Skip to content
Browse files

Initial population of cookbooks and solo structure.

  • Loading branch information...
1 parent bcde979 commit 088be7e4049f49cf0cb4c42c6852f7e588921988 Ben Rockwood committed Sep 19, 2012
Showing with 1,635 additions and 1 deletion.
  1. +27 −0 Makefile
  2. +5 −1 README.md
  3. +8 −0 cookbooks/bart/README.rdoc
  4. +16 −0 cookbooks/bart/files/default/bart.rules
  5. +66 −0 cookbooks/bart/files/default/bartlog
  6. +30 −0 cookbooks/bart/metadata.json
  7. +6 −0 cookbooks/bart/metadata.rb
  8. +29 −0 cookbooks/bart/recipes/default.rb
  9. +10 −0 cookbooks/logging/README.rdoc
  10. +1 −0 cookbooks/logging/attributes/default.rb
  11. +9 −0 cookbooks/logging/files/default/auditd.props
  12. +30 −0 cookbooks/logging/metadata.json
  13. +7 −0 cookbooks/logging/metadata.rb
  14. +98 −0 cookbooks/logging/recipes/default.rb
  15. +81 −0 cookbooks/logging/templates/default/login.erb
  16. +126 −0 cookbooks/logging/templates/default/sshd_config.erb
  17. +29 −0 cookbooks/logging/templates/default/su.erb
  18. +36 −0 cookbooks/logging/templates/default/syslog.conf.erb
  19. +9 −0 cookbooks/smartos/README.rdoc
  20. +14 −0 cookbooks/smartos/attributes/default.rb
  21. BIN cookbooks/smartos/files/default/nicstat
  22. +30 −0 cookbooks/smartos/metadata.json
  23. +7 −0 cookbooks/smartos/metadata.rb
  24. +77 −0 cookbooks/smartos/recipes/default.rb
  25. +10 −0 cookbooks/smartos/recipes/motd.rb
  26. +13 −0 cookbooks/smartos/recipes/nicstat.rb
  27. +9 −0 cookbooks/smartos/recipes/ntp.rb
  28. +48 −0 cookbooks/smartos/recipes/ssh.rb
  29. +4 −0 cookbooks/smartos/templates/default/authorized_keys.erb
  30. +6 −0 cookbooks/smartos/templates/default/motd.erb
  31. +27 −0 cookbooks/smartos/templates/default/nsswitch.conf.erb
  32. +6 −0 cookbooks/smartos/templates/default/ntp.conf.erb
  33. +4 −0 cookbooks/smartos/templates/default/resolv.conf.erb
  34. +10 −0 cookbooks/zabbix/README.rdoc
  35. +18 −0 cookbooks/zabbix/attributes/default.rb
  36. BIN cookbooks/zabbix/files/default/zabbix/bin/zabbix_get
  37. BIN cookbooks/zabbix/files/default/zabbix/bin/zabbix_sender
  38. BIN cookbooks/zabbix/files/default/zabbix/sbin/zabbix_agent
  39. BIN cookbooks/zabbix/files/default/zabbix/sbin/zabbix_agentd
  40. +39 −0 cookbooks/zabbix/files/default/zabbix/share/man/man1/zabbix_get.1
  41. +55 −0 cookbooks/zabbix/files/default/zabbix/share/man/man1/zabbix_sender.1
  42. +45 −0 cookbooks/zabbix/files/default/zabbix/share/man/man8/zabbix_agentd.8
  43. +32 −0 cookbooks/zabbix/files/default/zabbix/share/man/man8/zabbix_proxy.8
  44. +34 −0 cookbooks/zabbix/files/default/zabbix/share/man/man8/zabbix_server.8
  45. +49 −0 cookbooks/zabbix/files/default/zabbix/share/svc/zabbix_agent.xml
  46. +6 −0 cookbooks/zabbix/metadata.rb
  47. +93 −0 cookbooks/zabbix/recipes/agent.rb
  48. +8 −0 cookbooks/zabbix/recipes/default.rb
  49. +255 −0 cookbooks/zabbix/templates/default/zabbix_agentd.conf.erb
  50. +21 −0 nodes/smartos.json
  51. +46 −0 smf/chef-solo-omnibus.xml
  52. +46 −0 smf/chef-solo.xml
View
27 Makefile
@@ -0,0 +1,27 @@
+# Makefile for SmartOS Deployment
+#
+TAR= gtar
+DISTNAME= smartos_cookbooks.tar.gz
+SERVER_DEST= 1.2.3.4:/www/chef/
+
+all:
+ $(TAR) cfz /tmp/$(DISTNAME) cookbooks
+ scp /tmp/$(DISTNAME) $(SERVER_DEST)
+ rm /tmp/$(DISTNAME)
+ scp nodes/* $(SERVER_DEST)
+ scp scripts/* $(SERVER_DEST)
+ scp keys/* $(SERVER_DEST)
+ scp smf/chef-solo.xml $(SERVER_DEST)
+
+
+nodes:
+ scp nodes/* $(SERVER_DEST)
+
+scripts:
+ scp scripts/* $(SERVER_DEST)
+ scp smf/chef-solo.xml $(SERVER_DEST)
+
+cookbooks:
+ $(TAR) cfz /tmp/$(DISTNAME) cookbooks
+ scp /tmp/$(DISTNAME) $(SERVER_DEST)
+ rm /tmp/$(DISTNAME)
View
6 README.md
@@ -1,4 +1,8 @@
smartos_cookbooks
=================
-Chef Cookbooks for managing the SmartOS Global Zone
+Chef cookbooks for use with SmartOS
+
+
+
+Please note that these cookbooks are unofficial and not supported by Joyent or its partners. Please use at your own risk.
View
8 cookbooks/bart/README.rdoc
@@ -0,0 +1,8 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
View
16 cookbooks/bart/files/default/bart.rules
@@ -0,0 +1,16 @@
+## +Joyent SmartOS BART Rules
+## benr@joyent.com
+#
+# Attributes: acl, all, contents, dest, devnode, dirmtime,
+# gid, lnmtime, mode, mtime, size, type, uid
+
+
+#GLOBAL
+CHECK all
+IGNORE dirmtime
+
+
+## Local Checks:
+/etc
+
+/opt
View
66 cookbooks/bart/files/default/bartlog
@@ -0,0 +1,66 @@
+#!/usr/bin/bash
+#
+# bartlog: benr@cuddletech.com (6/24/09)
+# -------------------------------------------
+# BART wrapper to be run from cron and output
+# changes to syslog.
+#
+# Modified 3/8/10: Report creation of initial manifest in-band (syslog),
+# this will warn us if someone has destroyed our manifest
+# to cover their tracks.
+#
+
+
+SYSLOG_PRIORITY=audit.err
+BART_RULES=/etc/bart.rules
+BART_MANIFESTS=/var/tmp
+
+
+
+
+#
+# Modify BASH Internal Field Seperator to newline:
+#
+IFS=`echo -en "\n\b"`
+
+
+#
+# Check for rules:
+#
+if [ -f $BART_RULES ]
+then
+ echo "123" >/dev/null;
+else
+ echo "$BART_RULES Not Found. Exiting."
+ exit
+fi
+
+#
+# If an initial manifest exists, create a new one for diff,
+# otherwise, create the initial and exit.
+#
+if [ -f $BART_MANIFESTS/bart.manifest.0 ]
+then
+ /usr/bin/bart create -r $BART_RULES > $BART_MANIFESTS/bart.manifest.1
+else
+ /usr/bin/bart create -r $BART_RULES > $BART_MANIFESTS/bart.manifest.0
+ #echo "Created manifest... exit time."
