diff options
| author | mh <mh@immerda.ch> | 2008-04-25 16:14:08 +0000 |
|---|---|---|
| committer | mh <mh@immerda.ch> | 2008-04-25 16:14:08 +0000 |
| commit | 323c07667e9fd6f1573388d1bfe32683d3107c0b (patch) | |
| tree | 14e958c36e807ceb6e7119e99d6db976ae088e6b | |
| parent | 09771eeecb61394bcd78bccbbaaf5c8d1400fa4e (diff) | |
release new nagios stuff, should be much more modular now and using native types by puppet
| -rw-r--r-- | README | 37 | ||||
| -rw-r--r-- | files/Centos/cgi.cfg | 280 | ||||
| -rw-r--r-- | files/Centos/commands.cfg | 255 | ||||
| -rw-r--r-- | files/Centos/nagios.cfg (renamed from templates/nagioscfg.erb) | 26 | ||||
| -rw-r--r-- | files/Centos/private/resource.cfg.i386 | 34 | ||||
| -rw-r--r-- | files/Centos/private/resource.cfg.x86_64 | 34 | ||||
| -rw-r--r-- | files/Centos/puppet_cfgpaths.cfg | 21 | ||||
| -rw-r--r-- | manifests/init.pp | 438 | ||||
| -rw-r--r-- | templates/command.erb | 5 | ||||
| -rw-r--r-- | templates/host.erb | 10 | ||||
| -rw-r--r-- | templates/service.erb | 7 |
11 files changed, 902 insertions, 245 deletions
@@ -1,36 +1,47 @@ +Introduction/Notes +================== + +This modules was inspired and based on the work of David Schmitt +The immerda project group adapted and improved this module. +Mainly we made it using the new native puppet nagios commands +as well we made it more modular to fit for multidistro usage. +However as we used Centos, we couldn't test the original Debian +extension of David Schmitt, integration of more distros have to prove +this concept. + Overview ======== -To use the nagios2 resources, activate storeconfigs on the puppetmaster. +To use the nagios resources, activate storeconfigs on the puppetmaster. Monitor ------- -On one node the "nagios2" class has to be included. This installes nagios2 and -apache2 and configures the cgi on http://node/nagios2/ +On one node the "nagios" class has to be included. This installes nagios and +apache2 and installs the cgi Hosts ----- -On a node which shall be monitored with nagios, include the "nagios2::target". +On a node which shall be monitored with nagios, include the "nagios::target". This just creates a host declaration for this hosts "$fqdn". Set the $nagios_parent variable in the node scope for enabling the reachability -features of nagios2. If a node needs more customisation, use the -"nagios2::host" component directly. +features of nagios. If a node needs more customisation, use the +"nagios::host" component directly. -To monitor hosts not managed by puppet, add "nagios2::extra_host"s to the +To monitor hosts not managed by puppet, add "nagios::extra_host"s to the monitoring node. These can be used as intermediate $nagios_parent's Services -------- -Services can be monitored by using the "nagios2::service" component. +Services can be monitored by using the "nagios::service" component. The simplest form is:: - nagios2::service { check_dns: } + nagios::service { check_dns: } The intention being obviously to put such declarations into a component defining a service, thereby being automatically applied together with all instances of @@ -57,7 +68,7 @@ Consistency/Validation/Verification After convergance of the configuration, the system is obviously consistent. That is, all defined services are monitored. The problem is though, that it is neither automatically valid - it is not guaranteed that all components declare a -nagios2::service - and even if the configuration is valid it definitly is +nagios::service - and even if the configuration is valid it definitly is unverified, since that is always a judgment call for an external observer. @@ -69,10 +80,10 @@ Usage example:: node nagios { - include nagios2 + include nagios # Declare another nagios command - nagios2::command { http_port: command_line + nagios::command { http_port: command_line => '/usr/lib/nagios/plugins/check_http -p $ARG1$ -H $HOSTADDRESS$ -I $HOSTADDRESS$' @@ -100,7 +111,7 @@ node target { include apache2 # This actually does this somewhere: - #nagios2::service { "http_${apache2_port}": + #nagios::service { "http_${apache2_port}": # check_command => "http_port!${apache2_port}" #} diff --git a/files/Centos/cgi.cfg b/files/Centos/cgi.cfg new file mode 100644 index 0000000..cd625d4 --- /dev/null +++ b/files/Centos/cgi.cfg @@ -0,0 +1,280 @@ +################################################################# +# +# CGI.CFG - Sample CGI Configuration File for Nagios 2.9 +# +# Last Modified: 11-21-2006 +# +################################################################# + + +# MAIN CONFIGURATION FILE +# This tells the CGIs where to find your main configuration file. +# The CGIs will read the main and host config files for any other +# data they might need. + +main_config_file=/etc/nagios/nagios.cfg + + + +# PHYSICAL HTML PATH +# This is the path where the HTML files for Nagios reside. This +# value is used to locate the logo images needed by the statusmap +# and statuswrl CGIs. + +physical_html_path=/usr/share/nagios/share + + + +# URL HTML PATH +# This is the path portion of the URL that corresponds to the +# physical location of the Nagios HTML files (as defined above). +# This value is used by the CGIs to locate the online documentation +# and graphics. If you access the Nagios pages with an URL like +# http://www.myhost.com/nagios, this value should be '/nagios' +# (without the quotes). + +url_html_path=/nagios + + + +# CONTEXT-SENSITIVE HELP +# This option determines whether or not a context-sensitive +# help icon will be displayed for most of the CGIs. +# Values: 0 = disables context-sensitive help +# 1 = enables context-sensitive help + +show_context_help=0 + + + +# NAGIOS PROCESS CHECK COMMAND +# This is the full path and filename of the program used to check +# the status of the Nagios process. It is used only by the CGIs +# and is completely optional. However, if you don't use it, you'll +# see warning messages in the CGIs about the Nagios process +# not running and you won't be able to execute any commands from +# the web interface. The program should follow the same rules +# as plugins; the return codes are the same as for the plugins, +# it should have timeout protection, it should output something +# to STDIO, etc. +# +# Note: The command line for the check_nagios plugin below may +# have to be tweaked a bit, as different versions of the plugin +# use different command line arguments/syntaxes. + +#nagios_check_command=/usr/lib64/nagios/plugins/check_nagios /var/log/nagios/status.dat 5 '/usr/sbin/nagios' + + + +# AUTHENTICATION USAGE +# This option controls whether or not the CGIs will use any +# authentication when displaying host and service information, as +# well as committing commands to Nagios for processing. +# +# Read the HTML documentation to learn how the authorization works! +# +# NOTE: It is a really *bad* idea to disable authorization, unless +# you plan on removing the command CGI (cmd.cgi)! Failure to do +# so will leave you wide open to kiddies messing with Nagios and +# possibly hitting you with a denial of service attack by filling up +# your drive by continuously writing to your command file! +# +# Setting this value to 0 will cause the CGIs to *not* use +# authentication (bad idea), while any other value will make them +# use the authentication functions (the default). + +use_authentication=1 + + + +# DEFAULT USER +# Setting this variable will define a default user name that can +# access pages without authentication. This allows people within a +# secure domain (i.e., behind a firewall) to see the current status +# without authenticating. You may want to use this to avoid basic +# authentication if you are not using a secure server since basic +# authentication transmits passwords in the clear. +# +# Important: Do not define a default username unless you are +# running a secure web server and are sure that everyone who has +# access to the CGIs has been authenticated in some manner! If you +# define this variable, anyone who has not authenticated to the web +# server will inherit all rights you assign to this user! + +#default_user_name=guest + + + +# SYSTEM/PROCESS INFORMATION ACCESS +# This option is a comma-delimited list of all usernames that +# have access to viewing the Nagios process information as +# provided by the Extended Information CGI (extinfo.cgi). By +# default, *no one* has access to this unless you choose to +# not use authorization. You may use an asterisk (*) to +# authorize any user who has authenticated to the web server. + +#authorized_for_system_information=nagiosadmin,theboss,jdoe +authorized_for_system_information=admin + +# CONFIGURATION INFORMATION ACCESS +# This option is a comma-delimited list of all usernames that +# can view ALL configuration information (hosts, commands, etc). +# By default, users can only view configuration information +# for the hosts and services they are contacts for. You may use +# an asterisk (*) to authorize any user who has authenticated +# to the web server. + +#authorized_for_configuration_information=nagiosadmin,jdoe +authorized_for_configuration_information=admin + + + +# SYSTEM/PROCESS COMMAND ACCESS +# This option is a comma-delimited list of all usernames that +# can issue shutdown and restart commands to Nagios via the +# command CGI (cmd.cgi). Users in this list can also change +# the program mode to active or standby. By default, *no one* +# has access to this unless you choose to not use authorization. +# You may use an asterisk (*) to authorize any user who has +# authenticated to the web server. + +#authorized_for_system_commands=nagiosadmin +authorized_for_system_commands=admin + + + +# GLOBAL HOST/SERVICE VIEW ACCESS +# These two options are comma-delimited lists of all usernames that +# can view information for all hosts and services that are being +# monitored. By default, users can only view information +# for hosts or services that they are contacts for (unless you +# you choose to not use authorization). You may use an asterisk (*) +# to authorize any user who has authenticated to the web server. + + +#authorized_for_all_services=nagiosadmin,guest +authorized_for_all_services=admin +#authorized_for_all_hosts=nagiosadmin,guest +authorized_for_all_hosts=admin + + + +# GLOBAL HOST/SERVICE COMMAND ACCESS +# These two options are comma-delimited lists of all usernames that +# can issue host or service related commands via the command +# CGI (cmd.cgi) for all hosts and services that are being monitored. +# By default, users can only issue commands for hosts or services +# that they are contacts for (unless you you choose to not use +# authorization). You may use an asterisk (*) to authorize any +# user who has authenticated to the web server. + +#authorized_for_all_service_commands=nagiosadmin +authorized_for_all_service_commands=admin +#authorized_for_all_host_commands=nagiosadmin +authorized_for_all_host_commands=admin + + + + +# STATUSMAP BACKGROUND IMAGE +# This option allows you to specify an image to be used as a +# background in the statusmap CGI. It is assumed that the image +# resides in the HTML images path (i.e. /usr/local/nagios/share/images). +# This path is automatically determined by appending "/images" +# to the path specified by the 'physical_html_path' directive. +# Note: The image file may be in GIF, PNG, JPEG, or GD2 format. +# However, I recommend that you convert your image to GD2 format +# (uncompressed), as this will cause less CPU load when the CGI +# generates the image. + +#statusmap_background_image=smbackground.gd2 + + + +# DEFAULT STATUSMAP LAYOUT METHOD +# This option allows you to specify the default layout method +# the statusmap CGI should use for drawing hosts. If you do +# not use this option, the default is to use user-defined +# coordinates. Valid options are as follows: +# 0 = User-defined coordinates +# 1 = Depth layers +# 2 = Collapsed tree +# 3 = Balanced tree +# 4 = Circular +# 5 = Circular (Marked Up) + +default_statusmap_layout=5 + + + +# DEFAULT STATUSWRL LAYOUT METHOD +# This option allows you to specify the default layout method +# the statuswrl (VRML) CGI should use for drawing hosts. If you +# do not use this option, the default is to use user-defined +# coordinates. Valid options are as follows: +# 0 = User-defined coordinates +# 2 = Collapsed tree +# 3 = Balanced tree +# 4 = Circular + +default_statuswrl_layout=4 + + + +# STATUSWRL INCLUDE +# This option allows you to include your own objects in the +# generated VRML world. It is assumed that the file +# resides in the HTML path (i.e. /usr/local/nagios/share). + +#statuswrl_include=myworld.wrl + + + +# PING SYNTAX +# This option determines what syntax should be used when +# attempting to ping a host from the WAP interface (using +# the statuswml CGI. You must include the full path to +# the ping binary, along with all required options. The +# $HOSTADDRESS$ macro is substituted with the address of +# the host before the command is executed. +# Please note that the syntax for the ping binary is +# notorious for being different on virtually ever *NIX +# OS and distribution, so you may have to tweak this to +# work on your system. + +ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$ + + + +# REFRESH RATE +# This option allows you to specify the refresh rate in seconds +# of various CGIs (status, statusmap, extinfo, and outages). + +refresh_rate=90 + + + +# SOUND OPTIONS +# These options allow you to specify an optional audio file +# that should be played in your browser window when there are +# problems on the network. The audio files are used only in +# the status CGI. Only the sound for the most critical problem +# will be played. Order of importance (higher to lower) is as +# follows: unreachable hosts, down hosts, critical services, +# warning services, and unknown services. If there are no +# visible problems, the sound file optionally specified by +# 'normal_sound' variable will be played. +# +# +# <varname>=<sound_file> +# +# Note: All audio files must be placed in the /media subdirectory +# under the HTML path (i.e. /usr/local/nagios/share/media/). + +#host_unreachable_sound=hostdown.wav +#host_down_sound=hostdown.wav +#service_critical_sound=critical.wav +#service_warning_sound=warning.wav +#service_unknown_sound=warning.wav +#normal_sound=noproblem.wav + diff --git a/files/Centos/commands.cfg b/files/Centos/commands.cfg new file mode 100644 index 0000000..2b1889c --- /dev/null +++ b/files/Centos/commands.cfg @@ -0,0 +1,255 @@ +################################################################################ +# Sample command definitions for Nagios 2.10 +# +# Read the documentation for more information on this configuration file. I've +# provided some comments here, but things may not be so clear without further +# explanation, so make sure to read the HTML documentation! +# +# Last Modified: 11-21-2006 +# +################################################################################ + + +################################################################################ +# COMMAND DEFINITIONS +# +# SYNTAX: +# +# define command{ +# template <templatename> +# name <objectname> +# command_name <commandname> +# command_line <commandline> +# } +# +# WHERE: +# +# <templatename> = object name of another command definition that should be +# used as a template for this definition (optional) +# <objectname> = object name of command definition, referenced by other +# command definitions that use it as a template (optional) +# <commandname> = name of the command, as recognized/used by Nagios +# <commandline> = command line +# +################################################################################ + + + + +################################################################################ +# +# SAMPLE SERVICE CHECK COMMANDS +# +# These are some example service check commands. They may or may not work on +# your system, as they must be modified for your plugins. See the HTML +# documentation on the plugins for examples of how to configure command definitions. +# +################################################################################ + + +################################################################################ +# NOTE: The following 'check_local_...' functions are designed to monitor +# various metrics on the host that Nagios is running on (i.e. this one). +################################################################################ + +# 'check_local_disk' command definition +define command{ + command_name check_local_disk + command_line $USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$ + } + + +# 'check_local_load' command definition +define command{ + command_name check_local_load + command_line $USER1$/check_load -w $ARG1$ -c $ARG2$ + } + + +# 'check_local_procs' command definition +define command{ + command_name check_local_procs + command_line $USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$ + } + + +# 'check_local_users' command definition +define command{ + command_name check_local_users + command_line $USER1$/check_users -w $ARG1$ -c $ARG2$ + } + + + +################################################################################ +# NOTE: The following 'check_...' commands are used to monitor services on +# both local and remote hosts. +################################################################################ + +# 'check_dns' command definition +define command{ + command_name check_dns + command_line $USER1$/check_dns -H www.yahoo.com -s $HOSTADDRESS$ + } + + +# 'check_ftp' command definition +define command{ + command_name check_ftp + command_line $USER1$/check_ftp -H $HOSTADDRESS$ + } + + +# 'check_hpjd' command definition +define command{ + command_name check_hpjd + command_line $USER1$/check_hpjd -H $HOSTADDRESS$ -C public + } + + +# 'check_http' command definition +define command{ + command_name check_http + command_line $USER1$/check_http -H $HOSTADDRESS$ + } + + +# 'check_nntp' command definition +define command{ + command_name check_nntp + command_line $USER1$/check_nntp -H $HOSTADDRESS$ + } + + +# 'check_ping' command definition +define command{ + command_name check_ping + command_line $USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$ -p 5 + } + + +# 'check_pop' command definition +define command{ + command_name check_pop + command_line $USER1$/check_pop -H $HOSTADDRESS$ + } + + +# 'check_smtp' command definition +define command{ + command_name check_smtp + command_line $USER1$/check_smtp -H $HOSTADDRESS$ + } + + +# 'check_tcp' command definition +define command{ + command_name check_tcp + command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ + } + + +# 'check_telnet' command definition +define command{ + command_name check_telnet + command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p 23 + } + + +# 'check_udp' command definition +define command{ + command_name check_udp + command_line $USER1$/check_udp -H $HOSTADDRESS$ -p $ARG1$ + } + + + + +################################################################################ +# +# SAMPLE HOST CHECK COMMANDS +# +################################################################################ + + +# This command checks to see if a host is "alive" by pinging it +# The check must result in a 100% packet loss or 5 second (5000ms) round trip +# average time to produce a critical error. +# Note: Only one ICMP echo packet is sent (determined by the '-p 1' argument) + +# 'check-host-alive' command definition +define command{ + command_name check-host-alive + command_line $USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 1 + } + + + + +################################################################################ +# +# SAMPLE NOTIFICATION COMMANDS +# +# These are some example notification commands. They may or may not work on +# your system without modification. As an example, some systems will require +# you to use "/usr/bin/mailx" instead of "/usr/bin/mail" in the commands below. +# +################################################################################ + + +# 'host-notify-by-email' command definition +define command{ + command_name host-notify-by-email + command_line /usr/bin/printf "%b" "***** Nagios 2.10 *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /bin/mail -s "Host $HOSTSTATE$ alert for $HOSTNAME$!" $CONTACTEMAIL$ + } + + +# 'host-notify-by-epager' command definition +define command{ + command_name host-notify-by-epager + command_line /usr/bin/printf "%b" "Host '$HOSTALIAS$' is $HOSTSTATE$\nInfo: $HOSTOUTPUT$\nTime: $LONGDATETIME$" | /bin/mail -s "$NOTIFICATIONTYPE$ alert - Host $HOSTNAME$ is $HOSTSTATE$" $CONTACTPAGER$ + } + +# 'notify-by-email' command definition +define command{ + command_name notify-by-email + command_line /usr/bin/printf "%b" "***** Nagios 2.10 *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$" | /bin/mail -s "** $NOTIFICATIONTYPE$ alert - $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$ + } + + +# 'notify-by-epager' command definition +define command{ + command_name notify-by-epager + command_line /usr/bin/printf "%b" "Service: $SERVICEDESC$\nHost: $HOSTNAME$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\nInfo: $SERVICEOUTPUT$\nDate: $LONGDATETIME$" | /bin/mail -s "$NOTIFICATIONTYPE$: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$" $CONTACTPAGER$ + } + + + + + +################################################################################ +# +# SAMPLE PERFORMANCE DATA COMMANDS +# +# These are sample performance data commands that can be used to send performance +# data output to two text files (one for hosts, another for services). If you +# plan on simply writing performance data out to a file, consider using the +# host_perfdata_file and service_perfdata_file options in the main config file. +# +################################################################################ + + +# 'process-host-perfdata' command definition +define command{ + command_name process-host-perfdata + command_line /usr/bin/printf "%b" "$LASTHOSTCHECK$\t$HOSTNAME$\t$HOSTSTATE$\t$HOSTATTEMPT$\t$HOSTSTATETYPE$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$\n" >> /var/log/nagios/host-perfdata.out + } + + +# 'process-service-perfdata' command definition +define command{ + command_name process-service-perfdata + command_line /usr/bin/printf "%b" "$LASTSERVICECHECK$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICESTATE$\t$SERVICEATTEMPT$\t$SERVICESTATETYPE$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$\n" >> /var/log/nagios/service-perfdata.out + } + + diff --git a/templates/nagioscfg.erb b/files/Centos/nagios.cfg index 2618a1c..7027c90 100644 --- a/templates/nagioscfg.erb +++ b/files/Centos/nagios.cfg @@ -1,6 +1,6 @@ ############################################################################## # -# NAGIOS.CFG - Sample Main Config File for Nagios 2.9 +# NAGIOS.CFG - Sample Main Config File for Nagios 2.10 # # Read the documentation for more information on this configuration # file. I've provided some comments here, but things may not be so @@ -30,8 +30,11 @@ log_file=/var/log/nagios/nagios.log # This can be very useful if you want to keep command definitions # separate from host and contact definitions... +# puppet: all paths are managed here: +cfg_file=/etc/nagios/puppet_cfgpaths.cfg + # Command definitions -cfg_file=/etc/nagios/commands.cfg +#cfg_file=/etc/nagios/commands.cfg # Host and service definitions for monitoring this machine #cfg_file=/etc/nagios/localhost.cfg @@ -43,13 +46,12 @@ cfg_file=/etc/nagios/commands.cfg #cfg_file=/etc/nagios/contactgroups.cfg #cfg_file=/etc/nagios/contacts.cfg +#cfg_file=/etc/nagios/dependencies.cfg +#cfg_file=/etc/nagios/escalations.cfg #cfg_file=/etc/nagios/hostgroups.cfg #cfg_file=/etc/nagios/hosts.cfg #cfg_file=/etc/nagios/services.cfg #cfg_file=/etc/nagios/timeperiods.cfg -#cfg_file=/etc/nagios/misccommands.cfg -#cfg_file=/etc/nagios/checkcommands.cfg - # Extended host/service info definitions are now stored along with # other object definitions: @@ -60,7 +62,12 @@ cfg_file=/etc/nagios/commands.cfg # extension) in a particular directory by using the cfg_dir # directive as shown below: -cfg_dir=<%= nagios_cfgdir %>/hosts.d +#cfg_dir=/etc/nagios/servers +#cfg_dir=/etc/nagios/printers +#cfg_dir=/etc/nagios/switches +#cfg_dir=/etc/nagios/routers + + # OBJECT CACHE FILE # This option determines where object definitions are cached when @@ -72,6 +79,7 @@ cfg_dir=<%= nagios_cfgdir %>/hosts.d object_cache_file=/var/log/nagios/objects.cache + # RESOURCE FILE # This is an optional resource file that contains $USERx$ macro # definitions. Multiple resource files can be specified by using @@ -81,7 +89,7 @@ object_cache_file=/var/log/nagios/objects.cache # defined as macros in this file and restrictive permissions (600) # can be placed on this file. -resource_file=/etc/nagios/private/resource.cfg +#resource_file=/etc/nagios/private/resource.cfg @@ -119,7 +127,7 @@ nagios_group=nagios # you will have to enable this. Setting this value to 0 disables command # checking (the default), other values enable it. -check_external_commands=1 +check_external_commands=0 @@ -137,7 +145,7 @@ check_external_commands=1 # command file as often as possible. #command_check_interval=15s -command_check_interval=1 +command_check_interval=-1 diff --git a/files/Centos/private/resource.cfg.i386 b/files/Centos/private/resource.cfg.i386 new file mode 100644 index 0000000..0ccf2e1 --- /dev/null +++ b/files/Centos/private/resource.cfg.i386 @@ -0,0 +1,34 @@ +########################################################################### +# +# RESOURCE.CFG - Sample Resource File for Nagios 2.9 +# +# Last Modified: 09-10-2003 +# +# You can define $USERx$ macros in this file, which can in turn be used +# in command definitions in your host config file(s). $USERx$ macros are +# useful for storing sensitive information such as usernames, passwords, +# etc. They are also handy for specifying the path to plugins and +# event handlers - if you decide to move the plugins or event handlers to +# a different directory in the future, you can just update one or two +# $USERx$ macros, instead of modifying a lot of command definitions. +# +# The CGIs will not attempt to read the contents of resource files, so +# you can set restrictive permissions (600 or 660) on them. +# +# Nagios supports up to 32 $USERx$ macros ($USER1$ through $USER32$) +# +# Resource files may also be used to store configuration directives for +# external data sources like MySQL... +# +########################################################################### + +# Sets $USER1$ to be the path to the plugins +$USER1$=/usr/lib/nagios/plugins + +# Sets $USER2$ to be the path to event handlers +#$USER2$=/usr/lib64/nagios/plugins/eventhandlers + +# Store some usernames and passwords (hidden from the CGIs) +#$USER3$=someuser +#$USER4$=somepassword + diff --git a/files/Centos/private/resource.cfg.x86_64 b/files/Centos/private/resource.cfg.x86_64 new file mode 100644 index 0000000..b9f0841 --- /dev/null +++ b/files/Centos/private/resource.cfg.x86_64 @@ -0,0 +1,34 @@ +########################################################################### +# +# RESOURCE.CFG - Sample Resource File for Nagios 2.9 +# +# Last Modified: 09-10-2003 +# +# You can define $USERx$ macros in this file, which can in turn be used +# in command definitions in your host config file(s). $USERx$ macros are +# useful for storing sensitive information such as usernames, passwords, +# etc. They are also handy for specifying the path to plugins and +# event handlers - if you decide to move the plugins or event handlers to +# a different directory in the future, you can just update one or two +# $USERx$ macros, instead of modifying a lot of command definitions. +# +# The CGIs will not attempt to read the contents of resource files, so +# you can set restrictive permissions (600 or 660) on them. +# +# Nagios supports up to 32 $USERx$ macros ($USER1$ through $USER32$) +# +# Resource files may also be used to store configuration directives for +# external data sources like MySQL... +# +########################################################################### + +# Sets $USER1$ to be the path to the plugins +$USER1$=/usr/lib64/nagios/plugins + +# Sets $USER2$ to be the path to event handlers +#$USER2$=/usr/lib64/nagios/plugins/eventhandlers + +# Store some usernames and passwords (hidden from the CGIs) +#$USER3$=someuser +#$USER4$=somepassword + diff --git a/files/Centos/puppet_cfgpaths.cfg b/files/Centos/puppet_cfgpaths.cfg new file mode 100644 index 0000000..44294b4 --- /dev/null +++ b/files/Centos/puppet_cfgpaths.cfg @@ -0,0 +1,21 @@ +############################################################ +#### this file is managed by PUPPET #### +#### only modify it in puppet repo or you will #### +#### loose the changes ! #### +############################################################ +cfg_dir=/etc/nagios/legacy/ + +cfg_file=/etc/nagios/commands.cfg + +cfg_file=/etc/nagios/nagios_command.cfg +cfg_file=/etc/nagios/nagios_contact.cfg +cfg_file=/etc/nagios/nagios_contactgroup.cfg +cfg_file=/etc/nagios/nagios_host.cfg +cfg_file=/etc/nagios/nagios_hostextinfo.cfg +cfg_file=/etc/nagios/nagios_hostgroup.cfg +cfg_file=/etc/nagios/nagios_hostgroupescalation.cfg +cfg_file=/etc/nagios/nagios_service.cfg +cfg_file=/etc/nagios/nagios_servicedependency.cfg +cfg_file=/etc/nagios/nagios_serviceescalation.cfg +cfg_file=/etc/nagios/nagios_serviceextinfo.cfg +cfg_file=/etc/nagios/nagios_timeperdiod.cfg diff --git a/manifests/init.pp b/manifests/init.pp index 6504736..93032c0 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,10 +1,12 @@ # nagios.pp - everything nagios related # Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> # See LICENSE for the full license granted to you. +# adapted and improved by admin(at)immerda.ch +# adapted by Puzzle ITC - haerry+puppet(at)puzzle.ch # the directory containing all nagios configs: -$nagios_cfgdir = "/var/lib/puppet/modules/nagios" +$nagios_cfgdir = '/var/lib/puppet/modules/nagios' modules_dir{ nagios: } class nagios { @@ -15,96 +17,24 @@ class nagios { } } -class nagios::debian inherits nagios::base { - Package [nagios]{ - name => "nagios2", - } - package { - "nagios-plugins-standard": - ensure => installed, - } - Service[nagios] { - # Current Debian/etch pattern - pattern => "/usr/sbin/nagios2 -d /etc/nagios2/nagios.cfg", - subscribe => File [ $nagios_cfgdir ] - } - File["$etc_nagios_path/htpasswd.users"]{ - group => www-data, - } - - file { - [ "/etc/nagios2/conf.d/localhost_nagios2.cfg", - "/etc/nagios2/conf.d/extinfo_nagios2.cfg", - "/etc/nagios2/conf.d/services_nagios2.cfg" ]: - ensure => absent, - notify => Service[nagios2]; - } - # permit external commands from the CGI - file { - "/var/lib/nagios2": - ensure => directory, mode => 751, - owner => nagios, group => nagios, - notify => Service[nagios2]; - } - file{ - "/var/lib/nagios2/rw": - ensure => directory, mode => 2710, - owner => nagios, group => www-data, - notify => Service[nagios2]; - - } - - # TODO: these are not very robust! - replace { - # Debian installs a default check for the localhost. Since VServers - # usually have no localhost IP, this fixes the definition to check the - # real IP - fix_default_config: - file => "/etc/nagios2/conf.d/localhost_nagios2.cfg", - pattern => "address *127.0.0.1", - replacement => "address $ipaddress", - notify => Service[nagios2]; - # enable external commands from the CGI - enable_extcommands: - file => "/etc/nagios2/nagios.cfg", - pattern => "check_external_commands=0", - replacement => "check_external_commands=1", - notify => Service[nagios2]; - # put a cap on service checks - cap_service_checks: - file => "/etc/nagios2/nagios.cfg", - pattern => "max_concurrent_checks=0", - replacement => "max_concurrent_checks=30", - notify => Service[nagios2]; - } - -} -# end nagios::debian - -class nagios::centos inherits nagios::base { - package { [ 'nagios-plugins-smtp','nagios-plugins-http', 'nagios-plugins-ssh', 'nagios-plugins-udp', 'nagios-plugins-tcp', 'nagios-plugins-dig', 'nagios-plugins-nrpe', 'nagios-plugins-load', 'nagios-plugins-dns', 'nagios-plugins-ping', 'nagios-plugins-procs', 'nagios-plugins-users', 'nagios-plugins-ldap', 'nagios-plugins-disk', 'nagios-devel', 'nagios-plugins-swap', 'nagios-plugins-nagios', 'nagios-plugins-perl' ]: - ensure => 'present', - } - Service[nagios]{ - hasstatus => true, - } - -} - class nagios::vars { case $operatingsystem { debian: { - $etc_nagios_path = "/etc/nagios2" + $etc_nagios_path = '/etc/nagios2' } default: { - $etc_nagios_path = "/etc/nagios" + $etc_nagios_path = '/etc/nagios' } } } - class nagios::base { + include nagios::vars + + # needs apache to work + include apache + package { nagios: ensure => present, } @@ -116,145 +46,251 @@ class nagios::base { require => Package[nagios], } - include nagios::vars - - # import the various definitions - File <<| tag == 'nagios' |>> - - file { - "$etc_nagios_path/htpasswd.users": + # manage nagios cfg files + file {nagios_cfg_dir: + path => "$etc_nagios_path", + source => "puppet://$server/nagios/empty", + ensure => directory, + recurse => true, + purge => true, + notify => Service[nagios], + mode => 0755, owner => root, group => root; + } + # this file should contain _only_ the nagios_puppet_template-path: + # cfg_file=/etc/nagios/puppet_cfgpaths.cfg + file {nagios_main_cfg: + path => "$etc_nagios_path/nagios.cfg", + source => [ "puppet://$server/files/nagios/${fqdn}/nagios.cfg", + "puppet://$server/files/nagios/$operatingsystem/nagios.cfg.$lsbdistrelease", + "puppet://$server/files/nagios/$operatingsystem/nagios.cfg", + "puppet://$server/files/nagios/nagios.cfg", + "puppet://$server/nagios/$operatingsystem/nagios.cfg.$lsbdistrelease", + "puppet://$server/nagios/$operatingsystem/nagios.cfg", + "puppet://$server/nagios/nagios.cfg" ], + notify => Service[nagios], + mode => 0644, owner => root, group => root; + } + # here is this magic file containing all relevant paths + file {nagios_puppet_cfg_paths: + path => "$etc_nagios_path/puppet_cfgpaths.cfg", + source => [ "puppet://$server/files/nagios/${fqdn}/puppet_cfgpaths.cfg", + "puppet://$server/files/nagios/$operatingsystem/puppet_cfgpaths.cfg.$lsbdistrelease", + "puppet://$server/files/nagios/$operatingsystem/puppet_cfgpaths.cfg", + "puppet://$server/files/nagios/puppet_cfgpaths.cfg", + "puppet://$server/nagios/$operatingsystem/puppet_cfgpaths.cfg.$lsbdistrelease", + "puppet://$server/nagios/$operatingsystem/puppet_cfgpaths.cfg", + "puppet://$server/nagios/puppet_cfgpaths.cfg" ], + notify => Service[nagios], + mode => 0644, owner => root, group => root; + } + file { nagios_cgi_cfg: + path => "$etc_nagios_path/cgi.cfg", + source => [ "puppet://$server/files/nagios/${fqdn}/cgi.cfg", + "puppet://$server/files/nagios/$operatingsystem/cgi.cfg.$lsbdistrelease", + "puppet://$server/files/nagios/$operatingsystem/cgi.cfg", + "puppet://$server/files/nagios/cgi.cfg", + "puppet://$server/nagios/$operatingsystem/cgi.cfg.$lsbdistrelease", + "puppet://$server/nagios/$operatingsystem/cgi.cfg", + "puppet://$server/nagios/cgi.cfg" ], + owner => 'root', + group => 0, + mode => '0644', + notify => Service['apache'], + } + + file {"$etc_nagios_path/htpasswd.users": source => [ "puppet://$server/files/nagios/htpasswd.users", "puppet://$server/nagios/htpasswd.users" ], mode => 0640, owner => root, group => apache; } - - file { - "$nagios_cfgdir/hosts.d": - ensure => directory, - owner => root, - group => root, - mode => 0755, - } - define command($command_line) { - file { "$nagios_cfgdir/hosts.d/${name}_command.cfg": - ensure => present, content => template( "nagios/command.erb" ), - mode => 644, owner => root, group => root, - notify => Service[nagios2], - } - } + file{[ "$etc_nagios_path/nagios_command.cfg", + "$etc_nagios_path/nagios_contact.cfg", + "$etc_nagios_path/nagios_contactgroup.cfg", + "$etc_nagios_path/nagios_host.cfg", + "$etc_nagios_path/nagios_hostextinfo.cfg", + "$etc_nagios_path/nagios_hostgroup.cfg", + "$etc_nagios_path/nagios_hostgroupescalation.cfg", + "$etc_nagios_path/nagios_service.cfg", + "$etc_nagios_path/nagios_servicedependency.cfg", + "$etc_nagios_path/nagios_serviceescalation.cfg", + "$etc_nagios_path/nagios_serviceextinfo.cfg", + "$etc_nagios_path/nagios_timeperdiod.cfg" ]: + ensure => file, + replace => false, + notify => Service[nagios], + mode => 0644, owner => root, group => root; + } - nagios2::command { - # from ssh.pp - ssh_port: - command_line => '/usr/lib/nagios/plugins/check_ssh -p $ARG1$ $HOSTADDRESS$'; + # old way of commands to not break the current config + # TODO: integrate these commands into native nagios types + file{ "$etc_nagios_path/legacy": + source => "puppet://$server/files/nagios/legacy" + ensure => directory, + recurse => true, + purge => true, + notify => Service[nagios], + mode => 0755, owner => root, group => 0; + } + + nagios_command{ssh_port: + command_line => '$USER1/check_ssh -p $ARG1$ $HOSTADDRESS$'; # from apache2.pp http_port: - command_line => '/usr/lib/nagios/plugins/check_http -p $ARG1$ -H $HOSTADDRESS$ -I $HOSTADDRESS$'; + command_line => '$USER1/check_http -p $ARG1$ -H $HOSTADDRESS$ -I $HOSTADDRESS$'; # from bind.pp - nameserver: command_line => '/usr/lib/nagios/plugins/check_dns -H www.edv-bus.at -s $HOSTADDRESS$'; - # TODO: debug this, produces copious false positives: - # check_dig2: command_line => '/usr/lib/nagios/plugins/check_dig -H $HOSTADDRESS$ -l $ARG1$ --record_type=$ARG2$ --expected_address=$ARG3$ --warning=2.0 --critical=4.0'; - check_dig2: command_line => '/usr/lib/nagios/plugins/check_dig -H $HOSTADDRESS$ -l $ARG1$ --record_type=$ARG2$' - } - - define host($ip = $fqdn, $short_alias = $fqdn) { - @@file { - "$nagios_cfgdir/hosts.d/${name}_host.cfg": - ensure => present, content => template( "nagios/host.erb" ), - mode => 644, owner => root, group => root, - tag => 'nagios' - } + check_dig2: + command_line => '$USER1/check_dig -H $HOSTADDRESS$ -l $ARG1$ --record_type=$ARG2$' } - define service($check_command = '', - $nagios2_host_name = $fqdn, $nagios2_description = '') - { - # this is required to pass nagios' internal checks: - # every service needs to have a defined host - include nagios2::target - $real_check_command = $check_command ? { - '' => $name, - default => $check_command - } - $real_nagios2_description = $nagios2_description ? { - '' => $name, - default => $nagios2_description - } - @@file { - "$nagios_cfgdir/hosts.d/${nagios2_host_name}_${name}_service.cfg": - ensure => present, content => template( "nagios/service.erb" ), - mode => 644, owner => root, group => root, - tag => 'nagios' - } - } + Nagios_command <<||>> + Nagios_contact <<||>> + Nagios_contactgroup <<||>> + Nagios_host <<||>> + Nagios_hostextinfo <<||>> + Nagios_hostgroup <<||>> + Nagios_hostgroupescalation <<||>> + Nagios_service <<||>> + Nagios_servicedependency <<||>> + Nagios_serviceescalation <<||>> + Nagios_serviceextinfo <<||>> + Nagios_timeperiod <<||>> - define extra_host($ip = $fqdn, $short_alias = $fqdn, $parent = "none") { - $nagios_parent = $parent - file { - "$nagios_cfgdir/hosts.d/${name}_host.cfg": - ensure => present, content => template( "nagios/host.erb" ), - mode => 644, owner => root, group => root, - notify => Service[nagios2], - } - } + if defined(Class["munin::client"] { + include munin::plugins::nagios + } +} # end nagios::base - # additional hosts - - file { - "$etc_nagios_path/hosts.cfg": - source => [ - "puppet://$server/files/nagios/hosts.cfg", - "puppet://$server/nagios/hosts.cfg" - ], - mode => 0644, owner => nagios, group => nagios; +class nagios::centos inherits nagios::base { + package { [ 'nagios-plugins-smtp','nagios-plugins-http', 'nagios-plugins-ssh', 'nagios-plugins-udp', 'nagios-plugins-tcp', 'nagios-plugins-dig', 'nagios-plugins-nrpe', 'nagios-plugins-load', 'nagios-plugins-dns', 'nagios-plugins-ping', 'nagios-plugins-procs', 'nagios-plugins-users', 'nagios-plugins-ldap', 'nagios-plugins-disk', 'nagios-devel', 'nagios-plugins-swap', 'nagios-plugins-nagios', 'nagios-plugins-perl' ]: + ensure => 'present', + before => Service[nagios], + } + + Service[nagios]{ + hasstatus => true, + } + # default cmd file from rpm + # don't forget it to add to the puppet paths + file { nagios_commands_cfg: + path => "$etc_nagios_path/commands.cfg", + source => [ "puppet://$server/nagios/$operatingsystem/commands.cfg.$lsbdistrelease", + "puppet://$server/nagios/$operatingsystem/commands.cfg" ], + owner => 'root', + group => 0, + mode => '0644', + notify => Service['apache'], } + file{"$etc_nagios_path/private/": + source => "puppet://$server/nagios/empty", + ensure => directory, + purge => true, + recurse => true, + mode => '0750', owner => root, group => nagios; + } + file{"$etc_nagios_path/private/resource.cfg": + source => "puppet://$server/nagios/$operatingsystem/private/resource.cfg.$architecture", + owner => root, group => nagios, mode => '0640'; + } +} - # nagios cfg includes $nagios_cfgdir/hosts.d - file { - "$etc_nagios_path/nagios.cfg": - ensure => present, content => template( "nagios/nagioscfg.erb" ), - mode => 0644, owner => nagios, group => nagios; +class nagios::target { + include nagios::target::host + nagios::service::ping{$fqdn:} +} + +class nagios::target::host { + $real_nagios_parent = $nagios_parent ? { + '' => 'none', + default => $nagios_parent } + nagios::host { $fqdn: parents => $real_nagios_parent } +} + +# defines +define nagios::host( + $ip = $fqdn, + $alias = $hostname, + $use = 'generic-host', + $parents = 'none' ) +{ + @@nagios_host { $name: + ensure => present, + alias => $alias, + address => $ip. + use => $use, + } + case $parents { + 'none': {} + default: { + Nagios_host[$name]{ + parents => $parents, + } + } + } +} + +# this will define a host which isn't managed by puppet. +# a ping serivce is automatically added +# please note: +# - you can use it only on the nagios master (no exported resources) +# - you can not use this host for any other services! +define nagios::extra_host($ip, $alias, $host_use = 'generic-host', $parents = 'none' ) { + nagios::host{$name: + ip => $ip, + alias = $alias, + $use = $use, + parents = $parents + } + nagios_service { "check_ping_${name}": + check_command => "check_ping!100.0,20%!500.0,60%", + use => "generic-service", + host_name => $ip, + notification_period => "24x7", + service_description => "${alias}_check_ping" + } +} + +define nagios::service( + $check_command, + $host_name = $fqdn, + $use = 'generic-service', + notification_period = "24x7", + $service_description = ''){ - # include this class in every host that should be monitored by nagios - class target { - nagios2::host { $fqdn: } - debug ( "$fqdn has $nagios_parent as parent" ) - } -} # end nagios::base -##################################################################################################### -## The main nagios monitor class -#class nagios2 { -# -# file { -# "/etc/nagios2/conf.d/hostgroups_nagios2.cfg": -# source => "puppet://$server/nagios/hostgroups_nagios2.cfg", -# mode => 0644, owner => root, group => www-data, -# notify => Service[nagios2]; -# } -# -## line { include_cfgdir: -## file => "/etc/nagios2/nagios.cfg", -## line => "cfg_dir=$nagios_cfgdir", -## notify => Service[nagios2], -## } -# -# munin::plugin { -# nagios_hosts: script_path => "/usr/local/bin"; -# nagios_svc: script_path => "/usr/local/bin"; -# nagios_perf_hosts: ensure => nagios_perf_, script_path => "/usr/local/bin"; -# nagios_perf_svc: ensure => nagios_perf_, script_path => "/usr/local/bin"; -# } -# -# file { "/etc/munin/plugin-conf.d/nagios": -# content => "[nagios_*]\nuser root\n", -# mode => 0655, owner => root, group => root, -# notify => Service[munin-node] -# } -# -#} + # this is required to pass nagios' internal checks: + # every service needs to have a defined host + include nagios::target::host + @@nagios_service {$name: + check_command => $check_command, + use => $use, + host_name => $host_name, + notification_period => $notification_period, + } + # if no service_description is set it is a namevar + case $service_description { + '': {} + default: { + Nagios_service[$name]{ + service_description => $service_description, + } + } + } +} + +define nagios::service::ping($host_name = $hostname ){ + nagios::service{ "check_ping_${hostname}": + check_command => "check_ping!100.0,20%!500.0,60%", + host_name => $host_name, + } +} +define nagios::service::ntp($host_name = $hostname ){ + nagios::service{ "check_ntp_${hostname}": + check_command => "check_ntp", + host_name => $host_name, + } +} diff --git a/templates/command.erb b/templates/command.erb deleted file mode 100644 index aeaa8c9..0000000 --- a/templates/command.erb +++ /dev/null @@ -1,5 +0,0 @@ -define command{ - command_name <%= name %> - command_line <%= command_line %> - } - diff --git a/templates/host.erb b/templates/host.erb deleted file mode 100644 index 3598576..0000000 --- a/templates/host.erb +++ /dev/null @@ -1,10 +0,0 @@ -define host{ - use generic-host ; Name of host template to use - hostgroups ping-servers - host_name <%= name %> - alias <%= short_alias %> - address <%= ip %> - <% if ! (/^(none|)$/i =~ nagios_parent) then %> parents <%= nagios_parent %> <% end %> -} - - diff --git a/templates/service.erb b/templates/service.erb deleted file mode 100644 index 5799aca..0000000 --- a/templates/service.erb +++ /dev/null @@ -1,7 +0,0 @@ -define service { - host_name <%= nagios2_host_name %> - service_description <%= name %> - check_command <%= real_check_command %> - use generic-service -} - |