swedenconnect/eid-ops
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

removed nagios_monitor from cosmos-site.pp and nagiosapifrom nic.komreg.net

Browse source
This commit is contained in:
Maria Haider 2023-07-25 12:02:32 +02:00
parent fb7a69291f
commit 63bc7818ea
Signed by: mariah
GPG key ID: 7414A760CA747E57
2 changed files with 0 additions and 413 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
global/overlay/etc/puppet/cosmos-rules.yaml
View file

@ -643,7 +643,6 @@ nic.komreg.net:
eid::nagios_monitor:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
sunet::nagiosapi:
r1.komreg.net:
sunet_iaas_cloud:

412
global/overlay/etc/puppet/manifests/cosmos-site.pp
View file

@ -1076,418 +1076,6 @@ class nrpe {
}
}
class nagios_monitor {
$nrpe_clients = hiera_array('nrpe_clients',[]);
$allowed_hosts = join($nrpe_clients," ");
$web_admin_pw = safe_hiera('nagios_nagiosadmin_password');
$web_admin_user = 'nagiosadmin';
package { 'xsltproc': ensure => installed}
class { 'webserver': }
class { 'nagioscfg':
hostgroups => $::roles,
config => 'eid'
}
class {'nagioscfg::slack': domain => 'sunet.slack.com', token => safe_hiera('slack_token','') } ->
class {'nagioscfg::passive': enable_notifications => '0', obsess_over_services => '0', obsess_over_hosts => '0'}
sunet::misc::htpasswd_user { $web_admin_user :
filename => "/etc/nagios3/htpasswd.users",
password => $web_admin_pw,
group => 'www-data',
}
file {
'/root/MONITOR_WEB_PASSWORD':
content => sprintf("%s\n%s\n", $web_admin_user, $web_admin_pw),
group => 'root',
mode => '0600',
;
}
#definition for check_nrpe_1arg
file { '/etc/nagios-plugins/config/check_nrpe.cfg':
ensure => file,
mode => '0644',
content => template('eid/monitor/check_nrpe.cfg.erb'),
}
nagioscfg::slack::channel {'eln': } ->
nagioscfg::contactgroup {'alerts': } ->
nagioscfg::contact {'slack-alerts':
host_notification_commands => ['notify-host-to-slack-eln'],
service_notification_commands => ['notify-service-to-slack-eln'],
contact_groups => ['alerts']
}
nagioscfg::service {'service_ping':
hostgroup_name => ['all'],
description => 'PING',
check_command => 'check_ping!400.0,1%!500.0,2%',
contact_groups => ['alerts']
}
nagioscfg::service {'service_ssh':
hostgroup_name => ['jumphosts'],
description => 'SSH',
check_command => 'check_ssh_4_hostname',
contact_groups => ['alerts']
}
nagioscfg::service {'check_load':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_load',
description => 'System Load',
contact_groups => ['alerts']
}
nagioscfg::service {'check_users':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_users',
description => 'Active Users',
contact_groups => ['alerts']
}
nagioscfg::service {'check_zombie_procs':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_zombie_procs',
description => 'Zombie Processes',
contact_groups => ['alerts']
}
nagioscfg::service {'check_total_procs':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_total_procs_lax',
description => 'Total Processes',
contact_groups => ['alerts']
}
nagioscfg::service {'check_root':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_root',
description => 'Root Disk',
contact_groups => ['alerts']
}
nagioscfg::service {'check_boot':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_boot_15_5',
description => 'Boot Disk',
contact_groups => ['alerts']
}
nagioscfg::service {'check_var':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_var',
description => 'Var Disk',
contact_groups => ['alerts']
}
nagioscfg::service {'check_uptime':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_uptime',
description => 'Uptime',
contact_groups => ['alerts']
}
nagioscfg::service {'check_reboot':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_reboot',
description => 'Reboot Needed',
contact_groups => ['alerts']
}
nagioscfg::service {'check_memory':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_memory',
description => 'System Memory',
contact_groups => ['alerts']
}
nagioscfg::service {'check_entropy':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_entropy',
description => 'System Entropy',
contact_groups => ['alerts']
}
nagioscfg::service {'check_ntp_time':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_ntp_time',
description => 'System NTP Time',
contact_groups => ['alerts']
}
nagioscfg::service {'check_process_haveged':
hostgroup_name => ['entropyclient'],
check_command => 'check_nrpe_1arg!check_process_haveged',
description => 'haveged running',
contact_groups => ['alerts']
}
nagioscfg::service {'check_scriptherder':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_scriptherder',
description => 'Scriptherder Status',
contact_groups => ['alerts']
}
nagioscfg::service {'check_apt':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_apt',
description => 'Packages available for upgrade',
contact_groups => ['alerts']
}
nagioscfg::service {'metadata_aggregate_age':
hostgroup_name => ['md_publisher'],
check_command => 'check_nrpe_1arg!check_fileage_metadata_aggregate',
description => 'metadata aggregate age',
contact_groups => ['alerts']
}
nagioscfg::service {'mdsl_aggregate_age':
hostgroup_name => ['mdsl_publisher'],
check_command => 'check_nrpe_1arg!check_fileage_mdsl_aggregate',
description => 'mdsl aggregate age',
contact_groups => ['alerts']
}
nagioscfg::service {'mdsl_se_age':
hostgroup_name => ['mdsl_publisher'],
check_command => 'check_nrpe_1arg!check_fileage_mdsl_se',
description => 'mdsl se age',
contact_groups => ['alerts']
}
nagioscfg::service {'proxy_eidas_metadata_age':
hostgroup_name => ['proxy_eidas_metadata'],
check_command => 'check_nrpe_1arg!check_fileage_proxy_eidas_metadata',
description => 'proxy eidas metadata age',
contact_groups => ['alerts']
}
nagioscfg::service {'proxy_eidas_metadata_list_age':
hostgroup_name => ['proxy_eidas_metadata'],
check_command => 'check_nrpe_1arg!check_fileage_proxy_eidas_metadata_list',
description => 'proxy eidas metadata list age',
contact_groups => ['alerts']
}
nagioscfg::service {'check_eidas_health':
hostgroup_name => ['servicemonitor'],
check_command => 'check_nrpe_1arg!check_eidas_health',
description => 'eidas component healthcheck',
contact_groups => ['alerts']
}
nagioscfg::service {'check_needrestart':
hostgroup_name => ['nrpe'],
check_command => 'check_nrpe_1arg!check_needrestart',
description => 'Processes need restart',
contact_groups => ['alerts']
}
nagioscfg::service {'check_docker_containers':
hostgroup_name => ['fe_servers'],
check_command => 'check_nrpe_1arg!check_docker_containers',
description => 'Check Docker Containers',
contact_groups => ['alerts']
}
nagioscfg::command {'check_ssl_cert_3':
command_line => "/usr/lib/nagios/plugins/check_ssl_cert -A -H '\$HOSTNAME\$' -c '\$ARG2\$' -w '\$ARG1\$' -p '\$ARG3\$'"
}
nagioscfg::command {'check_ssl_cert_3_without_ocsp':
command_line => "/usr/lib/nagios/plugins/check_ssl_cert -A -H '\$HOSTNAME\$' --ignore-ocsp -c '\$ARG2\$' -w '\$ARG1\$' -p '\$ARG3\$'"
}
$public_hosts = ['proxy.eidas.swedenconnect.se','validator.swedenconnect.se','qa.demw.eidas.swedenconnect.se','demw.eidas.swedenconnect.se','api.swedenconnect.se','qa.test.swedenconnect.se','test.swedenconnect.se','qa.md.swedenconnect.se','md.swedenconnect.se','md.eidas.swedenconnect.se','qa.md.eidas.swedenconnect.se','qa.connector.eidas.swedenconnect.se','qa.proxy.eidas.swedenconnect.se','connector.eidas.swedenconnect.se','test.connector.eidas.swedenconnect.se','test.test.swedenconnect.se','test.proxy.eidas.swedenconnect.se','test.md.eidas.swedenconnect.se','test.md.swedenconnect.se','test.validator.swedenconnect.se']
nagioscfg::host {$public_hosts: }
nagioscfg::service {'check_public_ssl_cert':
host_name => $public_hosts,
check_command => 'check_ssl_cert_3!30!14!443',
description => 'check https certificate validity on port 443',
contact_groups => ['alerts']
}
nagioscfg::command {'check_ssl_cert_altname':
command_line => "/usr/lib/nagios/plugins/check_ssl_cert -n '\$ARG4\$' --altnames -H '\$HOSTNAME\$' --ignore-ocsp -c '\$ARG2\$' -w '\$ARG1\$' -p '\$ARG3\$'"
}
nagioscfg::host {'prid.sveidas.se': }
nagioscfg::service {'check_public_ssl_cert_altname':
host_name => ['prid.sveidas.se'],
check_command => 'check_ssl_cert_altname!30!14!443!prid.sveidas.se',
description => 'check https certificate validity on port 443 with SAN',
contact_groups => ['alerts']
}
$infra_hosts = ['prid-1.qa.sveidas.se','prid-1.sveidas.se,','prid-2.sveidas.se','prid.sveidas.se']
nagioscfg::service {'check_infra_ssl_cert':
host_name => $infra_hosts,
check_command => 'check_ssl_cert_3_without_ocsp!30!14!443',
description => 'check https infra certificate validity on port 443',
contact_groups => ['alerts']
}
nagioscfg::command {'check_website':
command_line => "/usr/lib/nagios/plugins/check_http -H '\$HOSTNAME\$' -S -u '\$ARG1\$'"
}
nagioscfg::service {'check_idp_metadata_eIDAS':
host_name => ['md.eidas.swedenconnect.se'],
check_command => 'check_website!https://md.eidas.swedenconnect.se/role/idp.xml',
description => 'check IdP metadata for eIDAS',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_idp_metadata_swedenconnect':
host_name => ['md.swedenconnect.se'],
check_command => 'check_website!https://md.swedenconnect.se/role/idp.xml/',
description => 'check IdP metadata for Sweden Connect',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_connector':
host_name => ['connector.eidas.swedenconnect.se'],
check_command => 'check_website!https://connector.eidas.swedenconnect.se/idp/metadata/sp',
description => 'check metadata for Sweden Connect',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_metadata_DE_middleware':
host_name => ['demw.eidas.swedenconnect.se'],
check_command => 'check_website!https://demw.eidas.swedenconnect.se/eidas-middleware/Metadata',
description => 'check metadata for DE middleware',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_metadata_proxy':
host_name => ['proxy.eidas.swedenconnect.se'],
check_command => 'check_website!https://proxy.eidas.swedenconnect.se/eidas-ps/ServiceMetadata',
description => 'check metadata for Proxy',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_api':
host_name => ['api.swedenconnect.se'],
check_command => 'check_website!https://api.swedenconnect.se/testid/',
description => 'check api',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_metadata_DE_middleware_QA':
host_name => ['qa.demw.eidas.swedenconnect.se'],
check_command => 'check_website!https://qa.demw.eidas.swedenconnect.se/eidas-middleware/Metadata',
description => 'check metadata for DE middleware QA',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_ref_idp':
host_name => ['qa.test.swedenconnect.se'],
check_command => 'check_website!https://qa.test.swedenconnect.se/idp/metadata/idp.xml',
description => 'check Reference IdP',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_mdservicelist_metadata_eIDAS_QA':
host_name => ['qa.md.eidas.swedenconnect.se'],
check_command => 'check_website!https://qa.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml/',
description => 'check MDSservicelist metadata for eIDAS',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_sp_metadata_swedenconnect_QA':
host_name => ['qa.md.swedenconnect.se'],
check_command => 'check_website!https://qa.md.swedenconnect.se/role/sp.xml/',
description => 'check SP metadata for Sweden Connect',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_connector_QA':
host_name => ['qa.connector.eidas.swedenconnect.se'],
check_command => 'check_website!https://qa.connector.eidas.swedenconnect.se/idp/metadata/sp',
description => 'check metadata for Sweden Connect',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_metadata_proxy_QA':
host_name => ['qa.proxy.eidas.swedenconnect.se'],
check_command => 'check_website!https://qa.proxy.eidas.swedenconnect.se/eidas-ps/ServiceMetadata',
description => 'check metadata for Proxy',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_ref_idp_test':
host_name => ['test.test.swedenconnect.se'],
check_command => 'check_website!https://test.test.swedenconnect.se/idp/metadata/idp.xml',
description => 'check Reference IdP',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_mdservicelist_metadata_eIDAS_Test':
host_name => ['test.md.eidas.swedenconnect.se'],
check_command => 'check_website!https://test.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml/',
description => 'check MDSservicelist metadata for eIDAS',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_sp_metadata_swedenconnect_Test':
host_name => ['test.md.swedenconnect.se'],
check_command => 'check_website!https://test.md.swedenconnect.se/role/sp.xml/',
