diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-07-01 15:35:43 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-07-08 13:29:25 +0200 |
commit | d8f933bd00a5cc416da00cd26c9d13f7a1c02486 (patch) | |
tree | 6f8773b69418463485d1196389a6c264f3cf3a6e /modules/profile/manifests | |
parent | 25c99a635507abfe6af4a1f0a9fc5a103d1880c0 (diff) | |
download | Puppet-d8f933bd00a5cc416da00cd26c9d13f7a1c02486.tar.gz Puppet-d8f933bd00a5cc416da00cd26c9d13f7a1c02486.tar.zst Puppet-d8f933bd00a5cc416da00cd26c9d13f7a1c02486.zip |
Add monitoring
Diffstat (limited to 'modules/profile/manifests')
-rw-r--r-- | modules/profile/manifests/monitoring.pp | 51 | ||||
-rw-r--r-- | modules/profile/manifests/monitoring/commands.pp | 63 | ||||
-rw-r--r-- | modules/profile/manifests/monitoring/contacts.pp | 15 | ||||
-rw-r--r-- | modules/profile/manifests/monitoring/hosts.pp | 43 | ||||
-rw-r--r-- | modules/profile/manifests/monitoring/services.pp | 89 | ||||
-rw-r--r-- | modules/profile/manifests/monitoring/times.pp | 22 |
6 files changed, 283 insertions, 0 deletions
diff --git a/modules/profile/manifests/monitoring.pp b/modules/profile/manifests/monitoring.pp new file mode 100644 index 0000000..beabe70 --- /dev/null +++ b/modules/profile/manifests/monitoring.pp | |||
@@ -0,0 +1,51 @@ | |||
1 | class profile::monitoring ( | ||
2 | Optional[String] $naemon_url = undef, | ||
3 | Optional[String] $naemon_token = undef, | ||
4 | ) { | ||
5 | ensure_packages(["naemon", "cnagios"]) | ||
6 | |||
7 | file { "/etc/naemon": | ||
8 | ensure => "directory", | ||
9 | recurse => true, | ||
10 | purge => true, | ||
11 | force => true, | ||
12 | require => Package["naemon"], | ||
13 | } | ||
14 | -> | ||
15 | file { "/etc/naemon/resource.cfg": | ||
16 | ensure => "file", | ||
17 | owner => "naemon", | ||
18 | group => "naemon", | ||
19 | mode => "0600", | ||
20 | content => template("profile/monitoring/resource.cfg.erb"), | ||
21 | } | ||
22 | -> | ||
23 | file { "/etc/naemon/naemon.cfg": | ||
24 | ensure => "file", | ||
25 | owner => "naemon", | ||
26 | group => "naemon", | ||
27 | mode => "0644", | ||
28 | content => template("profile/monitoring/naemon.cfg.erb"), | ||
29 | } | ||
30 | -> | ||
31 | service { "naemon": | ||
32 | ensure => "running", | ||
33 | enable => true, | ||
34 | } | ||
35 | |||
36 | unless ($naemon_url == undef or empty($naemon_url)) { | ||
37 | file { "/etc/naemon/send_nrdp.sh": | ||
38 | ensure => "file", | ||
39 | owner => "naemon", | ||
40 | group => "naemon", | ||
41 | mode => "0700", | ||
42 | content => template("profile/monitoring/send_nrdp.sh.erb"), | ||
43 | } | ||
44 | } | ||
45 | |||
46 | include "profile::monitoring::hosts" | ||
47 | include "profile::monitoring::services" | ||
48 | include "profile::monitoring::commands" | ||
49 | include "profile::monitoring::times" | ||
50 | include "profile::monitoring::contacts" | ||
51 | } | ||
diff --git a/modules/profile/manifests/monitoring/commands.pp b/modules/profile/manifests/monitoring/commands.pp new file mode 100644 index 0000000..7e9683f --- /dev/null +++ b/modules/profile/manifests/monitoring/commands.pp | |||
@@ -0,0 +1,63 @@ | |||
1 | class profile::monitoring::commands inherits profile::monitoring { | ||
2 | ensure_packages(["monitoring-plugins"]) | ||
3 | |||
4 | file { "/etc/naemon/monitoring-plugins": | ||
5 | ensure => "directory", | ||
6 | owner => "naemon", | ||
7 | group => "naemon", | ||
8 | mode => "0700", | ||
9 | } | ||
10 | |||
11 | file { "/etc/naemon/monitoring-plugins/check_command": | ||
12 | ensure => "present", | ||
13 | owner => "naemon", | ||
14 | group => "naemon", | ||
15 | mode => "0700", | ||
16 | source => "puppet:///modules/profile/monitoring/check_command", | ||
17 | } | ||
18 | |||
19 | file { "/etc/naemon/monitoring-plugins/check_md_raid": | ||
20 | ensure => "present", | ||
21 | owner => "naemon", | ||
22 | group => "naemon", | ||
23 | mode => "0700", | ||
24 | source => "puppet:///modules/profile/monitoring/check_md_raid", | ||
25 | } | ||
26 | |||
27 | Nagios_command { | ||
28 | ensure => "present", | ||
