diff --git a/manifests/nagios/client.pp b/manifests/nagios/client.pp index a1cc16b..5ed49a8 100644 --- a/manifests/nagios/client.pp +++ b/manifests/nagios/client.pp @@ -4,6 +4,7 @@ $public_ip = ipaddress_eth0, $atomia_account = '100001', $apache_agent_class = 'atomia::nagios::client::apache_agent', + $apache_agent_cl_class = 'atomia::nagios::client::apache_agent_cl', $atomiadns_master_class = 'atomia::nagios::client::atomiadns_master', $nameserver_class = 'atomia::nagios::client::nameserver', $fsagent_class = 'atomia::nagios::client::fsagent', @@ -37,7 +38,6 @@ } } - # Deploy on Windows. if $::operatingsystem == 'windows' { class { 'nsclient': @@ -78,22 +78,42 @@ } } + # Deploy on other OS (Linux) perl-DateTime-Format-ISO8601 } else { - # Deploy on other OS (Linux) - package { [ - 'nagios-nrpe-server', - 'libconfig-json-perl', - 'libdatetime-format-iso8601-perl' - ]: - ensure => installed, - } - - if ! defined(Package['libwww-mechanize-perl']) { - package { 'libwww-mechanize-perl': + # Check the distro first if redhat (centos, cloudlinux) then we need to change some libs + if $::osfamily.downcase == 'redhat' { + package { [ + 'nrpe', # we need to install the basic plugins to have the folder needed for our atomia plugins + 'nagios-plugins-users', + 'nagios-plugins-load', + 'nagios-plugins-swap', + 'nagios-plugins-disk', + 'nagios-plugins-procs', + 'perl-JSON', + 'perl-DateTime-Format-ISO8601' + ]: + ensure => installed, + } + if ! defined(Package['perl-WWW-Mechanize']) { + package { 'perl-WWW-Mechanize': + ensure => installed, + } + } + } else { + package { [ + 'nagios-nrpe-server', + 'libconfig-json-perl', + 'libdatetime-format-iso8601-perl' + ]: ensure => installed, } + if ! defined(Package['libwww-mechanize-perl']) { + package { 'libwww-mechanize-perl': + ensure => installed, + } + } } - + # Define hostgroups based on custom fact case $::atomia_role_1 { 'domainreg': { @@ -111,6 +131,11 @@ class { $apache_agent_class: } } + 'apache_agent_cl': { + $hostgroup = 'linux-customer-webservers,linux-all' + class { $apache_agent_cl_class: } + } + 'atomiadns': { $hostgroup = 'linux-dns,linux-all' class { $atomiadns_master_class: } @@ -185,29 +210,12 @@ default: { warning('Unsupported config') } - - } - if ! defined(Service['nagios-nrpe-server']) { - service { 'nagios-nrpe-server': - ensure => running, - require => Package['nagios-nrpe-server'], - } } $daggre_ip = hiera('atomia::daggre::ip_addr','') $daggre_token = hiera('atomia::daggre::global_auth_token','') $daggre_check_ftp_url = "http://${daggre_ip}:999/g?a=${daggre_token}&o=100000&latest=ftp_storage" $daggre_check_traffic_url = "http://${daggre_ip}:999/g?a=${daggre_token}&o=100000&latest=web_traffic_bytes" - # Configuration files - file { '/etc/nagios/nrpe.cfg': - owner => 'root', - group => 'root', - mode => '0644', - content => template('atomia/nagios/nrpe.cfg.erb'), - require => Package['nagios-nrpe-server'], - notify => Service['nagios-nrpe-server'] - } - @@nagios_host { "${::fqdn}-host" : use => 'generic-host', @@ -219,14 +227,72 @@ max_check_attempts => '5' } + if $::osfamily.downcase == 'redhat' { + if ! defined(Service['nrpe']) { + service { 'nrpe': + ensure => running, + enable => true, + require => Package['nrpe'], + } + } + # Configuration files + # We need to be sure these dirs and files are present or nagios client wont run + # We need to allow access to nrpe user to run sudo without password for it to be able to run checks + file { '/etc/nagios/nrpe_local.cfg': + ensure => 'present', + replace => 'no', + content => '', + mode => '0644' + } -> + exec { 'add nrpe to sudoers general' : + command => "/usr/bin/echo '%nrpe ALL=(ALL) NOPASSWD: /usr/lib64/nagios/plugins/' >> /etc/sudoers", + unless => "/usr/bin/grep -c '%nrpe ALL=(ALL) NOPASSWD: /usr/lib64/nagios/plugins/' /etc/sudoers", + require => Package['nrpe'] + } -> + exec { 'add nrpe to sudoers atomia' : + command => "/usr/bin/echo '%nrpe ALL=(ALL) NOPASSWD: /usr/lib64/nagios/plugins/atomia/' >> /etc/sudoers", + unless => "/usr/bin/grep -c '%nrpe