summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README115
-rw-r--r--files/hostgroups_nagios2.cfg11
-rw-r--r--manifests/init.pp242
-rw-r--r--templates/command.erb5
-rw-r--r--templates/host.erb10
-rw-r--r--templates/service.erb7
6 files changed, 390 insertions, 0 deletions
diff --git a/README b/README
new file mode 100644
index 0000000..8739944
--- /dev/null
+++ b/README
@@ -0,0 +1,115 @@
+Overview
+========
+
+To use the nagios2 resources, activate storeconfigs on the puppetmaster.
+
+Monitor
+-------
+
+On one node the "nagios2" class has to be included. This installes nagios2 and
+apache2 and configures the cgi on http://node/nagios2/
+
+
+Hosts
+-----
+
+On a node which shall be monitored with nagios, include the "nagios2::target".
+This just creates a host declaration for this hosts "$fqdn".
+Set the $nagios_parent variable in the node scope for enabling the reachability
+features of nagios2. If a node needs more customisation, use the
+"nagios2::host" component directly.
+
+To monitor hosts not managed by puppet, add "nagios2::extra_host"s to the
+monitoring node. These can be used as intermediate $nagios_parent's
+
+
+Services
+--------
+
+Services can be monitored by using the "nagios2::service" component.
+
+The simplest form is::
+
+ nagios2::service { check_dns: }
+
+The intention being obviously to put such declarations into a component defining
+a service, thereby being automatically applied together with all instances of
+the service.
+
+
+
+Caveats
+=======
+
+
+Performance
+-----------
+
+A major drawback is that currently the needed storeconfig setting and
+subsequent filling of the database is really a drag on performance. 0.22.1
+for example breaks at approximatly 120 monitored services (depends on H/W of
+course). 0.22.3 has improved that my a factor of 3-4.
+
+
+Consistency/Validation/Verification
+-----------------------------------
+
+After convergance of the configuration, the system is obviously consistent.
+That is, all defined services are monitored. The problem is though, that it is
+neither automatically valid - it is not guaranteed that all components declare a
+nagios2::service - and even if the configuration is valid it definitly is
+unverified, since that is always a judgment call for an external observer.
+
+
+
+Examples
+========
+
+Usage example::
+
+node nagios {
+
+ include nagios2
+
+ # Declare another nagios command
+ nagios2::command { http_port: command_line
+=> '/usr/lib/nagios/plugins/check_http -p $ARG1$ -H $HOSTADDRESS$ -I
+$HOSTADDRESS$'
+
+ # Declare unmanaged hosts
+ nagios_extra_host {
+ "router01":
+ parent => "gateway",
+ ip => "10.0.0.1";
+ "router02":
+ parent => "router01",
+ ip => "192.168.0.1";
+ }
+
+}
+
+
+node target {
+
+ # Monitor this host
+ $nagios_parent = "router01"
+ include nagios_target
+
+ # monitor a service
+ $apache2_port = 8080
+ include apache2
+
+ # This actually does this somewhere:
+ #nagios2::service { "http_${apache2_port}":
+ # check_command => "http_port!${apache2_port}"
+ #}
+
+}
+
+
+License
+=======
+
+Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
+See the file LICENSE in the top directory for the full license.
+
diff --git a/files/hostgroups_nagios2.cfg b/files/hostgroups_nagios2.cfg
new file mode 100644
index 0000000..a77671e
--- /dev/null
+++ b/files/hostgroups_nagios2.cfg
@@ -0,0 +1,11 @@
+# A simple wildcard hostgroup
+define hostgroup {
+ hostgroup_name all
+ alias All Servers
+ members *
+}
+
+define hostgroup {
+ hostgroup_name ping-servers
+ alias Servers to ping
+}
diff --git a/manifests/init.pp b/manifests/init.pp
new file mode 100644
index 0000000..416ac0d
--- /dev/null
+++ b/manifests/init.pp
@@ -0,0 +1,242 @@
+# nagios.pp - everything nagios related
+# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
+# See LICENSE for the full license granted to you.
