From 42e244aa0d55f5472fe903b7b5f88c2dabbc42f6 Mon Sep 17 00:00:00 2001
From: Zhang Huangbin
Date: Thu, 29 Nov 2018 11:52:59 +0800
Subject: [PATCH] Monitor OpenLDAP with netdata.
---
.../0-integration.netdata.freebsd.md | 71 ++++++++++++++++
.../0-integration.netdata.linux.md | 80 ++++++++++++++++++-
.../upgrade/0-upgrade.iredmail.0.9.8-0.9.9.md | 15 +++-
html/integration.netdata.freebsd.html | 63 ++++++++++++++-
html/integration.netdata.linux.html | 73 ++++++++++++++++-
html/upgrade.iredmail.0.9.8-0.9.9.html | 25 +++++-
6 files changed, 314 insertions(+), 13 deletions(-)
diff --git a/en_US/integrations/0-integration.netdata.freebsd.md b/en_US/integrations/0-integration.netdata.freebsd.md
index 26788789..14cd1eec 100644
--- a/en_US/integrations/0-integration.netdata.freebsd.md
+++ b/en_US/integrations/0-integration.netdata.freebsd.md
@@ -66,6 +66,73 @@ files don't need your attention at all, including:
But some applications do require extra settings, we will cover them below.
+### Monitor OpenLDAP
+
+OpenLDAP supports an optional monitoring interface you can use to obtain
+information regarding the current state of your OpenLDAP server. For instance,
+the interface allows you to determine how many clients are connected to the
+server currently. The monitoring information is provided by a specialized
+backend, the `monitor` backend. A manual page, `slapd-monitor(5)` is available.
+
+netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through
+its `monitor` backend.
+
+To enable `monitor` backend in OpenLDAP, please append lines below in
+`/usr/local/etc/openldap/slapd.conf`:
+
+!!! attention
+
+ You must replace `dc=example,dc=com` by the real LDAP suffix that you use.
+
+```
+database monitor
+access to dn="cn=monitor"
+ by dn.exact="cn=Manager,dc=example,dc=com" read
+ by dn.exact="cn=vmail,dc=example,dc=com" read
+ by * none
+```
+
+It enables OpenLDAP backend `monitor`, also grant `read` access to dn
+`cn=Manager,dc=example,dc=com` and `cn=vmail,dc=example,dc=com`. Again, you
+must replace `dc=example,dc=com` by the real LDAP suffix that you use.
+
+Also find lines in `slapd.conf` like below:
+
+```
+modulepath /usr/local/libexec/openldap
+moduleload back_mdb
+```
+
+Append a new `moduleload` directive right after `moduleload back_mdb` like
+below:
+
+```
+moduleload back_monitor
+```
+
+Now restart OpenLDAP service.
+
+Create file `/usr/local/etc/netdata/python.d/openldap.conf` with content below:
+
+!!! attention
+
+ * You must replace `dc=example,dc=com` by the real LDAP suffix that you use.
+ * You must replace `` by the real password of
+ `cn=vmail`. You can find it in files under `/usr/local/etc/postfix/ldap/`.
+
+```
+update_every: 5
+
+local:
+ username : "cn=vmail,dc=example,dc=com"
+ password : ""
+ server : "localhost"
+ port : 389
+ timeout : 1
+```
+
+Now restart netdata service.
+
### Monitor Nginx and php-fpm
We need to enable `stub_status` in Nginx to get detailed server info, also
@@ -299,3 +366,7 @@ in file `/usr/local/etc/nginx/netdata.users` to login.
This is what you see after successfully logged in:
![](./images/netdata/system-overview.png){: width="900px" }
+
+## See Also
+
+* [Integrate netdata monitor (on Linux server)](./integration.netdata.linux.html)
diff --git a/en_US/integrations/0-integration.netdata.linux.md b/en_US/integrations/0-integration.netdata.linux.md
index 16a97a67..dbd9e46e 100644
--- a/en_US/integrations/0-integration.netdata.linux.md
+++ b/en_US/integrations/0-integration.netdata.linux.md
@@ -4,7 +4,7 @@
!!! attention
- * This tutorial is tested on CentOS 7, Debian 9, Ubuntu 16.04.
