my company is beginning to offer managed services agreements for our customers, meaning that we remotely administer small clusters of servers at the customer site. The hosts we're managing are behind the customer firewall, and our access is via VPN. This works fine for troubleshooting or interactive tasks.
However, I'm not sure how to manage monitoring. I could just write a bunch of monitoring scripts that email me when there are problems. I would rather, though, use a "real" monitoring framework (e.g., Nagios, which I'm most familiar with), that can give me a unified view of the health of all customer sites.
I'm not sure how I would do this, though, since the sites I want to monitor are only accessible by VPN — and it's not practical to keep the vpn connections up constantly just for the sake of monitoring.
I'd be interested to hear any ideas.
Best Answer
What's wrong with keeping the VPN connections up all the time? They're not going to wear out. Sounds like a great way of monitoring the health of your VPN endpoint. In fact, if you were to use Nagios you would probably want to configure all your checks to have the VPN endpoint as a dependency (so that your VPN going down wouldn't trigger a flood of erroneous alerts).
You may also want to read the Nagios docs on distributed monitoring, which may provide you with what you want -- install a monitoring host at each customer site, and have them report back to a "master monitor" using the techniques discussed in this document. Assuming that your customer networks don't block your outbound access, this seems to meet your goals: