app-admin/monit is a utility for managing and monitoring processes, programs, files, directories and filesystems on a UNIX system.
The app-admin/monit application has two USE flags:
|USE flag (what is that?)||Default||Recommended||Description|
||Yes||Add support for PAM (Pluggable Authentication Modules) - DANGEROUS to arbitrarily flip|
||Yes||Add support for Secure Socket Layer connections|
Once the USE flags are properly determined, install app-admin/monit through emerge:
emerge --ask app-admin/monit
Monit configuration files
The Monit application uses /etc/monitrc as its configuration file.
To make adding and removing monitoring definitions easy, monit supports including files inside a specified directory (usually /etc/monit.d. To enable this, edit /etc/monitrc like so:
## It is possible to include additional configuration parts from other files or ## directories. include /etc/monit.d/*
When a Monit related configuration file is altered, tell monit to reread its configuration settings:
Automatically starting monit at boot
It is recommended to start monit through the /etc/inittab so that init itself launches the monit application, and will automatically relaunch it when monit would suddenly die. Starting monit through an init script would not provide this functionality.
# Run monit in standard runlevels mo:2345:respawn:/usr/bin/monit -Ic /etc/monitrc
After updating /etc/inittab, monit can be immediately started through telinit q.
Users added to the monit or users group will be able to manipulate monit through its web interface.
To add users to one of these groups, use gpasswd:
gpasswd -a $USER monit
gpasswd -a $USER users
Inside the /etc/monitrc file, the
allow statement should refer to these groups, like so:
set httpd port 2812 allow @monit allow @users
It is also possible to hard-code usernames and passwords in the monitrc file, but this is not recommended. Check the monitrc file for default passwords and remove those, or alter them to use a strong, unique password. The syntax used then is
Monit web interface
The default location of the web interface is at localhost:2812, with admin as admin username and monit as default password. Make sure to change this!
Monitoring applications through monit
The Monit application uses PID file checks to see if an application is still running or not. That implies that a PID file must be available for an application, otherwise monit cannot guard it. If a daemon does not create a PID file, use a wrapper to create one.
The use of PID files (and validating PIDs from tools like ps) for monitoring is often said to be broken. Monit does try to overcome this weakness by checking the PID file frequently enough to be reliable.
Through using the /etc/monit.d/ location, it is easy to add in additional monitoring rules.
For instance, to automatically restart MySQL when it would die:
check process mysql with pidfile /var/run/mysqld/mysqld.pid start program = "/bin/bash -c 'rc-service mysql start'" stop program = "/bin/bash -c 'rc-service mysql stop'"
Another example is to manage the memory usage of a process and create an alert when it grows beyond a certain threshold:
check process squid with pidfile /run/squid.pid start program = "/bin/bash -c 'rc-service squid start'" stop program = "/bin/bash -c 'rc-service squid stop'" if totalmem > 512 MB then alert
Running monit in the foreground
To run monit in the foreground and provide feedback on everything it is detecting, use the -Ivv option:
... 'squid' total mem amount of 525748kB matches resource limit [total mem amount>524288kB]
For more information about Monit, the following resources can help out.
- Greg Wooledge. Process management, Retrieved on January 1st, 2015