20151030淡然

续上

Iftempfilesareneeded,makesurethatthepluginwillfailcleanlyifthefilecan'tbewritten(e.g.,toofewfilehandles,outofdiskspace,incorrectpermissions,etc.)anddeletethetempfilewhenprocessingiscomplete.如果需要使用临时文件，确保插件可以干净地失败，在文件不能被写入的情况下(如：过少的文件处理？，磁盘空间不足，不正确的权限等)，并且保证处理完成后删除临时文件。nagios安装

---

3.4.Don'tbetrickedintofollowingsymlinks不要被符号链接欺骗

Ifyourpluginopensanyfiles,takestepstoensurethatyouarenotfollowingasymlinktoanotherlocationonthesystem.如果你的插件打开了一些文件，请采取措施确保你没有被一个符号链接重定向到系统的其它地址。

---

3.5.Validateallinput验证所有输入

useroutinesinutils.corutils.pmandwritemoreasneeded使用utils.c或utils.pm中的函数，或自己写如果需要

---

4.PerlPlugins

PerlpluginsarecodedalittlemoredefensivelythanotherpluginsbecauseofembeddedPerl.Whenconfiguredassuch,embeddedPerlNagios(ePN)requiresstricteruseofthesomeofPerl'sfeatures.ThissectionoutlinessomeofthestepsneededtouseePNeffectively.

1.DonotuseBEGINandENDblockssincetheywillbecalledonlyonce(whenNagiosstartsandshutsdown)withEmbeddedPerl(ePN).Inparticular,donotuseBEGINblockstoinitializevariables.开源监控软件

2.Touseutils.pm,youneedtoprovideafullpathtothemoduleinorderforittowork.

e.g.
uselib"/usr/local/nagios/libexec";
useutilsqw(...);

3.Perlscriptsshouldbecalledwith"-w"

4.AllPerlpluginsmustcompilecleanlyunder"usestrict"-i.e.atleastexplicitlypackagenamesasin"$main::x"orpredeclareeveryvariable.

Explicitlyinitializeeachvariableinuse.Otherwisewithcachingenabled,thepluginwillnotberecompiledeachtime,andthereforePerlwillnotreinitializeallthevariables.Alloldvariablevalueswillstillbeineffect.

5.Donotuse>DATA<handles(thesesimplydonotcompileunderePN).

6.Donotuseglobalvariablesinnamedsubroutines.Thisisbadpractiseanyway,butwithePNthecompilerwillreportanerror"<global_var>willnotstayshared..".Valuesusedbysubroutinesshouldbepassedintheargumentlist.

7.Ifwritingtoafile(perhapsrecordingperformancedata)explicitlyclosecloseit.Thepluginnevercallsexit;thatiscaughtbyp1.pl,sooutputstreamsareneverclosed.

8.AsinSection5allpluginsneedtomonitortheirruntime,speciallyiftheyareusingnetworkresources.UseofthealarmisrecommendednotingthatsomePerlmodules(egLWP)managetimers,sothatanalarmsetbyapluginusingsuchamoduleisoverwrittenbythemodule.(workaroundsarecunning(TM)orusingthemoduletimer)Pluginsmayimportadefaulttimeout($TIMEOUT)fromutils.pm.

9.Perlpluginsshouldimport%ERRORSfromutils.pmandthen"exit$ERRORS{'OK'}"ratherthan"exit0"

---

5.RuntimeTimeouts

Pluginshaveaverylimitedruntime-typically10sec.Asaresult,itisveryimportantforpluginstomaintaininternalcodetoexitifruntimeexceedsathreshold.插件有一个特有的限制的运行时间—代表性地是10秒。因此，保持当内部代码运行时间超出一个阀值时退出非常重要。

