|
All configuration is done in the file multisite.mk which is found in the same
directory as main.mk (the default is /etc/check_mk) and uses Python syntax.
An example file is being installed during setup of Check_MK.
If you have just one site, no further
configuration is neccessary and you can directly start using Multisite. The default configuration
allows access to the local site for all users logged in via HTTP and gives the user nagiosadmin administrative
permissions.
Configuring multiple sites
If you want to use Multisite for distributed monitoring, then you need to configure
a list of local and remote sites in multisite.mk in the variable sites.
Here is an example configuration for two sites - one being local on the same host
and one being remote:
sites = {
"munich" : {
"alias" : "Munich"
},
"paris": {
"alias": "Paris",
"socket": "tcp:10.0.0.2:6557",
"nagios_url": "/paris/nagios",
"nagios_cgi_url": "/paris/nagios/cgi-bin",
"pnp_prefix": "/paris/pnp4nagios/graph",
},
}
The variable sites is a Python dictionary with one entry for
each site. The keys (here munich and paris) are internal
identifiers for your sites. Each entry is itself a Python dictionary with
the following possible entries (all entries except alias are optional
and have default values):
| alias | Full name of the site to be shown in the GUI. |
| socket | A specification of the Livestatus socket. The default
is to connect to a UNIX socket to the local host (the path of which
is configured during setup of Check_MK). Another path can be chosen by setting
socket to unix:/some/other/path. |
| nagios_url | The base URL of the Nagios webserver on the remote
site. The default is /nagios. |
| nagios_cgi_url | The base URL of the remote Nagios' CGI bins. The default
is /nagios/cgi-bin. |
| pnp_prefix | The base URL of the remote Nagios' PNP4Nagios installation.
You need to set this only if you are using PNP4Nagios. The default is /pnp4nagios. |
Security
Please note, that Livestatus currently has no builtin security layer. If you
provide remote access via xinetd, please at least restrict the access to the
IP addresses of your remote Nagios servers running the Multisite GUI.
If you believe that this is not sufficient (and from the point of view of a
network security expert it surely isn't), then please secure your connection
with a VPN, an SSH- or SSL-tunnel or some similar method.
Livestatus does a simple TCP-connect each time a web page is loaded and thus can
be easily secured by deploying standard methods.
Authorization
Multisites provides a role based authorization mechanism which is configured
in multisite.mk and described in another article.
| 
