Versions Compared

Old Version 6

changes.mady.by.user David Raila

Saved on

compared with

New Version 7

changes.mady.by.user Craig Willis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Monitoring

Qualys

Qualys is used by NCSA IT for vulnerability assessment and management.  Qualys will require SSH access to any public-facing host or service.  

NCSA Security has opened a ticket for this: https://jira.ncsa.illinois.edu/browse/SECOPS-340. We need to:

  • Provide a list of IPs that we want scanned (in general they try to scan one system of each type)
  • Security will provide SSH public key to use to login to local qualys user account.
  • Instructions for setting up Qualys user: https://wiki.ncsa.illinois.edu/pages/viewpage.action?pageId=41461115
  • Provide email address for reports.
  • We will also need to do this to public-facing containers (e.g., Nginx controller)

Associated tickets:

  • Jira
    serverJIRA
    serverIdb14d4ad9-eb00-3a94-88ac-a843fb6fa1ca
    keyNDS-565

Nagios

Nagios is an open source monitoring system. In general, the Nagios server is installed in one location and the Nagios Remote Plugin Executor (NRPE) on each node to be monitored. Nagios provides public service monitoring through standard plugins (e.g., DNS, HTTP, SMTP, etc).  It provides private service monitoring throug NRPE (CPU, memory, disk, etc).

For NDS Labs, we'll do the following:

Additionally, we will want to add health checks (healthz) to all system services.

Associated tickets:

  • Jira
    serverJIRA
    serverIdb14d4ad9-eb00-3a94-88ac-a843fb6fa1ca
    keyNDS-566

Usage monitoring

We will use the Kubernetes addons, specifically ELK and Grafana, to monitor usage during the beta periodSee NDS Labs Monitoring.

Backup/Disaster Recovery

...