diff options
-rw-r--r-- | README | 115 | ||||
-rw-r--r-- | files/hostgroups_nagios2.cfg | 11 | ||||
-rw-r--r-- | manifests/init.pp | 242 | ||||
-rw-r--r-- | templates/command.erb | 5 | ||||
-rw-r--r-- | templates/host.erb | 10 | ||||
-rw-r--r-- | templates/service.erb | 7 |
6 files changed, 390 insertions, 0 deletions
@@ -0,0 +1,115 @@ +Overview +======== + +To use the nagios2 resources, activate storeconfigs on the puppetmaster. + +Monitor +------- + +On one node the "nagios2" class has to be included. This installes nagios2 and +apache2 and configures the cgi on http://node/nagios2/ + + +Hosts +----- + +On a node which shall be monitored with nagios, include the "nagios2::target". +This just creates a host declaration for this hosts "$fqdn". +Set the $nagios_parent variable in the node scope for enabling the reachability +features of nagios2. If a node needs more customisation, use the +"nagios2::host" component directly. + +To monitor hosts not managed by puppet, add "nagios2::extra_host"s to the +monitoring node. These can be used as intermediate $nagios_parent's + + +Services +-------- + +Services can be monitored by using the "nagios2::service" component. + +The simplest form is:: + + nagios2::service { check_dns: } + +The intention being obviously to put such declarations into a component defining +a service, thereby being automatically applied together with all instances of +the service. + + + +Caveats +======= + + +Performance +----------- + +A major drawback is that currently the needed storeconfig setting and +subsequent filling of the database is really a drag on performance. 0.22.1 +for example breaks at approximatly 120 monitored services (depends on H/W of +course). 0.22.3 has improved that my a factor of 3-4. + + +Consistency/Validation/Verification +----------------------------------- + +After convergance of the configuration, the system is obviously consistent. +That is, all defined services are monitored. The problem is though, that it is +neither automatically valid - it is not guaranteed that all components declare a +nagios2::service - and even if the configuration is valid it definitly is +unverified, since that is always a judgment call for an external observer. + + + +Examples +======== + +Usage example:: + +node nagios { + + include nagios2 + + # Declare another nagios command + nagios2::command { http_port: command_line +=> '/usr/lib/nagios/plugins/check_http -p $ARG1$ -H $HOSTADDRESS$ -I +$HOSTADDRESS$' + + # Declare unmanaged hosts + nagios_extra_host { + "router01": + parent => "gateway", + ip => "10.0.0.1"; + "router02": + parent => "router01", + ip => "192.168.0.1"; + } + +} + + +node target { + + # Monitor this host + $nagios_parent = "router01" + include nagios_target + + # monitor a service + $apache2_port = 8080 + include apache2 + + # This actually does this somewhere: + #nagios2::service { "http_${apache2_port}": + # check_command => "http_port!${apache2_port}" + #} + +} + + +License +======= + +Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> +See the file LICENSE in the top directory for the full license. + diff --git a/files/hostgroups_nagios2.cfg b/files/hostgroups_nagios2.cfg new file mode 100644 index 0000000..a77671e --- /dev/null +++ b/files/hostgroups_nagios2.cfg @@ -0,0 +1,11 @@ +# A simple wildcard hostgroup +define hostgroup { + hostgroup_name all + alias All Servers + members * +} + +define hostgroup { + hostgroup_name ping-servers + alias Servers to ping +} diff --git a/manifests/init.pp b/manifests/init.pp new file mode 100644 index 0000000..416ac0d --- /dev/null +++ b/manifests/init.pp @@ -0,0 +1,242 @@ +# nagios.pp - everything nagios related +# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> +# See LICENSE for the full license granted to you. + + +# the directory containing all