diff options
| author | Micah Anderson <micah@leap.se> | 2014-12-23 16:47:35 -0500 |
|---|---|---|
| committer | Micah Anderson <micah@leap.se> | 2014-12-23 16:47:35 -0500 |
| commit | 574a0554a95ba74867ebd0ca4a93195bfa104c14 (patch) | |
| tree | fd07b5b2ec8b32e82aa665dad117ee6e51791884 /puppet/modules/site_nagios | |
| parent | 126faf8606f4911ccc3c1f55a9e0f381a46d536a (diff) | |
| parent | fc9a8af17d927085486052a53233401c42b0caab (diff) | |
Merge branch 'develop'
Conflicts:
platform.rb
Change-Id: Ic2e08e594d29a585691341c8667ac0b64933a505
Diffstat (limited to 'puppet/modules/site_nagios')
10 files changed, 188 insertions, 11 deletions
diff --git a/puppet/modules/site_nagios/files/plugins/check_last_regex_in_log b/puppet/modules/site_nagios/files/plugins/check_last_regex_in_log new file mode 100755 index 00000000..cf7c03e5 --- /dev/null +++ b/puppet/modules/site_nagios/files/plugins/check_last_regex_in_log @@ -0,0 +1,85 @@ +#!/bin/sh +# +# depends on nagios-plugins-common for /usr/lib/nagios/plugins/utils.sh +# this package is installed using leap_platform by the Site_check_mk::Agent::Mrpe +# class + +set -e + +usage() +{ +cat << EOF +usage: $0 -w <sec> -c <sec> -r <regexp> -f <filename> + +OPTIONS: + -h Show this message + -r <regex> regex to grep for + -f <file> logfile to search in + -w <sec> warning state after X seconds + -c <sec> critical state after x seconds + +example: $0 -f /var/log/syslog -r 'tapicero' -w 300 -c 600 +EOF +} + + +. /usr/lib/nagios/plugins/utils.sh + + +warn=0 +crit=0 +log='' +regex='' + +set -- $(getopt hr:f:w:c: "$@") +while [ $# -gt 0 ] +do + case "$1" in + (-h) usage; exit 0 ;; + (-f) log="$2"; shift;; + (-r) regex="$2"; shift;; + (-w) warn="$2"; shift;; + (-c) crit="$2"; shift;; + (--) shift; break;; + (-*) echo "$0: error - unrecognized option $1" 1>&2; exit 1;; + (*) break;; + esac + shift +done + +[ $warn -eq 0 -o $crit -eq 0 -o -z "$regex" -o -z "$log" ] && ( usage; exit $STATE_UNKNOWN) +[ -f "$log" ] || (echo "$log doesn't exist"; exit $STATE_UNKNOWN) + +lastmsg=$(tac $log | grep -i $regex | head -1 | cut -d' ' -f 1-3) + +if [ -z "$lastmsg" ] +then + summary="\"$regex\" in $log was not found" + state=$STATE_CRITICAL + state_text='CRITICAL' + diff_sec=0 +else + lastmsg_sec=$(date '+%s' -d "$lastmsg") + now_sec=$(date '+%s') + + diff_sec=$(($now_sec - $lastmsg_sec)) + + if [ $diff_sec -lt $warn ]; then + state=$STATE_OK + state_text='OK' + elif [ $diff_sec -lt $crit ]; then + state=$STATE_WARNING + state_text='WARNING' + else + state=$STATE_CRITICAL + state_text='CRITICAL' + fi + + summary="Last occurrence of \"$regex\" in $log was $diff_sec sec ago" +fi + +# check_mk_agent output +# echo "$state Tapicero_Heatbeat sec=$diff_sec;$warn;$crit;0; $state_text - $summary" + +echo "${state_text}: $summary | seconds=${diff_sec};$warn;$crit;0;" +exit $state diff --git a/puppet/modules/site_nagios/manifests/add_host_services.pp b/puppet/modules/site_nagios/manifests/add_host_services.pp index 279809d1..bd968e6f 100644 --- a/puppet/modules/site_nagios/manifests/add_host_services.pp +++ b/puppet/modules/site_nagios/manifests/add_host_services.pp @@ -1,10 +1,13 @@ define site_nagios::add_host_services ( $domain_full_suffix, $domain_internal, + $domain_internal_suffix, $ip_address, $services, $ssh_port, - $openvpn_gateway_address='' ) { + $environment, + $openvpn_gateway_address='', + ) { $nagios_hostname = $domain_internal @@ -16,6 +19,7 @@ define site_nagios::add_host_services ( 'hostname' => $nagios_hostname, 'ip_address' => $ip_address, 'openvpn_gw' => $openvpn_gateway_address, + 'environment' => $environment } $dynamic_parameters = { 'service' => '%s' diff --git a/puppet/modules/site_nagios/manifests/add_service.pp b/puppet/modules/site_nagios/manifests/add_service.pp index 1b67d14e..72cd038a 100644 --- a/puppet/modules/site_nagios/manifests/add_service.pp +++ b/puppet/modules/site_nagios/manifests/add_service.pp @@ -1,5 +1,5 @@ define site_nagios::add_service ( - $hostname, $ip_address, $openvpn_gw = '', $service) { + $hostname, $ip_address, $service, $environment, $openvpn_gw = '') { $ssh = hiera_hash('ssh') $ssh_port = $ssh['port'] @@ -9,19 +9,22 @@ define site_nagios::add_service ( nagios_service { "${name}_ssh": use => 'generic-service', - check_command => "check_ssh_port!$ssh_port", + check_command => "check_ssh_port!${ssh_port}", service_description => 'SSH', - host_name => $hostname; + host_name => $hostname, + contact_groups => $environment; "${name}_cert": use => 'generic-service', check_command => 'check_https_cert', service_description => 'Website Certificate', - host_name => $hostname; + host_name => $hostname, + contact_groups => $environment; "${name}_website": use => 'generic-service', check_command => 'check_https', service_description => 'Website', - host_name => $hostname + host_name => $hostname, + contact_groups => $environment; } } default: {} diff --git a/puppet/modules/site_nagios/manifests/plugins.pp b/puppet/modules/site_nagios/manifests/plugins.pp new file mode 100644 index 00000000..90a01cfb --- /dev/null +++ b/puppet/modules/site_nagios/manifests/plugins.pp @@ -0,0 +1,16 @@ +# Deploy generic plugins useful to all nodes +# nagios::plugin won't work to deploy a plugin +# because it complains with: +# Could not find dependency Package[nagios-plugins] … +# at /srv/leap/puppet/modules/nagios/manifests/plugin.pp:18 +class site_nagios::plugins { + + file { [ + '/usr/local/lib', '/usr/local/lib/nagios', + '/usr/local/lib/nagios/plugins' ]: + ensure => directory; + '/usr/local/lib/nagios/plugins/check_last_regex_in_log': + source => 'puppet:///modules/site_nagios/plugins/check_last_regex_in_log', + mode => '0755'; + } +} diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp index 85443917..092ca503 100644 --- a/puppet/modules/site_nagios/manifests/server.pp +++ b/puppet/modules/site_nagios/manifests/server.pp @@ -3,13 +3,19 @@ class site_nagios::server inherits nagios::base { # First, purge old nagios config (see #1467) class { 'site_nagios::server::purge': } - $nagios_hiera = hiera('nagios') - $nagiosadmin_pw = htpasswd_sha1($nagios_hiera['nagiosadmin_pw']) - $nagios_hosts = $nagios_hiera['hosts'] + $nagios_hiera = hiera('nagios') + $nagiosadmin_pw = htpasswd_sha1($nagios_hiera['nagiosadmin_pw']) + $nagios_hosts = $nagios_hiera['hosts'] + $nagios_contacts = hiera('contacts') + $environment = $nagios_hiera['environments'] - include nagios::defaults include nagios::base - class {'nagios': + include nagios::defaults::commands + include nagios::defaults::templates + include nagios::defaults::timeperiods + include nagios::defaults::plugins + + class { 'nagios': # don't manage apache class from nagios, cause we already include # it in site_apache::common httpd => 'absent', @@ -46,6 +52,7 @@ class site_nagios::server inherits nagios::base { include site_nagios::server::apache include site_check_mk::server include