The Nagios Ecosystem: Nagios, Shinken, and Icinga

Nagios has been a standard-bearer for a long time, being developed originally by Ethan Galstad and included in Debian and Ubuntu for quite some time. In 2007, Ethan created a company built around providing enhancements to Nagios called Nagios Enterprises. However, for several years now there have been competitors to the original Nagios.

The first to come along was Icinga. This was a direct fork of the Nagios code that happened in May of 2009; the story of what lead to the fork was admirably reported by Free Software Magazine in April of 2012. In short, many developers were unhappy with the way that Nagios was being developed and with what they perceived as its many shortcomings which Ethan could not or would not fix. From Ethan’s standpoint, it was more about the enforcement of the Nagios trademark. The article summed it up best at the end: it’s complicated.

The H-Online also had an interview with Ethan Galstad about the future of Nagios and some of the history of the project.

Icinga is now in Ubuntu Universe and has been since Natty. It is also available for Debian Squeeze (current stable release).

Another project is Shinken: rather than a fork, it is a compatible replacement for the core Nagios code. When the Python-based Shinken code was rejected (vigorously) in summer of 2010 as a possible Nagios 4, it became an independent project. This project is newer than Icinga, but shows serious promise. It too, is now available in Ubuntu Universe and in Debian Wheezy (current testing release).

It is unfortunate that such animosity seems to swirl about Nagios; however, Icinga and Shinken appear to be quite healthy projects that provide much needed enhancements to Nagios users – and both are available in Ubuntu Precise Pangolin, the most recent Ubuntu LTS release.

I don’t know if Icinga or Shinken still work with Nagios mobile applications. If it’s just the URL, then the web server could rewrite the URL; if there is no compatible page for the mobile applications, then they can’t be used. However, I’d be surprised if there was no way to get the mobile apps working.

I’m going to try running Shinken and/or Nagios on an installation somewhere; we’ll see how it goes. I’ll report my experiences at a later date.

Why You Should NOT Ditch Windows XP

Nathan Bauman over at PCWorld had an article titled Why You Should Ditch Your Windows XP Laptop Right Now. This sort of pitch has always interested me after a fashion – the thinking just escapes me (as a personal Windows user). The reasoning for a corporate environment would be different, of course.

Here are the reasons Nathan lists for switching to Windows 7:

  1. Windows 7 is easier to use.
  2. Windows 7 is more secure.
  3. Windows 7 supports disks with 4K blocks.
  4. Windows 7 supports more than 2Gb memory.
  5. Windows 8 is a disaster – so get Windows 7 before it goes away.

There are many reasons to stay with Windows XP for now. Be aware that I’ve not yet purchased my own Windows XP – I still have Windows 2000 for when I need Windows (which is almost never).

One reason is that Windows XP runs on virtually anything you can pick up – even one-year old and two-year old (gasp!) hardware. Requirements are 128Mb memory recommended and 1.5Gb disk on a Pentium at 233MHz or better. Windows 7 requires four times the memory, approximately 16 times the disk space, and four times the CPU power.

This variance in requirements leads to much lower costs for Windows XP hardware. A search on eBay for laptops with Windows XP shows a huge number of laptops for less than $300 – some as low as $120. These were laptops that presumably once sold for $1200 or $1800 or better. If we assume that a $300 laptop once sold for $1800, that is an 83% reduction in price from original retail – $1500 that stays in your pocket. New laptops with Windows 7 start at $350 or so for minimal systems; for a full-power system with Windows 7 it could be well over $1000.

The software itself is cheaper. Again, on eBay one can find Windows XP SP2 for $30-$40 whereas Windows 7 Ultimate is $75 and up – a savings of over %50.

Lastly, why buy Windows 7 now at retail prices when you can wait for Windows 8 – and get Windows 7 at fire-sale prices for hardware that by then will have lost 80% of its value. Just by waiting you can save thousands of dollars.

There is also the fact that a lot of software may not yet fully support Windows 7, and the software you count on the most may run only on Windows XP.