+
+
+# the directory containing all nagios configs:
+$nagios_cfgdir = "/var/lib/puppet/modules/nagios"
+modules_dir{ nagios: }
+
+class nagios {
+ case $operatingsystem {
+ debian: { include nagios::debian }
+ centos: { include nagios::centos }
+ default: { include nagios::base }
+ }
+}
+
+class nagios::debian inherits nagios::base {
+ Package [nagios]{
+ name => "nagios2",
+ }
+ package {
+ "nagios-plugins-standard":
+ ensure => installed,
+ }
+ Service[nagios] {
+ # Current Debian/etch pattern
+ pattern => "/usr/sbin/nagios2 -d /etc/nagios2/nagios.cfg",
+ subscribe => File [ $nagios_cfgdir ]
+ }
+ File["$etc_nagios_path/htpasswd.users"]{
+ group => www-data,
+ }
+
+ file {
+ [ "/etc/nagios2/conf.d/localhost_nagios2.cfg",
+ "/etc/nagios2/conf.d/extinfo_nagios2.cfg",
+ "/etc/nagios2/conf.d/services_nagios2.cfg" ]:
+ ensure => absent,
+ notify => Service[nagios2];
+ }
+ # permit external commands from the CGI
+ file {
+ "/var/lib/nagios2":
+ ensure => directory, mode => 751,
+ owner => nagios, group => nagios,
+ notify => Service[nagios2];
+ }
+ file{
+ "/var/lib/nagios2/rw":
+ ensure => directory, mode => 2710,
+ owner => nagios, group => www-data,
+ notify => Service[nagios2];
+
+ }
+
+ # TODO: these are not very robust!
+ replace {
+ # Debian installs a default check for the localhost. Since VServers
+ # usually have no localhost IP, this fixes the definition to check the
+ # real IP
+ fix_default_config:
+ file => "/etc/nagios2/conf.d/localhost_nagios2.cfg",
+ pattern => "address *127.0.0.1",
+ replacement => "address $ipaddress",
+ notify => Service[nagios2];
+ # enable external commands from the CGI
+ enable_extcommands:
+ file => "/etc/nagios2/nagios.cfg",
+ pattern => "check_external_commands=0",
+ replacement => "check_external_commands=1",
+ notify => Service[nagios2];
+ # put a cap on service checks
+ cap_service_checks:
+ file => "/etc/nagios2/nagios.cfg",
+ pattern => "max_concurrent_checks=0",
+ replacement => "max_concurrent_checks=30",
+ notify => Service[nagios2];
+ }
+
+}
+# end nagios::debian
+
+class nagios::centos inherits nagios::base {
+ package { [ 'nagios-plugins-smtp','nagios-plugins-http', 'nagios-plugins-ssh', 'nagios-plugins-udp', 'nagios-plugins-tcp', 'nagios-plugins-dig', 'nagios-plugins-nrpe', 'nagios-plugins-load', 'nagios-plugins-dns', 'nagios-plugins-ping', 'nagios-plugins-procs', 'nagios-plugins-users', 'nagios-plugins-ldap', 'nagios-plugins-disk', 'nagios-devel', 'nagios-plugins-swap', 'nagios-plugins-nagios', 'nagios-plugins-perl' ]:
+ ensure => 'present',
+ }
+ Service[nagios]{
+ hasstatus => true,
+ }
+
+}
+
+class nagios::vars {
+ case $operatingsystem {
+ debian: {
+ $etc_nagios_path = "/etc/nagios2"
+ }
+ default: {
+ $etc_nagios_path = "/etc/nagios"
+ }
+ }
+}
+
+
+class nagios::base {
+
+ package { nagios:
+ ensure => present,
+ }
+
+ service{nagios:
+ ensure => running,
+ enable => true,
+ #hasstatus => true, #fixme!