+ * This tutorial has been tested on CentOS 7, Debian 9, Ubuntu 16.04/18.04.
For FreeBSD, please check this tutorial instead:
[Integrate netdata on FreeBSD](./integration.netdata.freebsd.html).
* netdata is an optional component since iRedMail-0.9.8.
@@ -105,6 +105,76 @@ files don't need your attention at all, including:
But some applications do require extra settings, we will cover them below.
+### Monitor OpenLDAP
+
+OpenLDAP supports an optional monitoring interface you can use to obtain
+information regarding the current state of your OpenLDAP server. For instance,
+the interface allows you to determine how many clients are connected to the
+server currently. The monitoring information is provided by a specialized
+backend, the `monitor` backend. A manual page, `slapd-monitor(5)` is available.
+
+netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through
+its `monitor` backend.
+
+To enable `monitor` backend in OpenLDAP, please append lines below in
+`slapd.conf`:
+
+* on RHEL/CentOS, it's `/etc/openldap/slapd.conf`
+* on Debian/Ubuntu, it's `/etc/ldap/slapd.conf`
+
+!!! attention
+
+ You must replace `dc=example,dc=com` by the real LDAP suffix that you use.
+
+```
+database monitor
+access to dn="cn=monitor"
+ by dn.exact="cn=Manager,dc=example,dc=com" read
+ by dn.exact="cn=vmail,dc=example,dc=com" read
+ by * none
+```
+
+It enables OpenLDAP backend `monitor`, also grant `read` access to dn
+`cn=Manager,dc=example,dc=com` and `cn=vmail,dc=example,dc=com`. Again, you
+must replace `dc=example,dc=com` by the real LDAP suffix that you use.
+
+On Debian/Ubuntu, please also find lines in `slapd.conf` like below:
+
+```
+modulepath /usr/lib/ldap
+moduleload back_mdb
+```
+
+Append a new `moduleload` directive right after `moduleload back_mdb` like
+below:
+
+```
+moduleload back_monitor
+```
+
+Now restart OpenLDAP service.
+
+Create file `/opt/netdata/etc/netdata/python.d/openldap.conf` with content below:
+
+!!! attention
+
+ * You must replace `dc=example,dc=com` by the real LDAP suffix that you use.
+ * You must replace `` by the real password of
+ `cn=vmail`. You can find it in files under `/etc/postfix/ldap/`.
+
+```
+update_every: 5
+
+local:
+ username : "cn=vmail,dc=example,dc=com"
+ password : ""
+ server : "localhost"
+ port : 389
+ timeout : 1
+```
+
+Now restart netdata service.
+
### Monitor Nginx and php-fpm
We need to enable `stub_status` in Nginx to get detailed server info, also
@@ -373,8 +443,8 @@ This is what you see after successfully logged in:
## Update netdata
-To update netdata, just download new version of the prebuilt package, then run
-it:
+To update netdata, just download new version of the prebuilt package from its
+[github page](https://github.com/netdata/netdata/releases), then run it:
```
chmod +x netdata-latest.gz.run
@@ -382,3 +452,7 @@ chmod +x netdata-latest.gz.run
```
That's it.
+
+## See Also
+
+* [Integrate netdata monitor (on FreeBSD server)](./integration.netdata.freebsd.html)
diff --git a/en_US/upgrade/0-upgrade.iredmail.0.9.8-0.9.9.md b/en_US/upgrade/0-upgrade.iredmail.0.9.8-0.9.9.md
index 74b5d902..729f9a96 100644
--- a/en_US/upgrade/0-upgrade.iredmail.0.9.8-0.9.9.md
+++ b/en_US/upgrade/0-upgrade.iredmail.0.9.8-0.9.9.md
@@ -29,7 +29,7 @@ so that you can know which version of iRedMail you're running. For example:
Please follow below tutorial to upgrade iRedAPD to the latest stable release:
[Upgrade iRedAPD to the latest stable release](./upgrade.iredapd.html)
-### Upgrade iRedAdmin (open source edition) to the latest stable release (1.0)
+### Upgrade iRedAdmin (open source edition) to the latest stable release (0.9.2)
Please follow this tutorial to upgrade iRedAdmin open source edition to the
latest stable release:
@@ -301,6 +301,19 @@ string `maildir` as default value.
For more details about changing mailbox format, please check our tutorial:
[Change mailbox format](./change.mailbox.format.html).
+### [OPTIONAL] Monitoring OpenLDAP with netdata
+
+netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through its `monitor` backend.
+Please follow this tutorial to upgrade netdata and configure both OpenLDAP and netdata for monitoring.
+
+* On Linux:
+ * [Upgrade netdata](./integration.netdata.linux.html#update-netdata)
+ * [Monitor OpenLDAP](./integration.netdata.linux.html#monitor-openldap)
+* On FreeBSD:
+ * Please update netdata with ports tree first, make sure you're running
+ netdata-1.11.1 or later release.?
+ * [Monitor OpenLDAP](./integration.netdata.freebsd.html#monitor-openldap)
+
## MySQL/MariaDB special
### SQL structure changes in `vmail` database
diff --git a/html/integration.netdata.freebsd.html b/html/integration.netdata.freebsd.html
index d5160473..9a38e56c 100644
--- a/html/integration.netdata.freebsd.html
+++ b/html/integration.netdata.freebsd.html
@@ -22,6 +22,7 @@
What's netdata
Install netdata
Configure netdata
Configure Nginx to forward requests to netdata
+See Also
@@ -91,6 +93,61 @@ files don't need your attention at all, including:
...
But some applications do require extra settings, we will cover them below.
+Monitor OpenLDAP
+OpenLDAP supports an optional monitoring interface you can use to obtain
+information regarding the current state of your OpenLDAP server. For instance,
+the interface allows you to determine how many clients are connected to the
+server currently. The monitoring information is provided by a specialized
+backend, the monitor
backend. A manual page, slapd-monitor(5)
is available.
+netdata-1.11.1 (released on 23 Nov 2018) supports monitoring OpenLDAP through
+its monitor
backend.
+To enable monitor
backend in OpenLDAP, please append lines below in
+/usr/local/etc/openldap/slapd.conf
:
+
+
Attention
+
You must replace dc=example,dc=com
by the real LDAP suffix that you use.
+
+database monitor
+access to dn="cn=monitor"
+ by dn.exact="cn=Manager,dc=example,dc=com" read
+ by dn.exact="cn=vmail,dc=example,dc=com" read
+ by * none
+
+
+It enables OpenLDAP backend monitor
, also grant read
access to dn
+cn=Manager,dc=example,dc=com
and cn=vmail,dc=example,dc=com
. Again, you
+must replace dc=example,dc=com
by the real LDAP suffix that you use.
+Also find lines in slapd.conf
like below:
+modulepath /usr/local/libexec/openldap
+moduleload back_mdb
+
+
+Append a new moduleload
directive right after moduleload back_mdb
like
+below:
+moduleload back_monitor
+
+
+Now restart OpenLDAP service.
+Create file /usr/local/etc/netdata/python.d/openldap.conf
with content below:
+
+
Attention
+
+- You must replace
dc=example,dc=com
by the real LDAP suffix that you use.
+- You must replace
<password-of-vmail>
by the real password of
+ cn=vmail
. You can find it in files under /usr/local/etc/postfix/ldap/
.
+
+
+update_every: 5
+
+local:
+ username : "cn=vmail,dc=example,dc=com"
+ password : "<password-of-vmail>"
+ server : "localhost"
+ port : 389
+ timeout : 1
+
+
+Now restart netdata service.
Monitor Nginx and php-fpm
We need to enable stub_status
in Nginx to get detailed server info, also
update php-fpm config file to enable similar feature.
@@ -322,7 +379,11 @@ replace your-server
by the real domain name), it will ask you to in
username and password for authentication, please use the account we just added
in file /usr/local/etc/nginx/netdata.users
to login.
This is what you see after successfully logged in:
-