diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-07-11 09:31:24 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-07-11 09:31:24 +0200 |
commit | 2bdbb0213a0f70705f81ac2eaf8349668b2c29b4 (patch) | |
tree | 06b1e40db99815133dcc40e3e68531d45e1bd228 /modules/profile/manifests/monitoring | |
parent | 25c99a635507abfe6af4a1f0a9fc5a103d1880c0 (diff) | |
parent | d8bc769648c1528f5d749deee060d70e326ef431 (diff) | |
download | Puppet-2bdbb0213a0f70705f81ac2eaf8349668b2c29b4.tar.gz Puppet-2bdbb0213a0f70705f81ac2eaf8349668b2c29b4.tar.zst Puppet-2bdbb0213a0f70705f81ac2eaf8349668b2c29b4.zip |
Merge branch 'monitoring' into dev
Diffstat (limited to 'modules/profile/manifests/monitoring')
-rw-r--r-- | modules/profile/manifests/monitoring/commands.pp | 70 | ||||
-rw-r--r-- | modules/profile/manifests/monitoring/contacts.pp | 16 | ||||
-rw-r--r-- | modules/profile/manifests/monitoring/external_service.pp | 16 | ||||
-rw-r--r-- | modules/profile/manifests/monitoring/hosts.pp | 45 | ||||
-rw-r--r-- | modules/profile/manifests/monitoring/local_service.pp | 56 | ||||
-rw-r--r-- | modules/profile/manifests/monitoring/params.pp | 42 | ||||
-rw-r--r-- | modules/profile/manifests/monitoring/services.pp | 42 | ||||
-rw-r--r-- | modules/profile/manifests/monitoring/times.pp | 23 |
8 files changed, 310 insertions, 0 deletions
diff --git a/modules/profile/manifests/monitoring/commands.pp b/modules/profile/manifests/monitoring/commands.pp new file mode 100644 index 0000000..1c8d0b4 --- /dev/null +++ b/modules/profile/manifests/monitoring/commands.pp | |||
@@ -0,0 +1,70 @@ | |||
1 | class profile::monitoring::commands inherits profile::monitoring { | ||
2 | ensure_packages(["monitoring-plugins"]) | ||
3 | |||
4 | file { $plugins: | ||
5 | ensure => "directory", | ||
6 | owner => "root", | ||
7 | group => "naemon", | ||
8 | mode => "0755", | ||
9 | } | ||
10 | |||
11 | [ | ||
12 | "check_command", | ||
13 | "check_md_raid", | ||
14 | "check_postgres_replication", | ||
15 | "check_last_file_date", | ||
16 | ].each |$file| { | ||
17 | file { "$plugins/$file": | ||
18 | ensure => "present", | ||
19 | owner => "root", | ||
20 | group => "naemon", | ||
21 | mode => "0755", | ||
22 | source => "puppet:///modules/profile/monitoring/$file", | ||
23 | } | ||
24 | } | ||
25 | |||
26 | Nagios_command { | ||
27 | ensure => "present", | ||
28 | owner => "naemon", | ||
29 | group => "naemon", | ||
30 | target => $objects, | ||
31 | notify => Service["naemon"], | ||
32 | before => Service["naemon"], | ||
33 | require => File["/etc/naemon"], | ||
34 | } | ||
35 | |||
36 | nagios_command { | ||
37 | "check-host-alive": | ||
38 | command_line => '$USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5'; | ||
39 | "check_local_disk": | ||
40 | command_line => '$USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$'; | ||
41 | "check_local_procs": | ||
42 | command_line => '$USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$'; | ||
43 | "check_local_load": | ||
44 | command_line => '$USER1$/check_load -w $ARG1$ -c $ARG2$'; | ||
45 | "check_local_swap": | ||
46 | command_line => '$USER1$/check_swap -n ok -w $ARG1$ -c $ARG2$'; | ||
47 | "check_ntp": | ||
48 | command_line => '$USER1$/check_ntp_time -H 0.arch.pool.ntp.org'; | ||
49 | "check_md_raid": | ||
50 | command_line => '$USER2$/check_md_raid', | ||
51 | require => File["$plugins/check_md_raid"]; | ||
52 | "check_command_output": | ||
53 | command_line => '$USER2$/check_command -c "$ARG1$" -o "$ARG2$" $ARG3$', | ||
54 | require => File["$plugins/check_command"]; | ||
