/ansible-jenkins-showcase

Permalink
Switch branches/tags
Nothing to show
Find file
ansible-jenkins-showcase/group_vars/all.yaml
Fetching contributors…
Cannot retrieve contributors at this time
Raw Blame History
732 lines (674 sloc) 40.4 KB
# vim: ft=yaml:foldmethod=indent:foldenable
#
#
# the 'env' root, it the base for the config of our infrastructure.
# Below the root 'env', we have a set of 'environments' (vagrant, dev, qa, prod)
# each with a specific set of parameters.
#
env:
# in order to keep the settings DRY, we define an environment called 'default'
# containing all the settings that will eventually be applied to all
# environments.
# Then in each 'environment' block, we override, rewrite, append additional
# key:values as required.
# YAML anchors/aliases are quite useful here, as they allow manipulation of
# inner dictionary structures with some flexibility.
default: &env_defaults
# the ssh block contains the private, public and authorized_keys
# to be deployed to the servers.
# Ideally we'd like to use Vault or another sort of encryption method
# to store this.
# But for our purpose of just showcasing ansible, jenkins and zabbix,
# we'll just stick them in clear text in here.
ssh:
ssh_keys:
# the Azulinho.azulinho-ssh.keys role will check the hostgroup name
# and if it matches an entry in this dictionary, then it will deploy
# the ssh key pairs from this file.
#
- { hostgroup: 'jenkins_servers',
owner: 'jenkins',
path: '/var/lib/jenkins/.ssh/id_rsa',
contents: [
'-----BEGIN RSA PRIVATE KEY-----',
'MIIEogIBAAKCAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzI',
'w+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoP',
'kcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2',
'hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NO',
'Td0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcW',
'yLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQIBIwKCAQEA4iqWPJXtzZA68mKd',
'ELs4jJsdyky+ewdZeNds5tjcnHU5zUYE25K+ffJED9qUWICcLZDc81TGWjHyAqD1',
'Bw7XpgUwFgeUJwUlzQurAv+/ySnxiwuaGJfhFM1CaQHzfXphgVml+fZUvnJUTvzf',
'TK2Lg6EdbUE9TarUlBf/xPfuEhMSlIE5keb/Zz3/LUlRg8yDqz5w+QWVJ4utnKnK',
'iqwZN0mwpwU7YSyJhlT4YV1F3n4YjLswM5wJs2oqm0jssQu/BT0tyEXNDYBLEF4A',
'sClaWuSJ2kjq7KhrrYXzagqhnSei9ODYFShJu8UWVec3Ihb5ZXlzO6vdNQ1J9Xsf',
'4m+2ywKBgQD6qFxx/Rv9CNN96l/4rb14HKirC2o/orApiHmHDsURs5rUKDx0f9iP',
'cXN7S1uePXuJRK/5hsubaOCx3Owd2u9gD6Oq0CsMkE4CUSiJcYrMANtx54cGH7Rk',
'EjFZxK8xAv1ldELEyxrFqkbE4BKd8QOt414qjvTGyAK+OLD3M2QdCQKBgQDtx8pN',
'CAxR7yhHbIWT1AH66+XWN8bXq7l3RO/ukeaci98JfkbkxURZhtxV/HHuvUhnPLdX',
'3TwygPBYZFNo4pzVEhzWoTtnEtrFueKxyc3+LjZpuo+mBlQ6ORtfgkr9gBVphXZG',
'YEzkCD3lVdl8L4cw9BVpKrJCs1c5taGjDgdInQKBgHm/fVvv96bJxc9x1tffXAcj',
'3OVdUN0UgXNCSaf/3A/phbeBQe9xS+3mpc4r6qvx+iy69mNBeNZ0xOitIjpjBo2+',
'dBEjSBwLk5q5tJqHmy/jKMJL4n9ROlx93XS+njxgibTvU6Fp9w+NOFD/HvxB3Tcz',
'6+jJF85D5BNAG3DBMKBjAoGBAOAxZvgsKN+JuENXsST7F89Tck2iTcQIT8g5rwWC',
'P9Vt74yboe2kDT531w8+egz7nAmRBKNM751U/95P9t88EDacDI/Z2OwnuFQHCPDF',
'llYOUI+SpLJ6/vURRbHSnnn8a/XG+nzedGH5JGqEJNQsz+xT2axM0/W/CRknmGaJ',
'kda/AoGANWrLCz708y7VYgAtW2Uf1DPOIYMdvo6fxIB5i9ZfISgcJ/bbCUkFrhoH',
'+vq/5CIWxCPp0f85R4qxxQ5ihxJ0YDQT9Jpx4TMss4PSavPaBH3RXow5Ohe+bYoQ',
'NE5OgEXk2wVfZczCZpigBKbKZHNYcelXtTt/nP3rsCuGcM4h53s=',
'-----END RSA PRIVATE KEY-----'
]
}
- { hostgroup: 'jenkins_servers',
owner: 'jenkins',
path: '/var/lib/jenkins/.ssh/id_rsa.pub',
contents: [
'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key'
]
}
- { hostgroup: 'zabbix_servers',
owner: 'root',
path: '/root/.ssh/authorized_keys',
contents: "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
}
# the jenkins block, contains the full set of configs for the jenkins box
# including: jenkins version, installing plugins, defined views, jobs to
# configure, pipelines to build, and jobs to be automatically built at
# the end of the playbook
jenkins:
version: 1.592-1.1
dest: /opt/jenkins
lib: /var/lib/jenkins
port: 8080
prefix: /jenkins
cli_dest: '/opt/jenkins/jenkins-cli.jar' # Jenkins CLI destination
updates_dest: '/opt/jenkins/updates_jenkins.json' # Jenkins updates file
# list of jenkins plugins to be installed on the jenkins box
plugins: [
{ name: 'ruby-runtime', version: '0.12'},
{ name: 'antisamy-markup-formatter', version: '1.3'},
{ name: 'github-api', version: '1.59'},
{ name: 'ansicolor', version: '0.4.0'},
{ name: 'external-monitor-job', version: '1.4'},
{ name: 'build-with-parameters', version: '1.3'},
{ name: 'pam-auth', version: '1.2'},
{ name: 'delivery-pipeline-plugin', version: '0.8.7'},
{ name: 'mailer', version: '1.12'},
{ name: 'junit', version: '1.3'},
{ name: 'locks-and-latches', version: '0.6'},
{ name: 'cvs', version: '2.12'},
{ name: 'github', version: '1.10'},
{ name: 'ldap', version: '1.11'},
{ name: 'jquery', version: '1.7.2-1'},
{ name: 'windows-slaves', version: '1.0'},
{ name: 'timestamper', version: '1.5.14'},
{ name: 'mapdb-api', version: '1.0.6.0'},
{ name: 'config-autorefresh-plugin', version: '1.0'},
{ name: 'ant', version: '1.2'},
{ name: 'publish-over-ssh', version: '1.12'},
{ name: 'scm-api', version: '0.2'},
{ name: 'multiple-scms', version: '0.3'},
{ name: 'buildgraph-view', version: '1.1.1'},
{ name: 'ssh-credentials', version: '1.10'},
{ name: 'log-parser', version: '1.0.8'},
{ name: 'show-build-parameters', version: '1.0'},
{ name: 'ci-game', version: '1.20'},
{ name: 'naginator', version: '1.13'},
{ name: 'jobConfigHistory', version: '2.10'},
{ name: 'javadoc', version: '1.3'},
{ name: 'throttle-concurrents', version: '1.8.4'},
{ name: 'build-flow-plugin', version: '0.17'},
{ name: 'copyartifact', version: '1.32.1'},
{ name: 'mask-passwords', version: '2.7.2'},
{ name: 'token-macro', version: '1.10'},
{ name: 'envinject', version: '1.90'},
{ name: 'analysis-core', version: '1.65'},
{ name: 'flexible-publish', version: '0.13'},
{ name: 'greenballs', version: '1.14'},
{ name: 'build-pipeline-plugin', version: '1.4.5'},
{ name: 'maven-plugin', version: '2.8'},
{ name: 'ssh-slaves', version: '1.9'},
{ name: 'matrix-project', version: '1.4'},
{ name: 'git', version: '2.3.1'},
{ name: 'git-client', version: '1.12.0'},
{ name: 'credentials', version: '1.18'},
{ name: 'gitlab-hook', version: '1.1.0'},
{ name: 'matrix-auth', version: '1.2'},
{ name: 'run-condition', version: '1.0'},
{ name: 'ssh-agent', version: '1.5'},
{ name: 'github-oauth', version: '0.20'},
{ name: 'rebuild', version: '1.22'},
{ name: 'configurationslicing', version: '1.40'},
{ name: 'parameterized-trigger', version: '2.25'},
{ name: 'build-timeout', version: '1.14'},
{ name: 'job-dsl', version: '1.26'},
{ name: 'subversion', version: '2.4.5'},
{ name: 'job-log-logger-plugin', version: '1.0'},
{ name: 'translation', version: '1.12'} ]
# the jenkins/jobs block defines all the jobs that will be configured
# in jenkins. There are two main structures here that can be used to
# define jobs. 'jinja2' and 'job_builder'
#
# jobs defined under the 'jinja2' block will be configured using xml
# templating from jinja2.
# the role Azulinho.azulinho-jenkins-reconfigure-jobs-using-jinja2 takes
# care of deploying those jobs. Its fairly easy to extend allowing it to
# support pretty much any value in the jenkins job XML.
#
# jobs defined under the 'job_builder' block will be configured using
# the python tool jenkins-job-builder, the YAML configuration here
# matches what is supported by that tool.
#
jobs:
# list of jobs defined in jinja2
#
jinja2:
# jinja2_base_template is used to set common options that can be
# re-used by other jobs.
# lets use yaml aliases as much as possible here.
# and then consume those aliases in other job definitions.
#
jinja2_base_template:
options: &base_template_options { disabled: false,
concurrentbuild: false }
buildWrappers: &base_template_wrappers
- &BuildTimeOutWrapper_defaults { type: 'BuildTimeoutWrapper',
timeoutMinutes: 60,
strategy: 'AbsoluteTimeOutStrategy',
failBuild: true,
writingDescription: false }
- &TimeStamper_defaults { type: 'Timestamper',
options: none }
- &AnsiColor_defaults { type: 'AnsiColor',
colorMapName: xterm }
# jinja2_deploy_template is an example of how we could define
# a template for a generic deploy job
jinja2_deploy_template:
options: &deploy_template_options { disabled: false,
blocks: [ 'downstream',
'upstream' ],
concurrentbuild: true }
builders:
- { type: 'shell',
command_lines: [
"#!/bin/bash",
"./deploy-my-app.sh" ]}
# jinja2_exmples1,2,3,4,5 show how to consume aliases from the
# template jobs, and override or extend additional properties in the
# job.
#
# these are shown in two different formats
# jobs 1,2 broken down which should fit into a 80 char wide window.
#
# and jobs 3,4,5 are configured into a single line each,
# which is meant to represent how very similar jobs
# could be grouped so it becames easier to make edits and
# check for differences in the yaml file.
#
jinja2_example1:
options: *deploy_template_options
parameters:
- { name: "PARAMETER1",
type: 'string',
description: "PARAMETER 1",
default: "all" }
builders:
- { type: 'shell',
command_lines: [
"#!/bin/bash",
"echo deploy_job1" ]}
buildWrappers: *base_template_wrappers
publishers:
- { type: 'parametrizedTrigger',
projects: ['deploy_job2'],
condition: 'success',
parameters: ['VAR1=var1', 'VAR2=var2'],
triggerWithNoParameters: false }
jinja2_example2:
options: *deploy_template_options
builders:
- { type: 'shell',
command_lines: [
"#!/bin/bash",
"echo deploy_job2" ]}
buildWrappers: [ *BuildTimeOutWrapper_defaults,
*TimeStamper_defaults,
*AnsiColor_defaults ]
publishers:
- { type: 'parametrizedTrigger',
projects: ['deploy_job3'],
condition: 'success',
parameters: ['VAR1=var1', 'VAR2=var2'],
triggerWithNoParameters: false }
# by setting similar job definitions in a horizontal layout, we can
# quickly look for differences in what could be similar jobs with
# minor differences between them.
#
jinja2_example3: { options: *deploy_template_options, builders: [ { type: 'shell', command_lines: [ "#!/bin/bash", "echo deploy_job3" ]} ], buildWrappers: *base_template_wrappers , publishers: [ {type: 'parametrizedTrigger', projects: ['deploy_job4']} ] }
jinja2_example4: { options: *deploy_template_options, builders: [ { type: 'shell', command_lines: [ "#!/bin/bash", "echo deploy_job4" ]} ], buildWrappers: *base_template_wrappers , publishers: [ {type: 'parametrizedTrigger', projects: ['deploy_job5']} ]}
jinja2_example5: { options: *deploy_template_options, builders: [ { type: 'shell', command_lines: [ "#!/bin/bash", "echo deploy_job5" ]} ], buildWrappers: *base_template_wrappers , publishers: [ {type: 'parametrizedTrigger', projects: ['deploy_job6']} ]}
jinja2_example6: { options: *deploy_template_options, builders: [ { type: 'shell', command_lines: [ "#!/bin/bash", "echo deploy_job6" ]} ], buildWrappers: *base_template_wrappers }
