aboutsummaryrefslogtreecommitdiff
path: root/modules/profile/manifests
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2018-07-01 15:35:43 +0200
committerIsmaël Bouya <ismael.bouya@normalesup.org>2018-07-08 13:29:25 +0200
commitd8f933bd00a5cc416da00cd26c9d13f7a1c02486 (patch)
tree6f8773b69418463485d1196389a6c264f3cf3a6e /modules/profile/manifests
parent25c99a635507abfe6af4a1f0a9fc5a103d1880c0 (diff)
downloadPuppet-d8f933bd00a5cc416da00cd26c9d13f7a1c02486.tar.gz
Puppet-d8f933bd00a5cc416da00cd26c9d13f7a1c02486.tar.zst
Puppet-d8f933bd00a5cc416da00cd26c9d13f7a1c02486.zip
Add monitoring
Diffstat (limited to 'modules/profile/manifests')
-rw-r--r--modules/profile/manifests/monitoring.pp51
-rw-r--r--modules/profile/manifests/monitoring/commands.pp63
-rw-r--r--modules/profile/manifests/monitoring/contacts.pp15
-rw-r--r--modules/profile/manifests/monitoring/hosts.pp43
-rw-r--r--modules/profile/manifests/monitoring/services.pp89
-rw-r--r--modules/profile/manifests/monitoring/times.pp22
6 files changed, 283 insertions, 0 deletions
diff --git a/modules/profile/manifests/monitoring.pp b/modules/profile/manifests/monitoring.pp
new file mode 100644
index 0000000..beabe70
--- /dev/null
+++ b/modules/profile/manifests/monitoring.pp
@@ -0,0 +1,51 @@
1class profile::monitoring (
2 Optional[String] $naemon_url = undef,
3 Optional[String] $naemon_token = undef,
4) {
5 ensure_packages(["naemon", "cnagios"])
6
7 file { "/etc/naemon":
8 ensure => "directory",
9 recurse => true,
10 purge => true,
11 force => true,
12 require => Package["naemon"],
13 }
14 ->
15 file { "/etc/naemon/resource.cfg":
16 ensure => "file",
17 owner => "naemon",
18 group => "naemon",
19 mode => "0600",
20 content => template("profile/monitoring/resource.cfg.erb"),
21 }
22 ->
23 file { "/etc/naemon/naemon.cfg":
24 ensure => "file",
25 owner => "naemon",
26 group => "naemon",
27 mode => "0644",
28 content => template("profile/monitoring/naemon.cfg.erb"),
29 }
30 ->
31 service { "naemon":
32 ensure => "running",
33 enable => true,
34 }
35
36 unless ($naemon_url == undef or empty($naemon_url)) {
37 file { "/etc/naemon/send_nrdp.sh":
38 ensure => "file",
39 owner => "naemon",
40 group => "naemon",
41 mode => "0700",
42 content => template("profile/monitoring/send_nrdp.sh.erb"),
43 }
44 }
45
46 include "profile::monitoring::hosts"
47 include "profile::monitoring::services"
48 include "profile::monitoring::commands"
49 include "profile::monitoring::times"
50 include "profile::monitoring::contacts"
51}
diff --git a/modules/profile/manifests/monitoring/commands.pp b/modules/profile/manifests/monitoring/commands.pp
new file mode 100644
index 0000000..7e9683f
--- /dev/null
+++ b/modules/profile/manifests/monitoring/commands.pp
@@ -0,0 +1,63 @@
1class profile::monitoring::commands inherits profile::monitoring {
2 ensure_packages(["monitoring-plugins"])
3
4 file { "/etc/naemon/monitoring-plugins":
5 ensure => "directory",
6 owner => "naemon",
7 group => "naemon",
8 mode => "0700",
9 }
10
11 file { "/etc/naemon/monitoring-plugins/check_command":
12 ensure => "present",
13 owner => "naemon",
14 group => "naemon",
15 mode => "0700",
16 source => "puppet:///modules/profile/monitoring/check_command",
17 }
18
19 file { "/etc/naemon/monitoring-plugins/check_md_raid":
20 ensure => "present",
21 owner => "naemon",
22 group => "naemon",
23 mode => "0700",