+ /bin/logger -p $SYSLOG_PRIORITY "bartlog: Creating Initial Manifest"
+ exit
+fi
+
+
+#
+# Compare "control" (.0) manifest against new "test" (.1) manifest and log the changes
+#
+
+for i in `/usr/bin/bart compare -r $BART_RULES -p $BART_MANIFESTS/bart.manifest.0 $BART_MANIFESTS/bart.manifest.1 `
+do
+ /bin/logger -p $SYSLOG_PRIORITY "BART Reports Change: $i"
+done
+
+
+#
+# Finally, rotate for the next run
+#
+/usr/bin/mv $BART_MANIFESTS/bart.manifest.1 $BART_MANIFESTS/bart.manifest.0
View
30 cookbooks/bart/metadata.json
@@ -0,0 +1,30 @@
+{
+ "name": "computenode",
+ "description": "Installs/Configures Compute Node",
+ "long_description": "= DESCRIPTION:\n\n= REQUIREMENTS:\n\n= ATTRIBUTES:\n\n= USAGE:\n\n",
+ "maintainer": "Ben Rockwood",
+ "maintainer_email": "benr@joyent.com",
+ "license": "All rights reserved",
+ "platforms": {
+ },
+ "dependencies": {
+ "joyent": ">= 0.0.0"
+ },
+ "recommendations": {
+ },
+ "suggestions": {
+ },
+ "conflicting": {
+ },
+ "providing": {
+ },
+ "replacing": {
+ },
+ "attributes": {
+ },
+ "groupings": {
+ },
+ "recipes": {
+ },
+ "version": "0.0.1"
+}
View
6 cookbooks/bart/metadata.rb
@@ -0,0 +1,6 @@
+maintainer "Ben Rockwood"
+maintainer_email "benr@joyent.com"
+license "All rights reserved"
+description "Configures BART for change notification"
+long_description IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version "0.0.1"
View
29 cookbooks/bart/recipes/default.rb
@@ -0,0 +1,29 @@
+#
+# Cookbook Name:: BART
+# Recipe:: default
+#
+# Copyright 2011, Joyent, Inc.
+#
+# All rights reserved - Do Not Redistribute
+#
+
+cookbook_file "/opt/custom/bin/bartlog" do
+ source "bartlog"
+ owner "root"
+ group "sys"
+ mode "0755"
+end
+
+cookbook_file "/etc/bart.rules" do
+ source "bart.rules"
+ owner "root"
+ group "sys"
+ mode "0644"
+end
+
+
+cron "BARTlog" do
+ command "/opt/custom/bin/bartlog"
+ minute "0"
+ hour "0"
+end
View
10 cookbooks/logging/README.rdoc
@@ -0,0 +1,10 @@
+= DESCRIPTION:
+
+Joyent Logging configuration, including Syslog, SSH, /etc/default tunings, etc.
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
View
1 cookbooks/logging/attributes/default.rb
@@ -0,0 +1 @@
+default[:syslog][:server] = "localhost"
View
9 cookbooks/logging/files/default/auditd.props
@@ -0,0 +1,9 @@
+## Properties fed to svccfg to augment the auditd service
+setprop policy/cnt=true
+setprop policy/perzone=true
+setprop policy/zonename=true
+setprop policy/argv=true
+setprop audit_syslog/active=true
+setprop audit_syslog/p_flags="all"
+setprop preselection/flags="lo,ua,ss"
+setprop preselection/naflags="lo,ua,ss"
View
30 cookbooks/logging/metadata.json
@@ -0,0 +1,30 @@
+{
+ "name": "computenode",
+ "description": "Installs/Configures Compute Node",
+ "long_description": "= DESCRIPTION:\n\n= REQUIREMENTS:\n\n= ATTRIBUTES:\n\n= USAGE:\n\n",
+ "maintainer": "Ben Rockwood",
+ "maintainer_email": "benr@joyent.com",
+ "license": "All rights reserved",
+ "platforms": {
+ },
+ "dependencies": {
+ "joyent": ">= 0.0.0"
+ },
+ "recommendations": {
+ },
+ "suggestions": {
+ },
+ "conflicting": {
+ },
+ "providing": {
+ },
+ "replacing": {
+ },
+ "attributes": {
+ },
+ "groupings": {
+ },
+ "recipes": {
+ },
+ "version": "0.0.1"
+}
View
7 cookbooks/logging/metadata.rb
@@ -0,0 +1,7 @@
+maintainer "Ben Rockwood"
+maintainer_email "benr@joyent.com"
+license "All rights reserved"
+description "Installs/Configures Compute Node"
+long_description IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version "0.0.1"
+depends "joyent"
View
98 cookbooks/logging/recipes/default.rb
@@ -0,0 +1,98 @@
+#
+# Cookbook Name:: logging
+# Recipe:: default
+#
+# Copyright 2011, Joyent, Inc.
+#
+# All rights reserved - Do Not Redistribute
+#
+
+## Touch /var/log/authlog
+file "/var/log/authlog" do
+ owner "root"
+ group "root"
+ mode "0644"
+ action :touch
+end
+
+## Touch /var/log/audit
+file "/var/log/audit" do
+ owner "root"
+ group "root"
+ mode "0644"
+ action :touch
+end
+
+
+
+### TODO: This should point to a syslog server by attribute
+# Solaris Syslog Configuration
+template "/etc/syslog.conf" do
+ source "syslog.conf.erb"
+ owner "root"
+ group "sys"
+ mode "0644"
+ variables(
+ :logserver => node[:syslog][:server]
+ )
+ notifies :restart, "service[system-log]"
+end
+
+service "system-log" do
+ action :nothing
+end
+
+# SSHD Configuration
+template "/etc/ssh/sshd_config" do
+ source "sshd_config.erb"
+ owner "root"
+ group "sys"
+ mode "0644"
+ notifies :restart, "service[ssh]"
+end
+
+# Notify hook to restart SSH if configurati is updated.
+service "ssh" do
+ action :nothing
+end
+
+# SU Configuration
+template "/etc/default/su" do
+ source "su.erb"
+ owner "root"
+ group "sys"
+ mode "0644"
+end
+
+# LOGIN Configuration
+template "/etc/default/login" do
+ source "login.erb"
+ owner "root"
+ group "sys"
+ mode "0644"
+end
+
+
+### TODO: A LWRP should be used to modify properities on a case-by-case
+### basis, rather than dumping a file and loading it based on
+### on a single property value.
+
+# SVCCFG Command File
+cookbook_file "/var/tmp/auditd.props" do
+ source "auditd.props"
+ owner "root"
+ group "sys"
+ mode "0644"
+end
+
+# Enable BSM SYSLOG Plugin
+execute "Enable Audit SYSLOG Plugin" do
+ command "/usr/sbin/svccfg -s svc:/system/auditd:default -f /var/tmp/auditd.props"
+ only_if "/usr/sbin/svccfg -s svc:/system/auditd:default listprop audit_syslog/active | grep false"
+ notifies :run, "execute[refresh auditd]"
+end
+
+execute "refresh auditd" do
+ command "/usr/sbin/svcadm refresh auditd"
+ action :nothing
+end
View
81 cookbooks/logging/templates/default/login.erb
@@ -0,0 +1,81 @@
+##
+## JPC Operations /etc/default/login
+##
+## This file is managed by Chef!
+##
+
+
+# Set the TZ environment variable of the shell.
+#
+#TIMEZONE=EST5EDT
+
+# ULIMIT sets the file size limit for the login. Units are disk blocks.
+# The default of zero means no limit.
+#
+#ULIMIT=0
+
+# If CONSOLE is set, root can only login on that device.
+# If the specified device is /dev/console, then root can also log into
+# any of the currently enabled /dev/vt/# virtual terminal devices.
+# Comment this line out to allow remote login by root.
+#
+#CONSOLE=/dev/console
+
+# PASSREQ determines if login requires a password.
+#
+PASSREQ=YES
+
+# ALTSHELL determines if the SHELL environment variable should be set
+#
+ALTSHELL=YES
+
+# PATH sets the initial shell PATH variable
+#
+#PATH=/usr/bin:
+
+# SUPATH sets the initial shell PATH variable for root
+#
+#SUPATH=/usr/sbin:/usr/bin
+
+# TIMEOUT sets the number of seconds (between 0 and 900) to wait before
+# abandoning a login session.
+#
+#TIMEOUT=300
+
+# UMASK sets the initial shell file creation mode mask. See umask(1).
+#
+#UMASK=022
+
+# SYSLOG determines whether the syslog(3) LOG_AUTH facility should be used
+# to log all root logins at level LOG_NOTICE and multiple failed login
+# attempts at LOG_CRIT.
+#
+SYSLOG=YES
+
+# SLEEPTIME controls the number of seconds that the command should
+# wait before printing the "login incorrect" message when a
+# bad password is provided. The range is limited from
+# 0 to 5 seconds.
+#
+#SLEEPTIME=4
+
+# DISABLETIME If present, and greater than zero, the number of seconds
+# login will wait after RETRIES failed attempts or the PAM framework returns
+# PAM_ABORT. Default is 20. Minimum is 0. No maximum is imposed.
+#
+#DISABLETIME=20
+
+# RETRIES determines the number of failed logins that will be
+# allowed before login exits. Default is 5 and maximum is 15.
+# If account locking is configured (user_attr(4)/policy.conf(4))
+# for a local user's account (passwd(4)/shadow(4)), that account
+# will be locked if failed logins equals or exceeds RETRIES.
+#
+#RETRIES=5
+#
+# The SYSLOG_FAILED_LOGINS variable is used to determine how many failed
+# login attempts will be allowed by the system before a failed login
+# message is logged, using the syslog(3) LOG_NOTICE facility. For example,
+# if the variable is set to 0, login will log -all- failed login attempts.
+#
+SYSLOG_FAILED_LOGINS=0
View
126 cookbooks/logging/templates/default/sshd_config.erb
@@ -0,0 +1,126 @@
+##
+## SmartOS SSHD_CONFIG
+##
+## This file is managed by Chef!
+##
+
+
+# Only v2 (recommended)
+Protocol 2
+
+# Listen port (the IANA registered port number for ssh is 22)
+Port 22
+
+# Don't use reverse DNS for connecting clients
+LookupClientHostnames no
+VerifyReverseMapping no
+
+
+# IPv4 only
+#ListenAddress 0.0.0.0
+# IPv4 & IPv6
+ListenAddress ::
+
+GatewayPorts no
+
+# X11 tunneling options
+X11Forwarding yes
+X11DisplayOffset 10
+X11UseLocalhost yes
+
+# The maximum number of concurrent unauthenticated connections to sshd.
+# start:rate:full see sshd(1) for more information.
+# The default is 10 unauthenticated clients.
+#MaxStartups 10:30:60
+
+# Banner to be printed before authentication starts.
+#Banner /etc/issue
+
+# Should sshd print the /etc/motd file and check for mail.
+# On Solaris it is assumed that the login shell will do these (eg /etc/profile).
+PrintMotd no
+
+# KeepAlive specifies whether keep alive messages are sent to the client.
+# See sshd(1) for detailed description of what this means.
+# Note that the client may also be sending keep alive messages to the server.
+KeepAlive yes
+
+# Syslog facility and level
+SyslogFacility auth
+LogLevel info
+
+#
+# Authentication configuration
+#
+
+# Host private key files
+# Must be on a local disk and readable only by the root user (root:sys 600).
+HostKey /var/ssh/ssh_host_rsa_key
+HostKey /var/ssh/ssh_host_dsa_key
+
+# Length of the server key
+# Default 768, Minimum 512
+ServerKeyBits 768
+
+# sshd regenerates the key every KeyRegenerationInterval seconds.
+# The key is never stored anywhere except the memory of sshd.
+# The default is 1 hour (3600 seconds).
+KeyRegenerationInterval 3600
+
+# Ensure secure permissions on users .ssh directory.
+StrictModes yes
+
+# Length of time in seconds before a client that hasn't completed
+# authentication is disconnected.
+# Default is 600 seconds. 0 means no time limit.
+LoginGraceTime 600
+
+# Maximum number of retries for authentication
+# Default is 6. Default (if unset) for MaxAuthTriesLog is MaxAuthTries / 2
+MaxAuthTries 5
+MaxAuthTriesLog 0
+
+# Are logins to accounts with empty passwords allowed.
+# If PermitEmptyPasswords is no, pass PAM_DISALLOW_NULL_AUTHTOK
+# to pam_authenticate(3PAM).
+PermitEmptyPasswords no
+
+# To disable tunneled clear text passwords, change PasswordAuthentication to no.
+PasswordAuthentication yes
+
+# Are root logins permitted using sshd.
+# Note that sshd uses pam_authenticate(3PAM) so the root (or any other) user
+# maybe denied access by a PAM module regardless of this setting.
+# Valid options are yes, without-password, no.
+PermitRootLogin yes
+
+# sftp subsystem
+Subsystem sftp internal-sftp
+
+# SSH protocol v1 specific options
+#
+# The following options only apply to the v1 protocol and provide
+# some form of backwards compatibility with the very weak security
+# of /usr/bin/rsh. Their use is not recommended and the functionality
+# will be removed when support for v1 protocol is removed.
+
+# Should sshd use .rhosts and .shosts for password less authentication.
+IgnoreRhosts yes
+RhostsAuthentication no
+
+# Rhosts RSA Authentication
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts.
+# If the user on the client side is not root then this won't work on
+# Solaris since /usr/bin/ssh is not installed setuid.
+RhostsRSAAuthentication no
+
+# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication.
+#IgnoreUserKnownHosts yes
+
+# Is pure RSA authentication allowed.
+# Default is yes
+RSAAuthentication yes
+
+# Disable GSS since we don't need it and it slows down login
+GSSAPIAuthentication no
+GSSAPIKeyExchange no
View
29 cookbooks/logging/templates/default/su.erb
@@ -0,0 +1,29 @@
+##
+## JPC Operations /etc/default/su
+##
+## This file is managed by Chef!
+##
+
+# SULOG determines the location of the file used to log all su attempts
+#
+SULOG=/var/adm/sulog
+
+# CONSOLE determines whether attempts to su to root should be logged
+# to the named device
+#
+#CONSOLE=/dev/console
+
+# PATH sets the initial shell PATH variable
+#
+#PATH=/usr/bin:
+
+# SUPATH sets the initial shell PATH variable for root
+#
+#SUPATH=/usr/sbin:/usr/bin
+
+# SYSLOG determines whether the syslog(3) LOG_AUTH facility should be used
+# to log all su attempts. LOG_NOTICE messages are generated for su's to
+# root, LOG_INFO messages are generated for su's to other users, and LOG_CRIT
+# messages are generated for failed su attempts.
+#
+SYSLOG=YES
View
36 cookbooks/logging/templates/default/syslog.conf.erb
@@ -0,0 +1,36 @@
+##
+## SmartOS /etc/syslog.conf
+##
+## This file is managed by Chef!
+##
+
+*.err;kern.notice;auth.notice /dev/sysmsg
+*.err;kern.debug;daemon.notice;mail.crit /var/adm/messages
+
+## Don't disturb the administrator on the terminal:
+#*.alert;kern.err;daemon.err operator
+*.alert root
+
+*.emerg *
+
+# if a non-loghost machine chooses to have authentication messages
+# sent to the loghost machine, un-comment out the following line:
+auth.info ifdef(`LOGHOST', /var/log/authlog, @loghost)
+
+mail.debug ifdef(`LOGHOST', /var/log/syslog, @loghost)
+
+audit.notice @<%= @logserver %>
+
+#
+# non-loghost machines will use the following lines to cause "user"
+# log messages to be logged locally.
+#
+ifdef(`LOGHOST', ,
+user.err /dev/sysmsg
+user.err /var/adm/messages
+user.alert `root, operator'
+user.emerg *
+)
+
+## Send everything to syslog server:
+*.debug @<%= @logserver %>
View
9 cookbooks/smartos/README.rdoc
@@ -0,0 +1,9 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+
+= ATTRIBUTES:
+
+= USAGE:
+
View
14 cookbooks/smartos/attributes/default.rb
@@ -0,0 +1,14 @@
+# SmartOS Base Recipes Attributes
+
+## NTP (Default to NTP Pool Servers)
+default[:ntp][:servers] = ["0.pool.ntp.org", "1.pool.ntp.org", "2.pool.ntp.org"]
+
+## SSH Pub/Priv Keys for root
+#default[:ssh][:pubkey] = "http://path/to/id_dsa.pub"
+#default[:ssh][:privkey] = "http://path/to/id_dsa"
+#default[:ssh][:authorized_keys] = ["..",".."]
+
+## DNS (Default to OpenDNS)
+default[:dns][:search] = "smartos.org"
+default[:dns][:nameservers] = ["208.67.220.220", "208.67.222.222"]
+
View
BIN cookbooks/smartos/files/default/nicstat
Binary file not shown.
View
30 cookbooks/smartos/metadata.json
@@ -0,0 +1,30 @@
+{
+ "name": "smartos",
+ "description": "Configuration of SmartOS GZ",
+ "long_description": "= DESCRIPTION:\n\n= REQUIREMENTS:\n\n= ATTRIBUTES:\n\n= USAGE:\n\n",
+ "maintainer": "Ben Rockwood",
+ "maintainer_email": "benr@joyent.com",
+ "license": "All rights reserved",
+ "platforms": {
+ },
+ "dependencies": {
+ "joyent": ">= 0.0.0"
+ },
+ "recommendations": {
+ },
+ "suggestions": {
+ },
+ "conflicting": {
+ },
+ "providing": {
+ },
+ "replacing": {
+ },
+ "attributes": {
+ },
+ "groupings": {
+ },
+ "recipes": {
+ },
+ "version": "0.0.1"
+}
View
7 cookbooks/smartos/metadata.rb
@@ -0,0 +1,7 @@
+maintainer "Ben Rockwood"
+maintainer_email "benr@joyent.com"
+license "All rights reserved"
+description "Installs/Configures Compute Node"
+long_description IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version "0.0.1"
+depends "joyent"
View
77 cookbooks/smartos/recipes/default.rb
@@ -0,0 +1,77 @@
+#
+# Cookbook Name:: SmartOS
+# Recipe:: default
+#
+# Copyright 2012, Joyent, Inc.
+#
+# All rights reserved - Do Not Redistribute
+#
+
+## Explicitly allow restart of name service cache after
+## updating resolv.conf
+##
+service "name-service-cache" do
+ supports :enable => true, :start => true, :stop => true, :restart => true
+ action [ :enable, :start ]
+end
+
+
+## Enable DNS
+##
+template "/etc/nsswitch.conf" do
+ source "nsswitch.conf.erb"
+ owner "root"
+ group "sys"
+ mode '0644'
+ not_if "cat /etc/nsswitch.conf | grep ^hosts: | grep \" dns\""
+ notifies :restart, resources(:service => "name-service-cache"), :immediate
+end
+
+## DNS Resolver
+##
+template "/etc/resolv.conf" do
+ source "resolv.conf.erb"
+ owner "root"
+ group "sys"
+ mode "0644"
+ notifies :restart, resources(:service => "name-service-cache"), :immediate
+end
+
+## Create loginlog and sulog
+##
+file "/var/adm/loginlog" do
+ owner "root"
+ group "root"
+ mode "0644"
+end
+
+file "/var/adm/sulog" do
+ owner "root"
+ group "root"
+ mode "0644"
+end
+
+## Enable atime on /var, so that WTMPX and logs work properly
+##
+execute "Enable atime for /var" do
+ command "/usr/sbin/zfs set atime=on zones/var"
+ only_if "/usr/sbin/zfs get -Hp atime zones/var | grep off"
+end
+
+## Setup SSH for the Root User
+##
+if node.attribute?("ssh")
+ include_recipe "smartos::ssh"
+end
+
+## Install 'nicstat'
+##
+include_recipe "smartos::nicstat"
+
+## Configure NTP
+##
+include_recipe "smartos::ntp"
+
+## Write the motd
+##
+include_recipe "smartos::motd"
View
10 cookbooks/smartos/recipes/motd.rb
@@ -0,0 +1,10 @@
+##
+## Joyent Customer MOTD
+##
+
+template "/etc/motd" do
+ source "motd.erb"
+ owner "root"
+ group "sys"
+ mode "0644"
+end
View
13 cookbooks/smartos/recipes/nicstat.rb
@@ -0,0 +1,13 @@
+##
+## Install Tim Cook's nicstat per Brendan's Request
+## SRC: http://sourceforge.net/projects/nicstat/files/latest/download
+##
+
+
+
+cookbook_file "/opt/custom/bin/nicstat" do
+ source "nicstat"
+ owner "root"
+ group "root"
+ mode "0755"
+end
View
9 cookbooks/smartos/recipes/ntp.rb
@@ -0,0 +1,9 @@
+template "/etc/inet/ntp.conf" do
+ source "ntp.conf.erb"
+end
+
+service "ntp" do
+ action :restart
+ provider Chef::Provider::Service::Solaris
+end
+
View
48 cookbooks/smartos/recipes/ssh.rb
@@ -0,0 +1,48 @@
+##
+## Manage the Root SSH User Configuration
+##
+
+
+## Create ~/.ssh
+##
+directory "/root/.ssh" do
+ owner "root"
+ group "root"
+ mode '0700'
+end
+
+## Remove authorized_keys, if it exists.
+##
+#file "/root/.ssh/authorized_keys" do
+# action :delete
+#end
+
+## Insert the Public/Private Keys
+##
+if node.ssh.attribute?("pubkey")
+ remote_file "/root/.ssh/id_dsa.pub" do
+ source "#{node[:ssh][:pubkey]}"
+ owner "root"
+ group "root"
+ mode '0644'
+ action :create_if_missing
+ end
+end
+
+if node.ssh.attribute?("privkey")
+ remote_file "/root/.ssh/id_dsa" do
+ source "#{node[:ssh][:privkey]}"
+ owner "root"
+ group "root"
+ mode '0600'
+ action :create_if_missing
+ end
+end
+
+## Authorized Keys
+##
+if node.ssh.attribute?("authorized_keys")
+ template "/root/.ssh/authorized_keys" do
+ source "authorized_keys.erb"
+ end
+end
View
4 cookbooks/smartos/templates/default/authorized_keys.erb
@@ -0,0 +1,4 @@
+<% node[:ssh][:authorized_keys].each do |key| -%>
+<%= key %>
+<% end -%>
+
View
6 cookbooks/smartos/templates/default/motd.erb
@@ -0,0 +1,6 @@
+ _
+ ___ _ __ ___ __ _ _ __| |_ ___ ___
+/ __| '_ ` _ \ / _` | '__| __/ _ \/ __| <%= node[:hostname] %>
+\__ \ | | | | | (_| | | | || (_) \__ \ <%= node[:platform_build] %>
+|___/_| |_| |_|\__,_|_| \__\___/|___/ <%= node[:dmi][:system][:product] %> (%= node[:dmi][:system][:serial_number] %>)
+
View
27 cookbooks/smartos/templates/default/nsswitch.conf.erb
@@ -0,0 +1,27 @@
+#
+# /etc/nsswitch.conf:
+#
+
+passwd: files
+group: files
+hosts: files mdns dns
+ipnodes: files mdns
+networks: files
+protocols: files
+rpc: files
+ethers: files
+netmasks: files
+bootparams: files
+publickey: files
+netgroup: files
+automount: files
+aliases: files
+services: files
+printers: user files
+
+auth_attr: files
+prof_attr: files
+project: files
+
+tnrhtp: files
+tnrhdb: files
View
6 cookbooks/smartos/templates/default/ntp.conf.erb
@@ -0,0 +1,6 @@
+driftfile /var/ntp/ntp.drift
+logfile /var/log/ntp.log
+
+<% node[:ntp][:servers].each do |srv| -%>
+server <%= srv %>
+<% end -%>
View
4 cookbooks/smartos/templates/default/resolv.conf.erb
@@ -0,0 +1,4 @@
+search <%= node[:dns][:search] %>
+<% node[:dns][:nameservers].each do |nameserver| -%>
+nameserver <%= nameserver %>
+<% end -%>
View
10 cookbooks/zabbix/README.rdoc
@@ -0,0 +1,10 @@
+= DESCRIPTION:
+
+Zabbix agent installation.
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
View
18 cookbooks/zabbix/attributes/default.rb
@@ -0,0 +1,18 @@
+#
+# Zabbix Attribute Defaults
+#
+
+## Headnodes typically have the hostname "headnode",
+## use this attribute to override it with something more descriptive
+## Please do not change it here, change it in your node attribute file.
+#default[:zabbix][:hostname] = "override-hostname"
+
+## The Zabbix Server/Proxy for agents to talk to,
+## Please override it in your node attribute file, this value is just
+## a fallback value in case you forget.
+default[:zabbix][:server] = "192.168.100.10"
+
+## Default external NIC which is monitored by Zabbix
+default[:zabbix][:external_nic] = "ixgbe0"
+
+
View
BIN cookbooks/zabbix/files/default/zabbix/bin/zabbix_get
Binary file not shown.
View
BIN cookbooks/zabbix/files/default/zabbix/bin/zabbix_sender
Binary file not shown.
View
BIN cookbooks/zabbix/files/default/zabbix/sbin/zabbix_agent
Binary file not shown.
View
BIN cookbooks/zabbix/files/default/zabbix/sbin/zabbix_agentd
Binary file not shown.
View
39 cookbooks/zabbix/files/default/zabbix/share/man/man1/zabbix_get.1
@@ -0,0 +1,39 @@
+.TH ZABBIX_GET 8 "4 August 2009"
+.SH NAME
+zabbix_get \- Zabbix Get utility.
+.SH SYNOPSIS
+.B zabbix_get [-hV] [-s
+.I host name or IP
+.B ] [-p
+.I port number
+.B ] [-I
+.I IP address
+.B ] [-k
+.I key
+.B ]
+.SH DESCRIPTION
+.B zabbix_get
+is a command line utility for getting data from a remote Zabbix Agent.
+
+.B Example:
+.I zabbix_get -s127.0.0.1 -p10050 -k"system.cpu.load[all,avg1]"
+.SS Options
+.IP "-s, --host host name or IP"
+Specify host name or IP address of a host.
+.IP "-p, --port port number"
+Specify port number of agent running on the host. Default is 10050.
+.IP "-I, --source-address IP address"
+Specify source IP address.
+.IP "-k, --key key of metric"
+Specify metric name (key) we want to retrieve.
+.IP "-h, --help"
+Display this help and exit.
+.IP "-V, --version"
+Output version information and exit.
+.SH "SEE ALSO"
+.BR zabbix_agentd (8),
+.BR zabbix_proxy (8),
+.BR zabbix_sender (8),
+.BR zabbix_server (8)
+.SH AUTHOR
+Alexei Vladishev <alex@zabbix.com>
View
55 cookbooks/zabbix/files/default/zabbix/share/man/man1/zabbix_sender.1
@@ -0,0 +1,55 @@
+.TH ZABBIX_SENDER 8 "22 March 2010"
+.if n .ad l
+.SH NAME
+zabbix_sender \- Zabbix Sender utility.
+.SH SYNOPSIS
+.B zabbix_sender [-hpzvIV] {-kso | [-T] -i
+.I <file>\fB} [-c\fR
+.I <file>\fB]\fR
+.SH DESCRIPTION
+.B zabbix_sender
+is a command line utility for sending data to a remote Zabbix Server.
+
+.SS Options
+.IP "-c, --config \fI<file>\fR"
+Specify agent configuration file for reading server details.
+.IP "-z, --zabbix-server \fI<server>\fR"
+Hostname or IP address of Zabbix Server.
+.IP "-p, --port \fI<port>\fR"
+Specify port number of server trapper running on the server. Default is 10051.
+.IP "-s, --host \fI<host>\fR"
+Specify host name as registered in Zabbix front-end. Host IP address and DNS name will not work.
+.IP "-I, --source-address \fI<IP>\fR"
+Specify source IP address.
+.IP "-k, --key \fI<key>\fR"
+Specify metric name (key) we want to send.
+.IP "-o, --value \fI<value>\fR"
+Specify value of the key.
+.IP "-i, --input-file \fI<inputfile>\fR"
+Load values from input file. Specify \fB-\fR for standard input. Each line of file contains space delimited: \fB<hostname> <key> <value>\fR.
+.IP "-T --with-timestamps"
+Each line of file contains space delimited: \fB<hostname> <key> <timestamp> <value>\fR. This can be used with \fB--input-file\fR option.
+.IP "-r --real-time"
+Send metrics one by one as soon as they are received. This can be used when reading from standard input.
+.IP "-v, --verbose"
+Verbose mode, -vv for more details.
+.IP "-h, --help"
+Display this help and exit.
+.IP "-V, --version"
+Output version information and exit.
+.SH "EXAMPLES"
+.B zabbix_sender -c /etc/zabbix/zabbix_agentd.conf -s """Monitored Host""" -k """mysql.queries""" -o """342.45"""
+
+Send \fB342.45\fR as the value for \fBmysql.queries\fR key in \fBMonitored Host\fR host using Zabbix server defined in agent daemon configuration file.
+
+.B zabbix_sender -z 192.168.1.113 -i data_values.txt
+
+Send values from file \fBdata_values.txt\fR to server with IP \fB192.168.1.113\fR. Host names and keys are defined in the file.
+
+.SH "SEE ALSO"
+.BR zabbix_agentd (8),
+.BR zabbix_get (8),
+.BR zabbix_proxy (8),
+.BR zabbix_server (8)
+.SH AUTHOR
+Alexei Vladishev <alex@zabbix.com>
View
45 cookbooks/zabbix/files/default/zabbix/share/man/man8/zabbix_agentd.8
@@ -0,0 +1,45 @@
+.TH ZABBIX_AGENTD 8 "4 August 2009"
+.SH NAME
+zabbix_agentd \- Zabbix agent daemon.
+.SH SYNOPSIS
+.B zabbix_agentd [-hpV] [-c
+.I config-file
+.B ] [-t metric]
+.SH DESCRIPTION
+.B zabbix_agentd
+is a daemon for monitoring of various server parameters.
+.SS Options
+.IP "-c, --config config-file"
+Use the alternate system wide
+.I config-file
+instead of
+.I /etc/zabbix/zabbix_agentd.conf\fR.
+Use absolute path.
+.
+.IP "-p, --print"
+Print supported metrics and exit.
+.IP "-t, --test metric"
+Test single metric and exit.
+.IP "-h, --help"
+Display this help and exit.
+.IP "-V, --version"
+Output version information and exit.
+.SH FILES
+.TP
+.I /etc/zabbix/zabbix_agentd.conf
+Default location of Zabbix Agent configuration file.
+.SH "SEE ALSO"
+.BR zabbix_get (8),
+.BR zabbix_proxy (8),
+.BR zabbix_sender (8),
+.BR zabbix_server (8)
+.SH BUGS
+Note that
+.B -t
+and
+.B -p
+switches do not work with user parameters. Use
+.B zabbix_get
+instead.
+.SH AUTHOR
+Alexei Vladishev <alex@zabbix.com>
View
32 cookbooks/zabbix/files/default/zabbix/share/man/man8/zabbix_proxy.8
@@ -0,0 +1,32 @@
+.TH ZABBIX_PROXY 8 "4 August 2009"
+.SH NAME
+zabbix_proxy \- Zabbix Proxy daemon.
+.SH SYNOPSIS
+.B zabbix_proxy [-hV] [-c
+.I config-file
+.B ]
+.SH DESCRIPTION
+.B zabbix_proxy
+is a Proxy daemon used for remote data collection.
+.SS Options
+.IP "-c, --config config-file"
+Use the alternate
+.I config-file
+instead of
+.I /etc/zabbix/zabbix_proxy.conf
+.
+.IP "-h, --help"
+Display this help and exit.
+.IP "-V, --version"
+Output version information and exit.
+.SH FILES
+.TP
+.I /etc/zabbix/zabbix_proxy.conf
+Default location of Zabbix Proxy configuration file.
+.SH "SEE ALSO"
+.BR zabbix_agentd (8),
+.BR zabbix_get (8),
+.BR zabbix_sender (8),
+.BR zabbix_server (8)
+.SH AUTHOR
+Alexei Vladishev <alex@zabbix.com>
View
34 cookbooks/zabbix/files/default/zabbix/share/man/man8/zabbix_server.8
@@ -0,0 +1,34 @@
+.TH ZABBIX_SERVER 8 "4 August 2009"
+.SH NAME
+zabbix_server \- Zabbix server daemon.
+.SH SYNOPSIS
+.B zabbix_server [-hV] [-c
+.I config-file
+.B ] [-n <nodeid>]
+.SH DESCRIPTION
+.B zabbix_server
+is a core daemon of Zabbix software.
+.SS Options
+.IP "-c, --config config-file"
+Use the alternate system wide
+.I config-file
+instead of
+.I /etc/zabbix/zabbix_server.conf
+.
+.IP "-n, --new-nodeid nodeid"
+Convert database data to new nodeid.
+.IP "-h, --help"
+Display this help and exit.
+.IP "-V, --version"
+Output version information and exit.
+.SH FILES
+.TP
+.I /etc/zabbix/zabbix_server.conf
+Default location of Zabbix Server configuration file.
+.SH "SEE ALSO"
+.BR zabbix_agentd (8),
+.BR zabbix_get (8),
+.BR zabbix_proxy (8),
+.BR zabbix_sender (8)
+.SH AUTHOR
+Alexei Vladishev <alex@zabbix.com>
View
49 cookbooks/zabbix/files/default/zabbix/share/svc/zabbix_agent.xml
@@ -0,0 +1,49 @@
+<?xml version='1.0'?>
+<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
+<!-- zabbix/agent:default Manifest; Ben Rockwood (benr@joyent.com) 11/26/07 -->
+<service_bundle type='manifest' name='agent'>
+ <service name='application/zabbix/agent' type='service' version='1'>
+ <create_default_instance enabled="true"/>
+ <single_instance/>
+
+ <dependency name='fs' grouping='require_all' restart_on='none' type='service'>
+ <service_fmri value='svc:/system/filesystem/local'/>
+ </dependency>
+ <dependency name='net' grouping='require_all' restart_on='none' type='service'>
+ <service_fmri value='svc:/network/physical:default'/>
+ </dependency>
+ <dependency name='config' grouping='require_all' restart_on='none' type='path'>
+ <service_fmri value='file://localhost/opt/zabbix/etc/zabbix_agentd.conf'/>
+ </dependency>
+
+ <exec_method name='start' type='method' exec='/opt/zabbix/sbin/zabbix_agentd --config /opt/zabbix/etc/zabbix_agentd.conf' timeout_seconds='60'>
+ <method_context working_directory="/opt/zabbix">
+ <method_credential user="zabbix" group="bin"/>
+ <method_environment>
+ <envvar name="PATH" value="/usr/bin:/sbin:/usr/sbin:/opt/local/bin:/opt/zabbix/sbin:/usr/sfw/bin" />
+ </method_environment>
+ </method_context>
+ </exec_method>
+
+ <exec_method name='stop' type='method' exec=':kill' timeout_seconds='60'>
+ <method_context working_directory="/opt/zabbix">
+ <method_credential user="zabbix" group="bin"/>
+ <method_environment>
+ <envvar name="PATH" value="/usr/bin:/sbin:/usr/sbin:/opt/local/bin:/opt/zabbix/sbin:/usr/sfw/bin" />
+ </method_environment>
+ </method_context>
+ </exec_method>
+
+ <stability value='Unstable' />
+
+ <template>
+ <common_name>
+ <loctext xml:lang='C'>ZABBIX Agent Daemon</loctext>
+ </common_name>
+ <documentation>
+ <doc_link name='zabbix.com' uri='https://intra.joyent.com/index.php?title=Zabbix' />
+ </documentation>
+ </template>
+
+ </service>
+</service_bundle>
View
6 cookbooks/zabbix/metadata.rb
@@ -0,0 +1,6 @@
+maintainer "Joyent"
+maintainer_email "benr@joyent.com"
+license "All rights reserved"
+description "Installs/Configures zabbix"
+long_description IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version "0.0.1"
View
93 cookbooks/zabbix/recipes/agent.rb
@@ -0,0 +1,93 @@
+##
+## Zabbix Client Installation
+##
+
+
+## Find the admin interface, whether it be bnx0 or bnx1. [ This is pretty primative, should evolve over time. ]
+if defined?(node[:network][:interfaces][:bnx0][:addresses]) then
+ local_addr = node[:network][:interfaces][:bnx0][:addresses].find {|addr, addr_info| addr_info[:family] == "inet"}.first
+elsif defined?(node[:network][:interfaces][:bnx1][:addresses])
+ local_addr = node[:network][:interfaces][:bnx1][:addresses].find {|addr, addr_info| addr_info[:family] == "inet"}.first
+end
+
+
+
+user "zabbix" do
+ uid 42
+ gid "bin"
+ home "/"
+ shell "/bin/sh"
+end
+
+
+remote_directory "/opt/zabbix" do
+ source "zabbix"
+ files_owner "root"
+ files_group "root"
+ files_mode '0755'
+ owner "root"
+ group "root"
+ mode '0755'
+end
+
+directory "/opt/zabbix/etc" do
+ owner "root"
+ group "root"
+ mode "0755"
+ action :create
+end
+
+### The following is commented out, we may use it in the future, but not yet.
+### Location for UserParameter Add-ons:
+#remote_directory "/opt/zabbix/etc/zabbix_agentd" do
+# source "zabbix_agentd"
+# files_owner "root"
+# files_group "root"
+# files_mode '0755'
+# owner "root"
+# group "root"
+# mode '0755'
+#end
+
+template "/opt/zabbix/etc/zabbix_agentd.conf" do
+ source "zabbix_agentd.conf.erb"
+ variables(
+ :server_ip => node[:zabbix][:server],
+ :listen_ip => local_addr,
+ :external_nic => node[:zabbix][:external_nic]
+ )
+ owner "root"
+ group "root"
+ mode '0644'
+ notifies :restart, "service[zabbix/agent]"
+end
+
+## Create Zabbix Readable Version of Sysinfo in /tmp
+execute "Copy sysinfo for Zabbix" do
+ command "cp /tmp/.sysinfo.parsable /tmp/.sysinfo.zabbix && chown zabbix /tmp/.sysinfo.zabbix "
+ creates "/tmp/.sysinfo.zabbix"
+ only_if "ls -l /tmp/.sysinfo.parsable"
+end
+
+## Prep the log file:
+file "/var/log/zabbix_agentd.log" do
+ owner "zabbix"
+ group "bin"
+ mode '0644'
+end
+
+execute "Zabbix Log Rotation" do
+ command 'echo "/var/log/zabbix_agentd.log -c -C 3 -s 10m" >> /etc/logadm.conf'
+ not_if "grep zabbix_agentd /etc/logadm.conf"
+end
+
+## Import and Start the SMF Manifest
+execute "Import SMF Manifest" do
+ command "svccfg import /opt/zabbix/share/svc/zabbix_agent.xml"
+ not_if "svcs -H zabbix/agent"
+end
+
+service "zabbix/agent" do
+ action [ :start, :enable ]
+ provider Chef::Provider::Service::Solaris
+end
View
8 cookbooks/zabbix/recipes/default.rb
@@ -0,0 +1,8 @@
+#
+# Cookbook Name:: zabbix
+# Recipe:: default
+#
+# Copyright 2011, Joyent, Inc.
+#
+# All rights reserved - Do Not Redistribute
+#
View
255 cookbooks/zabbix/templates/default/zabbix_agentd.conf.erb
@@ -0,0 +1,255 @@
+Server=<%= @server_ip %>
+
+
+############ GENERAL PARAMETERS #################
+
+### Option: PidFile
+# Name of PID file.
+#
+# Mandatory: no
+# Default:
+PidFile=/var/tmp/zabbix_agentd.pid
+
+### Option: LogFile
+# Name of log file.
+# If not set, syslog is used.
+#
+# Mandatory: no
+# Default:
+# LogFile=
+
+LogFile=/var/log/zabbix_agentd.log
+
+### Option: LogFileSize
+# Maximum size of log file in MB.
+# 0 - disable automatic log rotation.
+#
+# Mandatory: no
+# Range: 0-1024
+# Default:
+LogFileSize=30
+
+### Option: DebugLevel
+# Specifies debug level
+# 0 - no debug
+# 1 - critical information
+# 2 - error information
+# 3 - warnings
+# 4 - for debugging (produces lots of information)
+#
+# Mandatory: no
+# Range: 0-4
+# Default:
+# DebugLevel=3
+
+### Option: SourceIP
+# Source IP address for outgoing connections.
+#
+# Mandatory: no
+# Default:
+# SourceIP=
+
+### Option: EnableRemoteCommands
+# Whether remote commands from Zabbix server are allowed.
+# 0 - not allowed
+# 1 - allowed
+#
+# Mandatory: no
+# Default:
+# EnableRemoteCommands=0
+
+### Option: LogRemoteCommands
+# Enable logging of executed shell commands as warnings
+# 0 - disabled
+# 1 - enabled
+#
+# Mandatory: no
+# Default:
+# LogRemoteCommands=0
+
+##### Passive checks related
+
+### Option: Server
+# List of comma delimited IP addresses (or hostnames) of Zabbix servers.
+# No spaces allowed. First entry is used for receiving list of and sending active checks.
+# Note that hostnames must resolve hostname->IP address and IP address->hostname.
+# If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally.
+#
+# Mandatory: yes
+# Default:
+# Server=
+
+
+### Option: Hostname
+# Unique, case sensitive hostname.
+# Required for active checks and must match hostname as configured on the server.
+#
+# Default:
+# Hostname=system.uname
+<% if @node[:zabbix][:hostname] then -%>
+Hostname=<%= @node[:zabbix][:hostname] %>
+<% end -%>
+
+### Option: ListenPort
+# Agent will listen on this port for connections from the server.
+#
+# Mandatory: no
+# Range: 1024-32767
+# Default:
+# ListenPort=10050
+
+### Option: ListenIP
+# Agent will listen on the specified interface.
+#
+# Mandatory: no
+# Default:
+ListenIP=<%= @listen_ip %>
+
+
+### Option: DisablePassive
+# Disable passive checks. The agent will not listen on any TCP port.
+# Only active checks will be processed.
+# 0 - do not disable
+# 1 - disable
+#
+# Mandatory: no
+# Default:
+# DisablePassive=0
+
+##### Active checks related
+
+### Option: DisableActive
+# Disable active checks. The agent will work in passive mode listening for server.
+#
+# Mandatory: no
+# Default:
+DisableActive=0
+
+#DisableActive=1
+
+### Option: ServerPort
+# Server port for retrieving list of and sending active checks.
+#
+# Mandatory: no
+# Default:
+# ServerPort=10051
+
+### Option: RefreshActiveChecks
+# How often list of active checks is refreshed, in seconds.
+#
+# Mandatory: no
+# Range: 60-3600
+# Default:
+RefreshActiveChecks=120
+
+### Option: BufferSend
+# Do not keep data longer than N seconds in buffer.
+#
+# Mandatory: no
+# Range: 1-3600
+# Default:
+# BufferSend=5
+
+### Option: BufferSize
+# Maximum number of values in a memory buffer. The agent will send
+# all collected data to Zabbix Server or Proxy if the buffer is full.
+#
+# Mandatory: no
+# Range: 1-65535
+# Default:
+# BufferSize=100
+
+### Option: MaxLinesPerSecond
+# Maximum number of new lines the agent will send per second to Zabbix Server
+# or Proxy processing 'log' and 'logrt' active checks.
+# The provided value will be overridden by the parameter 'maxlines',
+# provided in 'log' or 'logrt' item keys.
+#
+# Mandatory: no
+# Range: 1-1000
+# Default:
+# MaxLinesPerSecond=100
+
+
+############ ADVANCED PARAMETERS #################
+
+### Option: StartAgents
+# Number of pre-forked instances of zabbix_agentd that process passive checks.
+#
+# Mandatory: no
+# Range: 1-16
+# Default:
+# StartAgents=3
+
+### Option: Timeout
+# Spend no more than Timeout seconds on processing
+#
+# Mandatory: no
+# Range: 1-30
+# Default:
+# Timeout=3
+
+### Option: Include
+# You may include individual files or all files in a directory in the configuration file.
+#
+# Mandatory: no
+# Default:
+# Include=
+
+# Include=/opt/zabbix/etc/zabbix_agent.userparams.conf
+# Include=/opt/zabbix/etc/zabbix_agentd/
+
+
+####### USER-DEFINED MONITORED PARAMETERS #######
+
+### Option: UnsafeUserParameters
+# Allow all characters to be passed in arguments to user-defined parameters.
+# 0 - do not allow
+# 1 - allow
+#
+# Mandatory: no
+# Range: 0-1
+# Default:
+# UnsafeUserParameters=0
+
+### Option: UserParameter
+# User-defined parameter to monitor. There can be several user-defined parameters.
+# Format: UserParameter=<key>,<shell command>
+# Note that shell command must not return empty string or EOL only.
