Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

icinga cookbook added

  • Loading branch information...
commit 6e97943f90f75fefb589649db4347fb68a2b08cd 0 parents
@mdxp authored
8 README.rdoc
@@ -0,0 +1,8 @@
+= DESCRIPTION:
+
+= REQUIREMENTS:
+
+= ATTRIBUTES:
+
+= USAGE:
+
40 attributes/default.rb
@@ -0,0 +1,40 @@
+default['icinga']['version'] = "1.4.2"
+default['icinga']['checksum'] = "506022493295bda95aa2514bfdc3196063ed936655bc60068f61543504b42aa6"
+default['icinga']['prefix'] = "/usr/local/icinga"
+
+default['icinga']['sysadmin_email'] = "root@localhost"
+default['icinga']['sysadmin_sms_email'] = "root@localhost"
+
+default['icinga']['user'] = "nagios"
+default['icinga']['group'] = "nagios"
+
+default['icinga']['server_role'] = "monitoring"
+default['icinga']['notifications_enabled'] = 0
+default['icinga']['check_external_commands'] = true
+default['icinga']['default_contact_groups'] = %w(admins)
+default['icinga']['sysadmin'] = "sysadmin"
+
+set['icinga']['conf_dir'] = node['icinga']['prefix'] + "/etc"
+set['icinga']['config_dir'] = node['icinga']['conf_dir'] + "/conf.d"
+set['icinga']['log_dir'] = node['icinga']['prefix'] + "/var"
+set['icinga']['cache_dir'] = node['icinga']['log_dir']
+set['icinga']['state_dir'] = node['icinga']['log_dir']
+set['icinga']['run_dir'] = node['icinga']['log_dir']
+set['icinga']['docroot'] = node['icinga']['prefix'] + "/share/"
+
+# This setting is effectively sets the minimum interval (in seconds) icinga can handle.
+# Other interval settings provided in seconds will calculate their actual from this value, since icinga works in 'time units' rather than allowing definitions everywhere in seconds
+
+default['icinga']['templates'] = Mash.new
+default['icinga']['interval_length'] = 1
+
+# Provide all interval values in seconds
+default['icinga']['default_host']['check_interval'] = 15
+default['icinga']['default_host']['retry_interval'] = 15
+default['icinga']['default_host']['max_check_attempts'] = 1
+default['icinga']['default_host']['notification_interval'] = 300
+
+default['icinga']['default_service']['check_interval'] = 60
+default['icinga']['default_service']['retry_interval'] = 15
+default['icinga']['default_service']['max_check_attempts'] = 3
+default['icinga']['default_service']['notification_interval'] = 1200
2  attributes/nagios-plugins.rb
@@ -0,0 +1,2 @@
+set['icinga']['plugin_dir'] = "/usr/lib/nagios/plugins"
+
12 definitions/icinga_conf.rb
@@ -0,0 +1,12 @@
+define :icinga_conf, :variables => {}, :config_subdir => true do
+ conf_dir = params[:config_subdir] ? node['icinga']['config_dir'] : node['icinga']['conf_dir']
+ template "#{conf_dir}/#{params[:name]}.cfg" do
+ owner "#{node['icinga']['user']}"
+ group "#{node['icinga']['group']}"
+ source "#{params[:name]}.cfg.erb"
+ mode 0644
+ variables params[:variables]
+ notifies :restart, "service[icinga]"
+ backup 0
+ end
+end
15 libraries/default.rb
@@ -0,0 +1,15 @@
+def icinga_boolean(true_or_false)
+ true_or_false ? "1" : "0"
+end
+
+def icinga_interval(seconds)
+ if seconds.to_i < node['icinga']['interval_length'].to_i
+ raise ArgumentError, "Specified icinga interval of #{seconds} seconds must be equal to or greater than the default interval length of #{node['icinga']['interval_length']}"
+ end
+ interval = seconds / node['icinga']['interval_length']
+ interval
+end
+
+def icinga_attr(name)
+ node['icinga'][name]
+end
15 metadata.rb
@@ -0,0 +1,15 @@
+maintainer "Promet Solutions"
+maintainer_email "marius@promethost.com"
+license "Apache 2.0"
+description "Installs/Configures Icinga"
+long_description IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version "0.1.0"
+
+%w{ apache2 build-essential }.each do |cb|
+ depends cb
+end
+
+%w{ ubuntu debian }.each do |os|
+ supports os
+end
+
78 recipes/core_source.rb
@@ -0,0 +1,78 @@
+#
+# Author:: Marius Ducea (marius@promethost.com)
+# Cookbook Name:: icinga
+# Recipe:: core_source
+#
+# Copyright 2010-2011, Promet Solutions
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# Install required packages
+include_recipe "build-essential"
+
+%w{ libgd2-xpm-dev libjpeg62-dev libpng12-dev libdbi0-dev snmp libsnmp-dev }.each do |pkg|
+ package pkg
+end
+
+version = node['icinga']['version']
+iuser = node['icinga']['user']
+igroup = node['icinga']['group']
+
+# Download icinga core source
+remote_file "#{Chef::Config[:file_cache_path]}/icinga-#{version}.tar.gz" do
+ source "http://downloads.sourceforge.net/project/icinga/icinga/#{version}/icinga-#{version}.tar.gz"
+ checksum node['icinga']['checksum']
+ action :create_if_missing
+end
+
+# icinga user/groups
+user "#{iuser}" do
+ comment "Icinga user"
+ shell "/bin/false"
+end
+group "#{igroup}" do
+ members [ iuser, node['apache']['user'] ]
+end
+
+# Compile & install icinga
+bash "compile-install-icinga" do
+ cwd Chef::Config[:file_cache_path]
+ user "root"
+ code <<-EOH
+ tar -zxf icinga-#{version}.tar.gz && \
+ cd icinga-#{version} && \
+ ./configure --with-icinga-user=#{iuser} --with-icinga-group=#{igroup} --with-nagios-user=#{iuser} --with-nagios-group=#{igroup} \
+ --with-command-user=#{iuser} --with-command-group=#{igroup} --prefix #{node['icinga']['prefix']} --enable-idoutils --enable-ssl && \
+ make all && \
+ make fullinstall
+ EOH
+ creates "#{node['icinga']['prefix']}/bin/icinga"
+end
+
+directory "#{node['icinga']['config_dir']}" do
+ owner node['icinga']['user']
+ group node['icinga']['group']
+ mode "0755"
+end
+
+%w{ icinga cgi resource }.each do |conf|
+ icinga_conf conf do
+ config_subdir false
+ end
+end
+
+%w{ commands templates timeperiods}.each do |conf|
+ icinga_conf conf
+end
+
23 recipes/default.rb
@@ -0,0 +1,23 @@
+#
+# Author:: Marius Ducea (marius@promethost.com)
+# Cookbook Name:: icinga
+# Recipe:: default
+#
+# Copyright 2010-2011, Promet Solutions
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "icinga::plugins_package"
+include_recipe "icinga::server"
+
26 recipes/plugins_package.rb
@@ -0,0 +1,26 @@
+#
+# Author:: Marius Ducea (marius@promethost.com)
+# Cookbook Name:: icinga
+# Recipe:: plugins_package
+#
+# Copyright 2010-2011, Promet Solutions
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+%w{ nagios-plugins nagios-plugins-basic nagios-plugins-standard }.each do |pkg|
+ package pkg
+end
+
+package "nagios-nrpe-plugin"
+
101 recipes/server.rb
@@ -0,0 +1,101 @@
+#
+# Author:: Marius Ducea (marius@promethost.com)
+# Cookbook Name:: icinga
+# Recipe:: server
+#
+# Copyright 2010-2011, Promet Solutions
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "apache2"
+include_recipe "apache2::mod_ssl"
+include_recipe "apache2::mod_rewrite"
+include_recipe "icinga::plugins_package"
+include_recipe "icinga::core_source"
+
+sysadmins = search(:users, "groups:#{node['icinga']['sysadmin']}")
+nodes = search(:node, "hostname:[* TO *] AND chef_environment:#{node.chef_environment}")
+
+if nodes.empty?
+ Chef::Log.info("No nodes returned from search, using this node so hosts.cfg has data")
+ nodes = Array.new
+ nodes << node
+end
+
+members = Array.new
+sysadmins.each do |s|
+ members << s['id']
+end
+
+role_list = Array.new
+service_hosts= Hash.new
+search(:role, "*:*") do |r|
@patcon
patcon added a note

So if I'm understanding this loop correctly:
For each role chef knows about,
Add to role_list
For each role, find all nodes with that role on current chef_env.
Add hostname to service_hosts hash keyed for that role

So if we don't want to confine ourselves to your list of roles outside reference purposes, do you recommend we just add empty roles? If so, why not just use tags without the functional baggage?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+ role_list << r.name
+ search(:node, "role:#{r.name} AND chef_environment:#{node.chef_environment}") do |n|
+ service_hosts[r.name] = n['hostname']
+ end
+end
+
+if node['public_domain']
+ public_domain = node['public_domain']
+else
+ public_domain = node['domain']
+end
+
+template "#{node['icinga']['conf_dir']}/htpasswd.users" do
+ source "htpasswd.users.erb"
+ owner node['icinga']['user']
+ group node['apache']['user']
+ mode 0640
+ variables(
+ :sysadmins => sysadmins
+ )
+end
+
+apache_site "000-default" do
+ enable false
+end
+
+template "#{node['apache']['dir']}/sites-available/icinga.conf" do
+ source "apache2.conf.erb"
+ mode 0644
+ variables :public_domain => public_domain
+ if ::File.symlink?("#{node['apache']['dir']}/sites-enabled/icinga.conf")
+ notifies :reload, "service[apache2]"
+ end
+end
+
+apache_site "icinga.conf"
+
+icinga_conf "services" do
+ variables :service_hosts => service_hosts
+end
+
+icinga_conf "contacts" do
+ variables :admins => sysadmins, :members => members
+end
+
+icinga_conf "hostgroups" do
+ variables :roles => role_list
+end
+
+icinga_conf "hosts" do
+ variables :nodes => nodes
+end
+
+service "icinga" do
+ supports :status => true, :restart => true, :reload => true
+ action [ :enable, :start ]
+end
+
42 templates/default/apache2.conf.erb
@@ -0,0 +1,42 @@
+<VirtualHost *:80>
+ ServerAdmin <%= node['icinga']['sysadmin_email'] %>
+ ServerName <%= node[:fqdn] %>
+ ServerAlias icinga icinga.<%= node.chef_environment =~ /^_default$/ ? "default" : node.chef_environment%>.<%= @public_domain %> icinga.<%= @public_domain %>
+ DocumentRoot <%= node['icinga']['docroot'] %>
+ CustomLog <%= node['icinga']['log_dir'] %>/apache_access.log combined
+ ErrorLog <%= node['icinga']['log_dir'] %>/apache_error.log
+
+ ScriptAlias /icinga/cgi-bin "/usr/local/icinga/sbin"
+ Alias /icinga <%= node['icinga']['docroot'] %>
+
+ <Directory "/usr/local/icinga/sbin">
+ # SSLRequireSSL
+ Options ExecCGI
+ AllowOverride None
+ Order allow,deny
+ Allow from all
+ # Order deny,allow
+ # Deny from all
+ # Allow from 127.0.0.1
+ AuthName "Icinga Access"
+ AuthType Basic
+ AuthUserFile "<%= node['icinga']['conf_dir'] %>/htpasswd.users"
+ Require valid-user
+ </Directory>
+
+ <Directory "<%= node['icinga']['conf_dir'] %>">
+ # SSLRequireSSL
+ Options None
+ AllowOverride All
+ Order allow,deny
+ Allow from all
+ # Order deny,allow
+ # Deny from all
+ # Allow from 127.0.0.1
+ AuthName "Icinga Access"
+ AuthType Basic
+ AuthUserFile "<%= node['icinga']['conf_dir'] %>/htpasswd.users"
+ Require valid-user
+ </Directory>
+</VirtualHost>
+
41 templates/default/cgi.cfg.erb
@@ -0,0 +1,41 @@
+#
+# Generated by Chef
+#
+
+main_config_file=<%= node['icinga']['conf_dir'] %>/icinga.cfg
+physical_html_path=/usr/local/icinga/share
+url_html_path=/icinga
+url_stylesheets_path=/icinga/stylesheets
+http_charset=utf-8
+show_context_help=0
+use_pending_states=1
+use_logging=0
+cgi_log_file=/usr/local/icinga/share/log/icinga-cgi.log
+cgi_log_rotation_method=d
+cgi_log_archive_path=/usr/local/icinga/share/log
+enforce_comments_on_actions=0
+first_day_of_week=0
+use_authentication=1
+use_ssl_authentication=0
+authorized_for_system_information=*
+authorized_for_configuration_information=*
+authorized_for_system_commands=*
+authorized_for_all_services=*
+authorized_for_all_hosts=*
+authorized_for_all_service_commands=*
+authorized_for_all_host_commands=*
+show_all_services_host_is_authorized_for=1
+default_statusmap_layout=5
+default_statuswrl_layout=4
+ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$
+refresh_rate=90
+escape_html_tags=1
+persistent_ack_comments=0
+action_url_target=main
+notes_url_target=main
+lock_author_names=1
+status_show_long_plugin_output=0
+tac_show_only_hard_state=0
+show_tac_header=1
+show_tac_header_pending=1
+tab_friendly_titles=1
335 templates/default/commands.cfg.erb
@@ -0,0 +1,335 @@
+# Command definitions
+#
+# Automatically generated by Chef
+
+# Host checks
+define command {
+ command_name check-host-alive
+ command_line $USER1$/check_ping -H $HOSTADDRESS$ -w 2000,80% -c 3000,100% -p 1
+}
+
+# Service checks
+define command {
+ command_name check_ec2_count
+ command_line $USER1$/count_ec2_instances.sh
+}
+
+define command {
+ command_name check_solr_proc
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_solr_proc -t 20
+}
+
+define command {
+ command_name check_stompserver
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_stompserver -t 20
+}
+
+define command {
+ command_name check_chef_client
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_chef_client -t 20
+}
+
+define command {
+ command_name check_collectd_client
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_collectd_client -t 20
+}
+
+define command {
+ command_name check_rabbitmq
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_rabbitmq -t 20
+}
+
+define command {
+ command_name check_authz
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_authz -t 20
+}
+
+define command {
+ command_name check_audit
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_audit -t 20
+}
+
+define command {
+ command_name check-nagios
+ command_line $USER1$/check_nagios -F <%= node['icinga']['cache_dir'] %>/status.dat -e 4 -C <%= node['icinga']['prefix'] %>/bin/icinga
+}
+
+define command {
+ command_name check_file_age
+ command_line $USER1$/check_by_ssh -H $HOSTADDRESS$ -C "/usr/local/bin/check_file -i -p $ARG1$ -w $ARG2$ -c $ARG3$" -l root
+}
+
+define command {
+ command_name check_file_count
+ command_line $USER1$/check_by_ssh -H $HOSTADDRESS$ -C "/usr/lib/nagios/checks/file_queues.rb -t count -p $ARG1$ -w $ARG2$ -c $ARG3$" -l app
+}
+
+define command {
+ command_name check_log
+ command_line $USER1$/check_by_ssh -H $HOSTADDRESS$ -C "/usr/lib64/nagios/plugins/check_log -F $ARG1$ -O /tmp/nagios.logcheck.processed -q $ARG2$" -l root
+}
+
+define command {
+ command_name check_solr
+ command_line $USER1$/check_solr.rb -c 10 -h $HOSTADDRESS$ -r 10 -p $ARG1$
+
+}
+
+define command {
+ command_name query_solr
+ command_line $USER1$/check_solr.rb -c 10 -h $HOSTADDRESS$ -r 10 -p $ARG1$ -q $ARG2$
+
+}
+
+define command {
+ command_name check_mem
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_mem -t 20
+}
+
+
+define command {
+ command_name check_query_count
+ command_line $USER1$/db_queues.rb -H $HOSTADDRESS$ -u $ARG1$ -p $ARG2$ -d $ARG3$ -q $ARG4$ -w $ARG5$ -c $ARG6$
+}
+
+define command {
+ command_name check_local_disk
+ command_line $USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
+}
+
+define command {
+ command_name check_local_load
+ command_line $USER1$/check_load -w $ARG1$ -c $ARG2$
+}
+
+define command {
+ command_name check_local_procs
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_total_procs -t 20
+}
+
+define command {
+ command_name check_zombie_procs
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_zombie_procs -t 20
+}
+
+define command {
+ command_name check_local_users
+ command_line $USER1$/check_users -w $ARG1$ -c $ARG2$
+}
+
+define command {
+ command_name check_local_log
+ command_line $USER1$/check_log -F $ARG1$ -O /tmp/nagios.logcheck.processed -q $ARG2$
+}
+
+define command {
+ command_name check_dns
+ command_line $USER1$/check_dns -H $ARG1$ -s $HOSTADDRESS$
+}
+
+define command {
+ command_name check_ftp
+ command_line $USER1$/check_ftp -H $HOSTADDRESS$
+}
+
+define command {
+ command_name check_hpjd
+ command_line $USER1$/check_hpjd -H $HOSTADDRESS$ -C public
+}
+
+define command {
+ command_name check_http
+ command_line $USER1$/check_http -I $HOSTADDRESS$ -H $HOSTADDRESS$
+}
+
+define command {
+ command_name check_http_content
+ command_line $USER1$/check_http -I $HOSTADDRESS$ -H $ARG1$ -u $ARG2$ -s $ARG3$
+}
+
+define command {
+ command_name check_http_port
+ command_line $USER1$/check_http -I $HOSTADDRESS$ -H $HOSTADDRESS$ -p $ARG1$
+}
+
+define command {
+ command_name check_http_port_expect
+ command_line $USER1$/check_http -I $HOSTADDRESS$ -H $HOSTADDRESS$ -p $ARG1$ -e $ARG2$
+}
+
+define command {
+ command_name check_http_ip_port
+ command_line $USER1$/check_http -I $ARG1$ -H $ARG1$ -p $ARG2$
+}
+
+define command {
+ command_name check_mongrel_http_content
+ command_line $USER1$/check_http -I $HOSTADDRESS$ -H $ARG1$ -u $ARG2$ -s $ARG3$ -p $ARG4$
+}
+
+define command {
+ command_name check_nntp
+ command_line $USER1$/check_nntp -H $HOSTADDRESS$
+}
+
+define command {
+ command_name check_ping
+ command_line $USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$ -p 5
+}
+
+define command {
+ command_name check_pop
+ command_line $USER1$/check_pop -H $HOSTADDRESS$
+}
+
+define command {
+ command_name check_smtp
+ command_line $USER1$/check_smtp -H $HOSTADDRESS$
+}
+
+define command {
+ command_name check_tcp
+ command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$
+}
+
+define command {
+ command_name check_ssh
+ command_line $USER1$/check_ssh $HOSTADDRESS$
+}
+
+define command {
+ command_name check_telnet
+ command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p 23
+}
+
+define command {
+ command_name check_udp
+ command_line $USER1$/check_udp -H $HOSTADDRESS$ -p $ARG1$
+}
+
+# 'check_mysql' check mysql connectivity
+define command {
+ command_name check_mysql
+ command_line $USER1$/check_mysql -H $ARG1$ -u nagios -p $ARG2$
+}
+
+define command {
+ command_name check_mysql_master
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -u $ARG1$ -p $ARG2$
+}
+
+# 'check_mysqlrep' command for mysql replication status
+define command {
+ command_name check_replication
+ command_line $USER1$/check_nrpe -c check_replication -H $HOSTADDRESS$ -t 20
+}
+
+define command {
+ command_name check_mysqlrep
+ command_line $USER1$/check-mysql-slave.pl --host $HOSTADDRESS$ --port $ARG1$ --user replcheck --password $ARG2$ --warn $ARG3$ --crit $ARG4$
+}
+
+# nrpe remote host checks
+define command {
+ command_name check_nrpe_alive
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -t 20
+ }
+
+define command {
+ command_name check_nrpe
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ -t 20
+ }
+
+define command {
+ command_name check_load
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_load -t 20
+}
+
+define command {
+ command_name check_dynomite_proc
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_dynomite_proc -t 20
+}
+
+define command {
+ command_name check_couchdb_proc
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_couchdb_proc -t 20
+}
+
+define command {
+ command_name check_disk
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_$ARG1$ -t 20
+}
+
+define command {
+ command_name check_all_disks
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_all_disks -t 20
+}
+
+define command {
+ command_name check_traffic
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c traffic -t 20
+}
+
+define command {
+ command_name check_mysqlhealth
+ command_line $USER1$/check_mysqlhealth.pl -H $HOSTADDRESS$ -u nagios -p $ARG1$ --port 3306 --wa 500 --cc 550
+}
+
+define command {
+ command_name check_iowait_time
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_iowait_time -t 20
+}
+
+define command {
+ command_name check_tps
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_tps -t 20
+}
+
+define command {
+ command_name check_swap
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_swap -t 20
+}
+
+define command {
+ command_name check_solr_index
+ command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_$ARG1$_solr_index -t 20
+}
+
+# dummy commands for passive checks
+
+define command {
+ command_name no-disk-checks
+ command_line /usr/local/nagios/libexec/check_dummy 2 "CRITICAL: Results of disk checks not coming in!"
+}
+
+define command {
+ command_name no-mem-checks
+ command_line /usr/local/nagios/libexec/check_dummy 2 "CRITICAL: Results of memory checks not coming in!"
+}
+
+# Notification
+define command {
+ command_name host-notify-by-email
+ command_line /usr/bin/printf "%b" "$LONGDATETIME$\n\n$HOSTALIAS$ $NOTIFICATIONTYPE$ $HOSTSTATE$\n\n$HOSTOUTPUT$\n\nLogin: ssh://$HOSTNAME$" | /bin/mail -s "$NOTIFICATIONTYPE$ - $HOSTALIAS$ $HOSTSTATE$!" $CONTACTEMAIL$
+}
+
+define command {
+ command_name host-notify-by-sms-email
+ command_line /usr/bin/printf "%b" "$HOSTALIAS$ $NOTIFICATIONTYPE$ $HOSTSTATE$\n\n$HOSTOUTPUT$" | /bin/mail -s "$HOSTALIAS$ $HOSTSTATE$!" $CONTACTPAGER$
+}
+
+# 'notify-by-email' command definition
+define command {
+ command_name service-notify-by-email
+ command_line /usr/bin/printf "%b" "$LONGDATETIME$ - $SERVICEDESC$ $SERVICESTATE$\n\n$HOSTALIAS$ $NOTIFICATIONTYPE$\n\n$SERVICEOUTPUT$\n\nLogin: ssh://$HOSTNAME$" | /bin/mail -s "** $NOTIFICATIONTYPE$ - $HOSTALIAS$ - $SERVICEDESC$ - $SERVICESTATE$" $CONTACTEMAIL$
+}
+
+#define command {
+# command_name process-service-perfdata
+# command_line /usr/lib/nagios/plugins/process_perfdata.pl
+#}
+
+#define command {
+# command_name process-host-perfdata
+# command_line /usr/lib/nagios/plugins/process_perfdata.pl -d HOSTPERFDATA
+#}
32 templates/default/contacts.cfg.erb
@@ -0,0 +1,32 @@
+define contact {
+ contact_name root
+ alias Root
+ service_notification_period 24x7
+ host_notification_period 24x7
+ service_notification_options w,u,c,r
+ host_notification_options d,r
+ service_notification_commands service-notify-by-email
+ host_notification_commands host-notify-by-email
+ email root@localhost
+}
+
+define contactgroup {
+ contactgroup_name admins
+ alias Icinga Administrators
+ members <%= @members.join(',') %>
+}
+
+define contactgroup {
+ contactgroup_name admins-sms
+ alias Sysadmin SMS
+ members <%= @members.join(',') %>
+}
+
+<% @admins.each do |a| -%>
+define contact {
+ use default-contact
+ contact_name <%= a['id'] %>
+ email <%= a['icinga']['email'] %>
@patcon
patcon added a note

