I like monitoring... and, after early mrtg experiences, munin was my first, production, centralized monitoring system I dealt with.
Although focused in graphing, It is very useful if you want a quick plain website where you can simply put and browse all your systems graphs.
Since I use pfSense both virtual and physical extensively, it was very frustrating not having a nice pfSense package, but, fortunately, being pfSense freeBSD based, we can use the OS packaged munin-node.
Since I have still not migrated to pfSense 2.3.x, this post will cover both 2.1.x and 2.2.x.
Also, I have always had problems when upgrading 2.1.x nanobsd routers as munin-node was screwed upon upgrade.
Here we go...
Instaling packages in pfSense 2.1.x
get to console either via VGA, serial or SSH.
Remember that if your install is nanobsd you need to turn the filesystem read-write with this command:
And, very important, after messing with your nanobsd install, tur it read-only again!
Now we need to manually setup package sources and download and install needed stuff...
First we will install 'nano' cli text editor:
setenv PACKAGESITE "http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/ports/i386/packages-8.3-release/editors/" pkg_add -r nano-2.2.6.tbz
And once we can easily edit textfiles on the console we proceed with munin-node:
setenv PACKAGESITE "http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/ports/i386/packages-8.3-release/Latest/" pkg_add -r munin-node
Now, munin-node is installed, but the package has not been automatically configured as usually in Linux... so execute the following to autodetect system values and services that can be monitored:
/usr/local/sbin/munin-node-configure --suggest --shell | sh
Now we have to tune a little bit the iostat plugin and the munin-node path for pfSense... so execute these:
sed -i -e 's/MB/KB/' /usr/local/etc/munin/plugins/iostat mv /usr/local/etc/rc.d/munin-node /usr/local/etc/rc.d/munin-node.sh
Finally, we need to edit the file
/usr/local/etc/rc.d/munin-node.sh again for pfSense environment. so use nano editor (or vi if you like) like this:
And paste the following among the present similar lines (order does not strictly matters):
#added pfsense config lines [ -d /var/run/munin ] || mkdir /var/run/munin [ -d /etc/rc.conf ] || echo 'munin_node_enable="YES"' >> /etc/rc.conf #end adding
Now munin-node package is installed and modified to run in your router. Wi will configure it and start it later on!
Instaling packages in pfSense 2.2.x
In pfSense 2.2.x we do have the luxury of a package manager up and running from the very beginning, so no tricks are needed, just do the following, to automatically setup pkg, update it, and install packages:
pkg pkg update pkg install nano rehash pkg install munin-node rehash
if you're running a nanobsd install you may note the first command (pkg) being reaaaaally slow on a CF. just be patient, it may take very very long time, let it work and do another think... (this happens only the FIRST time you run it, althoug install is always sluggish in CF anyways...)
Configuration and start up
As usual, we will have to add the usual 'allow IP' rules configuration in
nano /usr/local/etc/munin/munin-node.conf config file.
This is the bare minimum required setup, in order to stablish which munin servers do our pfSense munin-node trust, and let them fetch data to draw their graphs.
But we will also add some tunning in the config, since pfSense, and specially nanobsd installs have special requirements, so:
look, find and replace or comment out the following lines, replacing them with new ones... here is an excerpt of how it should finally look like:
# Replacing this lines to adapt to pfsense # log_level 4 # log_file /var/log/munin/munin-node.log # pid_file /var/run/munin/munin-node.pid log_level 0 log_file /tmp/munin-node.log pid_file /tmp/nmunin-node.pid
Note down you munin-server IPs and add them, one line per IP, to the allowed IP list you'll easily find, like this (replace XXX.XXX.XXX.XXX by real IP):
And you're done!... ready to start the service.
If you're still in pfSense 2.1.x you'll start munin-node like this:
If you're with 2.2.x you will start instead that way: