From 63bc7818ea1625e9ccbeda6a51ff6fa0bffe7f78 Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Tue, 25 Jul 2023 12:02:32 +0200 Subject: [PATCH] removed nagios_monitor from cosmos-site.pp and nagiosapifrom nic.komreg.net --- global/overlay/etc/puppet/cosmos-rules.yaml | 1 - .../etc/puppet/manifests/cosmos-site.pp | 412 ------------------ 2 files changed, 413 deletions(-) diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml index e7aee5c8..2593377f 100644 --- a/global/overlay/etc/puppet/cosmos-rules.yaml +++ b/global/overlay/etc/puppet/cosmos-rules.yaml @@ -643,7 +643,6 @@ nic.komreg.net: eid::nagios_monitor: eid::dockerhost: version: '5:23.0.6-1~ubuntu.20.04~focal' - sunet::nagiosapi: r1.komreg.net: sunet_iaas_cloud: diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index c13c2512..0f0703b1 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -1076,418 +1076,6 @@ class nrpe { } } -class nagios_monitor { - $nrpe_clients = hiera_array('nrpe_clients',[]); - $allowed_hosts = join($nrpe_clients," "); - $web_admin_pw = safe_hiera('nagios_nagiosadmin_password'); - $web_admin_user = 'nagiosadmin'; - - package { 'xsltproc': ensure => installed} - - class { 'webserver': } - class { 'nagioscfg': - hostgroups => $::roles, - config => 'eid' - } - class {'nagioscfg::slack': domain => 'sunet.slack.com', token => safe_hiera('slack_token','') } -> - class {'nagioscfg::passive': enable_notifications => '0', obsess_over_services => '0', obsess_over_hosts => '0'} - - sunet::misc::htpasswd_user { $web_admin_user : - filename => "/etc/nagios3/htpasswd.users", - password => $web_admin_pw, - group => 'www-data', - } - - file { - '/root/MONITOR_WEB_PASSWORD': - content => sprintf("%s\n%s\n", $web_admin_user, $web_admin_pw), - group => 'root', - mode => '0600', - ; - } - #definition for check_nrpe_1arg - file { '/etc/nagios-plugins/config/check_nrpe.cfg': - ensure => file, - mode => '0644', - content => template('eid/monitor/check_nrpe.cfg.erb'), - } - nagioscfg::slack::channel {'eln': } -> - nagioscfg::contactgroup {'alerts': } -> - nagioscfg::contact {'slack-alerts': - host_notification_commands => ['notify-host-to-slack-eln'], - service_notification_commands => ['notify-service-to-slack-eln'], - contact_groups => ['alerts'] - } - nagioscfg::service {'service_ping': - hostgroup_name => ['all'], - description => 'PING', - check_command => 'check_ping!400.0,1%!500.0,2%', - contact_groups => ['alerts'] - } - nagioscfg::service {'service_ssh': - hostgroup_name => ['jumphosts'], - description => 'SSH', - check_command => 'check_ssh_4_hostname', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_load': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_load', - description => 'System Load', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_users': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_users', - description => 'Active Users', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_zombie_procs': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_zombie_procs', - description => 'Zombie Processes', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_total_procs': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_total_procs_lax', - description => 'Total Processes', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_root': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_root', - description => 'Root Disk', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_boot': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_boot_15_5', - description => 'Boot Disk', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_var': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_var', - description => 'Var Disk', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_uptime': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_uptime', - description => 'Uptime', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_reboot': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_reboot', - description => 'Reboot Needed', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_memory': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_memory', - description => 'System Memory', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_entropy': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_entropy', - description => 'System Entropy', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_ntp_time': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_ntp_time', - description => 'System NTP Time', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_process_haveged': - hostgroup_name => ['entropyclient'], - check_command => 'check_nrpe_1arg!check_process_haveged', - description => 'haveged running', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_scriptherder': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_scriptherder', - description => 'Scriptherder Status', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_apt': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_apt', - description => 'Packages available for upgrade', - contact_groups => ['alerts'] - } - nagioscfg::service {'metadata_aggregate_age': - hostgroup_name => ['md_publisher'], - check_command => 'check_nrpe_1arg!check_fileage_metadata_aggregate', - description => 'metadata aggregate age', - contact_groups => ['alerts'] - } - nagioscfg::service {'mdsl_aggregate_age': - hostgroup_name => ['mdsl_publisher'], - check_command => 'check_nrpe_1arg!check_fileage_mdsl_aggregate', - description => 'mdsl aggregate age', - contact_groups => ['alerts'] - } - nagioscfg::service {'mdsl_se_age': - hostgroup_name => ['mdsl_publisher'], - check_command => 'check_nrpe_1arg!check_fileage_mdsl_se', - description => 'mdsl se age', - contact_groups => ['alerts'] - } - nagioscfg::service {'proxy_eidas_metadata_age': - hostgroup_name => ['proxy_eidas_metadata'], - check_command => 'check_nrpe_1arg!check_fileage_proxy_eidas_metadata', - description => 'proxy eidas metadata age', - contact_groups => ['alerts'] - } - nagioscfg::service {'proxy_eidas_metadata_list_age': - hostgroup_name => ['proxy_eidas_metadata'], - check_command => 'check_nrpe_1arg!check_fileage_proxy_eidas_metadata_list', - description => 'proxy eidas metadata list age', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_eidas_health': - hostgroup_name => ['servicemonitor'], - check_command => 'check_nrpe_1arg!check_eidas_health', - description => 'eidas component healthcheck', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_needrestart': - hostgroup_name => ['nrpe'], - check_command => 'check_nrpe_1arg!check_needrestart', - description => 'Processes need restart', - contact_groups => ['alerts'] - } - nagioscfg::service {'check_docker_containers': - hostgroup_name => ['fe_servers'], - check_command => 'check_nrpe_1arg!check_docker_containers', - description => 'Check Docker Containers', - contact_groups => ['alerts'] - } - nagioscfg::command {'check_ssl_cert_3': - command_line => "/usr/lib/nagios/plugins/check_ssl_cert -A -H '\$HOSTNAME\$' -c '\$ARG2\$' -w '\$ARG1\$' -p '\$ARG3\$'" - } - nagioscfg::command {'check_ssl_cert_3_without_ocsp': - command_line => "/usr/lib/nagios/plugins/check_ssl_cert -A -H '\$HOSTNAME\$' --ignore-ocsp -c '\$ARG2\$' -w '\$ARG1\$' -p '\$ARG3\$'" - } - $public_hosts = ['proxy.eidas.swedenconnect.se','validator.swedenconnect.se','qa.demw.eidas.swedenconnect.se','demw.eidas.swedenconnect.se','api.swedenconnect.se','qa.test.swedenconnect.se','test.swedenconnect.se','qa.md.swedenconnect.se','md.swedenconnect.se','md.eidas.swedenconnect.se','qa.md.eidas.swedenconnect.se','qa.connector.eidas.swedenconnect.se','qa.proxy.eidas.swedenconnect.se','connector.eidas.swedenconnect.se','test.connector.eidas.swedenconnect.se','test.test.swedenconnect.se','test.proxy.eidas.swedenconnect.se','test.md.eidas.swedenconnect.se','test.md.swedenconnect.se','test.validator.swedenconnect.se'] - nagioscfg::host {$public_hosts: } - nagioscfg::service {'check_public_ssl_cert': - host_name => $public_hosts, - check_command => 'check_ssl_cert_3!30!14!443', - description => 'check https certificate validity on port 443', - contact_groups => ['alerts'] - } - nagioscfg::command {'check_ssl_cert_altname': - command_line => "/usr/lib/nagios/plugins/check_ssl_cert -n '\$ARG4\$' --altnames -H '\$HOSTNAME\$' --ignore-ocsp -c '\$ARG2\$' -w '\$ARG1\$' -p '\$ARG3\$'" - } - nagioscfg::host {'prid.sveidas.se': } - nagioscfg::service {'check_public_ssl_cert_altname': - host_name => ['prid.sveidas.se'], - check_command => 'check_ssl_cert_altname!30!14!443!prid.sveidas.se', - description => 'check https certificate validity on port 443 with SAN', - contact_groups => ['alerts'] - } - $infra_hosts = ['prid-1.qa.sveidas.se','prid-1.sveidas.se,','prid-2.sveidas.se','prid.sveidas.se'] - nagioscfg::service {'check_infra_ssl_cert': - host_name => $infra_hosts, - check_command => 'check_ssl_cert_3_without_ocsp!30!14!443', - description => 'check https infra certificate validity on port 443', - contact_groups => ['alerts'] - } - nagioscfg::command {'check_website': - command_line => "/usr/lib/nagios/plugins/check_http -H '\$HOSTNAME\$' -S -u '\$ARG1\$'" - } - nagioscfg::service {'check_idp_metadata_eIDAS': - host_name => ['md.eidas.swedenconnect.se'], - check_command => 'check_website!https://md.eidas.swedenconnect.se/role/idp.xml', - description => 'check IdP metadata for eIDAS', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_idp_metadata_swedenconnect': - host_name => ['md.swedenconnect.se'], - check_command => 'check_website!https://md.swedenconnect.se/role/idp.xml/', - description => 'check IdP metadata for Sweden Connect', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_connector': - host_name => ['connector.eidas.swedenconnect.se'], - check_command => 'check_website!https://connector.eidas.swedenconnect.se/idp/metadata/sp', - description => 'check metadata for Sweden Connect', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_metadata_DE_middleware': - host_name => ['demw.eidas.swedenconnect.se'], - check_command => 'check_website!https://demw.eidas.swedenconnect.se/eidas-middleware/Metadata', - description => 'check metadata for DE middleware', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_metadata_proxy': - host_name => ['proxy.eidas.swedenconnect.se'], - check_command => 'check_website!https://proxy.eidas.swedenconnect.se/eidas-ps/ServiceMetadata', - description => 'check metadata for Proxy', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_api': - host_name => ['api.swedenconnect.se'], - check_command => 'check_website!https://api.swedenconnect.se/testid/', - description => 'check api', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_metadata_DE_middleware_QA': - host_name => ['qa.demw.eidas.swedenconnect.se'], - check_command => 'check_website!https://qa.demw.eidas.swedenconnect.se/eidas-middleware/Metadata', - description => 'check metadata for DE middleware QA', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_ref_idp': - host_name => ['qa.test.swedenconnect.se'], - check_command => 'check_website!https://qa.test.swedenconnect.se/idp/metadata/idp.xml', - description => 'check Reference IdP', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_mdservicelist_metadata_eIDAS_QA': - host_name => ['qa.md.eidas.swedenconnect.se'], - check_command => 'check_website!https://qa.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml/', - description => 'check MDSservicelist metadata for eIDAS', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_sp_metadata_swedenconnect_QA': - host_name => ['qa.md.swedenconnect.se'], - check_command => 'check_website!https://qa.md.swedenconnect.se/role/sp.xml/', - description => 'check SP metadata for Sweden Connect', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_connector_QA': - host_name => ['qa.connector.eidas.swedenconnect.se'], - check_command => 'check_website!https://qa.connector.eidas.swedenconnect.se/idp/metadata/sp', - description => 'check metadata for Sweden Connect', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_metadata_proxy_QA': - host_name => ['qa.proxy.eidas.swedenconnect.se'], - check_command => 'check_website!https://qa.proxy.eidas.swedenconnect.se/eidas-ps/ServiceMetadata', - description => 'check metadata for Proxy', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_ref_idp_test': - host_name => ['test.test.swedenconnect.se'], - check_command => 'check_website!https://test.test.swedenconnect.se/idp/metadata/idp.xml', - description => 'check Reference IdP', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_mdservicelist_metadata_eIDAS_Test': - host_name => ['test.md.eidas.swedenconnect.se'], - check_command => 'check_website!https://test.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml/', - description => 'check MDSservicelist metadata for eIDAS', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_sp_metadata_swedenconnect_Test': - host_name => ['test.md.swedenconnect.se'], - check_command => 'check_website!https://test.md.swedenconnect.se/role/sp.xml/', - description => 'check SP metadata for Sweden Connect', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_connector_Test': - host_name => ['test.connector.eidas.swedenconnect.se'], - check_command => 'check_website!https://test.connector.eidas.swedenconnect.se/idp/metadata/sp', - description => 'check metadata for Sweden Connect', - contact_groups => ['alerts'], - } - nagioscfg::service {'check_metadata_proxy_Test': - host_name => ['test.proxy.eidas.swedenconnect.se'], - check_command => 'check_website!https://test.proxy.eidas.swedenconnect.se/eidas-ps/ServiceMetadata', - description => 'check metadata for Proxy', - contact_groups => ['alerts'], - } - nagioscfg::command {'check_country_count': - command_line => "/usr/lib/nagios/plugins/check_eidas_country_count.sh '\$ARG1\$' '\$ARG2\$' '\$ARG3\$' '\$ARG4\$'" - } -#Commented out in relation to SC-1468 -# nagioscfg::service {'check_country_eIDAS_QA': -# host_name => ['qa.md.eidas.swedenconnect.se'], -# check_command => 'check_country_count!qa.md.eidas.swedenconnect.se!PT LU IT ES HR LV DE EE BE IS XB CY PL SK LT NO DK CZ SE EL XA MT SI!1!3', -# description => 'check number of countries in eIDAS QA', -# contact_groups => ['alerts'], -# } - nagioscfg::service {'check_country_eIDAS': - host_name => ['md.eidas.swedenconnect.se'], - check_command => 'check_country_count!md.eidas.swedenconnect.se!LU IT ES HR DE EE BE PT SK CZ LV!1!3', - description => 'check number of countries in eIDAS', - contact_groups => ['alerts'], - } - nagioscfg::command {'check_eidastest_qa': - command_line => "/usr/lib/nagios/plugins/check_eidastest_qa.sh" - } - nagioscfg::service {'check_eidastest_qa': - host_name => ['localhost'], - check_command => 'check_eidastest_qa', - description => 'check test countires in QA', - contact_groups => ['alerts'], - } - nagioscfg::command {'check_eidastest_prod': - command_line => "/usr/lib/nagios/plugins/check_eidastest_prod.sh" - } - nagioscfg::service {'check_eidastest_prod': - host_name => ['localhost'], - check_command => 'check_eidastest_prod', - description => 'check test countires in Production', - contact_groups => ['alerts'], - } - nagioscfg::command {'check_metadata_age': - command_line => "/usr/lib/nagios/plugins/check_eidas_metadata_age.sh '\$ARG1\$' '\$ARG2\$' '\$ARG3\$'" - } - $hosts_md = ['qa.md.swedenconnect.se', 'md.swedenconnect.se', 'test.md.swedenconnect.se'] - $hosts_md.each |$host|{ - nagioscfg::service {"check_metadata_age_${host}": - host_name => ["${host}"], - check_command => "check_metadata_age!https://${host}/entities/!691200!172800", - description => "check metadata age for ${host}", - contact_groups => ['alerts'], - } - } - $hosts_md_eidas = ['md.eidas.swedenconnect.se', 'qa.md.eidas.swedenconnect.se', 'test.md.eidas.swedenconnect.se'] - $hosts_md_eidas.each |$host|{ - nagioscfg::service {"check_metadata_age_${host}": - host_name => ["${host}"], - check_command => "check_metadata_age!https://${host}/entities/!432000!86400", - description => "check metadata age for ${host}", - contact_groups => ['alerts'], - } - } - $hosts_proxy = ['proxy.eidas.swedenconnect.se', 'qa.proxy.eidas.swedenconnect.se', 'test.proxy.eidas.swedenconnect.se'] - $hosts_proxy.each |$host|{ - nagioscfg::service {"check_metadata_age_${host}": - host_name => ["${host}"], - check_command => "check_metadata_age!https://${host}/eidas-ps/ServiceMetadata/!432000!86400", - description => "check metadata age for ${host}", - contact_groups => ['alerts'], - } - } - $hosts_demw = ['demw.eidas.swedenconnect.se', 'qa.demw.eidas.swedenconnect.se'] - $hosts_demw.each |$host|{ - nagioscfg::service {"check_metadata_age_${host}": - host_name => ["${host}"], - check_command => "check_metadata_age!https://${host}/eidas-middleware/Metadata/!432000!86400", - description => "check metadata age for ${host}", - contact_groups => ['alerts'], - } - } - $hosts_connector = ['connector.eidas.swedenconnect.se', 'qa.connector.eidas.swedenconnect.se', 'test.connector.eidas.swedenconnect.se'] - $hosts_connector.each |$host|{ - nagioscfg::service {"check_metadata_age_${host}": - host_name => ["${host}"], - check_command => "check_metadata_age!https://${host}/idp/metadata/sp/!432000!86400", - description => "check metadata age for ${host}", - contact_groups => ['alerts'], - } - } -} - class redis_cluster_node { file { '/opt/redis': ensure => directory } sysctl { 'vm.overcommit_memory': value => '1' }