nagios configs: +$nagios_cfgdir = "/var/lib/puppet/modules/nagios" +modules_dir{ nagios: } + +class nagios { + case $operatingsystem { + debian: { include nagios::debian } + centos: { include nagios::centos } + default: { include nagios::base } + } +} + +class nagios::debian inherits nagios::base { + Package [nagios]{ + name => "nagios2", + } + package { + "nagios-plugins-standard": + ensure => installed, + } + Service[nagios] { + # Current Debian/etch pattern + pattern => "/usr/sbin/nagios2 -d /etc/nagios2/nagios.cfg", + subscribe => File [ $nagios_cfgdir ] + } + File["$etc_nagios_path/htpasswd.users"]{ + group => www-data, + } + + file { + [ "/etc/nagios2/conf.d/localhost_nagios2.cfg", + "/etc/nagios2/conf.d/extinfo_nagios2.cfg", + "/etc/nagios2/conf.d/services_nagios2.cfg" ]: + ensure => absent, + notify => Service[nagios2]; + } + # permit external commands from the CGI + file { + "/var/lib/nagios2": + ensure => directory, mode => 751, + owner => nagios, group => nagios, + notify => Service[nagios2]; + } + file{ + "/var/lib/nagios2/rw": + ensure => directory, mode => 2710, + owner => nagios, group => www-data, + notify => Service[nagios2]; + + } + + # TODO: these are not very robust! + replace { + # Debian installs a default check for the localhost. Since VServers + # usually have no localhost IP, this fixes the definition to check the + # real IP + fix_default_config: + file => "/etc/nagios2/conf.d/localhost_nagios2.cfg", + pattern => "address *127.0.0.1", + replacement => "address $ipaddress", + notify => Service[nagios2]; + # enable external commands from the CGI + enable_extcommands: + file => "/etc/nagios2/nagios.cfg", + pattern => "check_external_commands=0", + replacement => "check_external_commands=1", + notify => Service[nagios2]; + # put a cap on service checks + cap_service_checks: + file => "/etc/nagios2/nagios.cfg", + pattern => "max_concurrent_checks=0", + replacement => "max_concurrent_checks=30", + notify => Service[nagios2]; + } + +} +# end nagios::debian + +class nagios::centos inherits nagios::base { + package { [ 'nagios-plugins-smtp','nagios-plugins-http', 'nagios-plugins-ssh', 'nagios-plugins-udp', 'nagios-plugins-tcp', 'nagios-plugins-dig', 'nagios-plugins-nrpe', 'nagios-plugins-load', 'nagios-plugins-dns', 'nagios-plugins-ping', 'nagios-plugins-procs', 'nagios-plugins-users', 'nagios-plugins-ldap', 'nagios-plugins-disk', 'nagios-devel', 'nagios-plugins-swap', 'nagios-plugins-nagios', 'nagios-plugins-perl' ]: + ensure => 'present', + } + Service[nagios]{ + hasstatus => true, + } + +} + +class nagios::vars { + case $operatingsystem { + debian: { + $etc_nagios_path = "/etc/nagios2" + } + default: { + $etc_nagios_path = "/etc/nagios" + } + } +} + + +class nagios::base { + + package { nagios: + ensure => present, + } + + service{nagios: + ensure => running, + enable => true, + #hasstatus => true, #fixme! + require => Package[nagios], + } + + include nagios::vars + + # import the various definitions + File <<| tag == 'nagios' |>> + + file { + "$etc_nagios_path/htpasswd.users": + source => [ + "puppet://$servername/files/nagios/htpasswd.users", + "puppet://$servername/nagios/htpasswd.users" + ], + mode => 0640, owner => root, group => apache; + } + + file { + "$nagios_cfgdir/hosts.d": + ensure => directory, + owner => root, + group => root, + mode => 0755, + } + + define command($command_line) { + file { "$nagios_cfgdir/hosts.d/${name}_command.cfg": + ensure => present, content => template( "nagios/command.erb" ), + mode => 644, owner => root, group => root, + notify => Service[nagios2], + } + } + + nagios2::command { + # from ssh.pp + ssh_port: + command_line => '/usr/lib/nagios/plugins/check_ssh -p $ARG1$ $HOSTADDRESS$'; + # from apache2.pp + http_port: + command_line => '/usr/lib/nagios/plugins/check_http -p $ARG1$ -H $HOSTADDRESS$ -I $HOSTADDRESS$'; + # from bind.pp + nameserver: command_line => '/usr/lib/nagios/plugins/check_dns -H www.edv-bus.at -s $HOSTADDRESS$'; + # TODO: debug this, produces copious false positives: + # check_dig2: command_line => '/usr/lib/nagios/plugins/check_dig -H $HOSTADDRESS$ -l $ARG1$ --record_type=$ARG2$ --expected_address=$ARG3$ --warning=2.0 --critical=4.0'; + check_dig2: command_line => '/usr/lib/nagios/plugins/check_dig -H $HOSTADDRESS$ -l $ARG1$ --record_type=$ARG2$' + } + + define host($ip = $fqdn, $short_alias = $fqdn) { + @@file { + "$nagios_cfgdir/${name}_host.cfg": + ensure => present, content => template( "nagios/host.erb" ), + mode => 644, owner => root, group => root, + tag => 'nagios' + } + } + + define service($check_command = '', + $nagios2_host_name = $fqdn, $nagios2_description = '') + { + # this is required to pass nagios' internal checks: + # every service needs to have a defined host + include nagios2::target + $real_check_command = $check_command ? { + '' => $name, + default => $check_command + } + $real_nagios2_description = $nagios2_description ? { + '' => $name, + default => $nagios2_description + } + @@file { + "$nagios_cfgdir/${nagios2_host_name}_${name}_service.cfg": + ensure => present, content => template( "nagios/service.erb" ), + mode => 644, owner => root, group => root, + tag => 'nagios' + } + } + + define extra_host($ip = $fqdn, $short_alias = $fqdn, $parent = "none") { + $nagios_parent = $parent + file { + "$nagios_cfgdir/${name}_host.cfg": + ensure => present, content => template( "nagios/host.erb" ), + mode => 644, owner => root, group => root, + notify => Service[nagios2], + } + } + # + # include this class in every host that should be monitored by nagios + class target { + nagios2::host { $fqdn: } + debug ( "$fqdn has $nagios_parent as parent" ) + } +} # end nagios::base + +##################################################################################################### +## The main nagios monitor class +#class nagios2 { +# +# file { +# "/etc/nagios2/conf.d/hostgroups_nagios2.cfg": +# source => "puppet://$servername/nagios/hostgroups_nagios2.cfg", +# mode => 0644, owner => root, group => www-data, +# notify => Service[nagios2]; +# } +# +## line { include_cfgdir: +## file => "/etc/nagios2/nagios.cfg", +## line => "cfg_dir=$nagios_cfgdir", +## notify => Service[nagios2], +## } +# +# munin::plugin { +# nagios_hosts: script_path => "/usr/local/bin"; +# nagios_svc: script_path => "/usr/local/bin"; +# nagios_perf_hosts: ensure => nagios_perf_, script_path => "/usr/local/bin"; +# nagios_perf_svc: ensure => nagios_perf_, script_path => "/usr/local/bin"; +# } +# +# file { "/etc/munin/plugin-conf.d/nagios": +# content => "[nagios_*]\nuser root\n", +# mode => 0655, owner => root, group => root, +# notify => Service[munin-node] +# } +# +#} + diff --git a/templates/command.erb b/templates/command.erb new file mode 100644 index 0000000..aeaa8c9 --- /dev/null +++ b/templates/command.erb @@ -0,0 +1,5 @@ +define command{ + command_name <%= name %> + command_line <%= command_line %> + } + diff --git a/templates/host.erb b/templates/host.erb new file mode 100644 index 0000000..3598576 --- /dev/null +++ b/templates/host.erb @@ -0,0 +1,10 @@ +define host{ + use generic-host ; Name of host template to use + hostgroups ping-servers + host_name <%= name %> + alias <%= short_alias %> + address <%= ip %> + <% if ! (/^(none|)$/i =~ nagios_parent) then %> parents <%= nagios_parent %> <% end %> +} + + diff --git a/templates/service.erb b/templates/service.erb new file mode 100644 index 0000000..5799aca --- /dev/null +++ b/templates/service.erb @@ -0,0 +1,7 @@ +define service { + host_name <%= nagios2_host_name %> + service_description <%= name %> + check_command <%= real_check_command %> + use generic-service +} + |