# jinja2_run_ansible, is the base template job for executing
# ansible playbooks on other hosts.
# it can be executed directly from the jenkins interface, by selecting
# the playbook to execute, and the rest of options to give to ansible.
#
# the options and blocks in this job, will also be re-used in other
# jobs definitions as a common starting point.
#
jinja2_run_ansible: &jinja2_run_ansible
description: "Executes Ansible"
options: { disabled: false,
blocks: [ 'downstream', 'upstream' ],
concurrentbuild: true }
parameters: &jinja2_run_ansible_parameters
- &inventory_file { name: 'INVENTORY_FILE',
type: 'choice',
description: 'Which Inventory File to use',
choices: { type_string: ['vagrant', 'dev', 'qa', 'prd']}}
- &playbook { name: 'PLAYBOOK',
type: 'choice',
description: 'Which playbook to execute',
choices: { type_string: ['jenkins.yml', 'zabbix.yml', 'site.yml']}}
- &limit { name: "LIMIT",
type: 'string',
description: "Ansible --limit",
default: "all" }
- &tags { name: "TAGS",
type: 'string',
description: "Ansible --tags",
default: "" }
- &start_at_task { name: "START_AT_TASK",
type: 'string',
description: "Ansible --start-at-task",
default: "" }
- &release { name: "RELEASE",
type: 'string',
description: "RELEASE number to use",
default: "latest" }
- &vault { name: "VAULT",
type: 'password',
description: "Ansible Vault Password",
default: "" }
scm:
- { type: 'git',
url: 'https://github.com/Azulinho/ansible-jenkins-showcase.git',
branches: ['*/master'] }
builders:
- { type: 'shell',
command_lines: [
"#!/bin/bash",
"export PATH=/usr/local/bin:$PATH",
"export PYTHONUNBUFFERED=1",
"echo $VAULT > .vault",
"bundle install",
"bundle exec rake galaxy_install",
"ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u vagrant -s -i $INVENTORY_FILE -l $LIMIT $PLAYBOOK --vault-password-file .vault" ]}
buildWrappers: *base_template_wrappers
jinja2_deploy_zabbix:
<<: *jinja2_run_ansible
parameters: [
<<: *limit,
<<: *tags,
<<: *start_at_task,
<<: *release,
<<: *vault,
{ name: 'PLAYBOOK',
type: 'string',
description: 'Which playbook to execute',
default: 'zabbix.yml'},
{ name: 'INVENTORY_FILE',
type: 'string',
description: 'Which Inventory File to use',
default: 'vagrant'} ]
publishers:
- { type: 'parametrizedTrigger',
projects: ['jinja2_deploy_zabbix_checks'],
parameters: ['<hudson.plugins.parameterizedtrigger.CurrentBuildParameters/>'],
condition: 'success'}
jinja2_deploy_zabbix_checks:
<<: *jinja2_run_ansible
parameters: [
<<: *limit,
<<: *tags,
<<: *start_at_task,
<<: *release,
<<: *vault,
{ name: 'PLAYBOOK',
type: 'string',
description: 'Which playbook to execute',
default: 'zabbix-checks.yml'},
{ name: 'INVENTORY_FILE',
type: 'string',
description: 'Which Inventory File to use',
default: 'vagrant'} ]
publishers:
- { type: 'parametrizedTrigger',
projects: ['jinja2_run_zabbix_tests'],
parameters: ['<hudson.plugins.parameterizedtrigger.CurrentBuildParameters/>'],
condition: 'success'}
jinja2_run_zabbix_tests:
<<: *jinja2_run_ansible
builders:
- { type: 'shell',
command_lines: [
"#!/bin/bash",
"echo SUCESS" ]}
options: *base_template_options
buildWrappers: *base_template_wrappers
job_builder:
- job:
name: job-builder_flow1
project_type: job-builder_flow
dsl: |
build("job-builder_job1")
parallel (
{ build("job-builder_job2a") },
{ build("job-builder_job2b") },
)
build("job-builder_job3")
- job:
name: job_builder-job1
project-type: freestyle
defaults: global
disabled: false
display-name: 'job_builder-job1'
concurrent: true
quiet-period: 5
block-downstream: false
block-upstream: false
retry-count: 3
- job:
name: job-builder_job2a
- job:
name: job-builder_job2b
- job:
name: job-builder_seed1
project-type: freestyle
defaults: global
disabled: false
display-name: 'job-builder_seed1'
concurrent: true
quiet-period: 5
block-downstream: false
block-upstream: false
retry-count: 3
views:
list:
- { name: 'All',
description: 'All',
includeRegex: '.*',
columns: &all_columns_view [
'hudson.views.StatusColumn',
'hudson.views.WeatherColumn',
'hudson.views.JobColumn',
'hudson.views.LastSuccessColumn',
'hudson.views.LastFailureColumn',
'hudson.views.LastDurationColumn',
'hudson.views.BuildButtonColumn']}
- { name: 'DSL_BUILD',
description: 'All BUILD jobs built using the DSL',
includeRegex: 'DSL_BUILD.*',
columns: *all_columns_view }
- { name: 'DSL_DEPLOY',
description: 'All DEPLOY jobs built using the DSL',
includeRegex: 'DSL_DEPLOY.*',
columns: *all_columns_view }
# the pipeline block is used to configure the PIPELINE views
# in jenkins.
pipeline:
- { name: 'PIPELINE1',
selectedJob: 'DSL_DEPLOY-job1',
firstJob: 'DSL_DEPLOY-job1',
noOfDisplayedBuilds: '5',
buildViewTitle: 'Deployment Pipeline 1' }
- { name: 'PIPELINE2',
selectedJob: 'jinja2_deploy_zabbix',
firstJob: 'jinja2_deploy_zabbix',
noOfDisplayedBuilds: '5',
startsWithParameters: true,
buildViewTitle: 'Zabbix Deployment Pipeline' }
# pipeline_first_jobs will trigger the jenkins pipeline
# here we set the first jobs in the pipeline,
# this will be used by the kick-pipeline role
#
pipeline_first_jobs:
- DSL_DEPLOY-job1
- jinja2_deploy_zabbix
# zabbix settings
zabbix: &zabbix
# server block, contains settings used by the
# Azulinho.azulinho-zabbix-server and Azulinho.azulinho-zabbix-agent
# roles
#
server: &zabbix_server_options
nodeid: 1
zabbix_username: admin
zabbix_password: zabbix
zabbix_host: localhost
mysql_username: zabbix
mysql_password: password
mysql_port: 3306
mysql_start_pollers: 25
mysql_start_trappers: 25
server_port: 10051
client_port: 10050
dbname: zabbix
dbhost: localhost
agent: &zabbix_agent_options
zabbix_host: zabbix
server_port: 10051
client_port: 10050
checks: &zabbix_checks
# this 'Azulinho.azulinho-zabbix-checks' role requires some settings
# from the zabbix/server block, such as zabbix_username/password
# to keep it DRY, we use yaml anchors to import those into the dict
<<: *zabbix_server_options
# the 'host_groups' block will set the policy, of which zabbix
# templates are to be applied to each type of server.
#
# zabbix hostgroups match the ansible group for the box
#
# Apply *zabbix_host_groups_default to the environment, and then override
# that environment with the list of services it requires
# this allows zabbix to manage different templates in different environments
# so that apps that haven't been released yet to a particular
# environments won't be triggering alerts.
#
host_groups: &zabbix_host_groups_defaults
# the host_group 'all_servers' contain a list of zabbix templates that is
# common and applied to every box
all_servers:
templates: "OS_Linux,App_SSH_Service,App_Zabbix_Agent"
zabbix_servers:
templates: "HTTP,mysql"
jenkins_servers:
templates: "jenkins_service,HTTP"
# zabbix_xml_templates block contains the zabbix definitions for each
# template, this block builds the templates using jinja2 templating,
# which will then be imported into zabbix and applied to a group of
# hosts based on the zabbix host_groups dictionary above.
#
xml_templates: &zabbix_xml_templates_defaults
OS_Linux:
applications: ['CPU', 'Filesystems', 'General', 'Memory', 'Network interfaces', 'OS', 'Performance', 'Processes', 'Security', 'test1' ]
zabbix_items:
- { name: 'Available memory', xkey: 'vm.memory.size[available]', value_type: 3, units: 'B', description: 'Available memory is defined as free+cached+buffers memory', applications: ['Memory'] }
- { name: 'Checksum of $1', xkey: 'vfs.file.cksum[/etc/passwd]', delay: 3600, value_type: 3, units: 'B', applications: ['Security'] }
- { name: 'Context switches per second', xkey: 'system.cpu.switches', value_type: 3, units: 'sps', delta: 1, applications: ['CPU', 'Performance'] }
- { name: 'CPU $2 time', xkey: 'system.cpu.util[,nice]',units: '%', description: 'The time the CPU has spent running users process that have been niced', applications: ['CPU', 'Performance'] }
- { name: 'CPU $2 time', xkey: 'system.cpu.util[,interrupt]', units: '%', description: 'The time the CPU has been servicing hardware interrupts', applications: ['CPU', 'Performance'] }
- { name: 'CPU $2 time', xkey: 'system.cpu.util[,softirq]', units: '%', description: 'The time the CPU has been servicing software interrupts', applications: ['CPU', 'Performance'] }
- { name: 'CPU $2 time', xkey: 'system.cpu.util[,system]', units: '%', description: 'The time the CPU has spent running the kernel and its processes', applications: ['CPU', 'Performance'] }
- { name: 'CPU $2 time', xkey: 'system.cpu.util[,user]', units: '%', description: 'The time the CPU has spent running users processes', applications: ['CPU', 'Performance'] }
- { name: 'CPU $2 time', xkey: 'system.cpu.util[,idle]', units: '%', description: 'The time the CPU has spent doing nothing', applications: ['CPU', 'Performance'] }
- { name: 'CPU $2 time', xkey: 'system.cpu.util[,steal]', units: '%', description: 'The amount of CPU stolen by the hypervisor for other VMs', applications: ['CPU', 'Performance'] }
- { name: 'CPU $2 time', xkey: 'system.cpu.util[,iowait]', units: '%', description: 'The amount of time the CPU has been waiting for IO to complete', applications: ['CPU', 'Performance'] }
- { name: 'Host boot time', xkey: 'system.boottime', value_type: 3, delay: 600, units: 'unixtime', applications: ['General', 'OS'] }
- { name: 'Host local time', xkey: 'system.localtime', value_type: 3, units: 'unixtime', applications: ['General', 'OS'] }
- { name: 'Host name', xkey: 'system.hostname', delay: 3600, value_type: 1, description: 'System host name', inventory_link: 3, applications: ['General', 'OS'] }
- { name: 'Interrupts per second', xkey: 'system.cpu.intr',value_type: 3, units: 'ips', delta: 1, applications: ['CPU', 'Performance'] }
- { name: 'Maximum number of opened files', xkey: 'kernel.maxfiles', delay: 3600, value_type: 3, units: 'ips', description: 'Maximum number of open files', applications: ['OS'] }
- { name: 'Maximum number of processes', xkey: 'kernel.maxproc', delay: 3600, value_type: 3, description: 'Maximum number of processes', applications: ['OS'] }
- { name: 'Number of logged in users', xkey: 'system.users.num',value_type: 3, description: 'Number of users who are currently logged in', applications: ['OS', 'Security'] }
- { name: 'Number of processes', xkey: 'proc.num[]', value_type: 3, description: 'Total number of processes in any state', applications: ['Processes'] }
- { name: 'Number of running processes', xkey: 'proc.num[,,run]', value_type: 3, description: 'Total number of processes in running state', applications: ['Processes'] }
- { name: 'Processor load(1min average per core)', xkey: 'system.cpu.load[percpu,avg1]' ,value_type: 0, description: 'Processor Load', applications: ['CPU', 'Performance'] }
- { name: 'Processor load(5min average per core)', xkey: 'system.cpu.load[percpu,avg5]' ,value_type: 0, description: 'Processor Load', applications: ['CPU', 'Performance'] }
- { name: 'Processor load(15min average per core)', xkey: 'system.cpu.load[percpu,avg15]' ,value_type: 0, description: 'Processor Load', applications: ['CPU', 'Performance'] }
- { name: 'System information', xkey: 'system.uname', delay: 3600, value_type: 1, description: 'the info as returned by uname -a', applications: ['General', 'OS'] }
- { name: 'System uptime', xkey: 'system.uptime', delay: 600, value_type: 3, applications: ['General', 'OS'] }
- { name: 'Total memory', xkey: 'vm.memory.size[total]', delay: 3600, value_type: 3, units: 'B', applications: ['Memory'] }
discovery_rules:
- { name: 'Mounted filesystem discovery', xkey: 'vfs.fs.discovery', filter: '{#FSTYPE}:@File systems for discovery', lifetime: 30, description: 'Discovery of filesystems',
item_prototypes: [
{name: 'Free disk space on $1', xkey: 'vfs.fs.size[{#FSNAME},free]', value_type: 3, units: 'B', applications: ['Filesystems']},
{name: 'Free disk space on $1 (percentage)', xkey: 'vfs.fs.size[{#FSNAME},pfree]', value_type: 0, units: '%', applications: ['Filesystems']},
{name: 'Free inodes on $1 (percentage)', xkey: 'vfs.fs.inode[{#FSNAME},pfree]', value_type: 0, units: '%', applications: ['Filesystems']},
{name: 'Total disk space $1 ', xkey: 'vfs.fs.size[{#FSNAME},total]', delay: 3600, value_type: 3, units: 'B', applications: ['Filesystems']},
{name: 'Used disk space $1 ', xkey: 'vfs.fs.size[{#FSNAME},used]', value_type: 3, units: 'B', applications: ['Filesystems']} ],
triggers_prototypes: [
{ name: 'Free disk space is less than 20% on volume {#FSNAME}', expression: '{OS_Linux:vfs.fs.size[{#FSNAME},pfree].last(0)}&lt;20', status: 0, priority: 2 },
{ name: 'Free inodes is less than 20% on volume {#FSNAME}', expression: '{OS_Linux:vfs.fs.inode[{#FSNAME},pfree].last(0)}&lt;20', status: 0, priority: 2 } ],
graph_prototypes: [
{ name: 'Disk space usage {#FSNAME}', type: 2, width: 600, height: 340,
graph_items: [
{ sortorder: 0, color: C80000, type: 2, host: 'OS_Linux', gkey: 'vfs.fs.size[{#FSNAME},total]'},
{ sortorder: 1, color: 00C800, type: 0, host: 'OS_Linux', gkey: 'vfs.fs.size[{#FSNAME},free]'} ] } ]}
- { name: 'Network interface discovery', xkey: 'net.if.discovery', delay: 3600, filter: '{#IFNAME}:@Network interfaces for discovery', lifetime: 30, description: 'Discovery of network interfaces',
item_prototypes: [
{name: 'Incoming network traffic $1', xkey: 'net.if.in[{#IFNAME}]', delay: 60, value_type: 3, units: 'bps', delta: 1, formula: 8, applications: ['Network interfaces']},
{name: 'Outgoing network traffic $1', xkey: 'net.if.out[{#IFNAME}]', delay: 60, value_type: 3, units: 'bps', delta: 1, formula: 8, applications: ['Network interfaces']} ],