55 | "check_postgresql_replication": | ||
56 | command_line => '/usr/bin/sudo -u postgres $USER2$/check_postgres_replication "$ARG1$" "$ARG2$" "$ARG3$"', | ||
57 | require => File["$plugins/check_postgres_replication"]; | ||
58 | "check_last_file_date": | ||
59 | command_line => '$USER2$/check_last_file_date "$ARG1$" "$ARG2$" "$ARG3$"', | ||
60 | require => File["$plugins/check_last_file_date"], | ||
61 | } | ||
62 | |||
63 | unless empty($naemon_url) { | ||
64 | nagios_command { | ||
65 | "notify-master": | ||
66 | command_line => '/etc/naemon/send_nrdp.sh -H "$HOSTADDRESS$" -s "$SERVICEDESC$" -S "$SERVICESTATEID$" -o "$SERVICEOUTPUT$"', | ||
67 | require => File["/etc/naemon/send_nrdp.sh"]; | ||
68 | } | ||
69 | } | ||
70 | } | ||
diff --git a/modules/profile/manifests/monitoring/contacts.pp b/modules/profile/manifests/monitoring/contacts.pp new file mode 100644 index 0000000..a751153 --- /dev/null +++ b/modules/profile/manifests/monitoring/contacts.pp | |||
@@ -0,0 +1,16 @@ | |||
1 | class profile::monitoring::contacts inherits profile::monitoring::params { | ||
2 | Nagios_contactgroup { | ||
3 | ensure => "present", | ||
4 | owner => "naemon", | ||
5 | group => "naemon", | ||
6 | target => $objects, | ||
7 | notify => Service["naemon"], | ||
8 | before => Service["naemon"], | ||
9 | require => File["/etc/naemon"], | ||
10 | } | ||
11 | |||
12 | nagios_contactgroup { "admins": | ||
13 | alias => "System administrators", | ||
14 | } | ||
15 | |||
16 | } | ||
diff --git a/modules/profile/manifests/monitoring/external_service.pp b/modules/profile/manifests/monitoring/external_service.pp new file mode 100644 index 0000000..027dad8 --- /dev/null +++ b/modules/profile/manifests/monitoring/external_service.pp | |||
@@ -0,0 +1,16 @@ | |||
1 | define profile::monitoring::external_service ( | ||
2 | Optional[String] $type = undef, | ||
3 | Optional[Hash] $master = {}, | ||
4 | ) { | ||
5 | include profile::monitoring::params | ||
6 | $service_description = $title | ||
7 | |||
8 | nagios_service { $service_description: | ||
9 | service_description => $service_description, | ||
10 | host_name => $::profile::monitoring::params::service_local["host_name"], | ||
11 | use => $::profile::monitoring::params::service_types[$type], | ||
12 | target => $::profile::monitoring::params::services_for_master, | ||
13 | * => $master, | ||
14 | } | ||
15 | |||
16 | } | ||
diff --git a/modules/profile/manifests/monitoring/hosts.pp b/modules/profile/manifests/monitoring/hosts.pp new file mode 100644 index 0000000..f7802be --- /dev/null +++ b/modules/profile/manifests/monitoring/hosts.pp | |||
@@ -0,0 +1,45 @@ | |||
1 | class profile::monitoring::hosts inherits profile::monitoring::params { | ||
2 | $real_hostname = lookup("base_installation::real_hostname") | ||
3 | |||
4 | Nagios_hostgroup { | ||
5 | ensure => "present", | ||
6 | owner => "naemon", | ||
7 | group => "naemon", | ||
8 | target => $objects, | ||
9 | notify => Service["naemon"], | ||
10 | before => Service["naemon"], | ||
11 | require => File["/etc/naemon"], | ||
12 | } | ||
13 | |||
14 | Nagios_host { | ||
15 | ensure => "present", | ||
16 | owner => "naemon", | ||
17 | group => "naemon", | ||
18 | target => $objects, | ||
19 | notify => Service["naemon"], | ||
20 | before => Service["naemon"], | ||
21 | require => File["/etc/naemon"], | ||
22 | } | ||
23 | |||
24 | nagios_hostgroup { "linux-servers": | ||
25 | alias => "Linux Servers", | ||
26 | members => [$real_hostname], | ||
27 | } | ||
28 | |||
