diff options
-rw-r--r-- | README | 65 | ||||
-rw-r--r-- | files/config/host/logrotate.Debian | 35 | ||||
-rw-r--r-- | files/config/host/munin.conf.header.Debian | 2 | ||||
-rw-r--r-- | manifests/client/gentoo.pp | 1 | ||||
-rw-r--r-- | manifests/client/openbsd.pp | 1 | ||||
-rw-r--r-- | manifests/client/package.pp | 1 | ||||
-rw-r--r-- | manifests/host.pp | 2 | ||||
-rw-r--r-- | manifests/host/cgi.pp | 25 | ||||
-rw-r--r-- | manifests/plugin.pp | 1 | ||||
-rw-r--r-- | manifests/plugins/centos.pp | 3 | ||||
-rw-r--r-- | manifests/plugins/setup.pp | 4 | ||||
-rw-r--r-- | templates/munin-node.conf.Debian.etch | 2 | ||||
-rw-r--r--[l---------] | templates/munin-node.conf.Debian.lenny | 40 | ||||
l--------- | templates/munin-node.conf.Debian.sid | 2 | ||||
l--------- | templates/munin-node.conf.Debian.squeeze | 2 | ||||
-rw-r--r-- | templates/munin-node.conf.Debian.wheezy | 57 | ||||
-rw-r--r-- | templates/munin-node.conf.OpenBSD | 2 | ||||
-rw-r--r-- | templates/munin-node.conf.Ubuntu | 8 | ||||
-rw-r--r-- | templates/site.conf | 9 |
19 files changed, 218 insertions, 44 deletions
@@ -5,9 +5,10 @@ a very easy plugin interface. The munin homepage is http://munin.projects.linpro To use this module, follow these directions: -1. Install the "common" and "concat" module -- the munin module depends on functions - that are defined and installed via these modulesh, see README.common for how to do - this +0. This module requires puppet 2.7 or newer. + +1. Install the "common", "concat" and "stdlib" modules -- the munin module + depends on functions that are defined and installed via these modules. 2. You will need storedconfigs enabled in your puppet setup, to do that you need to add a line to your puppet.conf in your [puppetmasterd] section which says: @@ -28,53 +29,55 @@ To use this module, follow these directions: a. Your modules directory will need all the files included in this repository placed under a directory called "munin" - b. Add your class parameter for munin::client::allow which indicates what IP should be allowed to - connect to your individual munin-nodes (this is typically your main munin host's IP): + b. For every host you wish to gather munin statistics, add the class munin::client to that + node. You will want to set the class parameter 'allow' to be the IP(s) of the munin + collector, this defines what IP is permitted to connect to the node, for example: - munin_allow: '192.168.0.1' - - If you want to define more than one host, you can define them as an array: + node foo { + class { 'munin::client': allow => '192.168.0.1'} + } - munin_allow: ['127.0.0.1','192.168.0.1'] + for multiple munin nodes, you can pass an array: + class { 'munin::client': allow => [ '192.168.0.1', '10.0.0.1' ] } + c. In the node definition in your site.pp for your main munin host, add the following: - include munin::host - - d. On each node that will gather munin statistics, add this line to that node's entry - in site.pp (you may want to also add this to your main munin host): - - include munin::client + class { 'munin::host': } - e. If there are particular munin plugins you want to enable or configure, you define them + If you want cgi graphing you can pass cgi_graphing => true. + (For CentOS this is enabled in the default header config) + for more information, see: http://munin.projects.linpro.no/wiki/CgiHowto + + d. If there are particular munin plugins you want to enable or configure, you define them in the node definition, like follows: # Enable monitoring of disk stats in bytes - munin::plugin { df_abs: } + munin::plugin { 'df_abs': } # Use a non-standard plugin path to use custom plugins - munin::plugin { "spamassassin": - ensure => "spamassassin", - script_path => "/usr/local/share/munin-plugins", + munin::plugin { 'spamassassin': + ensure => present, + script_path => '/usr/local/share/munin-plugins', + } + + # For wildcard plugins (eg. ip_, snmp_, etc.), use the name variable to + # configure the plugin name, and the ensure parameter to indicate the base + # plugin name to which you want