Quick question, Marius: Why a special icinga email key? Why not use the one that's presumably the user's default from the databag?

@mdxp Owner
mdxp added a note

This is because in my experience most of the time you don't want your own email address used for this and you will want to add something distinct where you will send the alerts. At least this is how I'm using it ;).

@patcon
patcon added a note

Ah, gotcha! Makes total sense :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+}
+
+<% end -%>
16 templates/default/hostgroups.cfg.erb
@@ -0,0 +1,16 @@
+# Hostgroup definitions
+# Automatically generated by Chef
+
+define hostgroup {
+ hostgroup_name all
+ alias all
+ members *
+}
+
+<% @roles.each do |r| -%>
+define hostgroup {
+ hostgroup_name <%= r %>
+ alias <%= r %>
+}
+
+<% end -%>
16 templates/default/hosts.cfg.erb
@@ -0,0 +1,16 @@
+# Generated by Chef
+# host definitions
+
+<% @nodes.each do |n| -%>
+define host {
+ use server
+ address <%= n['ipaddress'] %>
+ host_name <%= n['hostname'] %>
+<% if n.run_list.roles.nil? || n.run_list.roles.length == 0 -%>
+ hostgroups all
+<% else -%>
+ hostgroups <%= n.run_list.roles.to_a.join(",") %>
+<% end -%>
+}
+
+<% end -%>
4 templates/default/htpasswd.users.erb
@@ -0,0 +1,4 @@
+# Generated by Chef.
+<% @sysadmins.each do |sa| -%>
+<%= sa["id"] %>:<%= sa["htpasswd"] %>
+<% end -%>
120 templates/default/icinga.cfg.erb
@@ -0,0 +1,120 @@
+#
+# Generated by Chef
+#
+
+log_file=<%= node['icinga']['log_dir'] %>/icinga.log
+admin_email=<%= node['icinga']['sysadmin_email'] %>
+admin_pager=<%= node['icinga']['sysadmin_sms_email'] %>
+cfg_dir=<%= node['icinga']['config_dir'] %>
+#cfg_dir=/usr/local/icinga/etc/objects
+object_cache_file=<%= node['icinga']['cache_dir'] %>/objects.cache
+precached_object_file=<%= node['icinga']['cache_dir'] %>/objects.precache
+resource_file=<%= node['icinga']['conf_dir'] %>/resource.cfg
+status_file=<%= node['icinga']['log_dir'] %>/status.dat
+status_update_interval=10
+icinga_user=<%= node['icinga']['user'] %>
+icinga_group=<%= node['icinga']['group'] %>
+check_external_commands=1
+command_check_interval=-1
+command_file=<%= node['icinga']['state_dir'] %>/rw/icinga.cmd
+external_command_buffer_slots=4096
+lock_file=<%= node['icinga']['run_dir'] %>/icinga.lock
+temp_file=<%= node['icinga']['state_dir'] %>/icinga.tmp
+temp_path=/tmp
+event_broker_options=-1
+log_rotation_method=d
+log_archive_path=<%= node['icinga']['log_dir'] %>/archives
+use_daemon_log=1
+use_syslog=1
+use_syslog_local_facility=0
+syslog_local_facility=5
+log_notifications=1
+log_service_retries=1
+log_host_retries=1
+log_event_handlers=1
+log_initial_states=0
+log_current_states=1
+log_external_commands=1
+log_passive_checks=1
+log_external_commands_user=0
+log_long_plugin_output=0
+service_inter_check_delay_method=s
+max_service_check_spread=30
+service_interleave_factor=s
+host_inter_check_delay_method=s
+max_host_check_spread=30
+max_concurrent_checks=0
+check_result_reaper_frequency=10
+max_check_result_reaper_time=30
+check_result_path=<%= node['icinga']['state_dir'] %>/spool/checkresults
+max_check_result_file_age=3600
+cached_host_check_horizon=15
+cached_service_check_horizon=15
+enable_predictive_host_dependency_checks=1
+enable_predictive_service_dependency_checks=1
+soft_state_dependencies=0
+auto_reschedule_checks=0
+auto_rescheduling_interval=30
+auto_rescheduling_window=180
+sleep_time=0.25
+service_check_timeout=60
+host_check_timeout=30
+event_handler_timeout=30
+notification_timeout=30
+ocsp_timeout=5
+perfdata_timeout=5
+retain_state_information=1
+state_retention_file=<%= node['icinga']['state_dir'] %>/retention.dat
+retention_update_interval=60
+use_retained_program_state=1
+use_retained_scheduling_info=1
+retained_host_attribute_mask=0
+retained_service_attribute_mask=0
+retained_process_host_attribute_mask=0
+retained_process_service_attribute_mask=0
+retained_contact_host_attribute_mask=0
+retained_contact_service_attribute_mask=0
+interval_length=60
+use_aggressive_host_checking=0
+execute_service_checks=1
+accept_passive_service_checks=1
+execute_host_checks=1
+accept_passive_host_checks=1
+enable_notifications=<%= node['icinga']['notifications_enabled'] %>
+enable_event_handlers=1
+process_performance_data=0
+obsess_over_services=0
+obsess_over_hosts=0
+translate_passive_host_checks=0
+passive_host_checks_are_soft=0
+check_for_orphaned_services=1
+check_for_orphaned_hosts=1
+service_check_timeout_state=u
+check_service_freshness=1
+service_freshness_check_interval=60
+check_host_freshness=0
+host_freshness_check_interval=60
+additional_freshness_latency=15
+enable_flap_detection=1
+low_service_flap_threshold=5.0
+high_service_flap_threshold=20.0
+low_host_flap_threshold=5.0
+high_host_flap_threshold=20.0
+date_format=us
+p1_file=<%= node['icinga']['prefix'] %>/bin/p1.pl
+enable_embedded_perl=1
+use_embedded_perl_implicitly=1
+stalking_event_handlers_for_hosts=0
+stalking_event_handlers_for_services=0
+illegal_object_name_chars=`~!$%^&*|'"<>?,()=
+illegal_macro_output_chars=`~$&|'"<>
+use_regexp_matching=0
+use_true_regexp_matching=0
+daemon_dumps_core=0
+use_large_installation_tweaks=0
+enable_environment_macros=1
+debug_level=0
+debug_verbosity=1
+debug_file=<%= node['icinga']['state_dir'] %>/icinga.debug
+max_debug_file_size=100000000
+event_profiling_enabled=0
13 templates/default/resource.cfg.erb
@@ -0,0 +1,13 @@
+#
+# Generated by Chef
+#
+
+# Sets $USER1$ to be the path to the plugins
+$USER1$=<%= node['icinga']['plugin_dir'] %>
+
+# Sets $USER2$ to be the path to event handlers
+#$USER2$=/usr/local/icinga/libexec/eventhandlers
+
+# Store some usernames and passwords (hidden from the CGIs)
+# #$USER3$=someuser
+# #$USER4$=somepassword
128 templates/default/services.cfg.erb
@@ -0,0 +1,128 @@
+# Icinga Service Definitions.
+#
+# Automatically generated by Chef.
+
+define service {
+ use default-service
+ host_name *
+ service_description ping
+ check_command check_ping!200.0,20%!500.0,60%
+}
+
+# monitoring service checks
+define service {
+ service_description Icinga
+ hostgroup_name <%= node['icinga']['server_role'] %>
+ check_command check-nagios
+ contact_groups admins
+ use default-service
+}
@patcon
patcon added a note