Allpluginsshouldtimeoutgracefully,notjustnetworkingplugins.Forinstance,dfmaylockifyouhaveautomounteddrivesandyournetworkfails-butonfirstglance,who'dthinkdfcouldlockuplikethat.Plus,itshouldjustbemoreerrorresistanttobeabletotimeoutratherthanconsumeresources.所有插件应该优雅地超时，并不仅仅是联网插件。比如，df命令会锁定如果你自动挂载驱动并且你的网络失败了—但是第一次扫视，你最好认为df会那样锁定。另外，nagios配置

---

5.1.UseDEFAULT_SOCKET_TIMEOUT

AllnetworkpluginsshoulduseDEFAULT_SOCKET_TIMEOUTtotimeout

---

5.2.Addalarmstonetworkplugins

Ifyouwriteapluginwhichcommunicateswithanothernetworkedhost,youshouldmakesuretosetanalarm()inyourcodethatpreventsthepluginfromhangingduetoabnormalsocketclosures,etc.Nagiostakesstepstoprotectitselfagainstunrulypluginsthattimeout,butanypluginsyoucreateshouldbewellbehavedontheirown.如果你写了一个插件，这个插件会同其它网络主机交互，你应该确保设置一个alarm()在你的代码中，来防止插件因为不正常的socket关闭而挂起等。Nagios采取措施来保护它自己来对抗不守规矩的插件，那就是超时。但是你创建的所有插件应该是运自身行良好的。

---

6.PluginOptions

Awellwrittenpluginshouldhave--helpasawaytogetverbosehelp.Codeandoutputshouldtrytorespectthe80x25sizeofacrt(rememberwhenfixingstuffintheserverroom!)

---

6.1.OptionProcessing

ForpluginswritteninC,werecommendtheCstandardgetoptlibraryforshortoptions.Getopt_longisalwaysavailable.

ForpluginswritteninPerl,werecommendGetopt::Longmodule.

Positionalargumentsarestronglydiscouraged.

Thereareafewreservedoptionsthatshouldnotbeusedforotherpurposes:监控软件

-Vversion(--version)
-hhelp(--help)
-ttimeout(--timeout)
-wwarningthreshold(--warning)
-ccriticalthreshold(--critical)
-Hhostname(--hostname)
-vverbose(--verbose)

Inadditiontothereservedoptionsabove,someotherstandardoptionsare:

-CSNMPcommunity(--community)
-aauthenticationpassword(--authentication)
-lloginname(--logname)
-pportorpassword(--portor--passwd/--password)monitorsoperational
-uurlorusername(--urlor--username)

Lookatcheck_pgsqlandcheck_procstoseehowIcurrentlythinkthiscanwork.Standardoptionsare:nagios实施

Theoption-Vor--versionshouldbepresentinallplugins.ForCpluginsitshouldresultinacalltoprint_revision,afunctioninutils.cwhichtakestwocharacterarguments,thecommandnameandthepluginrevision.

The-?option,oranyotherunparsablesetofoptions,shouldprintoutashortusagestatement.Characterwidthshouldbe80andlessandnomorethat23linesshouldbeprinted(itshoulddisplaycleanlyonadumbterminalinaserverroom).

Theoption-hor--helpshouldbepresentinallplugins.InCplugins,itshouldresultinacalltoprint_help(orequivalent).Thefunctionprint_helpshouldcallprint_revision,thenprint_usage,thenshouldprovidedetailedhelp.Helptextshouldfitonan80-characterwidthdisplay,butmayrunasmanylinesasneeded.

Theoption-vor--verboseshouldbepresentinallplugins.Theusershouldbeallowedtospecify-vmultipletimestoincreasetheverbositylevel,asdescribedinTable1.

---

6.2.Pluginswithmorethanonetypeofthreshold,orwiththresholdrangesnagios培训

Oldstylewastodothingslike-ctforcriticaltimeand-cvforcriticalvalue.ThatgoesoutthewindowwithPOSIXgetopt.Theallowablealternativesare:

1.longoptionslike-critical-time(or-ctand-cv,Isuppose).