29 | $host_linux_server = { | ||
30 | check_command => "check-host-alive", | ||
31 | check_interval => 5, | ||
32 | check_period => "24x7", | ||
33 | contact_groups => "admins", | ||
34 | max_check_attempts => "10", | ||
35 | notification_interval => "120", | ||
36 | notification_options => "d,u,r", | ||
37 | retry_interval => "1", | ||
38 | } | ||
39 | |||
40 | nagios_host { $real_hostname: | ||
41 | address => $real_hostname; | ||
42 | default: * => $host_linux_server, | ||
43 | } | ||
44 | |||
45 | } | ||
diff --git a/modules/profile/manifests/monitoring/local_service.pp b/modules/profile/manifests/monitoring/local_service.pp new file mode 100644 index 0000000..1f975f0 --- /dev/null +++ b/modules/profile/manifests/monitoring/local_service.pp | |||
@@ -0,0 +1,56 @@ | |||
1 | define profile::monitoring::local_service ( | ||
2 | Optional[Hash] $sudos = {}, | ||
3 | Optional[Hash] $common = {}, | ||
4 | Optional[Hash] $master = {}, | ||
5 | Optional[Hash] $local = {}, | ||
6 | ) { | ||
7 | include profile::monitoring::params | ||
8 | |||
9 | $service_description = $title | ||
10 | |||
11 | Nagios_service { | ||
12 | ensure => "present", | ||
13 | owner => "naemon", | ||
14 | group => "naemon", | ||
15 | notify => Service["naemon"], | ||
16 | before => Service["naemon"], | ||
17 | require => File["/etc/naemon"], | ||
18 | } | ||
19 | |||
20 | $sudos.each |$sudo_name, $content| { | ||
21 | ensure_resource("sudo::conf", $sudo_name, { | ||
22 | content => $content, | ||
23 | before => Nagios_service[$service_description], | ||
24 | }) | ||
25 | } | ||
26 | |||
27 | [true, false].each |$services_for_master| { | ||
28 | if $services_for_master { | ||
29 | $default_local = { | ||
30 | mode => "0644", | ||
31 | target => $::profile::monitoring::params::services_for_master, | ||
32 | check_interval => $::profile::monitoring::params::service_local["check_interval"], | ||
33 | retry_interval => $::profile::monitoring::params::service_local["retry_interval"], | ||
34 | host_name => $::profile::monitoring::params::service_local["host_name"], | ||
35 | use => $::profile::monitoring::params::service_types["passive"], | ||
36 | notify => [], | ||
37 | } | ||
38 | $t = "master - " | ||
39 | $services_key = $master | ||
40 | } else { | ||
41 | $default_local = merge( | ||
42 | $::profile::monitoring::params::service_local, | ||
43 | { target => $::profile::monitoring::params::objects } | ||
44 | ) | ||
45 | $t = "" | ||
46 | $services_key = $local | ||
47 | } | ||
48 | |||
49 | $hash = merge($default_local, $common, $services_key) | ||
50 | |||
51 | nagios_service { "$t$service_description": | ||
52 | service_description => $service_description, | ||
53 | * => $hash | ||
54 | } | ||
55 | } | ||
56 | } | ||
diff --git a/modules/profile/manifests/monitoring/params.pp b/modules/profile/manifests/monitoring/params.pp new file mode 100644 index 0000000..27f895e --- /dev/null +++ b/modules/profile/manifests/monitoring/params.pp | |||
@@ -0,0 +1,42 @@ | |||
1 | class profile::monitoring::params { | ||
2 | $real_hostname = lookup("base_installation::real_hostname") | ||
3 | |||
4 | $services_for_master = "/etc/naemon/services_for_master.cfg" | ||
5 | $objects = "/etc/naemon/objects.cfg" | ||
6 | $plugins = "/etc/naemon/monitoring-plugins" | ||
7 | |||
8 | $service_types = { | ||
9 | "passive" => "external-passive-service", | ||
10 | "web" => "external-web-service", | ||
11 | } | ||
12 | |||
13 | $service_generic = { | ||
14 | active_checks_enabled => "1", | ||
15 | check_freshness => "0", | ||
