How do I report the monitoring data of hosts that are not provided by Alibaba Cloud to CloudMonitor by using an NGINX proxy server? - CloudMonitor

This topic describes how to report the monitoring data of hosts that are not provided by Alibaba Cloud to CloudMonitor by using an NGINX proxy server.

Step 1: Deploy an NGINX proxy server

We recommend that you use a Linux server as your proxy server because CloudMonitor is deployed on a Linux server. In this example, a Linux server that runs CentOS is used.

Important

You can deploy the NGINX proxy server only by using the root user account (an administrator account). If you use an administrator account, certain risks may occur. For example, system stability or data security issues may occur. Proceed with caution.

Download and decompress the NGINX installation package. In this example, nginx-1.19.6 is used.
1. Go to the specified installation directory and download the installation package. To download another version of the installation package, go to the NGINX official website.
```
cd /usr/local
wget http://nginx.org/download/nginx-1.19.6.tar.gz
```
2. Decompress the package.
```
tar -zxvf nginx-1.19.6.tar.gz
```

Install dependencies.

yum install -y git patch pcre pcre-devel gcc zlib zlib-devel openssl openssl-devel

Download and install the NGINX patch package. In this example, the proxy_connect_rewrite_1018.patch patch package is installed.
1. Go to the directory of the decompressed nginx-1.19.6 package.
2. Run the following command to download the NGINX patch package:
```
git clone https://github.com/chobits/ngx_http_proxy_connect_module.git
```
  Important
  You must download the patch package corresponding to the installed NGINX. In this example, the NGINX version is nginx-1.19.6. Therefore, the patch package proxy_connect_rewrite_1018.patch is selected. For more information, go to GitHub.
3. Install the NGINX patch package. Before you install the patch package, make sure that the package is in the /usr/local/nginx-1.19.6 directory.
```
patch -p1 < ngx_http_proxy_connect_module/patch/proxy_connect_rewrite_1018.patch
```
  Note
  patch: patches the original file by using the patch file.
  -p1: indicates which part of the patch file path is ignored. Value 1 indicates that the first part is ignored.
Compile and install NGINX, and then start NGINX.
1. Run the following command for compilation in the /usr/local/nginx-1.19.6 directory of the NGINX installation package:
```
./configure --prefix=/usr/local/nginx-1-19 --with-http_stub_status_module --with-http_ssl_module --add-module=ngx_http_proxy_connect_module
```
  Note
  --prefix=/usr/local/nginx-1-19 indicates the directory after NGINX is compiled and installed.
2. Run the following installation command:
```
make && make install
```
3. Run the following command to start NGINX:
```
/usr/local/nginx-1-19/sbin/nginx
```
In the address bar of your browser, enter IP address of the proxy server:80. If the following output is displayed, the installation is successful.

Configure an NGINX proxy.

Create a forward.conf configuration file in the conf directory where NGINX is compiled and installed.
```
cd /usr/local/nginx-1-19/conf
vi forward.conf
```

Configure a forward proxy or a reverse proxy in the forward.conf file.

Forward proxy:

server {
     listen                         8080; # The custom port for the NGINX proxy server. 
     server_name                    xxx.xx.xx.xxx; # The IP address of the proxy server. 
     # dns resolver used by forward proxying
     resolver                       114.114.114.114;  # The DNS address. 

     # forward proxy for CONNECT request
     proxy_connect;
     proxy_connect_allow            443;
     proxy_connect_connect_timeout  10s;
     proxy_connect_read_timeout     10s;
     proxy_connect_send_timeout     10s;

     # forward proxy for non-CONNECT request
     location / {
         proxy_pass http://$http_host$request_uri;  # The protocol and request URI of the proxy server. Do not change the default values. 
         proxy_set_header Host $host;
     }
 }

Note

Forward proxy: If you consider the Internet outside the local area network (LAN) as a huge resource pool, the clients in the LAN need to access the Internet by using a forward proxy.

The forward proxy of NGINX does not support HTTPS. You must patch the proxy to support HTTPS.

Reverse proxy:

server {
    listen              443 ssl;
    server_name         192.168.XX.XX; # The IP address of the proxy server. 
    ssl_certificate     XXXX.pem; # The SSL certificate. 
    ssl_certificate_key XXXX.key; # The key of the SSL certificate. 

    location / {
        proxy_pass  https://www.aliyun.com; # The URL that the proxy server accesses. 
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forward`ed-For $proxy_add_x_forwarded_for;
    }
}

Note

Reverse proxy: If the LAN provides resources and services for the Internet, the clients on the Internet need to access resources in the LAN by using a reverse proxy.

Important

For more information about how to apply for an SSL certificate, see Apply for a certificate.

Press the Esc key, enter :wq, and then press the Enter key to save the forward.conf configuration file and exit.
Open the nginx.conf main configuration file of NGINX.
```
cd /usr/local/nginx-1-19/conf
vi nginx.conf
```
Run the include command to add the forward.conf configuration file to the nginx.conf main configuration file.
```
http {
  ......
    include /usr/local/nginx-1-19/conf/forward.conf;
  ......
}
```
Press the Esc key, enter :wq, and then press the Enter key to save the nginx.conf file and exit.

Restart the NGINX proxy server.

/usr/local/nginx-1-19/sbin/nginx -s reload

Test the NGINX proxy server.
1. For the forward proxy, run the following command to access a URL. If the URL can be accessed, the NGINX proxy server is installed.
```
curl -x 192.168.XX.XX (IP address of the proxy server):<Port of the proxy server> http://example.aliyundoc.com (any URL)
```
2. For the forward proxy, run the following command to access a URL. If you can access the URL specified in the nginx.conf file, the NGINX proxy server is configured.
```
curl -x 192.168.XX.XX (IP address of the proxy server):<Port of the proxy server> https://example.aliyundoc.com (any URL)
```

Step 2: Install and configure the CloudMonitor agent

Important

You can manage the CloudMonitor agent only by using the root user account (an administrator account). If you use an administrator account, certain risks may occur. For example, system stability or data security issues may occur. Proceed with caution.

Install the CloudMonitor agent on a host that is not provided by Alibaba Cloud.
For more information, see Install and uninstall the CloudMonitor agent.

Configure the NGINX proxy server in the CloudMonitor agent.

Log on to the host where the CloudMonitor agent resides as the root user.
Run the following commands to open the agent.properties file:
```
cd /usr/local/cloudmonitor/conf
vi agent.properties
```

Configure the NGINX proxy server in the configuration file of the CloudMonitor agent.

http.proxy.auto=false
# Manually configure the proxy server.
http.proxy.host=192.168.XX.XX
# The IP address of the NGINX proxy server. 
http.proxy.port=8080
# The port number of the NGINX proxy server. 
#http.proxy.user=user  # The NGINX proxy server does not require a username for HTTP authentication. 
#http.proxy.password=password  # The NGINX proxy server does not require a password for HTTP authentication.

Press the Esc key, enter :wq, and then press the Enter key to save the agent.properties file and exit.
Run the following command to restart the CloudMonitor agent:
```
./cloudmonitorCtl.sh restart
```

Step 3: View the monitoring data of the host not provided by Alibaba Cloud

Log on to the CloudMonitor console.
In the left-side navigation pane, click Host Monitoring.
On the Host Monitoring page, click the host name or click Monitoring Charts in the Actions column of the host.
View the monitoring data of the host not provided by Alibaba Cloud.