待续：http://www.ITILxf.com/thread-53036-1-1.html
本帖关键字:Nagios

20151030淡然

续上

Iftempfilesareneeded,makesurethatthepluginwillfailcleanlyifthefilecan'tbewritten(e.g.,toofewfilehandles,outofdiskspace,incorrectpermissions,etc.)anddeletethetempfilewhenprocessingiscomplete.如果需要使用临时文件，确保插件可以干净地失败，在文件不能被写入的情况下(如：过少的文件处理？，磁盘空间不足，不正确的权限等)，并且保证处理完成后删除临时文件。nagios安装

---

3.4.Don'tbetrickedintofollowingsymlinks不要被符号链接欺骗

Ifyourpluginopensanyfiles,takestepstoensurethatyouarenotfollowingasymlinktoanotherlocationonthesystem.如果你的插件打开了一些文件，请采取措施确保你没有被一个符号链接重定向到系统的其它地址。

---

3.5.Validateallinput验证所有输入

useroutinesinutils.corutils.pmandwritemoreasneeded使用utils.c或utils.pm中的函数，或自己写如果需要

---

4.PerlPlugins

PerlpluginsarecodedalittlemoredefensivelythanotherpluginsbecauseofembeddedPerl.Whenconfiguredassuch,embeddedPerlNagios(ePN)requiresstricteruseofthesomeofPerl'sfeatures.ThissectionoutlinessomeofthestepsneededtouseePNeffectively.

1.DonotuseBEGINandENDblockssincetheywillbecalledonlyonce(whenNagiosstartsandshutsdown)withEmbeddedPerl(ePN).Inparticular,donotuseBEGINblockstoinitializevariables.开源监控软件

2.Touseutils.pm,youneedtoprovideafullpathtothemoduleinorderforittowork.

e.g.
uselib"/usr/local/nagios/libexec";
useutilsqw(...);

3.Perlscriptsshouldbecalledwith"-w"

4.AllPerlpluginsmustcompilecleanlyunder"usestrict"-i.e.atleastexplicitlypackagenamesasin"$main::x"orpredeclareeveryvariable.

Explicitlyinitializeeachvariableinuse.Otherwisewithcachingenabled,thepluginwillnotberecompiledeachtime,andthereforePerlwillnotreinitializeallthevariables.Alloldvariablevalueswillstillbeineffect.

5.Donotuse>DATA<handles(thesesimplydonotcompileunderePN).

6.Donotuseglobalvariablesinnamedsubroutines.Thisisbadpractiseanyway,butwithePNthecompilerwillreportanerror"<global_var>willnotstayshared..".Valuesusedbysubroutinesshouldbepassedintheargumentlist.

7.Ifwritingtoafile(perhapsrecordingperformancedata)explicitlyclosecloseit.Thepluginnevercallsexit;thatiscaughtbyp1.pl,sooutputstreamsareneverclosed.

8.AsinSection5allpluginsneedtomonitortheirruntime,speciallyiftheyareusingnetworkresources.UseofthealarmisrecommendednotingthatsomePerlmodules(egLWP)managetimers,sothatanalarmsetbyapluginusingsuchamoduleisoverwrittenbythemodule.(workaroundsarecunning(TM)orusingthemoduletimer)Pluginsmayimportadefaulttimeout($TIMEOUT)fromutils.pm.

9.Perlpluginsshouldimport%ERRORSfromutils.pmandthen"exit$ERRORS{'OK'}"ratherthan"exit0"

---

5.RuntimeTimeouts

Pluginshaveaverylimitedruntime-typically10sec.Asaresult,itisveryimportantforpluginstomaintaininternalcodetoexitifruntimeexceedsathreshold.插件有一个特有的限制的运行时间—代表性地是10秒。因此，保持当内部代码运行时间超出一个阀值时退出非常重要。