+ require => Package[nagios],
+ }
+
+ include nagios::vars
+
+ # import the various definitions
+ File <<| tag == 'nagios' |>>
+
+ file {
+ "$etc_nagios_path/htpasswd.users":
+ source => [
+ "puppet://$servername/files/nagios/htpasswd.users",
+ "puppet://$servername/nagios/htpasswd.users"
+ ],
+ mode => 0640, owner => root, group => apache;
+ }
+
+ file {
+ "$nagios_cfgdir/hosts.d":
+ ensure => directory,
+ owner => root,
+ group => root,
+ mode => 0755,
+ }
+
+ define command($command_line) {
+ file { "$nagios_cfgdir/hosts.d/${name}_command.cfg":
+ ensure => present, content => template( "nagios/command.erb" ),
+ mode => 644, owner => root, group => root,
+ notify => Service[nagios2],
+ }
+ }
+
+ nagios2::command {
+ # from ssh.pp
+ ssh_port:
+ command_line => '/usr/lib/nagios/plugins/check_ssh -p $ARG1$ $HOSTADDRESS$';
+ # from apache2.pp
+ http_port:
+ command_line => '/usr/lib/nagios/plugins/check_http -p $ARG1$ -H $HOSTADDRESS$ -I $HOSTADDRESS$';
+ # from bind.pp
+ nameserver: command_line => '/usr/lib/nagios/plugins/check_dns -H www.edv-bus.at -s $HOSTADDRESS$';
+ # TODO: debug this, produces copious false positives:
+ # check_dig2: command_line => '/usr/lib/nagios/plugins/check_dig -H $HOSTADDRESS$ -l $ARG1$ --record_type=$ARG2$ --expected_address=$ARG3$ --warning=2.0 --critical=4.0';
+ check_dig2: command_line => '/usr/lib/nagios/plugins/check_dig -H $HOSTADDRESS$ -l $ARG1$ --record_type=$ARG2$'
+ }
+
+ define host($ip = $fqdn, $short_alias = $fqdn) {
+ @@file {
+ "$nagios_cfgdir/${name}_host.cfg":
+ ensure => present, content => template( "nagios/host.erb" ),
+ mode => 644, owner => root, group => root,
+ tag => 'nagios'
+ }
+ }
+
+ define service($check_command = '',
+ $nagios2_host_name = $fqdn, $nagios2_description = '')
+ {
+ # this is required to pass nagios' internal checks:
+ # every service needs to have a defined host
+ include nagios2::target
+ $real_check_command = $check_command ? {
+ '' => $name,
+ default => $check_command
+ }
+ $real_nagios2_description = $nagios2_description ? {
+ '' => $name,
+ default => $nagios2_description
+ }
+ @@file {
+ "$nagios_cfgdir/${nagios2_host_name}_${name}_service.cfg":
+ ensure => present, content => template( "nagios/service.erb" ),
+ mode => 644, owner => root, group => root,
+ tag => 'nagios'
+ }
+ }
+
+ define extra_host($ip = $fqdn, $short_alias = $fqdn, $parent = "none") {
+ $nagios_parent = $parent
+ file {
+ "$nagios_cfgdir/${name}_host.cfg":
+ ensure => present, content => template( "nagios/host.erb" ),
+ mode => 644, owner => root, group => root,
+ notify => Service[nagios2],
+ }
+ }
+ #
+ # include this class in every host that should be monitored by nagios
+ class target {
+ nagios2::host { $fqdn: }
+ debug ( "$fqdn has $nagios_parent as parent" )
+ }
+} # end nagios::base
+
+#####################################################################################################
+## The main nagios monitor class
+#class nagios2 {
+#
+# file {
+# "/etc/nagios2/conf.d/hostgroups_nagios2.cfg":
+# source => "puppet://$servername/nagios/hostgroups_nagios2.cfg",
+# mode => 0644, owner => root, group => www-data,
+# notify => Service[nagios2];
+# }
+#
+## line { include_cfgdir:
+## file => "/etc/nagios2/nagios.cfg",
+## line => "cfg_dir=$nagios_cfgdir",
+## notify => Service[nagios2],
+## }
+#
+# munin::plugin {
+# nagios_hosts: script_path => "/usr/local/bin";
+# nagios_svc: script_path => "/usr/local/bin";
+# nagios_perf_hosts: ensure => nagios_perf_, script_path => "/usr/local/bin";
+# nagios_perf_svc: ensure => nagios_perf_, script_path => "/usr/local/bin";
+# }
+#
+# file { "/etc/munin/plugin-conf.d/nagios":
+# content => "[nagios_*]\nuser root\n",
+# mode => 0655, owner => root, group => root,
+# notify => Service[munin-node]
+# }
+#
+#}
+
diff --git a/templates/command.erb b/templates/command.erb
new file mode 100644
index 0000000..aeaa8c9
--- /dev/null
+++ b/templates/command.erb
@@ -0,0 +1,5 @@
+define command{
+ command_name <%= name %>
+ command_line <%= command_line %>
+ }
+
diff --git a/templates/host.erb b/templates/host.erb
new file mode 100644
index 0000000..3598576
--- /dev/null
+++ b/templates/host.erb
@@ -0,0 +1,10 @@
+define host{
+ use generic-host ; Name of host template to use
+ hostgroups ping-servers
+ host_name <%= name %>
+ alias <%= short_alias %>
+ address <%= ip %>
+ <% if ! (/^(none|)$/i =~ nagios_parent) then %> parents <%= nagios_parent %> <% end %>
+}
+
+
diff --git a/templates/service.erb b/templates/service.erb
new file mode 100644
index 0000000..5799aca
--- /dev/null
+++ b/templates/service.erb
@@ -0,0 +1,7 @@
+define service {
+ host_name <%= nagios2_host_name %>
+ service_description <%= name %>
+ check_command <%= real_check_command %>
+ use generic-service
+}
+