pconnolly@icinga:~$ /etc/init.d/icinga restart
Running configuration check.../etc/init.d/icinga: 229: cannot create /usr/local/icinga/var/icinga.chk: Permission denied
CONFIG ERROR! Restart aborted. See /usr/local/icinga/var/icinga.chk for details.

And then icinga.chk gives:

Error: Could not find any hostgroup matching 'monitoring' (config file '/usr/local/icinga/etc/conf.d/services.cfg', starting on line 13)
Error processing object config files!

And services.cfg references this ruby block. Any thoughts? Is it just because Icinga has nothing to monitor yet? (My service_hosts hash is void of any of those hostgroup_names...

Not sure if using these notes is bad form, but I'm partial to the inline-ness of it. I'll file this as an issue if it starts to seem applicable to others :)

@patcon
patcon added a note

Ah ok. Solved it. Needed to create an empty "monitoring" role and add it to the node. Recognized the issue when I checked out hostgroups.cfg and saw that "monitoring" wasn't described. Guessing this is a result of the cookbook being just for you at the moment :)

Might add some readme items :)

@mdxp Owner
mdxp added a note

The problem here is the lack of documentation. This should be compatible with the nagios cookbook, but the truth is that I should write some documentation (or you can help if you have the time). Basically for this error you are probably lacking the existence of a chef role called monitoring where your incinga server has to be a member of.

I don't think adding this inline comments is a good idea because no one will look for them like that. People will look at issues (even closed) in my experience, so that would be better imo if you want to hep others with the same issues. (even if you open an issue and fix it yourself).

@patcon
patcon added a note

Sounds good! I'll try to open up some issues to recap this convo later.