So now – that’s why you should stick with Windows XP (just remember to properly secure it!). Let everyone else spend their thousands of dollars and you can get their old equipment for a fraction of its original cost.

However, for an enterprise, the reasoning would be different – and the results might be different.

Using Nagios from an Android Phone

I got an Android phone in the last year, and started looking in earnest for a Nagios client for it. With a Nagios client, you can read what the current status is of your systems in Nagios.

There are several available; the two most often mentioned are NagRoid and NagMonDroid. However, neither one of these worked for me, and there are indeed others that were good.

All of the clients use the same basic method to get data from Nagios: scrape the data from a web page. The biggest problem comes when that web page is not available – or is incorrect. Most of these applications request a URL, but sometimes are unclear as to what URL they want exactly. Add to that the fact that Nagios changed its URL structure slightly between versions and it gets even more complicated.

To discover what was happening, I used tcpdump to watch the accesses to the web server from the Nagios clients, as well as watching the Apache logs. By doing this, I was able to discern what URLs were being loaded.

Here are some of the URL paths being looked for by the various clients:

  • /cgi-bin/tac.cgi
  • /cgi-bin/status.cgi
  • /cgi-bin/nagios3/statuswml.cgi?style=uprobs
  • /cgi-bin/nagios3/status.cgi?style=detail
  • /cgi-bin/nagios3/status.cgi?&servicestatustypes=29&serviceprops=262144

Further complicating matters in my case was the fact that any unrecognized URL was massaged (via mod_rewrite) into serving the main Nagios page via SSL.

However, by using mod_rewrite it was possible to rewrite the old /cgi-bin paths to a newer /cgi-bin/nagios3 path, and things started working.

In the case of the statuswml.cgi file, Google Chrome wanted to download the resulting file instead of actually using it somehow.

The main choices for Nagios clients on Android are these:

I have gone with aNag – it has a nice interface, good use of notification, and worked without trouble once the URL was fixed up. Several of the others never did work right – or they gave no indication that they were working right. In the case of jNag, it also requires a modified Nagios server and the installation of mkLivestatus. aNag was the one that was easiest to work with and get working.

aNag does use a mostly text-based format to show data, but it has the ability to manipulate services as well as one-button access to the web interface directly.

Browsing the Web on the Tungsten C

I had just about figured that browsing the web using Palm’s Tungsten C was impossible. It comes with a browser, but that was never usable as far as I could tell. I tried numerous other options, and finally found one that worked much better than I had dared to hope.

I tried using Xiino. This browser just looks ugly to start (with decidedly low-resolution graphics), and has completely incomprehensible icons. It wasn’t usable at all; most pages would result in a blank screen. It also uses a proxy server for images (though it doesn’t call it that): the “DataServer” – – no longer exists, which means that you can’t display anything at all unless that setting is cleared. There’s no way to set or unset it; just clear the name entirely.

I tried using Opera Mini. This requires using the old IBM Websphere Everyplace Micro Edition (WEME) – which in reality is the J9 Java Virtual Machine (JVM). The word is that IBM WEME 5.7.1 is much more stable than IBM WEME 5.7.2 (neither of which are supported or available any longer). No matter – Opera Mini v4 (the current) did not work at all, but froze during initial operation; Opera Mini v3 works but crashes reliably and frequently.

I even tried something called TeaShark; that didn’t get past the startup stage (which was buggy at the outset). This wasn’t too surprising since it was running on IBM’s J9 JVM like Opera; word has it that the IBM JVM was crippled on PalmOS in some way.

I love Opera Mini, and used it on my Nokia 6265i (and later the 6165i) – and missed it. However, running it on the J9 JVM gave a completely different experience (I never did try using Sun’s Java Manager – but that was for MIDP 1.0 only) I started thinking to myself: the NetFront browser on my Samsung Caliber is ever so much better…

Then imagine my surprise when I found that there is a NetFront browser for PalmOS. It turns out that the Sony Clie (a PalmOS device) used NetFront for their default browser, and that it would work on a Palm device as well. There are copies of it available on the web, but the one I saw came with something called MaxX to make it work with a different screen resolution than the original browser expected to find (on the Tungsten T I think).

After downloading and installing via HotSync – using Linux (with GNOME’s gpilotd) – the browser crashed when run. However, running on the Tungsten C, MaxX is unneeded; removing it solved the problems entirely.

Running with the NetFront browser has been a delightful (and unexpected) experience. The only problem seems to be a connection-related problem; for some reason, the WiFi connection seems to “age” and loses connectivity even though the device doesn’t think so. Reconnecting seems to fix this.

For more details on using the NetFront browser – and people’s experiences with it – check out this forum thread over at

If you use Google for RSS or for news, try in NetFront; it’s the best experience I’ve had yet. You can also use Google’s mobile gateway directly by going to and entering the URL that you wish to go to.

Upgrading a Palm Tungsten C to New ROMs

I had problems with my Tungsten C – with the WiFi not working and the bottom 10 pixels or so of the screen being unresponsive to taps. I had just assumed that this was a sign of hardware failure – after all, the system was used and sold at half the going rate for used Tungsten C models.

However, upon further research, it turns out that upgrading the ROM was a possible fix. This was ultimately a resounding success. As part of the upgrade, all data was erased.

The upgrade was basically a three step process: 1) make sure the system can be upgraded; 2) prepare the system (which could include removing applications or files); and 3) install the update application and run it. The process includes many more details, but that is the essence of it. I used my Ubuntu Lucid Lynx installation of GNOME Pilot to remove the files, then made sure they were erased on the Tungsten with FileZ.

After running the update, the system is cleared of all applications and data. There were several problems that came up; I wound up clearing the Tungsten of all applications and installing fresh (to remove the cruft from old applications).

One problem was applications that absolutely refused to be deleted. Presumably, this is because there is some hook into the system or otherwise which prevents it from being deleted. Reset the machine while pressing up-arrow key, then release the key after seeing the Palm logo. This starts the system without any extra software hooks. Go into FileZ (or other file manager, such as TealMover) and delete the application – removing the ReadOnly bit if necessary.

Another problem is applications that may need a setup to install, in contrast to the usual installation of a couple of files. SplashNews was one such application. Don’t restore the file; best is to get the original files and reinstall (using the setup applications).

Yet another problem was the TealMaster or TealScript applications (or other similar applications). While the application will work fine, the backed up version of the file does not work. Again, get the original files and install from there. The backed up files are not the correct ones.

After doing all this – I decided to upgrade a few things, the launcher primary among them. I’ve switched (for the moment) from Launcher III to Propel for my launcher; very nice – recommended! Only drawback is Launcher III is free (although web site is gone) and Propel is $15. However, Propel is much more current, so it is more likely to have fewer bugs and more capabilities.

All in all, this upgrade to the Tungsten C ROMs has solved both problems and has resulted in more space due to removing all the unnecessary files. Do it if you have problems with your Tungsten C.

Solaris 2009.06 (and 2008.10) on an HP nc4010 Laptop

This laptop is a delightful little machine, and borders on being a “netbook” though it has better specs than what would normally be called a netbook. Last night, I overwrote my Solaris 2008 install (of no more than a week or two) with the very latest Solaris 2009.

Since I had problems with running the LiveCD with a full X display, I opted for the text console and began the installation from there. Installing from text mode is simple, but mostly undocumented:

  1. Find an X server to use. There are nice X servers out there, not to mention the ones included with every UNIX and Linux installation. I use the Xming server for Windows.
  2. Boot the OpenSolaris LiveCD into text mode.
  3. Configure the OpenSolaris client to use the remote X server display. This could be as simple as logging in as root (password opensolaris) and setting the DISPLAY variable. This, of course, is not secure: to be secure, log in as root, start the ssh server, and log in over the network using the command ssh -X.
  4. Start the install process. This involves the code: pfexec /usr/bin/gui-install. After this, the GUI install process should appear on the remote display and the expected install process can begin.