Allpluginsshouldtimeoutgracefully,notjustnetworkingplugins.Forinstance,dfmaylockifyouhaveautomounteddrivesandyournetworkfails-butonfirstglance,who'dthinkdfcouldlockuplikethat.Plus,itshouldjustbemoreerrorresistanttobeabletotimeoutratherthanconsumeresources.所有插件应该优雅地超时，并不仅仅是联网插件。比如，df命令会锁定如果你自动挂载驱动并且你的网络失败了—但是第一次扫视，你最好认为df会那样锁定。另外，nagios配置

---

5.1.UseDEFAULT_SOCKET_TIMEOUT

AllnetworkpluginsshoulduseDEFAULT_SOCKET_TIMEOUTtotimeout

---

5.2.Addalarmstonetworkplugins

Ifyouwriteapluginwhichcommunicateswithanothernetworkedhost,youshouldmakesuretosetanalarm()inyourcodethatpreventsthepluginfromhangingduetoabnormalsocketclosures,etc.Nagiostakesstepstoprotectitselfagainstunrulypluginsthattimeout,butanypluginsyoucreateshouldbewellbehavedontheirown.如果你写了一个插件，这个插件会同其它网络主机交互，你应该确保设置一个alarm()在你的代码中，来防止插件因为不正常的socket关闭而挂起等。Nagios采取措施来保护它自己来对抗不守规矩的插件，那就是超时。但是你创建的所有插件应该是运自身行良好的。

---

6.PluginOptions

Awellwrittenpluginshouldhave--helpasawaytogetverbosehelp.Codeandoutputshouldtrytorespectthe80x25sizeofacrt(rememberwhenfixingstuffintheserverroom!)

---

6.1.OptionProcessing

ForpluginswritteninC,werecommendtheCstandardgetoptlibraryforshortoptions.Getopt_longisalwaysavailable.

ForpluginswritteninPerl,werecommendGetopt::Longmodule.

Positionalargumentsarestronglydiscouraged.

Thereareafewreservedoptionsthatshouldnotbeusedforotherpurposes:监控软件

-Vversion(--version)
-hhelp(--help)
-ttimeout(--timeout)
-wwarningthreshold(--warning)
-ccriticalthreshold(--critical)
-Hhostname(--hostname)
-vverbose(--verbose)

Inadditiontothereservedoptionsabove,someotherstandardoptionsare:

-CSNMPcommunity(--community)
-aauthenticationpassword(--authentication)
-lloginname(--logname)
-pportorpassword(--portor--passwd/--password)monitorsoperational
-uurlorusername(--urlor--username)

Lookatcheck_pgsqlandcheck_procstoseehowIcurrentlythinkthiscanwork.Standardoptionsare:nagios实施

Theoption-Vor--versionshouldbepresentinallplugins.ForCpluginsitshouldresultinacalltoprint_revision,afunctioninutils.cwhichtakestwocharacterarguments,thecommandnameandthepluginrevision.

The-?option,oranyotherunparsablesetofoptions,shouldprintoutashortusagestatement.Characterwidthshouldbe80andlessandnomorethat23linesshouldbeprinted(itshoulddisplaycleanlyonadumbterminalinaserverroom).

Theoption-hor--helpshouldbepresentinallplugins.InCplugins,itshouldresultinacalltoprint_help(orequivalent).Thefunctionprint_helpshouldcallprint_revision,thenprint_usage,thenshouldprovidedetailedhelp.Helptextshouldfitonan80-characterwidthdisplay,butmayrunasmanylinesasneeded.

Theoption-vor--verboseshouldbepresentinallplugins.Theusershouldbeallowedtospecify-vmultipletimestoincreasetheverbositylevel,asdescribedinTable1.

---

6.2.Pluginswithmorethanonetypeofthreshold,orwiththresholdrangesnagios培训

Oldstylewastodothingslike-ctforcriticaltimeand-cvforcriticalvalue.ThatgoesoutthewindowwithPOSIXgetopt.Theallowablealternativesare:

1.longoptionslike-critical-time(or-ctand-cv,Isuppose).

待续：http://www.ITILxf.com/thread-53036-1-1.html
本帖关键字:Nagios