a symlink, for example: + munin::plugin { [ 'ip_192.168.0.1', 'ip_10.0.0.1' ]: + ensure => 'ip_' } # Use a special config to pass parameters to the plugin munin::plugin { - [ "apache_accesses", "apache_processes", "apache_volume" ]: + [ 'apache_accesses', 'apache_processes', 'apache_volume' ]: ensure => present, - config => "env.url http://127.0.0.1:80/server-status?auto" + config => 'env.url http://127.0.0.1:80/server-status?auto' } - - f. If you have Linux-Vservers configured, you will likely have multiple munin-node processes + e. If you have Linux-Vservers configured, you will likely have multiple munin-node processes competing for the default port 4949, for those nodes, set an alternate port for munin-node to run on by putting something similar to the following class parameter: - port => 4948 - - g. If you'd like to do cgi graphing, please note the following page: http://munin.projects.linpro.no/wiki/CgiHowto - For CentOS this is enabled in the default header config - - h. Per default (on CentOS) munin will send warnings and critical messages to root + class { 'munin::client': allow => '192.168.0.1', port => '4948' } - i. If you want to use host with cgi, you need to have specified a default $PATH for all execs: http://www.puppetcookbook.com/posts/set-global-exec-path.html diff --git a/files/config/host/logrotate.Debian b/files/config/host/logrotate.Debian new file mode 100644 index 0000000..732c871 --- /dev/null +++ b/files/config/host/logrotate.Debian @@ -0,0 +1,35 @@ +/var/log/munin/munin-update.log { + daily + missingok + rotate 7 + compress + notifempty + create 640 munin adm +} + +/var/log/munin/munin-graph.log { + daily + missingok + rotate 7 + compress + notifempty + create 660 munin www-data +} + +/var/log/munin/munin-html.log { + daily + missingok + rotate 7 + compress + notifempty + create 640 munin adm +} + +/var/log/munin/munin-limits.log { + daily + missingok + rotate 7 + compress + notifempty + create 640 munin adm +} diff --git a/files/config/host/munin.conf.header.Debian b/files/config/host/munin.conf.header.Debian index 082f01f..771d50d 100644 --- a/files/config/host/munin.conf.header.Debian +++ b/files/config/host/munin.conf.header.Debian @@ -4,7 +4,7 @@ # databases, the HTML output, and the logs, severally. They all # must be writable by the user running munin-cron. dbdir /var/lib/munin -htmldir /var/www/munin +htmldir /var/cache/munin/www logdir /var/log/munin rundir /var/run/munin diff --git a/manifests/client/gentoo.pp b/manifests/client/gentoo.pp index 6a01050..e79f6b0 100644 --- a/manifests/client/gentoo.pp +++ b/manifests/client/gentoo.pp @@ -1,4 +1,5 @@ class munin::client::gentoo inherits munin::client::package { + Package['munin-node'] { name => 'munin', category => 'net-analyzer', diff --git a/manifests/client/openbsd.pp b/manifests/client/openbsd.pp index 1852962..cd21abf 100644 --- a/manifests/client/openbsd.pp +++ b/manifests/client/openbsd.pp @@ -1,5 +1,6 @@ # currently we install munin on openbsd by targz # :( + class munin::client::openbsd inherits munin::client::base { if $::operatingsystemrelease == '4.3' { file{'/usr/src/munin_openbsd.tar.gz': diff --git a/manifests/client/package.pp b/manifests/client/package.pp index 58f40da..206ccc8 100644 --- a/manifests/client/package.pp +++ b/manifests/client/package.pp @@ -9,3 +9,4 @@ class munin::client::package inherits munin::client::base { before => Package['munin-node'], } } + diff --git a/manifests/host.pp b/manifests/host.pp index 0992d2b..007c43a 100644 --- a/manifests/host.pp +++ b/manifests/host.pp @@ -4,7 +4,7 @@ class munin::host( $cgi_graphing = false, - $cgi_owner = 'apache', + $cgi_owner = 'os_default', $export_tag = 'munin' ) { package {"munin": ensure => installed, } diff --git a/manifests/host/cgi.pp b/manifests/host/cgi.pp index 6e5efcd..1c0072d 100644 --- a/manifests/host/cgi.pp +++ b/manifests/host/cgi.pp @@ -1,8 +1,29 @@ class munin::host::cgi( - $owner = 'apache' + $owner = 'os_default' ) { + case $::operatingsystem { + debian,ubuntu: { + $document_root = '/var/www/munin' + } + default: { + $document_root = '/var/www/html/munin' + } + } + if $owner == 'os_default' { + case $::operatingsystem { + debian,ubuntu: { + $apache_user = 'www-data' + } + default: { + $apache_user = 'apache' + } + } + } else { + $apache_user = $owner + } + exec{'set_modes_for_cgi': - command => "chgrp ${owner} /var/log/munin /var/log/munin/munin-graph.log && chmod g+w /var/log/munin /var/log/munin/munin-graph.log && find /var/www/html/munin/* -maxdepth 1 -type d -exec chgrp -R ${owner} {} \; && find /var/www/html/munin/* -maxdepth 1 -type d -exec chmod -R g+w {} \;", + command => "chgrp ${apache_user} /var/log/munin /var/log/munin/munin-graph.log && chmod g+w /var/log/munin /var/log/munin/munin-graph.log && find ${document_root}/* -maxdepth 1 -type d -exec chgrp -R ${apache_user} {} \; && find ${document_root}/* -maxdepth 1 -type d -exec chmod -R g+w {} \;", refreshonly => true, subscribe => Concat::Fragment['munin.conf.header'], } diff --git a/manifests/plugin.pp b/manifests/plugin.pp index 36fc81b..ffe5452 100644 --- a/manifests/plugin.pp +++ b/manifests/plugin.pp @@ -54,3 +54,4 @@ define munin::plugin ( } } } + diff --git a/manifests/plugins/centos.pp b/manifests/plugins/centos.pp new file mode 100644 index 0000000..60c706c --- /dev/null +++ b/manifests/plugins/centos.pp @@ -0,0 +1,3 @@ +class munin::plugins::centos inherits munin::plugins::base { + munin::plugin { users: ensure => present; } +} diff --git a/manifests/plugins/setup.pp b/manifests/plugins/setup.pp index 5c56099..197b657 100644 --- a/manifests/plugins/setup.pp +++ b/manifests/plugins/setup.pp @@ -1,4 +1,8 @@ class munin::plugins::setup { + + # This is required for the munin-node service and package requirements below. + include munin::client + file { [ '/etc/munin/plugins', '/etc/munin/plugin-conf.d' ]: ignore => 'snmp_*', diff --git a/templates/munin-node.conf.Debian.etch b/templates/munin-node.conf.Debian.etch index 44638e7..9763772 100644 --- a/templates/munin-node.conf.Debian.etch +++ b/templates/munin-node.conf.Debian.etch @@ -27,7 +27,7 @@ ignore_file \.rpm(save|new)$ # telnetting to localhost, port 4949 # #host_name localhost.localdomain -host_name <%= fqdn %> +host_name <%= scope.lookupvar('::fqdn') %> # A list of addresses that are allowed to connect. This must be a # regular expression, due to brain damage in Net::Server, which diff --git a/templates/munin-node.conf.Debian.lenny b/templates/munin-node.conf.Debian.lenny index e0646b9..9763772 120000..100644 --- a/templates/munin-node.conf.Debian.lenny +++ b/templates/munin-node.conf.Debian.lenny @@ -1 +1,39 @@ -munin-node.conf.Debian.etch
\ No newline at end of file +########## +########## Managed by puppet +########## + +log_level 4 +log_file /var/log/munin/munin-node.log +pid_file /var/run/munin/munin-node.pid +background 1 +setseid 1 + +# Which host/port to bind to; +host <%= scope.lookupvar('munin::client::host') %> +port <%= scope.lookupvar('munin::client::port') %> +user root +group root +setsid yes + +# Regexps for files to ignore + +ignore_file ~$ +ignore_file \.bak$ +ignore_file %$ +ignore_file \.dpkg-(tmp|new|old|dist)$ +ignore_file \.rpm(save|new)$ + +# Set this if the client doesn't report the correct hostname when +# telnetting to localhost, port 4949 +# +#host_name localhost.localdomain +host_name <%= scope.lookupvar('::fqdn') %> + +# A list of addresses that are allowed to connect. This must be a +# regular expression, due to brain damage in Net::Server, which +# doesn't understand CIDR-style network notation. You may repeat +# the allow line as many times as you'd like +<% scope.lookupvar('munin::client::allow').each do |allow| -%> +allow <%= "^#{Regexp.escape(allow)}$" %> +<% end -%> + diff --git a/templates/munin-node.conf.Debian.sid b/templates/munin-node.conf.Debian.sid index e0646b9..6b8d690 120000 --- a/templates/munin-node.conf.Debian.sid +++ b/templates/munin-node.conf.Debian.sid @@ -1 +1 @@ -munin-node.conf.Debian.etch
\ No newline at end of file +munin-node.conf.Debian.lenny