29 | owner => "naemon", | ||
30 | group => "naemon", | ||
31 | target => "/etc/naemon/objects.cfg", | ||
32 | notify => Service["naemon"], | ||
33 | before => Service["naemon"], | ||
34 | } | ||
35 | |||
36 | nagios_command { | ||
37 | "check-host-alive": | ||
38 | command_line => '$USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5'; | ||
39 | "check_local_disk": | ||
40 | command_line => '$USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$'; | ||
41 | "check_local_procs": | ||
42 | command_line => '$USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$'; | ||
43 | "check_local_load": | ||
44 | command_line => '$USER1$/check_load -w $ARG1$ -c $ARG2$'; | ||
45 | "check_local_swap": | ||
46 | command_line => '$USER1$/check_swap -n ok -w $ARG1$ -c $ARG2$'; | ||
47 | "check_ntp": | ||
48 | command_line => '$USER1$/check_ntp_time -H 0.arch.pool.ntp.org'; | ||
49 | "check_md_raid": | ||
50 | command_line => '$USER2$/check_md_raid'; | ||
51 | "check_command_output": | ||
52 | command_line => '$USER2$/check_command -c "$ARG1$" -o "$ARG2$" $ARG3$', | ||
53 | require => File["/etc/naemon/monitoring-plugins/check_command"]; | ||
54 | } | ||
55 | |||
56 | unless empty($naemon_url) { | ||
57 | nagios_command { | ||
58 | "notify-master": | ||
59 | command_line => '/etc/naemon/send_nrdp.sh -H "$HOSTADDRESS$" -s "$SERVICEDESC$" -S "$SERVICESTATEID$" -o "$SERVICEOUTPUT$"', | ||
60 | require => File["/etc/naemon/send_nrdp.sh"]; | ||
61 | } | ||
62 | } | ||
63 | } | ||
diff --git a/modules/profile/manifests/monitoring/contacts.pp b/modules/profile/manifests/monitoring/contacts.pp new file mode 100644 index 0000000..284d51c --- /dev/null +++ b/modules/profile/manifests/monitoring/contacts.pp | |||
@@ -0,0 +1,15 @@ | |||
1 | class profile::monitoring::contacts { | ||
2 | Nagios_contactgroup { | ||
3 | ensure => "present", | ||
4 | owner => "naemon", | ||
5 | group => "naemon", | ||
6 | target => "/etc/naemon/objects.cfg", | ||
7 | notify => Service["naemon"], | ||
8 | before => Service["naemon"], | ||
9 | } | ||
10 | |||
11 | nagios_contactgroup { "admins": | ||
12 | alias => "System administrators", | ||
13 | } | ||
14 | |||
15 | } | ||
diff --git a/modules/profile/manifests/monitoring/hosts.pp b/modules/profile/manifests/monitoring/hosts.pp new file mode 100644 index 0000000..306fe3e --- /dev/null +++ b/modules/profile/manifests/monitoring/hosts.pp | |||
@@ -0,0 +1,43 @@ | |||
1 | class profile::monitoring::hosts { | ||
2 | $real_hostname = lookup("base_installation::real_hostname") | ||
3 | |||
4 | Nagios_hostgroup { | ||
5 | ensure => "present", | ||
6 | owner => "naemon", | ||
7 | group => "naemon", | ||
8 | target => "/etc/naemon/objects.cfg", | ||
9 | notify => Service["naemon"], | ||
10 | before => Service["naemon"], | ||
11 | } | ||
12 | |||
13 | Nagios_host { | ||
14 | ensure => "present", | ||
15 | owner => "naemon", | ||
16 | group => "naemon", | ||
17 | target => "/etc/naemon/objects.cfg", | ||
18 | notify => Service["naemon"], | ||
19 | before => Service["naemon"], | ||
20 | } | ||
21 | |||
22 | nagios_hostgroup { "linux-servers": | ||
23 | alias => "Linux Servers", | ||
24 | members => [$real_hostname], | ||
25 | } | ||
26 | |||
27 | $host_linux_server = { | ||
28 | check_command => "check-host-alive", | ||
29 | check_interval => 5, | ||
30 | check_period => "24x7", | ||
31 | contact_groups => "admins", | ||
32 | max_check_attempts => "10", | ||
33 | notification_interval => "120", | ||
34 | notification_options => "d,u,r", | ||
35 | retry_interval => "1", | ||
36 | } | ||
37 | |||
38 | nagios_host { $real_hostname: | ||
39 | address => $real_hostname; | ||
40 | default: * => $host_linux_server, | ||
41 | } | ||
42 | |||
43 | } | ||
diff --git a/modules/profile/manifests/monitoring/services.pp b/modules/profile/manifests/monitoring/services.pp new file mode 100644 index 0000000..39c2def --- /dev/null +++ b/modules/profile/manifests/monitoring/services.pp | |||
@@ -0,0 +1,89 @@ | |||
1 | class profile::monitoring::services { | ||
2 | $real_hostname = lookup("base_installation::real_hostname") | ||
