Checkmk Conference #6 goes digital. Get your tickets here!
1. The Basics
1.1. Why Linux?
Checkmk is a comprehensive software package, which basically requires Linux as its operating system. Why? Linux is an excellent platform for the operation of Checkmk, because it is very performant and stable, and many important tools are already integrated. Alongside this there is the pleasant side benefit of the availability of completely-free distributions of Linux with Debian, Ubuntu and CentOS, which are enterprise-capable and supported by Checkmk. This article shows you how to install and run Checkmk on an existing Linux system.
1.2. Supported Distributions
Linux is a free system and offered by many producers in their own variants (distributions). This is of course very positive, because competition stimulates business, increases quality, and as a user you always have the possibility to switch to a Linux distribution that is better-suited to your needs.
However, this diversity also has a disadvantage: The available distributions differ in many details, among other things also in the versions of the provided software libraries, directory paths, pre-configuration, etc.
To make sure that everything runs smoothly with Checkmk, we decided from the very beginning to develop a separate installation package of Checkmk for every important Linux distribution – and even for every single version of these distributions, as long as it is still being maintained by the developer. More work for us – less stress for you!
We currently support the following Linux distributions:
- SuSE LINUX Enterprise Server (SLES) from Version 11
- Red Hat Enterprise Linux (RHEL) from Version 6.0
- CentOS from Version 6.0
- Debian from Version 7.0
- Ubuntu from Version 14.04
For Checkmk the installation you need a physical or virtual server on which you have already installed Linux. The installation is then achieved in four steps:
- Preparing the Linux-System
- Setting-up the package sources
- Downloading of the appropriate Checkmk package
- Installation of the Checkmk package
2. Installation and preparation of the Linux system
Depending on which Distribution you are installing, different steps are necessary for the preparation. For this reason we will assume that the Linux system on which the Checkmk is to be installed has been installed with the developer’s default settings, and correctly-connected to the network, so that it is accessible via HTTP and SSH from your workplace.
2.1. Partitioning hard drive space
Checkmk stores its data under the /opt/omd physical path. If the system is to be used exclusively for Checkmk, the major part of the hard drive’s free space should be available. In this case it is not essential – but very desirable – that /opt/omd, or /opt has its own partition.
2.2. SMTP for outgoing emails
If you wish to send Monitoring Notifications by email, then for outgoing emails a correct configuration of the SMTP service is required. This is set up with the distribution’s respective tool during the installation. Usually you define a Smarthost to which all emails are to be redirected.
2.3. Settings for the system time
In order for the monitoring server to have a correct system time, we strongly recommend setting up NTP. The hardware clock should be set to UTC. As soon as the server is taken into monitoring with Checkmk, NTP will ensure the correct time is used for all functions.
3. Setting up the package sources
Checkmk requires a number of software packages from your Linux distribution. Third-party software is not required. In order that all necessary packages can be subsequently installed, a correct configuration of the software sources is necessary. The setup procedure varies depending on the Distribution being used.
3.1. Debian and Ubuntu
3.2. SLES 11
Unfortunately SUSE has some of its important packages on a separate DVD. This is labelled SUSE Linux Enterprise SDK. Install this with YaST as a second package source. Please don’t confuse the SDK with DVD 2 of the normal installation DVD. This last contains the sofware’s source codes and is not required. If you have a valid SLES subscription you can download the ISO image of the SDK directly from the SuSE website.
3.3. SLES 12
With SLES 12 some software components, eg. PHP, which is required by OMD, are stored in so-called Modules. In order to be able to access SLES 12’s PHP packages, the following steps need to be taken:
Unfortunately two further required packages that must be manually-installed were not included until Checkmk version 1.2.8. At present these can only be obtained from the OpenSUSE repositories. Please keep in mind that the version number can differ:
Here is an installation example:
root@linux# wget https://download.opensuse.org/repositories/Apache:/Modules/openSUSE_Tumbleweed/x86_64/apache2-mod_fcgid-2.3.9-50.23.x86_64.rpm root@linux# zypper install apache2-mod_fcgid-2.3.9-50.23.x86_64.rpm
3.4. SLES 15
With SLES 15, in addition to Web and Scripting, you need to subscribe to the Development Tools and the Package Hub module.