ALL=(ALL) NOPASSWD: /usr/lib64/nagios/plugins/atomia/' /etc/sudoers", + require => Package['nrpe'] + } -> + file { '/etc/nagios/nrpe.cfg': + owner => 'root', + group => 'root', + mode => '0644', + content => template('atomia/nagios/nrpe.cfg.erb'), + require => Package['nrpe'], + notify => Service['nrpe'] + } - if !defined(File['/usr/lib/nagios/plugins/atomia']){ - file { '/usr/lib/nagios/plugins/atomia': - source => 'puppet:///modules/atomia/nagios/plugins', - recurse => true, - require => Package['nagios-nrpe-server'] + if !defined(File['/usr/lib64/nagios/plugins/atomia']){ + file { '/usr/lib64/nagios/plugins/atomia': + source => 'puppet:///modules/atomia/nagios/plugins', + recurse => true, + require => Package['nrpe'] + } + } + } else { #Debian based distros + if ! defined(Service['nagios-nrpe-server']) { + service { 'nagios-nrpe-server': + ensure => running, + require => Package['nagios-nrpe-server'], + } + } + # Configuration files + file { '/etc/nagios/nrpe.cfg': + owner => 'root', + group => 'root', + mode => '0644', + content => template('atomia/nagios/nrpe.cfg.erb'), + require => Package['nagios-nrpe-server'], + notify => Service['nagios-nrpe-server'] + } + if !defined(File['/usr/lib/nagios/plugins/atomia']){ + file { '/usr/lib/nagios/plugins/atomia': + source => 'puppet:///modules/atomia/nagios/plugins', + recurse => true, + require => Package['nagios-nrpe-server'] + } } } - } } diff --git a/manifests/nagios/client/apache_agent_cl.pp b/manifests/nagios/client/apache_agent_cl.pp new file mode 100644 index 0000000..ce0e420 --- /dev/null +++ b/manifests/nagios/client/apache_agent_cl.pp @@ -0,0 +1,65 @@ +class atomia::nagios::client::apache_agent_cl ( + +) { + + @@nagios_service { "${::fqdn}-apache_agent-mountpoints": + host_name => $::fqdn, + service_description => 'NFS mounts', + check_command => 'check_nrpe!check_all_mountpoints', + use => 'generic-service', + target => "/usr/local/nagios/etc/servers/${::hostname}_service.cfg", + } + + @@nagios_service { "${::fqdn}-apache_agent-process-count": + host_name => $::fqdn, + service_description => 'Total processes', + check_command => 'check_nrpe!check_total_procs', + use => 'generic-service', + target => "/usr/local/nagios/etc/servers/${::hostname}_service.cfg", + } + + @@nagios_service { "${::fqdn}-apache_agent-process-apache": + host_name => $::fqdn, + service_description => 'Apache processes', + check_command => 'check_nrpe!check_apache_procs', + use => 'generic-service', + target => "/usr/local/nagios/etc/servers/${::hostname}_service.cfg", + } + + @@nagios_service { "${::fqdn}-apache_agent-process-php": + host_name => $::fqdn, + service_description => 'PHP processes', + check_command => 'check_nrpe!check_php_procs', + use => 'generic-service', + target => "/usr/local/nagios/etc/servers/${::hostname}_service.cfg", + } + + @@nagios_service { "${::fqdn}-apache_agent-process-lvestats": + host_name => $::fqdn, + service_description => 'LVEStats processes', + check_command => 'check_nrpe!check_lvestats_procs', + use => 'generic-service', + target => "/usr/local/nagios/etc/servers/${::hostname}_service.cfg", + } + @@nagios_service { "${::fqdn}-apache_agent-process-cagefs": + host_name => $::fqdn, + service_description => 'CageFS processes', + check_command => 'check_nrpe!check_cagefs_procs', + use => 'generic-service', + target => "/usr/local/nagios/etc/servers/${::hostname}_service.cfg", + } + @@nagios_service { "${::fqdn}-apache_agent-process-clagent": + host_name => $::fqdn, + service_description => 'CloudLinux Agent processes', + check_command => 'check_nrpe!check_cloudlinux_agent_procs', + use => 'generic-service', + target => "/usr/local/nagios/etc/servers/${::hostname}_service.cfg", + } + @@nagios_service { "${::fqdn}-apache_agent-process-apacheagent": + host_name => $::fqdn, + service_description => 'Apache Agent processes', + check_command => 'check_nrpe!check_apache_agent_procs', + use => 'generic-service', + target => "/usr/local/nagios/etc/servers/${::hostname}_service.cfg", + } +} diff --git a/templates/nagios/nrpe.cfg.erb b/templates/nagios/nrpe.cfg.erb index fe57b11..76c4c44 100644 --- a/templates/nagios/nrpe.cfg.erb +++ b/templates/nagios/nrpe.cfg.erb @@ -22,9 +22,11 @@ log_facility=daemon # The name of the file in which the NRPE daemon should write it's process ID # number. The file is only written if the NRPE daemon is started by the root # user and is running in standalone mode. - +<% if @osfamily.downcase == 'redhat' %> +pid_file=/var/run/nrpe/nrpe.pid +<% else %> pid_file=/var/run/nagios/nrpe.pid - +<% end %> # PORT NUMBER @@ -51,8 +53,11 @@ server_port=5666 # # NOTE: This option is ignored if NRPE is running under either inetd or xinetd +<% if @osfamily.downcase == 'redhat' %> +nrpe_user=nrpe +<% else %> nrpe_user=nagios - +<% end %> # NRPE GROUP @@ -61,8 +66,11 @@ nrpe_user=nagios # # NOTE: This option is ignored if NRPE is running under either inetd or xinetd +<% if @osfamily.downcase == 'redhat' %> +nrpe_group=nrpe +<% else %> nrpe_group=nagios - +<% end %> # ALLOWED HOST ADDRESSES @@ -193,49 +201,67 @@ connection_timeout=300 # to match the argument format the plugins expect. Remember, these are # examples only! +<% + # We need $sudo in order to be able to list processes on RHEL system as nrpe user. + # Also this needs to applied on RHEL https://gagor.pl/2014/03/nagios-run-checks-as-root-with-nrpe/ + if @osfamily.downcase == 'redhat' + $libpath = 'lib64' + $apacheprocess = 'httpd' + $sudo = '/usr/bin/sudo ' + else + $libpath = 'lib' + $apacheprocess = 'apache2' + $sudo = '' + end +%> # The following examples use hardcoded command arguments... - -command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10 -command[check_load]=/usr/lib/nagios/plugins/check_load -w 15,10,5 -c 30,25,20 -command[check_hda1]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -p /dev/hda1 -command[check_zombie_procs]=/usr/lib/nagios/plugins/check_procs -w 5 -c 10 -s Z -command[check_total_procs]=/usr/lib/nagios/plugins/check_procs -w 150 -c 200 -command[check_all_disks]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -e -command[check_apache_procs]=/usr/lib/nagios/plugins/check_procs -c 1: -w 3: -C apache2 -command[check_php_procs]=/usr/lib/nagios/plugins/check_procs -c 100 -w 50 -a php -command[check_bind_proc]=/usr/lib/nagios/plugins/check_procs -c 1: -C named -command[check_powerdnssync_procs]=/usr/lib/nagios/plugins/check_procs -c 1: -a atomiapowerdnssync -command[check_powerdns_procs]=/usr/lib/nagios/plugins/check_procs -c 2: -a pdns_server -command[check_postgres_proc]=/usr/lib/nagios/plugins/check_procs -c 4:100 -a postgres -command[check_awstats_procs]=/usr/lib/nagios/plugins/check_procs -c 1: -a awstats-agent -command[check_daggre_proc]=/usr/lib/nagios/plugins/check_procs -c 1: -a daggre -command[check_cronagent_proc]=/usr/lib/nagios/plugins/check_procs -c 1: -a atomia-cronagent -command[check_pureftpd_proc]=/usr/lib/nagios/plugins/check_procs -c 1: -a pure-ftpd - - <% $hierapath = "/etc/puppet/hieradata" %> <% $modulepath = "/etc/puppet/modules/atomia/manifests" %> <% $lookup_var = "/etc/puppet/modules/atomia/files/lookup_variable.sh" %> -command[check_daggre_ftp]=/usr/lib/nagios/plugins/atomia/check_daggre.pl --uri "<%= @daggre_check_ftp_url %>" --timeout 5 --days 1 -command[check_daggre_weblog]=/usr/lib/nagios/plugins/atomia/check_daggre.pl --uri "<%= @daggre_check_traffic_url %>" --timeout 5 --days 1 - -command[check_all_mountpoints] = /usr/lib/nagios/plugins/atomia/check_mountpoints.sh -A +command[check_users]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_users -w 5 -c 10 +command[check_load]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_load -w 15,10,5 -c 30,25,20 +command[check_hda1]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_disk -w 20% -c 10% -p /dev/hda1 +command[check_zombie_procs]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -w 5 -c 10 -s Z +command[check_total_procs]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -w 150 -c 200 +command[check_all_disks]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_disk -w 20% -c 10% -e +command[check_apache_procs]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 1: -w 3: -C <%= $apacheprocess %> +command[check_php_procs]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 100 -w 50 -a php +command[check_bind_proc]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 1: -C named +command[check_powerdnssync_procs]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 1: -a atomiapowerdnssync +command[check_powerdns_procs]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 2: -a pdns_server +command[check_postgres_proc]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 4:100 -a postgres +command[check_awstats_procs]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 1: -a awstats-agent +command[check_daggre_proc]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 1: -a daggre +command[check_cronagent_proc]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 1: -a atomia-cronagent +command[check_pureftpd_proc]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 1: -a pure-ftpd + +command[check_daggre_ftp]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/atomia/check_daggre.pl --uri "<%= @daggre_check_ftp_url %>" --timeout 5 --days 1 +command[check_daggre_weblog]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/atomia/check_daggre.pl --uri "<%= @daggre_check_traffic_url %>" --timeout 5 --days 1 + +command[check_all_mountpoints] = <%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/atomia/check_mountpoints.sh -A + +command[check_atomiadns]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/atomia/check_atomiadns.sh $ARG1$ http://localhost/atomiadns $ARG2$ $ARG3$ +command[check_domainreg]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/atomia/check_domainreg.sh $ARG1$ +command[check_glusterfs]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/atomia/check_glusterfs -v $ARG1$ -n $ARG2$ + +# CloudLinux Specific checks +command[check_lvestats_procs]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 3: -a lvestats-server +command[check_cagefs_procs]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 1: -a cagefs.server +command[check_cloudlinux_agent_procs]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 1: -a app.js +command[check_apache_agent_procs]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -c 1: -a apache_agent_daemon -command[check_atomiadns]=/usr/lib/nagios/plugins/atomia/check_atomiadns.sh $ARG1$ http://localhost/atomiadns $ARG2$ $ARG3$ -command[check_domainreg]=/usr/lib/nagios/plugins/atomia/check_domainreg.sh $ARG1$ -command[check_glusterfs]=/usr/lib/nagios/plugins/atomia/check_glusterfs -v $ARG1$ -n $ARG2$ # The following examples allow user-supplied arguments and can # only be used if the NRPE daemon was compiled with support for # command arguments *AND* the dont_blame_nrpe directive in this # config file is set to '1'. This poses a potential security risk, so # make sure you read the SECURITY file before doing this. -command[check_users]=/usr/lib/nagios/plugins/check_users -w $ARG1$ -c $ARG2$ -command[check_load]=/usr/lib/nagios/plugins/check_load -w $ARG1$ -c $ARG2$ -command[check_disk]=/usr/lib/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$ -command[check_procs]=/usr/lib/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$ +command[check_users]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_users -w $ARG1$ -c $ARG2$ +command[check_load]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_load -w $ARG1$ -c $ARG2$ +command[check_disk]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$ +command[check_procs]=<%= $sudo %>/usr/<%= $libpath %>/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$ # # local configuration: @@ -245,4 +271,8 @@ include=/etc/nagios/nrpe_local.cfg # # you can place your config snipplets into nrpe.d/ # only snipplets ending in .cfg will get included +<% if @osfamily.downcase == 'redhat' %> +include_dir=/etc/nrpe.d/ +<% else %> include_dir=/etc/nagios/nrpe.d/ +<% end %> \ No newline at end of file