+# Example: UserParameter=system.test,who|wc -l
+
+# Dell PERC Checks, Requires "mega_status"
+UserParameter=megaraid.online,grep online /tmp/.mega_status|cut -f2 -d" "
+UserParameter=megaraid.failed,grep failed /tmp/.mega_status|cut -f2 -d" "
+UserParameter=megaraid.rebuilding,grep rebuilding /tmp/.mega_status|cut -f2 -d" "
+UserParameter=megaraid.unknown,grep unknown /tmp/.mega_status|cut -f2 -d" "
+UserParameter=megaraid.prefail,grep predictive /tmp/.mega_status|cut -f2 -d" "
+
+# Flexible User Parameters, for grabbing arbitrary values and state on datasets, services, and zones
+UserParameter=zfs.dataset[*],/usr/sbin/zfs get -Hp -o value -p $2 $1
+UserParameter=smf.status[*],/usr/bin/svcs -Ho state $1
+UserParameter=zones.state[*],/usr/sbin/zoneadm -z $1 list -p | cut -f3 -d":"
+
+# Zone Data Parameters
+UserParameter=zones.count.total,/usr/sbin/zoneadm list -c | grep -v global | wc -l
+UserParameter=zones.count.running,/usr/sbin/zoneadm list | grep -v global | wc -l
+UserParameter=zones.running,/usr/sbin/zoneadm list -c | grep -v global
+UserParameter=zones.configured,/usr/sbin/zoneadm list -c | grep -v global
+
+# ZFS
+UserParameter=zfs.arc.size,/usr/bin/kstat -p zfs:0:arcstats:size | cut -f2
+
+# IPMI System
+UserParameter=platform.power.usage,/usr/sbin/ipmitool -I bmc sensor list | grep -i watt | awk '{print $4}'
+UserParameter=platform.temp.amb,/usr/sbin/ipmitool -I bmc sensor list | grep Ambient | head -1 | awk '{print $4}'
+UserParameter=platform.sel,/usr/sbin/ipmitool -I bmc sel list
+
+# Network
+UserParameter=nic.external.link,/usr/sbin/dladm show-link -po state <%= @external_nic %>
+
+# MegaCLI check for CacheFlushInterval reporting
+UserParameter=megaraid.cacheflush,/opt/custom/bin/MegaCli -AdpGetProp CacheFlushInterval -aALL|sed -n 's/.*Interval = \([^s]\).*/\1/p'
+
+# ZFS IO throttle health
+UserParameter=zfs.throttle.d_s,/usr/bin/vfsstat -Z -r|grep -v zone|cut -d, -f11|nawk '{ sum += $1 } END { print sum }'
+UserParameter=zfs.throttle.del_t,/usr/bin/vfsstat -Z -r|grep -v zone|cut -d, -f12|nawk '{ sum += $1 } END { print sum }'
View
21 nodes/smartos.json
@@ -0,0 +1,21 @@
+{
+ "recipes": [ "smartos", "zabbix::agent", "ldap", "ldap::zfs" ],
+
+ "zabbix": {
+ "server": "192.168.100.10"
+ },
+ "ldap": {
+ "priserver": {
+ "name": "ldap01.me.com",
+ "ip": "192.168.100.11"
+ },
+ "secserver": {
+ "name": "ldap02.me.com",
+ "ip": "192.168.100.12"
+ }
+ },
+ "ssh": {
+ "authorized_keys": [
+ "ssh-dss .................... me@macbook" ]
+ }
+}
View
46 smf/chef-solo-omnibus.xml
@@ -0,0 +1,46 @@
+<?xml version='1.0'?>
+<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
+<service_bundle type='manifest' name='export'>
+ <service name='application/management/chef-solo' type='service' version='0'>
+
+ <create_default_instance enabled='true'/>
+ <single_instance/>
+
+ <dependency name='milestone' grouping='require_all' restart_on='none' type='service'>
+ <service_fmri value='svc:/milestone/sysconfig'/>
+ </dependency>
+ <dependency name='fs-local' grouping='require_all' restart_on='none' type='service'>
+ <service_fmri value='svc:/system/filesystem/local'/>
+ </dependency>
+ <dependency name='name-services' grouping='optional_all' restart_on='none' type='service'>
+ <service_fmri value='svc:/milestone/name-services'/>
+ </dependency>
+ <dependency name='network' grouping='require_all' restart_on='restart' type='service'>
+ <service_fmri value='svc:/milestone/network'/>
+ </dependency>
+ <dependency name='config-file' grouping='require_all' restart_on='refresh' type='path'>
+ <service_fmri value='file://localhost/var/chef/solo.rb'/>
+ </dependency>
+
+ <exec_method name='start' type='method' exec='/opt/opscode/bin/chef-solo --config /var/chef/solo.rb' timeout_seconds='60'>
+ <method_context working_directory="/var/chef">
+ <method_credential user="root" group="root" />
+ <method_environment>
+ <envvar name="PATH" value="/opt/chef/bin:/usr/bin:/usr/sbin:/smartdc/bin:/opt/local/bin:/opt/local/sbin" />
+ </method_environment>
+ </method_context>
+ </exec_method>
+
+ <exec_method name='stop' type='method' exec=':true' timeout_seconds='60'/>
+
+ <property_group name='startd' type='framework'>
+ <propval name='duration' type='astring' value='transient' />
+ </property_group>
+
+ <template>
+ <common_name>
+ <loctext xml:lang='C'>chef-solo Chef client</loctext>
+ </common_name>
+ </template>
+ </service>
+</service_bundle>
View
46 smf/chef-solo.xml
@@ -0,0 +1,46 @@
+<?xml version='1.0'?>
+<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
+<service_bundle type='manifest' name='export'>
+ <service name='application/management/chef-solo' type='service' version='0'>
+
+ <create_default_instance enabled='true'/>
+ <single_instance/>
+
+ <dependency name='milestone' grouping='require_all' restart_on='none' type='service'>
+ <service_fmri value='svc:/milestone/sysconfig'/>
+ </dependency>
+ <dependency name='fs-local' grouping='require_all' restart_on='none' type='service'>
+ <service_fmri value='svc:/system/filesystem/local'/>
+ </dependency>
+ <dependency name='name-services' grouping='optional_all' restart_on='none' type='service'>
+ <service_fmri value='svc:/milestone/name-services'/>
+ </dependency>
+ <dependency name='network' grouping='require_all' restart_on='restart' type='service'>
+ <service_fmri value='svc:/milestone/network'/>
+ </dependency>
+ <dependency name='config-file' grouping='require_all' restart_on='refresh' type='path'>
+ <service_fmri value='file://localhost/var/chef/solo.rb'/>
+ </dependency>
+
+ <exec_method name='start' type='method' exec='/opt/chef/bin/chef-solo --config /var/chef/solo.rb' timeout_seconds='60'>
+ <method_context working_directory="/var/chef">
+ <method_credential user="root" group="root" />
+ <method_environment>
+ <envvar name="PATH" value="/opt/chef/bin:/usr/bin:/usr/sbin:/smartdc/bin:/opt/local/bin:/opt/local/sbin" />
+ </method_environment>
+ </method_context>
+ </exec_method>
+
+ <exec_method name='stop' type='method' exec=':true' timeout_seconds='60'/>
+
+ <property_group name='startd' type='framework'>
+ <propval name='duration' type='astring' value='transient' />
+ </property_group>
+
+ <template>
+ <common_name>
+ <loctext xml:lang='C'>chef-solo Chef client</loctext>
+ </common_name>
+ </template>
+ </service>
+</service_bundle>

0 comments on commit 088be7e

Please sign in to comment.
Something went wrong with that request. Please try again.