site_shorewall::monitor + include site_nagios::server::icli augeas { 'logrotate_nagios': @@ -55,4 +62,8 @@ class site_nagios::server inherits nagios::base { 'set missingok missingok', 'set ifempty notifempty', 'set copytruncate copytruncate' ] } + + create_resources ( site_nagios::server::hostgroup, $environment ) + create_resources ( site_nagios::server::contactgroup, $environment ) + create_resources ( site_nagios::server::add_contacts, $environment ) } diff --git a/puppet/modules/site_nagios/manifests/server/add_contacts.pp b/puppet/modules/site_nagios/manifests/server/add_contacts.pp new file mode 100644 index 00000000..db507abf --- /dev/null +++ b/puppet/modules/site_nagios/manifests/server/add_contacts.pp @@ -0,0 +1,16 @@ +define site_nagios::server::add_contacts ($contact_emails) { + + $environment = $name + + nagios_contact { + $environment: + alias => $environment, + service_notification_period => '24x7', + host_notification_period => '24x7', + service_notification_options => 'w,u,c,r', + host_notification_options => 'd,r', + service_notification_commands => 'notify-service-by-email', + host_notification_commands => 'notify-host-by-email', + email => join($contact_emails, ', ') + } +} diff --git a/puppet/modules/site_nagios/manifests/server/contactgroup.pp b/puppet/modules/site_nagios/manifests/server/contactgroup.pp new file mode 100644 index 00000000..188c54f1 --- /dev/null +++ b/puppet/modules/site_nagios/manifests/server/contactgroup.pp @@ -0,0 +1,6 @@ +define site_nagios::server::contactgroup ($contact_emails) { + + nagios_contactgroup { $name: + members => $name + } +} diff --git a/puppet/modules/site_nagios/manifests/server/hostgroup.pp b/puppet/modules/site_nagios/manifests/server/hostgroup.pp new file mode 100644 index 00000000..6f85ca6d --- /dev/null +++ b/puppet/modules/site_nagios/manifests/server/hostgroup.pp @@ -0,0 +1,3 @@ +define site_nagios::server::hostgroup ($contact_emails) { + nagios_hostgroup { $name: } +} diff --git a/puppet/modules/site_nagios/manifests/server/icli.pp b/puppet/modules/site_nagios/manifests/server/icli.pp new file mode 100644 index 00000000..26fba725 --- /dev/null +++ b/puppet/modules/site_nagios/manifests/server/icli.pp @@ -0,0 +1,26 @@ +# Install icli package and configure ncli aliases +class site_nagios::server::icli { + $nagios_hiera = hiera('nagios') + $environments = $nagios_hiera['environments'] + + package { 'icli': + ensure => installed; + } + + file { '/root/.bashrc': + ensure => present; + } + + file_line { 'icli aliases': + path => '/root/.bashrc', + line => 'source /root/.icli_aliases'; + } + + file { '/root/.icli_aliases': + content => template("${module_name}/icli_aliases.erb"), + mode => '0644', + owner => root, + group => 0, + require => Package['icli']; + } +}
\ No newline at end of file diff --git a/puppet/modules/site_nagios/templates/icli_aliases.erb b/puppet/modules/site_nagios/templates/icli_aliases.erb new file mode 100644 index 00000000..f1428f9e --- /dev/null +++ b/puppet/modules/site_nagios/templates/icli_aliases.erb @@ -0,0 +1,7 @@ +alias ncli='icli -c /var/cache/nagios3/objects.cache -f /var/cache/nagios3/status.dat -F /var/lib/nagios3/rw/nagios.cmd' +alias ncli_problems='ncli -z '!o,!A'' + +<% @environments.keys.sort.each do |env_name| %> +alias ncli_<%= env_name %>='ncli -z '!o,!A' -g <%= env_name %>' +alias ncli_<%= env_name %>_recheck='ncli -s Check_MK -g <%= env_name %> -r' +<% end -%>
\ No newline at end of file |