3 | |||
4 | Nagios_service { | ||
5 | ensure => "present", | ||
6 | owner => "naemon", | ||
7 | group => "naemon", | ||
8 | target => "/etc/naemon/objects.cfg", | ||
9 | notify => Service["naemon"], | ||
10 | before => Service["naemon"], | ||
11 | } | ||
12 | |||
13 | $service_generic = { | ||
14 | active_checks_enabled => "1", | ||
15 | check_freshness => "0", | ||
16 | check_interval => "10", | ||
17 | check_period => "24x7", | ||
18 | contact_groups => "admins", | ||
19 | event_handler_enabled => "1", | ||
20 | flap_detection_enabled => "1", | ||
21 | is_volatile => "0", | ||
22 | max_check_attempts => "3", | ||
23 | notification_interval => "60", | ||
24 | notification_options => "w,u,c,r", | ||
25 | notification_period => "24x7", | ||
26 | notifications_enabled => "1", | ||
27 | obsess_over_service => "1", | ||
28 | passive_checks_enabled => "1", | ||
29 | process_perf_data => "1", | ||
30 | retain_nonstatus_information => "1", | ||
31 | retain_status_information => "1", | ||
32 | retry_interval => "2", | ||
33 | } | ||
34 | |||
35 | |||
36 | $service_local = merge($service_generic, { | ||
37 | host_name => $real_hostname, | ||
38 | check_interval => "5", | ||
39 | max_check_attempts => "4", | ||
40 | retry_interval => "1", | ||
41 | }) | ||
42 | |||
43 | sudo::conf { | ||
44 | default: | ||
45 | sudo_file_name => "naemon"; | ||
46 | 'naemon-fail2ban': | ||
47 | content => "naemon ALL=(root) NOPASSWD: /usr/bin/fail2ban-client ping"; | ||
48 | } | ||
49 | |||
50 | nagios_service { | ||
51 | default: * => $service_local; | ||
52 | "Size on root partition": | ||
53 | service_description => "Size on root partition", | ||
54 | check_command => "check_local_disk!20%!10%!/"; | ||
55 | "Total number of process": | ||
56 | service_description => "Total number of process", | ||
57 | check_command => "check_local_procs!250!400!RSZDT"; | ||
58 | "Average load": | ||
59 | service_description => "Average load", | ||
60 | check_command => "check_local_load!8.0,8.0,8.0!10.0,10.0,10.0"; | ||
61 | "Swap usage": | ||
62 | service_description => "Swap usage", | ||
63 | check_command => "check_local_swap!20!10"; | ||
64 | "fail2ban is active": | ||
65 | service_description => "fail2ban is active", | ||
66 | check_command => "check_command_output!fail2ban-client ping!pong!-r root", | ||
67 | require => Sudo::Conf["naemon-fail2ban"]; | ||
68 | "NTP is activated and working": | ||
69 | service_description => "NTP is activated and working", | ||
70 | check_command => "check_ntp"; | ||
71 | } | ||
72 | |||
73 | if empty(find_file("/proc/mdstat")) { | ||
74 | nagios_service { | ||
75 | default: * => $service_local; | ||
76 | "No mdadm array is degraded": | ||
77 | ensure => "absent", | ||
78 | service_description => "No mdadm array is degraded", | ||
79 | check_command => "check_md_raid"; | ||
80 | } | ||
81 | } else { | ||
82 | nagios_service { | ||
83 | default: * => $service_local; | ||
84 | "No mdadm array is degraded": | ||
85 | service_description => "No mdadm array is degraded", | ||
86 | check_command => "check_md_raid"; | ||
87 | } | ||
88 | } | ||
89 | } | ||
diff --git a/modules/profile/manifests/monitoring/times.pp b/modules/profile/manifests/monitoring/times.pp new file mode 100644 index 0000000..fb61acc --- /dev/null +++ b/modules/profile/manifests/monitoring/times.pp | |||
@@ -0,0 +1,22 @@ | |||
1 | class profile::monitoring::times { | ||
2 | Nagios_timeperiod { | ||
3 | ensure => "present", | ||
4 | owner => "naemon", | ||
5 | group => "naemon", | ||
6 | target => "/etc/naemon/objects.cfg", | ||
7 | notify => Service["naemon"], | ||
8 | before => Service["naemon"], | ||
9 | } | ||
10 | |||
11 | nagios_timeperiod { "24x7": | ||
12 | alias => "24 Hours A Day, 7 Days A Week", | ||
13 | monday => "00:00-24:00", | ||
14 | tuesday => "00:00-24:00", | ||
15 | wednesday => "00:00-24:00", | ||
16 | thursday => "00:00-24:00", | ||
17 | friday => "00:00-24:00", | ||
18 | saturday => "00:00-24:00", | ||
19 | sunday => "00:00-24:00", | ||
20 | } | ||
21 | |||
22 | } | ||