(Also, I suppose I can always do deep-links to lines of code, so my reasoning was pretty weak!)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+
+# Uncomment if you're using Munin
+#define service {
+# service_description Munin Client
+# hostgroup_name all
+# check_command check_tcp!4949
+# use default-service
+#}
+
+# default checks for all hosts
+# Uncomment if you're running chef-client as a daemon
+#define service {
+# service_description Chef Client
+# hostgroup_name base
+# check_command check_chef_client
+# use default-service
+#}
+
+define service {
+ service_description Free Space All Disks
+ hostgroup_name all
+ check_command check_all_disks
+ use default-service
+}
+
+define service {
+ service_description Load Average
+ hostgroup_name all
+ check_command check_load
+ use default-service
+}
+
+define service {
+ service_description Free Memory
+ hostgroup_name all
+ check_command check_mem
+ use default-service
+}
+
+define service {
+ service_description SSH
+ hostgroup_name all
+ check_command check_ssh
+ use default-service
+}
+
+define service {
+ service_description Processes
+ hostgroup_name all
+ check_command check_local_procs
+ use default-service
+}
+
+<% unless @service_hosts['monitoring'].nil? -%>
+# If the monitoring host is a postfix relay, uncomment this.
+#define service {
+# service_description Postfix
+# hostgroup_name monitoring
+# check_command check_nrpe!check_smtp
+# use default-service
+#}
+
+# If the monitoring host is a syslog server, uncomment this.
+#define service {
+# service_description Rsyslog
+# hostgroup_name monitoring
+# check_command check_tcp!514
+# use default-service
+#}
+
+<% end -%>
+<% unless @service_hosts['webserver'].nil? -%>
+# basic web server http check
+define service {
+ service_description HTTP Processes
+ hostgroup_name webserver
+ check_command check_http
+ use default-service
+}
+
+<% end -%>
+<% unless @service_hosts['appserver'].nil? -%>
+# basic check if appserver role is running unicorn
+define service {
+ service_description Unicorn Processes
+ hostgroup_name appserver
+ check_command check_nrpe!check_unicorn
+ use default-service
+}
+
+define service {
+ service_description Unicorn HTTP
+ hostgroup_name appserver
+ check_command check_http_port_expect!8080!"HTTP/1.1 302 Found"
+ use default-service
+}
+
+<% end -%>
+<% unless @service_hosts['database_master'].nil? -%>
+# basic check if the database_master role is a mysql server
+# database_master service checks
+define service {
+ service_description MySQL
+ hostgroup_name database_master
+ check_command check_nrpe!check_mysql_server
+ use default-service
+}
+
+<% end -%>
78 templates/default/templates.cfg.erb
@@ -0,0 +1,78 @@
+define contact {
+ name default-contact
+ service_notification_period 24x7
+ host_notification_period 24x7
+ service_notification_options w,u,c,r,f,s
+ host_notification_options d,u,r,f,s
+# service_notification_commands service-notify-by-email, service-notify-by-jabber
+ service_notification_commands service-notify-by-email
+# host_notification_commands host-notify-by-email, host-notify-by-sms-gateway, host-notify-by-jabber
+ host_notification_commands host-notify-by-email
+ register 0
+}
+
+define contact {
+ name sms-contact
+ service_notification_period 24x7
+ host_notification_period 24x7
+ service_notification_options w,u,c,r,f,s
+ host_notification_options d,u,r,f,s
+ service_notification_commands service-notify-by-sms-gateway
+ host_notification_commands host-notify-by-sms-gateway
+ register 0
+}
+
+define host {
+ name default-host
+ notifications_enabled 1
+ event_handler_enabled 1
+ flap_detection_enabled 1
+ failure_prediction_enabled 1
+# process_perf_data 1
+ process_perf_data 0
+ retain_status_information 1
+ retain_nonstatus_information 1
+ notification_period 24x7
+ register 0
+}
+
+define host {
+ name server
+ use default-host
+ check_period 24x7
+ check_interval <%= icinga_interval(icinga_attr(:default_host)[:check_interval]) %>
+ retry_interval <%= icinga_interval(icinga_attr(:default_host)[:retry_interval]) %>
+ max_check_attempts <%= icinga_attr(:default_host)[:max_check_attempts] %>
+ check_command check-host-alive
+ notification_interval <%= icinga_interval(icinga_attr(:default_host)[:notification_interval]) %>
+ notification_options d,u,r
+ contact_groups <%= icinga_attr(:default_contact_groups).join(",") %>
+ register 0
+}
+
+define service {
+ name default-service
+ active_checks_enabled 1
+ passive_checks_enabled 1
+ parallelize_check 1
+ obsess_over_service 1
+ check_freshness 0
+ notifications_enabled 1
+ event_handler_enabled 1
+ flap_detection_enabled 1
+ failure_prediction_enabled 1
+# process_perf_data 1
+ process_perf_data 0
+ retain_status_information 1
+ retain_nonstatus_information 1
+ is_volatile 0
+ check_period 24x7
+ max_check_attempts <%= icinga_attr(:default_service)[:max_check_attempts] %>
+ check_interval <%= icinga_interval(icinga_attr(:default_service)[:check_interval]) %>
+ retry_interval <%= icinga_interval(icinga_attr(:default_service)[:retry_interval]) %>
+ contact_groups <%= icinga_attr(:default_contact_groups).join(",") %>
+ notification_options w,u,c,r
+ notification_interval <%= icinga_interval(icinga_attr(:default_service)[:notification_interval]) %>
+ notification_period 24x7
+ register 0
+}
66 templates/default/timeperiods.cfg.erb
@@ -0,0 +1,66 @@
+# Time period definitions
+# Automatically generated by Chef
+define timeperiod{
+ timeperiod_name 24x7
+ alias 24 Hours A Day, 7 Days A Week
+ sunday 00:00-24:00
+ monday 00:00-24:00
+ tuesday 00:00-24:00
+ wednesday 00:00-24:00
+ thursday 00:00-24:00
+ friday 00:00-24:00
+ saturday 00:00-24:00
+ }
+
+# 'workhours' timeperiod definition
+define timeperiod{
+ timeperiod_name workhours
+ alias Normal Work Hours
+ monday 09:00-17:00
+ tuesday 09:00-17:00
+ wednesday 09:00-17:00
+ thursday 09:00-17:00
+ friday 09:00-17:00
+ }
+
+# 'none' timeperiod definition
+define timeperiod{
+ timeperiod_name none
+ alias No Time Is A Good Time
+ }
+
+# Some U.S. holidays
+# Note: The timeranges for each holiday are meant to *exclude* the holidays from being
+# treated as a valid time for notifications, etc. You probably don't want your pager
+# going off on New Year's. Although you're employer might... :-)
+define timeperiod{
+ name us-holidays
+ timeperiod_name us-holidays
+ alias U.S. Holidays
+
+ january 1 00:00-00:00 ; New Years
+ monday -1 may 00:00-00:00 ; Memorial Day (last Monday in May)
+ july 4 00:00-00:00 ; Independence Day
+ monday 1 september 00:00-00:00 ; Labor Day (first Monday in September)
+ thursday 4 november 00:00-00:00 ; Thanksgiving (4th Thursday in November)
+ december 25 00:00-00:00 ; Christmas
+ }
+
+
+# This defines a modified "24x7" timeperiod that covers every day of the
+# year, except for U.S. holidays (defined in the timeperiod above).
+define timeperiod{
+ timeperiod_name 24x7_sans_holidays
+ alias 24x7 Sans Holidays
+
+ use us-holidays ; Get holiday exceptions from other timeperiod
+
+ sunday 00:00-24:00
+ monday 00:00-24:00
+ tuesday 00:00-24:00
+ wednesday 00:00-24:00
+ thursday 00:00-24:00
+ friday 00:00-24:00
+ saturday 00:00-24:00
+ }
+
Please sign in to comment.
Something went wrong with that request. Please try again.