24 source => "puppet:///modules/profile/monitoring/check_md_raid",
25 }
26
27 Nagios_command {
28 ensure => "present",
29 owner => "naemon",
30 group => "naemon",
31 target => "/etc/naemon/objects.cfg",
32 notify => Service["naemon"],
33 before => Service["naemon"],
34 }
35
36 nagios_command {
37 "check-host-alive":
38 command_line => '$USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5';
39 "check_local_disk":
40 command_line => '$USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$';
41 "check_local_procs":
42 command_line => '$USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$';
43 "check_local_load":
44 command_line => '$USER1$/check_load -w $ARG1$ -c $ARG2$';
45 "check_local_swap":
46 command_line => '$USER1$/check_swap -n ok -w $ARG1$ -c $ARG2$';
47 "check_ntp":
48 command_line => '$USER1$/check_ntp_time -H 0.arch.pool.ntp.org';
49 "check_md_raid":
50 command_line => '$USER2$/check_md_raid';
51 "check_command_output":
52 command_line => '$USER2$/check_command -c "$ARG1$" -o "$ARG2$" $ARG3$',
53 require => File["/etc/naemon/monitoring-plugins/check_command"];
54 }
55
56 unless empty($naemon_url) {
57 nagios_command {
58 "notify-master":
59 command_line => '/etc/naemon/send_nrdp.sh -H "$HOSTADDRESS$" -s "$SERVICEDESC$" -S "$SERVICESTATEID$" -o "$SERVICEOUTPUT$"',
60 require => File["/etc/naemon/send_nrdp.sh"];
61 }
62 }
63}
diff --git a/modules/profile/manifests/monitoring/contacts.pp b/modules/profile/manifests/monitoring/contacts.pp
new file mode 100644
index 0000000..284d51c
--- /dev/null
+++ b/modules/profile/manifests/monitoring/contacts.pp
@@ -0,0 +1,15 @@
1class profile::monitoring::contacts {
2 Nagios_contactgroup {
3 ensure => "present",
4 owner => "naemon",
5 group => "naemon",
6 target => "/etc/naemon/objects.cfg",
7 notify => Service["naemon"],
8 before => Service["naemon"],
9 }
10
11 nagios_contactgroup { "admins":
12 alias => "System administrators",
13 }
14
15}
diff --git a/modules/profile/manifests/monitoring/hosts.pp b/modules/profile/manifests/monitoring/hosts.pp
new file mode 100644
index 0000000..306fe3e
--- /dev/null
+++ b/modules/profile/manifests/monitoring/hosts.pp
@@ -0,0 +1,43 @@
1class profile::monitoring::hosts {
2 $real_hostname = lookup("base_installation::real_hostname")
3
4 Nagios_hostgroup {
5 ensure => "present",
6 owner => "naemon",
7 group => "naemon",
8 target => "/etc/naemon/objects.cfg",
9 notify => Service["naemon"],
10 before => Service["naemon"],
11 }
12
13 Nagios_host {
14 ensure => "present",
15 owner => "naemon",
16 group => "naemon",
17 target => "/etc/naemon/objects.cfg",
18 notify => Service["naemon"],
19 before => Service["naemon"],
20 }
21
22 nagios_hostgroup { "linux-servers":
23 alias => "Linux Servers",
24 members => [$real_hostname],
25 }
26
27 $host_linux_server = {
28 check_command => "check-host-alive",
29 check_interval => 5,
30 check_period => "24x7",
31 contact_groups => "admins",
32 max_check_attempts => "10",
33 notification_interval => "120",
34 notification_options => "d,u,r",
35 retry_interval => "1",
36 }
37
38 nagios_host { $real_hostname:
39 address => $real_hostname;
40 default: * => $host_linux_server,
41 }
42
43}
diff --git a/modules/profile/manifests/monitoring/services.pp b/modules/profile/manifests/monitoring/services.pp
new file mode 100644
index 0000000..39c2def
--- /dev/null
+++ b/modules/profile/manifests/monitoring/services.pp