\ No newline at end of file diff --git a/templates/munin-node.conf.Debian.squeeze b/templates/munin-node.conf.Debian.squeeze index e0646b9..6b8d690 120000 --- a/templates/munin-node.conf.Debian.squeeze +++ b/templates/munin-node.conf.Debian.squeeze @@ -1 +1 @@ -munin-node.conf.Debian.etch
\ No newline at end of file +munin-node.conf.Debian.lenny
\ No newline at end of file diff --git a/templates/munin-node.conf.Debian.wheezy b/templates/munin-node.conf.Debian.wheezy new file mode 100644 index 0000000..fe6f27f --- /dev/null +++ b/templates/munin-node.conf.Debian.wheezy @@ -0,0 +1,57 @@ +########## +########## Managed by puppet +########## + +log_level 4 +log_file /var/log/munin/munin-node.log +pid_file /var/run/munin/munin-node.pid + +background 1 +setsid 1 + +user root +group root + +# Regexps for files to ignore + +ignore_file ~$ +#ignore_file [#~]$ # FIX doesn't work. '#' starts a comment +ignore_file DEADJOE$ +ignore_file \.bak$ +ignore_file %$ +ignore_file \.dpkg-(tmp|new|old|dist)$ +ignore_file \.rpm(save|new)$ +ignore_file \.pod$ + +# Set this if the client doesn't report the correct hostname when +# telnetting to localhost, port 4949 +# +#host_name localhost.localdomain +host_name <%= scope.lookupvar('::fqdn') %> + +# A list of addresses that are allowed to connect. This must be a +# regular expression, since Net::Server does not understand CIDR-style +# network notation unless the perl module Net::CIDR is installed. You +# may repeat the allow line as many times as you'd like + +<% scope.lookupvar('munin::client::allow').each do |allow| -%> +allow <%= "^#{Regexp.escape(allow)}$" %> +<% end -%> + +# If you have installed the Net::CIDR perl module, you can use one or more +# cidr_allow and cidr_deny address/mask patterns. A connecting client must +# match any cidr_allow, and not match any cidr_deny. Note that a netmask +# *must* be provided, even if it's /32 +# +# Example: +# +# cidr_allow 127.0.0.1/32 +# cidr_allow 192.0.2.0/24 +# cidr_deny 192.0.2.42/32 + +# Which address to bind to; +host <%= scope.lookupvar('munin::client::host') %> + +# And which port +port <%= scope.lookupvar('munin::client::port') %> + diff --git a/templates/munin-node.conf.OpenBSD b/templates/munin-node.conf.OpenBSD index 4e2f534..14b658e 100644 --- a/templates/munin-node.conf.OpenBSD +++ b/templates/munin-node.conf.OpenBSD @@ -28,7 +28,7 @@ ignore_file \.pod$ # telnetting to localhost, port 4949 # #host_name localhost.localdomain -host_name <%= fqdn %> +host_name <%= scope.lookupvar('::fqdn') %> # A list of addresses that are allowed to connect. This must be a # regular expression, since Net::Server does not understand CIDR-style diff --git a/templates/munin-node.conf.Ubuntu b/templates/munin-node.conf.Ubuntu index 17162d8..9763772 100644 --- a/templates/munin-node.conf.Ubuntu +++ b/templates/munin-node.conf.Ubuntu @@ -9,8 +9,8 @@ background 1 setseid 1 # Which host/port to bind to; -host <%= scope.function_hiera('munin_host','*') %> -port <%= scope.function_hiera('munin_port','4949') %> +host <%= scope.lookupvar('munin::client::host') %> +port <%= scope.lookupvar('munin::client::port') %> user root group root setsid yes @@ -27,13 +27,13 @@ ignore_file \.rpm(save|new)$ # telnetting to localhost, port 4949 # #host_name localhost.localdomain -host_name <%= fqdn %> +host_name <%= scope.lookupvar('::fqdn') %> # A list of addresses that are allowed to connect. This must be a # regular expression, due to brain damage in Net::Server, which # doesn't understand CIDR-style network notation. You may repeat # the allow line as many times as you'd like -<% scope.function_hiera('munin_allow',['127.0.0.1']).each do |allow| -%> +<% scope.lookupvar('munin::client::allow').each do |allow| -%> allow <%= "^#{Regexp.escape(allow)}$" %> <% end -%> diff --git a/templates/site.conf b/templates/site.conf new file mode 100644 index 0000000..52ddb53 --- /dev/null +++ b/templates/site.conf @@ -0,0 +1,9 @@ +<VirtualHost *> + ServerName <%= name %> + DocumentRoot /var/cache/munin/www/ + <Location /> + order allow,deny + Allow from all + </Location> +</VirtualHost> + |