- Lab
- A Cloud Guru
Configure a Backup of Nagios
In this lab we cover how to create a backup of Nagios files. You might think that you won't need it, but all systems are vulnerable. As time passes, the chances you will need a backup grow. Why risk it? Let's see how it's done and be safe!
Path Info
Table of Contents
-
Challenge
Configure Key-Based Authentication Between the Server and Client
-
In the Nagios server terminal, generate an SSH key pair.
sudo sussh-keygen -
Open the key file.
vim /root/.ssh/id_rsa.pub -
Select the entire key and copy it to your buffer.
-
In the Linux client terminal, edit the
authorized_keysfile.vim /home/cloud_user/.ssh/authorized_keys -
Go to the bottom of the file and paste the key copied from the server.
-
Save your changes and exit the editor.
-
Back in the server terminal, exit the editor.
-
-
Challenge
Create a Bash Script Which Will Create a Compressed File and Copy It to the Client, then Perform a Hash Sum Verification and Verify the Integrity of the Copied Backup File
-
Create the file.
vim /home/cloud_user/nagiosBackup.sh -
Add the following text to the file.
#!/bin/bash DIR_PATH_1="/usr/local/nagios" timeStamp=$(date +%Y-%m-%d-%H-%M-%S-%s) serverIP=$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print$2}' | cut -f1 -d'/' | tr . -) remoteBackupFilePath="/home/cloud_user/" tar -czvf $timeStamp-Nagios-Core-$serverIP.tar.gz $DIR_PATH_1 HASH=$(md5sum $timeStamp-Nagios-Core-$serverIP.tar.gz | awk -F" " '{print $1}') fromName="$timeStamp-Nagios-Core-$serverIP.tar.gz" toName="$timeStamp-$HASH-Nagios-Core-$serverIP.tar.gz" mv $fromName $toName scp $timeStamp-$HASH-Nagios-Core-$serverIP.tar.gz cloud_user@$1:$remoteBackupFilePath remoteHash=$(ssh cloud_user@$1 "md5sum /home/cloud_user/$timeStamp-$HASH-Nagios-Core-$serverIP.tar.gz") remoteHash=$(echo "$remoteHash" | awk -F" " '{print $1}') if [[ $HASH == $remoteHash ]]; then echo "SUCCESS - FILE: " $timeStamp-$HASH-Nagios-Core-$serverIP.tar.gz "was copied succesfully to: " $1 >> /home/nagios/customBackupLog.log rm -rf $timeStamp-$HASH-Nagios-Core-$serverIP.tar.gz else echo "FAIL - FILE: " $timeStamp-$HASH-Nagios-Core-$serverIP.tar.gz "was not copied succesfully to: " $1 >> /home/nagios/customBackupLog.log fi -
Save your changes and exit the editor.
-
Update the privileges for your script.
chmod +x /home/cloud_user/nagiosBackup.sh -
Change the ownership of the script.
sudo chown root:root /home/cloud_user/nagiosBackup.sh
-
-
Challenge
Configure the Script to Automatically Run
-
Still in the server terminal, log in as root.
sudo su -
Open the scheduling file.
crontab -e -
Add the following text to the file.
59 23 * * * /home/cloud_user/nagiosBackup.sh <Client IP Address> -
Save your changes and exit the editor.
-
Run the script once manually as root
sudo su/home/cloud_user/nagiosBackup.sh <Client IP Address>
-
-
Challenge
Perform a Test Run of the Backup Script
-
Create a key pair for the
rootuser.-
In the Nagios server terminal, generate an SSH key pair.
ssh-keygen -
Open the key file.
vim /home/root/.ssh/id_rsa.pub -
Select the entire key and copy it to your buffer.
-
In the Linux client terminal, edit the
authorized_keysfile.vim /home/cloud_user/.ssh/authorized_keys -
Go to the bottom of the file and paste the key copied from the server.
-
Save your changes and exit the editor.
-
Back in the server terminal, exit the editor.
-
-
Run the script.
/home/cloud_user/nagiosBackup.sh PUBLIC_LINUXCLIENT_IP- In the client, verify the backup worked.
ll- In the server, update the scheduled task.
crontab -e-
Add the Linux client public IP to the end of the line after
nagiosBackup.sh. -
Save your changes and exit the editor.
-
Check the log file to verify the process.
tail -f /home/nagios/customBackupLog.log -
-
Challenge
Simulate an Error and Restore from a Backup
- In the server terminal, delete
localhosts.cfg.
```bash sudo rm -rf /usr/local/nagios/etc/objects/localhost.cfg ```-
In the client terminal, extract the backup.
cd /home/cloud_user/ tar -xvzf backup_file_name -
Generate an SSH key pair.
ssh-keygen -
Open the key file.
vim /home/cloud_user/.ssh/id_rsa.pub -
Select the entire key and copy it to your buffer.
-
In the server terminal, edit the
authorized_keysfile.vim /home/cloud_user/.ssh/authorized_keys -
Go to the bottom of the file and paste the key copied from the server.
-
Save your changes and exit the editor.
-
Back in the client terminal, exit the editor.
-
Transfer the missing file from the client to the server.
scp usr/local/nagios/etc/objects/localhost.cfg cloud_user@PUBLIC_NAGIOSSERVER_IP:/home/cloud_user/ -
In the server terminal, verify the file has been transferred.
ll -
Move the file to the appropriate location.
mv localhost.cfg /usr/local/nagios/etc/objects/ -
Transfer to the destination directory.
cd /usr/local/nagios/etc/objects/ -
Change ownership of the file.
chown nagios:nagios localhost.cfg -
Perform a preflight check.
sudo /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg -
Verify there were no warnings or errors.
-
Restart the Nagios server.
sudo systemctl restart nagios
- In the server terminal, delete
What's a lab?
Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Guided walkthrough
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.