@@ -0,0 +1,89 @@
1class profile::monitoring::services {
2 $real_hostname = lookup("base_installation::real_hostname")
3
4 Nagios_service {
5 ensure => "present",
6 owner => "naemon",
7 group => "naemon",
8 target => "/etc/naemon/objects.cfg",
9 notify => Service["naemon"],
10 before => Service["naemon"],
11 }
12
13 $service_generic = {
14 active_checks_enabled => "1",
15 check_freshness => "0",
16 check_interval => "10",
17 check_period => "24x7",
18 contact_groups => "admins",
19 event_handler_enabled => "1",
20 flap_detection_enabled => "1",
21 is_volatile => "0",
22 max_check_attempts => "3",
23 notification_interval => "60",
24 notification_options => "w,u,c,r",
25 notification_period => "24x7",
26 notifications_enabled => "1",
27 obsess_over_service => "1",
28 passive_checks_enabled => "1",
29 process_perf_data => "1",
30 retain_nonstatus_information => "1",
31 retain_status_information => "1",
32 retry_interval => "2",
33 }
34
35
36 $service_local = merge($service_generic, {
37 host_name => $real_hostname,
38 check_interval => "5",
39 max_check_attempts => "4",
40 retry_interval => "1",
41 })
42
43 sudo::conf {
44 default:
45 sudo_file_name => "naemon";
46 'naemon-fail2ban':
47 content => "naemon ALL=(root) NOPASSWD: /usr/bin/fail2ban-client ping";
48 }
49
50 nagios_service {
51 default: * => $service_local;
52 "Size on root partition":
53 service_description => "Size on root partition",
54 check_command => "check_local_disk!20%!10%!/";
55 "Total number of process":
56 service_description => "Total number of process",
57 check_command => "check_local_procs!250!400!RSZDT";
58 "Average load":
59 service_description => "Average load",
60 check_command => "check_local_load!8.0,8.0,8.0!10.0,10.0,10.0";
61 "Swap usage":
62 service_description => "Swap usage",
63 check_command => "check_local_swap!20!10";
64 "fail2ban is active":
65 service_description => "fail2ban is active",
66 check_command => "check_command_output!fail2ban-client ping!pong!-r root",
67 require => Sudo::Conf["naemon-fail2ban"];
68 "NTP is activated and working":
69 service_description => "NTP is activated and working",
70 check_command => "check_ntp";
71 }
72
73 if empty(find_file("/proc/mdstat")) {
74 nagios_service {
75 default: * => $service_local;
76 "No mdadm array is degraded":
77 ensure => "absent",
78 service_description => "No mdadm array is degraded",
79 check_command => "check_md_raid";
80 }
81 } else {
82 nagios_service {
83 default: * => $service_local;
84 "No mdadm array is degraded":
85 service_description => "No mdadm array is degraded",
86 check_command => "check_md_raid";
87 }
88 }
89}
diff --git a/modules/profile/manifests/monitoring/times.pp b/modules/profile/manifests/monitoring/times.pp
new file mode 100644
index 0000000..fb61acc
--- /dev/null
+++ b/modules/profile/manifests/monitoring/times.pp
@@ -0,0 +1,22 @@
1class profile::monitoring::times {
2 Nagios_timeperiod {
3 ensure => "present",
4 owner => "naemon",
5 group => "naemon",
6 target => "/etc/naemon/objects.cfg",
7 notify => Service["naemon"],
8 before => Service["naemon"],
9 }
10
11 nagios_timeperiod { "24x7":
12 alias => "24 Hours A Day, 7 Days A Week",
13 monday => "00:00-24:00",
14 tuesday => "00:00-24:00",
15 wednesday => "00:00-24:00",
16 thursday => "00:00-24:00",
17 friday => "00:00-24:00",
18 saturday => "00:00-24:00",
19 sunday => "00:00-24:00",
20 }
21
22}