Installing OpenSolaris this way onto the HP nc4010 was smooth, and the environment works well and is clean. There is a lack of official applications, but this may be expected, though disappointing: open source focus on OpenSolaris is not what it is for FreeBSD or for Linux.

The machine has a 1.7GHz Pentium M and 1Gb of main memory; this seems sufficient – so far. This machine is likely to become my secondary: the primary is Linux Mint – with all of the applications that a Debian/Ubuntu derivative can count on.

OpenSolaris Bundled with Toshiba Laptops

I don’t know how this slipped past me. Earlier this year, Toshiba and Sun announced that OpenSolaris would ship on certain Toshiba laptops then followed through with their announcement on schedule.

This is not necessarily as unusual as it might sound at first glance: Toshiba has been remarketing the Sun Sparc chip for some time, and has a history of working tightly with Sun Microsystems. The only other company that was just as likely to create an OpenSolaris laptop would be Tadpole, although Tadpole laptops have in the past used the Sparc chip from Sun instead of Intel chips.

Two different models are available: the Portege R600 and the Tecra M10. They are available from the OpenSolaris folks at Sun with free shipping until the end of June.

SheevaPlug: a Tiny Computer for $99

This computer introduced by Marvell is very tiny, and very interesting.  Despite the fact that Marvell’s wireless chipset has been closed to open source developers, it appears that the Sheeva Plug computer is being released as an open product: running Linux on an ARM processor, it is now available for $99 as a pre-release developer’s edition. There is already a place for developers to congregate and for documentation and so forth.

LinuxDevices had a delightful article on the technical aspects of the SheevaPlug, and it is very enlightening.

What would I use such a computer for?  I would quite possibly make it into a NAS solution with OpenFiler or FreeNAS; make it serve IP addresses via DHCP; make it into a web cache like squid; or make it serve music with subsonic.

This is one beautiful box.  One drawback I see is that with the way it is configured, there is no way to get it off the wall and out of the way.  Too many boxes plug right into the wall, which means there is no place for another box to plug in.

Another deficiency, which is silently ignored in a lot of applications shown: there is only one network connection. For the system to be a router of any type, it needs to have multiple network connections. If a SheevaPlug is to be a wireless router – or a cellular router – or other similar configurations, it needs to have more than one network connection. With the USB connection available, this is possible – but only if the USB isn’t taken with something else.

One nuisance to note, like others of its ilk: it requires added peripherals, so the “tiny” box could expand to include an external hard drive, and external USB hub with its own AC plug, a bluetooth USB plug, a USB cellular modem, a USB network port, and two network cables. This is the curse of tiny electronics today: one day, all of these extras will be included in a box the same size, and the cabling will be history.

One disadvantage that no one seems to have mentioned yet: the box is not grounded.  That’s right: only two prongs – no grounding plug.  This is totally baffling to me: no ground?

Still, these are really minor disadvantages: I want one – or even two!

It would be interesting to consider the use of these in the enterprise (although they are specifically designed for the home). The biggest places I could see these used in the enterprise would be for testing purposes, and for disaster recovery. If you had one of these ready as a DHCP server and DNS server, one as a NIS server – perhaps a medium-sized enterprise could run off of these until the real servers are built and ready to go.

They could also be used to support people in the field: preconfigured, ready to run: demonstration systems, VPN end points, presentation systems, security test launching points… What else can you think of?

Powered by ScribeFire.

Laptop “Disaster Recovery”

Over at the Productivity501 blog, there is a good article about laptop contigency planning. It is a must read. Go read it!

I’d like to take this one step further. Here in Wisconsin, we are having one back-breaker of a snowstorm (one and a half days so far). Closings everywhere – and people are looking to use the corporate VPN to work from home.