description => 'check SP metadata for Sweden Connect',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_connector_Test':
host_name => ['test.connector.eidas.swedenconnect.se'],
check_command => 'check_website!https://test.connector.eidas.swedenconnect.se/idp/metadata/sp',
description => 'check metadata for Sweden Connect',
contact_groups => ['alerts'],
}
nagioscfg::service {'check_metadata_proxy_Test':
host_name => ['test.proxy.eidas.swedenconnect.se'],
check_command => 'check_website!https://test.proxy.eidas.swedenconnect.se/eidas-ps/ServiceMetadata',
description => 'check metadata for Proxy',
contact_groups => ['alerts'],
}
nagioscfg::command {'check_country_count':
command_line => "/usr/lib/nagios/plugins/check_eidas_country_count.sh '\$ARG1\$' '\$ARG2\$' '\$ARG3\$' '\$ARG4\$'"
}
#Commented out in relation to SC-1468
# nagioscfg::service {'check_country_eIDAS_QA':
# host_name => ['qa.md.eidas.swedenconnect.se'],
# check_command => 'check_country_count!qa.md.eidas.swedenconnect.se!PT LU IT ES HR LV DE EE BE IS XB CY PL SK LT NO DK CZ SE EL XA MT SI!1!3',
# description => 'check number of countries in eIDAS QA',
# contact_groups => ['alerts'],
# }
nagioscfg::service {'check_country_eIDAS':
host_name => ['md.eidas.swedenconnect.se'],
check_command => 'check_country_count!md.eidas.swedenconnect.se!LU IT ES HR DE EE BE PT SK CZ LV!1!3',
description => 'check number of countries in eIDAS',
contact_groups => ['alerts'],
}
nagioscfg::command {'check_eidastest_qa':
command_line => "/usr/lib/nagios/plugins/check_eidastest_qa.sh"
}
nagioscfg::service {'check_eidastest_qa':
host_name => ['localhost'],
check_command => 'check_eidastest_qa',
description => 'check test countires in QA',
contact_groups => ['alerts'],
}
nagioscfg::command {'check_eidastest_prod':
command_line => "/usr/lib/nagios/plugins/check_eidastest_prod.sh"
}
nagioscfg::service {'check_eidastest_prod':
host_name => ['localhost'],
check_command => 'check_eidastest_prod',
description => 'check test countires in Production',
contact_groups => ['alerts'],
}
nagioscfg::command {'check_metadata_age':
command_line => "/usr/lib/nagios/plugins/check_eidas_metadata_age.sh '\$ARG1\$' '\$ARG2\$' '\$ARG3\$'"
}
$hosts_md = ['qa.md.swedenconnect.se', 'md.swedenconnect.se', 'test.md.swedenconnect.se']
$hosts_md.each |$host|{
nagioscfg::service {"check_metadata_age_${host}":
host_name => ["${host}"],
check_command => "check_metadata_age!https://${host}/entities/!691200!172800",
description => "check metadata age for ${host}",
contact_groups => ['alerts'],
}
}
$hosts_md_eidas = ['md.eidas.swedenconnect.se', 'qa.md.eidas.swedenconnect.se', 'test.md.eidas.swedenconnect.se']
$hosts_md_eidas.each |$host|{
nagioscfg::service {"check_metadata_age_${host}":
host_name => ["${host}"],
check_command => "check_metadata_age!https://${host}/entities/!432000!86400",
description => "check metadata age for ${host}",
contact_groups => ['alerts'],
}
}
$hosts_proxy = ['proxy.eidas.swedenconnect.se', 'qa.proxy.eidas.swedenconnect.se', 'test.proxy.eidas.swedenconnect.se']
$hosts_proxy.each |$host|{
nagioscfg::service {"check_metadata_age_${host}":
host_name => ["${host}"],
check_command => "check_metadata_age!https://${host}/eidas-ps/ServiceMetadata/!432000!86400",
description => "check metadata age for ${host}",
contact_groups => ['alerts'],
}
}
$hosts_demw = ['demw.eidas.swedenconnect.se', 'qa.demw.eidas.swedenconnect.se']
$hosts_demw.each |$host|{
nagioscfg::service {"check_metadata_age_${host}":
host_name => ["${host}"],
check_command => "check_metadata_age!https://${host}/eidas-middleware/Metadata/!432000!86400",
description => "check metadata age for ${host}",
contact_groups => ['alerts'],
}
}
$hosts_connector = ['connector.eidas.swedenconnect.se', 'qa.connector.eidas.swedenconnect.se', 'test.connector.eidas.swedenconnect.se']
$hosts_connector.each |$host|{
nagioscfg::service {"check_metadata_age_${host}":
host_name => ["${host}"],
check_command => "check_metadata_age!https://${host}/idp/metadata/sp/!432000!86400",
description => "check metadata age for ${host}",
contact_groups => ['alerts'],
}
}
}
class redis_cluster_node {
file { '/opt/redis': ensure => directory }
sysctl { 'vm.overcommit_memory': value => '1' }