16 | check_interval => "10", | ||
17 | check_period => "24x7", | ||
18 | contact_groups => "admins", | ||
19 | event_handler_enabled => "1", | ||
20 | flap_detection_enabled => "1", | ||
21 | is_volatile => "0", | ||
22 | max_check_attempts => "3", | ||
23 | notification_interval => "60", | ||
24 | notification_options => "w,u,c,r", | ||
25 | notification_period => "24x7", | ||
26 | notifications_enabled => "0", | ||
27 | obsess_over_service => "1", | ||
28 | passive_checks_enabled => "1", | ||
29 | process_perf_data => "1", | ||
30 | retain_nonstatus_information => "1", | ||
31 | retain_status_information => "1", | ||
32 | retry_interval => "2", | ||
33 | } | ||
34 | |||
35 | $service_local = merge($service_generic, { | ||
36 | host_name => $real_hostname, | ||
37 | check_interval => "5", | ||
38 | max_check_attempts => "4", | ||
39 | retry_interval => "1", | ||
40 | }) | ||
41 | |||
42 | } | ||
diff --git a/modules/profile/manifests/monitoring/services.pp b/modules/profile/manifests/monitoring/services.pp new file mode 100644 index 0000000..95c6efb --- /dev/null +++ b/modules/profile/manifests/monitoring/services.pp | |||
@@ -0,0 +1,42 @@ | |||
1 | class profile::monitoring::services { | ||
2 | |||
3 | profile::monitoring::local_service { | ||
4 | "Size on root partition": | ||
5 | local => { | ||
6 | check_command => "check_local_disk!20%!10%!/", | ||
7 | }; | ||
8 | "Total number of process": | ||
9 | local => { | ||
10 | check_command => "check_local_procs!50!100!RSZDT", | ||
11 | }; | ||
12 | "Average load": | ||
13 | local => { | ||
14 | check_command => "check_local_load!8.0,8.0,8.0!10.0,10.0,10.0", | ||
15 | }; | ||
16 | "Swap usage": | ||
17 | local => { | ||
18 | check_command => "check_local_swap!20!10", | ||
19 | }; | ||
20 | "fail2ban is active": | ||
21 | sudos => { | ||
22 | "naemon-fail2ban" => "naemon ALL=(root) NOPASSWD: /usr/bin/fail2ban-client ping", | ||
23 | }, | ||
24 | local => { | ||
25 | check_command => "check_command_output!fail2ban-client ping!pong!-r root", | ||
26 | }; | ||
27 | "NTP is activated and working": | ||
28 | local => { | ||
29 | check_command => "check_ntp", | ||
30 | }; | ||
31 | "No mdadm array is degraded": | ||
32 | common => { | ||
33 | ensure => (find_file("/proc/mdstat") == undef) ? { true => "absent", default =>"present" }, | ||
34 | }, | ||
35 | local => { | ||
36 | check_command => "check_md_raid", | ||
37 | }; | ||
38 | } | ||
39 | |||
40 | Profile::Monitoring::Local_service <| |> | ||
41 | Profile::Monitoring::External_service <| |> | ||
42 | } | ||
diff --git a/modules/profile/manifests/monitoring/times.pp b/modules/profile/manifests/monitoring/times.pp new file mode 100644 index 0000000..42f5d9c --- /dev/null +++ b/modules/profile/manifests/monitoring/times.pp | |||
@@ -0,0 +1,23 @@ | |||
1 | class profile::monitoring::times inherits profile::monitoring::params { | ||
2 | Nagios_timeperiod { | ||
3 | ensure => "present", | ||
4 | owner => "naemon", | ||
5 | group => "naemon", | ||
6 | target => $objects, | ||
7 | notify => Service["naemon"], | ||
8 | before => Service["naemon"], | ||
9 | require => File["/etc/naemon"], | ||
10 | } | ||
11 | |||
12 | nagios_timeperiod { "24x7": | ||
13 | alias => "24 Hours A Day, 7 Days A Week", | ||
14 | monday => "00:00-24:00", | ||
15 | tuesday => "00:00-24:00", | ||
16 | wednesday => "00:00-24:00", | ||
17 | thursday => "00:00-24:00", | ||
18 | friday => "00:00-24:00", | ||
19 | saturday => "00:00-24:00", | ||
20 | sunday => "00:00-24:00", | ||
21 | } | ||
22 | |||
23 | } | ||