Here are some things to do to prepare for this ahead of time:

  • Make sure your certificate is current. You don’t want to find out your certificate is expired when you are desperately trying to get in.
  • Have you tried the VPN already? Does it work? When you are buried in snow and can’t reach the help desk is not the time to find out your software doesn’t work.
  • Try accessing everything you need to use. Is it responsive? Does it work? What are the quirks? If it’s slow, you can plan a backup strategy; if it’s not slow, you’ll know it’s not your machine when the VPN slows to a crawl.
  • Try accessing the VPN from where you would be when the snow flies (or wherever you would be when disaster strikes). Some ISPs have restrictive policies that will prevent your laptop from working if you are visiting someone. Try it first and find out how to solve any problems ahead of time.
  • Do you have your laptop with you? It won’t do you any good if you are caught without it when you need it. Do you have charging cords? Network cables? Wireless cards? Cellular phone modems? And test the connections!
  • Create backup plans. For all your careful planning, your laptop and Internet connection have gone south. Now what? Most likely, you’ll need phone numbers of your boss and coworkers, pager numbers, and other such things.

With this wintery weather upon us, it will be very important to be ready if you have to do your admin work from home (or on the road).

Choosing the Right Mobile Phone (or a review of the LG UX830)

Here in the United States, Qualcomm was able to get the Broadcom chipset locked out as they fight in court over patents. This means that all phones available for sale in the U.S. until very recently were operating Qualcomm chipsets. I’ll describe why this is important.

The LG UX830 (or LG Glimmer) is a good example. Since it is a Qualcomm-chipset based phone, it uses BREW and has no support for J2ME. With BREW, any third party developer must get an application certified to run on BREW and must pay a large sum of money just to be able to release the application to the public. Thus, virtually all open source applications are locked out of a BREW phone. Since Qualcomm controls BREW, it is no surprise then that this lockdown on the market has locked open source applications out of the current United States phone market.

For system administration, applications like SSH and one-time key pads are important – and unavailable on BREW phones.

Durability is not often mentioned in reviews of phones. The UX830, for example, has very flimsy plastic covers that feel as if they could break at any time. The cover for the charging port (microUSB port) gets in the way of the plug, so it sticks out from the phone when you open the port to use it.

Another thing to worry about is the usability of the phone itself. The LG phones I’ve seen have atrocious usability problems. Take the (apparently) multimedia menu. What is the difference between: Music, Shuffle, Audio, and Record Voice? Music is the music player. Audio is where you can work with your audio files: move, copy, set as ring tones, etc. (but not play with the player!). Shuffle actually has nothing to do with any music: it is the ability to randomly select a ringtone or alarm tone.

The application Record Voice is another perfect example: recording as soon as the application starts, and there is no way for you to listen to the recording without hunting down another application – and you don’t even have the option of not saving the recording. You start the application, then it will record and save – without giving you choice on whether to save, where to save, or what name to use.

The normal panel display is somewhat confusing as well: who knew that “four dots” meant “Main Menu”?

A phone (or computer system, or microwave, or VCR, or whatever) should not require hours of study to operate correctly – and without causing unexpected problems.

For me, the Nokia 6165i and 6265i that I’ve owned in the past were (mostly) good examples of usability. For one thing, there was the “gallery” (which contained pictures, sounds, applications, alarms, whatever) – which LG has separated out unnecessarily.

When looking for a phone – especially if for a team – I would recommend the following:

  • Check usability: how hard is it to start using all features without the manual? Does everything work as expected? Or are there surprises for whoever uses it?
  • Check for J2ME: a phone that uses BREW has a complete lockdown on the applications you can use; for instance, Opera Mini will not work. J2ME, however, is much more open: anyone can develop and release applications for J2ME.
  • Durability. Will it hold up? Check buttons, hole coverings, and any moving parts. A phone gets beat on; make sure it will stand up to it.
  • Check for memory cards – and which ones. Memory card expansion can be important, especially for saving data and external applications. However, are the memory cards commonly available? Are they cheap or expensive?

It may not be easy to get some of these specs; in particular, cellular carriers either don’t know what they are or don’t want to advertize. Asking your local salesperson for a phone that supports J2ME is likely to get you a blank stare, so do the research online yourself first. PhoneScoop is one such site; the PhoneScoop page on the LG UX830 has a lot of very useful information. PhoneArena is another site; their page on the LG UX830 is also very useful.