triggers_prototypes: [],
graph_prototypes: [
{ name: 'Network traffic on {#IFNAME}', width: 900, height: 200, show_work_period: 1, show_triggers: 1, type: 0, show_3d: 0,
graph_items: [
{ color: 00AA00, host: 'OS_Linux', gkey: 'net.if.in[{#IFNAME}]', calc_fnc: 2, drawtype: 5 },
{ color: 3333FF, host: 'OS_Linux', gkey: 'net.if.out[{#IFNAME}]', sortorder: 1, calc_fnc: 2, drawtype: 5} ] } ]}
screens:
- { name: 'System performance', hsize: 2, vsize: 3,
screen_items: [
{ width: 500, height: 120, colspan: 1, rowspan: 1, valign: 1, name: 'CPU load', host: 'OS_Linux' },
{ width: 500, height: 148, x: 0, y: 1, colspan: 1, rowspan: 1, valign: 1, name: 'CPU utilization', host: 'OS_Linux' },
{ width: 500, height: 100, x: 0, y: 1, colspan: 1, elements: 0, rowspan: 1, valign: 0, name: 'Memory usage', host: 'OS_Linux' }]}
triggers:
- { expression: '{OS_Linux:kernel.maxfiles.last(0)}&lt;1024', name: 'Configured max number of opened files is too low on {HOST.NAME}', status: 0, priority: 1, type: 0 }
- { expression: '{OS_Linux:kernel.maxproc.last(0)}&lt;256', name: 'Configured max number of processes is too low on {HOST.NAME}', status: 0, priority: 1, type: 0 }
- { expression: '{OS_Linux:system.cpu.util[,iowait].avg(15m)}&gt;20', name: 'Disk IO is overloaded on {HOST.NAME}', status: 0, priority: 2, type: 0 }
- { expression: '{OS_Linux:system.uname.diff(0)}&gt;0', name: 'Host information was changed on {HOST.NAME}', status: 0, priority: 1, type: 0 }
- { expression: '{OS_Linux:system.hostname.diff(0)}&gt;0', name: 'Hostname was changed on {HOST.NAME}', status: 0, priority: 1, type: 0 }
- { expression: '{OS_Linux:vm.memory.size[available].last(0)}&lt;20M', name: 'Lack of available memory on server {HOST.NAME}', status: 0, priority: 3, type: 0 }
- { expression: '{OS_Linux:system.cpu.load[percpu,avg1].avg(5m)}&gt;5', name: 'Processor load is too high on {HOST.NAME}', status: 0, priority: 2, type: 0 }
- { expression: '{OS_Linux:proc.num[,,run].avg(5m)}&gt;300', name: 'Too many processes running on {HOST.NAME}', status: 0, priority: 2, type: 0 }
- { expression: '{OS_Linux:system.uptime.change(0)}&lt;0', name: '{HOST.NAME} has just been restarted', status: 0, priority: 1, type: 0 }
graphs:
- { name: 'CPU jumps', width: 900, height: 200,
graph_items: [
{ color: 009900, calc_fnc: 2, host: 'OS_Linux', gikey: 'system.cpu.switches' },
{ sortorder: 1, color: 000099, calc_fnc: 2, host: 'OS_Linux', gikey: 'system.cpu.intr' }] }
- { name: 'CPU load', width: 900, height: 200,
graph_items: [
{ sortorder: 1, color: 000099, calc_fnc: 2, host: 'OS_Linux', gikey: 'system.cpu.load[percpu,avg5]' },
{ sortorder: 2, color: 990000, calc_fnc: 2, host: 'OS_Linux', gikey: 'system.cpu.load[percpu,avg15]' } ]}
- { name: 'CPU utilization', width: 900, height: 200,
graph_items: [
{ sortorder: 0, drawtype: 1, color: FF5555, calc_fnc: 2, host: 'OS_Linux', gikey: 'system.cpu.util[,steal]' },
{ sortorder: 1, drawtype: 1, color: 55FF55, calc_fnc: 2, host: 'OS_Linux', gikey: 'system.cpu.util[,softirq]' },
{ sortorder: 2, drawtype: 1, color: 009999, calc_fnc: 2, host: 'OS_Linux', gikey: 'system.cpu.util[,interrupt]' },
{ sortorder: 3, drawtype: 1, color: 990099, calc_fnc: 2, host: 'OS_Linux', gikey: 'system.cpu.util[,nice]' },
{ sortorder: 4, drawtype: 1, color: 999900, calc_fnc: 2, host: 'OS_Linux', gikey: 'system.cpu.util[,iowait]' },
{ sortorder: 5, drawtype: 1, color: 990000, calc_fnc: 2, host: 'OS_Linux', gikey: 'system.cpu.util[,system]' },
{ sortorder: 6, drawtype: 1, color: 000099, calc_fnc: 2, host: 'OS_Linux', gikey: 'system.cpu.util[,user]' },
{ sortorder: 7, drawtype: 1, color: 009900, calc_fnc: 2, host: 'OS_Linux', gikey: 'system.cpu.util[,idle]' } ] }
- { name: 'Memory usage', width: 900, height: 200, show_legend: 1,
graph_items: [
{ sortorder: 1, drawtype: 5, color: 00C800, calc_fnc: 2, host: 'OS_Linux', gikey: 'vm.memory.size[available]' },
{ sortorder: 0, drawtype: 0, color: DD0000, calc_fnc: 2, host: 'OS_Linux', gikey: 'vm.memory.size[total]' },
{ sortorder: 0, drawtype: 0, color: DD0000, calc_fnc: 2, host: 'OS_Linux', gikey: 'vm.memory.size[total]' } ] }
App_SSH_Service:
applications: ['SSH service']
zabbix_items:
- { name: 'SSH service is running', type: 3, xkey: 'net.tcp.service[ssh]', value_type: 3, applications: ['SSH service'] }
triggers:
- { expression: '{App_SSH_Service:net.tcp.service[ssh].max(#3)}=0', name: 'SSH service on {HOST.NAME}', status: 0, priority: 3, type: 0 }
App_Zabbix_Agent:
applications: ['Zabbix agent']
zabbix_items:
- { name: 'Agent ping', type: 0, xkey: 'agent.ping', value_type: 3, applications: ['Zabbix agent'] }
- { name: 'Host name of zabbix_agentd running', delay: 3600, type: 0, xkey: 'agent.hostname', value_type: 1, applications: ['Zabbix agent'] }
- { name: 'Version of zabbix_agent(d) running', delay: 3600, type: 0, xkey: 'agent.version', value_type: 1, applications: ['Zabbix agent'] }
triggers:
- { expression: '{App_Zabbix_Agent:agent.hostname.diff(0)}&gt;0', name: 'Host name of zabbix_agentd was changed on {HOST.NAME}', status: 0, priority: 1, type: 0 }
- { expression: '{App_Zabbix_Agent:agent.version.diff(0)}&gt;0', name: 'Version of zabbix_agentd was changed on {HOST.NAME}', status: 0, priority: 1, type: 0 }
- { expression: '{App_Zabbix_Agent:agent.ping.nodata(300)}=1', name: 'Zabbix agent on {HOST.NAME} is unreachable for 5 minutes', status: 0, priority: 3, type: 0 }
Base: {}
HTTP:
applications: ['HTTP']
zabbix_items:
- { name: 'HTTP_port_check', type: 0, xkey: 'net.tcp.listen[80]', value_type: 3, applications: ['HTTP'] }
triggers:
- { expression: '{HTTP:net.tcp.listen[80].max(5m)}=0|({TRIGGER.VALUE}=1 &amp; {HTTP:net.tcp.listen[80].min(5m)} &gt; 0)', name: 'HTTP service on {HOST.NAME}', status: 0, priority: 4, type: 0 }
jenkins_service:
applications: ['jenkins']
zabbix_items:
- { name: 'jenkins_port_check', type: 0, xkey: 'net.tcp.listen[8080]', value_type: 3, applications: ['jenkins'] }
triggers:
- { expression: '{jenkins_service:net.tcp.listen[8080].max(5m)}=0|({TRIGGER.VALUE}=1 &amp; {jenkins_service:net.tcp.listen[8080].min(5m)} &gt; 0)', name: 'jenkins service on {HOST.NAME}', status: 0, priority: 4, type: 0 }
mysql:
applications: ['mysql']
zabbix_items:
- { name: 'mysql_port_check',
type: 0,
xkey: 'net.tcp.listen[3306]',
value_type: 3,
applications: ['mysql'] }
triggers:
- { expression: '{mysql:net.tcp.listen[3306].max(5m)}=0|({TRIGGER.VALUE}=1 &amp; {mysql:net.tcp.listen[3306].min(5m)} &gt; 0)',
name: 'mysql service on {HOST.NAME}',
status: 0,
priority: 4,
type: 0 }
# our test environment vagrant gets the values from the 'default' block
# and we then go about to override what we may need for our particular
# vagrant setup.
vagrant:
# import the 'default'
<<: *env_defaults
# we need to override some settings in the zabbix block, so lets import
# the zabbix block first
zabbix:
<<: *zabbix
# and then override the inner block that requires change
checks:
# we import the contents of zabbix checks
<<: *zabbix_checks
# and append a 'hosts' block to it
hosts:
- { hostname: 'jenkins', hostgroup: 'jenkins_servers', ip: '192.168.67.2' }
- { hostname: 'zabbix' , hostgroup: 'zabbix_servers', ip: '192.168.67.3' }
# our remaining environments (they don't actually exist) use the same
# settings as 'default'
#
dev: *env_defaults
qa: *env_defaults
prd: *env_defaults
#
# we now feed the Ansible roles which we bought at the galaxy supermarket.
# Since each role uses its own set of variables, we make sure we set them using
# the values we set in our own representation of our environment.
#
# 'deploy_env' will match what we have in our inventory file, so that we can
# tackle different environments 'vagrant, dev, qa, prd' in a single
# group_vars/all yaml dictionary.
#
#
azulinho_jenkins_kick_pipeline: "{{ env[deploy_env]['jenkins'] }}"
azulinho_jenkins_plugins: "{{ env[deploy_env]['jenkins'] }}"
azulinho_jenkins_reconfigure_jobs_using_job_builder: "{{ env[deploy_env]['jenkins']['jobs']['job_builder'] }}"
azulinho_jenkins_reconfigure_jobs_using_jinja2:
jobs: "{{ env[deploy_env]['jenkins']['jobs']['jinja2'] }}"
azulinho_jenkins_server: "{{ env[deploy_env]['jenkins'] }}"
azulinho_ssh_keys: "{{ env[deploy_env]['ssh']['ssh_keys'] }}"
azulinho_zabbix_agent: "{{ env[deploy_env]['zabbix']['agent'] }}"
azulinho_zabbix_checks: "{{ env[deploy_env]['zabbix']['checks'] }}"
azulinho_zabbix_server: "{{ env[deploy_env]['zabbix']['server'] }}"