Cookbook Wrapper for a monit cookbook
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
attributes
recipes
templates/default
test/integration/default/serverspec
.gitignore
.kitchen.yml
.rubocop.yml
Berksfile
CHANGELOG.md
Gemfile
LICENSE
README.md
Rakefile
chefignore
metadata.rb

README.md

bcs_monit cookbook

Chef cookbook that wraps philpper's monit cookbook to install monit and monitor a number of applications.

Monit monitors nginx, postfix and postgresql when the default recipe is run and elasticsearch if the search recipe is run. Monit will have errors if these applications are not present on the node.

Requirements

Monit Cookbook Requirement

Requirement Tested Version
Chef 12.5+
Ruby 2.3.3+
Ubuntu 14.04+

Monitored Applications

Application Tested Version
nginx 1.19+
postfix Unknown
postgresql 9.3
sshd Unknown

Usage

To the wrapper cookbook defaults you need to add the following attributes:

  • Email target for alerts: node['monit']['alert_email']
  • Email server account requires user and password attributes.
    • node['monit']['mail']['username']
    • node['monit']['mail']['password']

HTTPD Access will require:

  • Allow must be configured if you require access to HTTPD. node["monit"]["web_interface"]["allow"] = ["192.168.10.1", "admin:secret"]
  • This would allow the ip address 192.168.10.1 to access HTTPD. user admin, password secret.
  • Without HTTPD access you cannot even command: monit status

Attributes

Monit

node['monit']['attribute']

Attribute Description Default
polling_frequency time between cycle 30
alert_email target of alerts richard.wigley@bcs.io

HTTPD Web Interface

node['monit']['web_interface']['attribute']

  • Convenient but peforms authentication without password encryption.
  • Address and allow will most likely be overriden
  • A restrictive allow is the best security without SSL.
  • recommended format is localhost address and Nginx providing URL to access monit.
Attribute Description Default
address interface or ip of monit web app 192.168.10.200
allow permitted ip addresses and authentication "192.168.10.1", "admin:secrety"

Email Server

node['monit']['mail']['attribute']

Attribute Description Default
hostname mail server smtp.gmail.com
port port application listening 587
username user required
password password required
security security TLSV1
timeout timeout 30

Recipes

Default

  • Installs monit software.
  • Monitors nginx, postfix, postgresql, sshd.

File Installs

/etc -- monit.conf
   |
   |---- /monit -- monitrc ---|-------------------------+
              |               | set httpd port 2812     |
              |               | use address localhost   |
              |               | allow admin:monit       |
              |               | allow @monit            |
              |               +-------------------------+
              |
              | -- /conf.d -- nginx.monitrc --+------------------------------------------------------
                                              | check process nginx with pidfile /var/run/nginx.pid |
                                              | start program = "/etc/init.d/nginx start"           |
                                              | stop program = "/etc/init.d/nginx stop"             |
                                              | if children > 250 then restart                      |
                                              | if 5 restarts within 5 cycles then timeout          |
                                              +-----------------------------------------------------+

Vagrant Terminology

  • Guest - the vagrant machine spun up operating system
  • Host - the machine vagrant is running on

Verify

  • kitchen login test-ubuntu-1204 - spin up ubuntu 12 only
  • on login you are told the host ip address
Verify Description
ifconfig eth0 guest ip address
sudo monit -t monit checks for syntax errors
tail -f /var/log/monit if monit is working it will log to file

Monit Server Listening on Port?

  • $ ping guest ip address
Run From Command Expect
Guest netstat -tulpn 127.0.0.1:2812 (or whatever port)
Host nmap -p 2812 192.168.10.200 -PN tells you if it is filtered

Monit Process Statuses

sudo monit status

  • All should be running or Not monitored - depending on if the observed application has been installed or not. For default recipe sshd and postfix are only installed.
Process Description Status
sshd ssh service Running
postgresql database Not monitored
postfix mail deamon Running
nginx web server Not monitored

Browser Visit

Visit http://192.168.10.200:2812/ with browser

Author

Author:: Richard Wigley (Richard Wigley@github)