @@ -91,6 +93,61 @@ files don't need your attention at all, including:

  • ...

    • But some applications do require extra settings, we will cover them below.

    +

    Monitor OpenLDAP

    +

    OpenLDAP supports an optional monitoring interface you can use to obtain +information regarding the current state of your OpenLDAP server. For instance, +the interface allows you to determine how many clients are connected to the +server currently. The monitoring information is provided by a specialized +backend, the monitor backend. A manual page, slapd-monitor(5) is available.

    +

    netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through +its monitor backend.

    +

    To enable monitor backend in OpenLDAP, please append lines below in +/usr/local/etc/openldap/slapd.conf:

    +
    +

    Attention

    +

    You must replace dc=example,dc=com by the real LDAP suffix that you use.

    +
    +
    database monitor
+access to dn="cn=monitor"
+    by dn.exact="cn=Manager,dc=example,dc=com" read
+    by dn.exact="cn=vmail,dc=example,dc=com" read
+    by * none
+
    + +

    It enables OpenLDAP backend monitor, also grant read access to dn +cn=Manager,dc=example,dc=com and cn=vmail,dc=example,dc=com. Again, you +must replace dc=example,dc=com by the real LDAP suffix that you use.

    +

    Also find lines in slapd.conf like below:

    +
    modulepath /usr/local/libexec/openldap
+moduleload back_mdb
+
    + +

    Append a new moduleload directive right after moduleload back_mdb like +below:

    +
    moduleload back_monitor
+
    + +

    Now restart OpenLDAP service.

    +

    Create file /usr/local/etc/netdata/python.d/openldap.conf with content below:

    +
    +

    Attention

    +
      +
    • You must replace dc=example,dc=com by the real LDAP suffix that you use.
      • +
    • You must replace <password-of-vmail> by the real password of + cn=vmail. You can find it in files under /usr/local/etc/postfix/ldap/.
      • +
    +
    +
    update_every: 5
+
+local:
+    username : "cn=vmail,dc=example,dc=com"
+    password : "<password-of-vmail>"
+    server   : "localhost"
+    port     : 389
+    timeout  : 1
+
    + +

    Now restart netdata service.

    Monitor Nginx and php-fpm

    We need to enable stub_status in Nginx to get detailed server info, also update php-fpm config file to enable similar feature.

    @@ -322,7 +379,11 @@ replace your-server by the real domain name), it will ask you to in username and password for authentication, please use the account we just added in file /usr/local/etc/nginx/netdata.users to login.

    This is what you see after successfully logged in:

    -

    +

    +

    See Also

    +

    All documents are available in BitBucket repository, and published under Creative Commons license. You can download the latest version for offline reading. If you found something wrong, please do contact us to fix it.

    diff --git a/html/integration.netdata.linux.html b/html/integration.netdata.linux.html index d2bca042..848e5e0b 100644 --- a/html/integration.netdata.linux.html +++ b/html/integration.netdata.linux.html @@ -23,6 +23,7 @@
  • Install packages required by netdata
  • Install netdata
  • Configure netdata
    • @@ -39,7 +41,7 @@

    Attention

      -
    • This tutorial is tested on CentOS 7, Debian 9, Ubuntu 16.04. +
    • This tutorial has been tested on CentOS 7, Debian 9, Ubuntu 16.04/18.04. For FreeBSD, please check this tutorial instead: Integrate netdata on FreeBSD.
    • netdata is an optional component since iRedMail-0.9.8.
      • @@ -130,6 +132,65 @@ files don't need your attention at all, including:

    • ...

    But some applications do require extra settings, we will cover them below.

    +

    Monitor OpenLDAP

    +

    OpenLDAP supports an optional monitoring interface you can use to obtain +information regarding the current state of your OpenLDAP server. For instance, +the interface allows you to determine how many clients are connected to the +server currently. The monitoring information is provided by a specialized +backend, the monitor backend. A manual page, slapd-monitor(5) is available.

    +

    netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through +its monitor backend.

    +

    To enable monitor backend in OpenLDAP, please append lines below in +slapd.conf:

    +
      +
    • on RHEL/CentOS, it's /etc/openldap/slapd.conf
      • +
    • on Debian/Ubuntu, it's /etc/ldap/slapd.conf
      • +
    +
    +

    Attention

    +

    You must replace dc=example,dc=com by the real LDAP suffix that you use.

    +
    +
    database monitor
+access to dn="cn=monitor"
+    by dn.exact="cn=Manager,dc=example,dc=com" read
+    by dn.exact="cn=vmail,dc=example,dc=com" read
+    by * none
+
    + +

    It enables OpenLDAP backend monitor, also grant read access to dn +cn=Manager,dc=example,dc=com and cn=vmail,dc=example,dc=com. Again, you +must replace dc=example,dc=com by the real LDAP suffix that you use.

    +

    On Debian/Ubuntu, please also find lines in slapd.conf like below:

    +
    modulepath /usr/lib/ldap
+moduleload back_mdb
+
    + +

    Append a new moduleload directive right after moduleload back_mdb like +below:

    +
    moduleload back_monitor
+
    + +

    Now restart OpenLDAP service.

    +

    Create file /opt/netdata/etc/netdata/python.d/openldap.conf with content below:

    +
    +

    Attention

    +
      +
    • You must replace dc=example,dc=com by the real LDAP suffix that you use.
      • +
    • You must replace <password-of-vmail> by the real password of + cn=vmail. You can find it in files under /etc/postfix/ldap/.
      • +
    +
    +
    update_every: 5
+
+local:
+    username : "cn=vmail,dc=example,dc=com"
+    password : "<password-of-vmail>"
+    server   : "localhost"
+    port     : 389
+    timeout  : 1
+
    + +

    Now restart netdata service.

    Monitor Nginx and php-fpm

    We need to enable stub_status in Nginx to get detailed server info, also update php-fpm config file to enable similar feature.

    @@ -388,13 +449,17 @@ in file /etc/nginx/netdata.users to login.

    This is what you see after successfully logged in:

    Update netdata

    -

    To update netdata, just download new version of the prebuilt package, then run -it:

    +

    To update netdata, just download new version of the prebuilt package from its +github page, then run it:

    chmod +x netdata-latest.gz.run
 ./netdata-latest.gz.run --accept
    -

    That's it.

    +

    That's it.

    +

    See Also

    +

    All documents are available in BitBucket repository, and published under Creative Commons license. You can download the latest version for offline reading. If you found something wrong, please do contact us to fix it.

    diff --git a/html/upgrade.iredmail.0.9.8-0.9.9.html b/html/upgrade.iredmail.0.9.8-0.9.9.html index d951ec48..d09b64a1 100644 --- a/html/upgrade.iredmail.0.9.8-0.9.9.html +++ b/html/upgrade.iredmail.0.9.8-0.9.9.html @@ -20,10 +20,10 @@