00:17 < prgmrcom> goals here: 1. it's gotta tunnel through something (probably ssh, as ssh is already open, and that's usually easy) so that the outside world can't bang on it, and 2. the display needs to be on a server that doesn't have the keys to bang on snmpd (e.g. if the customer display server is compromised, I don't want that to let them have access to snmp. 00:18 < prgmrcom> 2 could be achieved by just by using a regular system and not giving customers access; we ssh tunnel in to look at it. Which sucks, but eh. we could use wget or something to pull to a server to grab the customer/public data. 00:19 < prgmrcom> (I mean, I'd like dom0 statistics to be completely public, then have data related to each domain only available to the domain owner.) 00:19 < prgmrcom> but, immediately, I need a internal snmp server; the public bits can be built later. 00:20 < prgmrcom> okay, fuck it. munin is sthe slickest shit available. I'm going to setup munin on an internal-only server, and figure out how to tunnel the snmp requests to other servers. ... 00:37 < digitalpickle> I'm seeing man references to "sshtosnmp", so your ssh plan sounds reasonable.
so I have a snmp box setup.. Turns out? sshtosnmp is a transport for snmpd, which requires net::snmp of 5.6 or better:
Also the epel version of munin is crusty and old, so I may recompile it, or I may not, instead just making munin use my own perl. (It's also possible I could get the new net::SNMP working with the old system perl. but eh.)
[lsc@snmp perl-5.16.2]$ ./Configure -des -Dprefix=/opt/perl5.16.2;make test; sudo make install
sudo PERL_MM_USE_DEFAULT=1 /opt/perl5.16.2/bin/perl -MCPAN -e 'install Time::HiRes Storable Digest::MD5 HTML::Template Text::Balanced Params::Validate TimeDate Net::SSLeay Getopt::Long File::Copy::Recursive CGI::Fast IO::Socket::INET6 Log::Log4perl'