3.5. Red Hat and CentOS
With Red Hat and CENTOS the EPEL (Extra Packages for Enterprise Linux) repository must be set up as a package source if you use Checkmk version 1.5.0, or an older release. You can do this with the help of an RPM package, which can be installed with the yum command:
Here is an example of an installation on CentOS 6:
root@linux# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
On CentOS 5 systems you additionally need the python-reportlab package, which can be manually-installed as below:
root@linux# yum install http://checkmk.com/download/python-reportlab-2.3-3.noarch.rpm
In order to be able to use EPEL on RedHat, the package sources for optional RPMs (at least for RedHat 6) are required if these haven’t already been installed during the operating system installation. Without these sources the freeradius-utils, graphviz-gd, and php-mbstring package will be missing. This can be done, eg., with the following commands:
root@linux# yum-config-manager --enable rhel-6-server-optional-rpms root@linux# subscription-manager repos --enable rhel-6-server-optional-rpms
root@linux# yum-config-manager --enable rhel-7-server-optional-rpms root@linux# yum-config-manager --enable rhel-7-server-extras-rpms root@linux# subscription-manager repos --enable rhel-7-server-optional-rpms root@linux# subscription-manager repos --enable rhel-7-server-extras-rpms
You can get a list of all available package repositories with:
root@linux# subscription-manager repos --list
Note: Since Red Hat and thus CentOS also deliver SELinux and a local firewall as standard, adjustments may have to be made here. As the first step you will need to allow your web server to access the network interfaces:
root@linux# setsebool -P httpd_can_network_connect 1
Secondly, you release the web server and activate the change:
root@linux# firewall-cmd --zone=public --add-service=http --permanent success root@linux# firewall-cmd --reload success
4. Download the appropriate packages
If you have a subscription, on your subscription downloads page you will find a suitable RPM or DEB package for your distribution for every available Checkmk-Version. For a free test version of Checkmk you can access our Demo-Versions. You can easily upgrade to the Full Version at a later date.
Please consider when selecting a package:
- Firstly, choose a version of Checkmk. Unless otherwise indicated, we recommend the latest stable Version.
- The name and version of your distribution must be identical.
- The architecture (32 oder 64 Bit) must match.
- We always recommend the Minimum-Package. Packages from the Full range include alternative software components, such as, eg. Icinga or Thruk, which we provide but do not support.
5. Package installation
5.1. Signed-package installation
From Version 1.5.0i4 the packages for this version and for all daily builds are signed using GnuPG. Through the use of this signature, on the one hand it can be verified whether the package really is from Checkmk, and on the other hand it can be verified that the package is complete.
So that these signed packages can be installed in the usual way, one time only you will need to import our public key so that the signature will be trusted. First, load the key directly from our website:
root@linux# wget https://checkmk.com/support/Check_MK-pubkey.gpg
Alternatively, the key can also be obtained from gnupg.net:
root@linux# gpg --keyserver keys.gnupg.net --recv-keys 434DAC48C4503261 root@linux# gpg --armor --export 434DAC48C4503261 > Check_MK-pubkey.gpg
Then import the key from the list of trusted signatures. Under Debian and Ubuntu the following command is required:
root@linux# apt-key add Check_MK-pubkey.gpg
For RPM-based systems (RHEL, CentOS, SLES) the rpm tool is required:
root@linux# rpm --import Check_MK-pubkey.gpg
5.2. Debian and Ubuntu
Next install the gdebi-core package on Debian (this is pre-installed as standard in Ubuntu). This tool ensures that not only the package with the Checkmk Monitoring System, but also all of its dependencies will be correctly installed:
root@linux# apt-get install gdebi-core
Afterwards install the Checkmk-package with gdebi (the downloaded package as well):
root@linux# gdebi check-mk-enterprise-1.6.0p7_0.stretch_amd64.deb
Important: Under Debian/Ubuntu there is no automatic verification of a package’s signature. If required, you’ll need to perform this yourself:
root@linux# dpkg-sig --verify check-mk-enterprise-1.6.0p7_0.stretch_amd64.deb
In SLES use the zypper tool with the install command:
root@linux# zypper install --no-gpg-checks check-mk-enterprise-1.6.0p7_0.stretch_amd64.rpm
Important: When using one of Checkmk’s signed packages, the --no-gpg-checks option should of course be omitted. Before an installation the signature can be verified as follows:
root@linux# rpm --checksig check-mk-enterprise-1.6.0p7_0.stretch_amd64.rpm
5.4. Red Hat and CentOS
Here the installation is performed with yum install:
root@linux# yum install check-mk-enterprise-1.6.0p7_0.stretch_amd64.rpm
6. Final test
After the successful installation of Checkmk, and all dependencies, you will have access to the omd command. With this command you are able to create and manage monitoring sites. You can request the installed version to verify your installation:
root@linux# omd version OMD - Open Monitoring Distribution Version 1.6.0p7.cee