Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
G
GitHubHistory
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Anastasios Lisgaras
GitHubHistory
Commits
169b2b76
Commit
169b2b76
authored
Mar 29, 2016
by
Paschalis Korosoglou
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #69 from dpavlos/nagios_config
ARGO-389 Nagios configurations
parents
e5d7022b
9c9590a1
Changes
11
Hide whitespace changes
Inline
Side-by-side
Showing
11 changed files
with
83 additions
and
27 deletions
+83
-27
group_vars/monitoring_engine
group_vars/monitoring_engine
+1
-0
private_files
private_files
+1
-0
roles/monitoring_engine/defaults/main.yml
roles/monitoring_engine/defaults/main.yml
+8
-6
roles/monitoring_engine/tasks/main.yml
roles/monitoring_engine/tasks/main.yml
+63
-11
roles/monitoring_engine/templates/argo-msg-cache.conf.j2
roles/monitoring_engine/templates/argo-msg-cache.conf.j2
+1
-1
roles/monitoring_engine/templates/cgi.cfg.j2
roles/monitoring_engine/templates/cgi.cfg.j2
+1
-0
roles/monitoring_engine/templates/nagios_apache.conf.j2
roles/monitoring_engine/templates/nagios_apache.conf.j2
+1
-0
roles/monitoring_engine/templates/ncg.conf.eudat.j2
roles/monitoring_engine/templates/ncg.conf.eudat.j2
+1
-1
roles/monitoring_engine/templates/ncg.conf.j2
roles/monitoring_engine/templates/ncg.conf.j2
+4
-7
roles/monitoring_engine/templates/ssl.conf.j2
roles/monitoring_engine/templates/ssl.conf.j2
+1
-0
roles/repos/tasks/main.yml
roles/repos/tasks/main.yml
+1
-1
No files found.
group_vars/monitoring_engine
View file @
169b2b76
---
cert_path: /etc/pki/tls/certs/localhost.crt
key_path: /etc/pki/tls/private/localhost.key
ca_path: /etc/pki/tls/certs/ca-bundle.crt
iptables_rules:
input:
...
...
private_files
0 → 120000
View file @
169b2b76
../private_files
\ No newline at end of file
roles/monitoring_engine/defaults/main.yml
View file @
169b2b76
...
...
@@ -2,6 +2,7 @@
nagios_components
:
-
{
name
:
argo-ncg
,
repo
:
argo-prod
}
-
{
name
:
argo-msg-nagios
,
repo
:
argo-prod
}
-
{
name
:
perl-Crypt-SSLeay
,
repo
:
"
"
}
## NCG vars ##
nagios_server
:
localhost
...
...
@@ -17,7 +18,7 @@ include_empty_hosts: "0"
enable_notifications
:
"
0"
local_metric_store
:
"
0"
check_hosts
:
"
0"
tenant_name
:
TENANT_A
tenant_name
:
tenant_a
poem_root_url
:
http://localhost/poem
include_proxy_checks
:
"
0"
include_msg_checks_recv
:
"
0"
...
...
@@ -25,11 +26,11 @@ backup_instance: "false"
## CGI vars ##
authorized_for_all_service_commands
:
-
/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=SomeCN_1
-
/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=SomeCN_2
-
"
/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=SomeCN_1"
-
"
/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=SomeCN_2"
authorized_for_all_host_commands
:
-
/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=SomeCN_1
-
/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=SomeCN_2
-
"
/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=SomeCN_1"
-
"
/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=SomeCN_2"
## Nagios.cfg vars ##
host_perfdata_file_processing_command
:
ncg-process-host-perfdata-file
...
...
@@ -49,5 +50,6 @@ process_performance_data: "1"
## Other vars
ca_bundle_install
:
false
configure_apache_ssl
:
false
configure_nagios_apache
:
false
roles/monitoring_engine/tasks/main.yml
View file @
169b2b76
...
...
@@ -2,65 +2,71 @@
-
name
:
Install Nagios
yum
:
name=nagios state=latest enablerepo=nagios
tags
:
install
-
name
:
Install pnp4nagios
yum
:
name=pnp4nagios state=latest
tags
:
install
-
name
:
Install Apache and mod_ssl
yum
:
name={{ item }} state=latest
with_items
:
-
httpd
-
mod_ssl
tags
:
install
-
name
:
Install fetch-crl
yum
:
name=fetch-crl state=latest
when
:
ca_bundle_install
tags
:
install
-
name
:
Install NCG and MSG conponents
yum
:
name={{ item.name }} state=latest enablerepo={{ item.repo }}
with_items
:
nagios_components
tags
:
install
-
name
:
Install Nagios plugins
yum
:
name={{ item.name }} state=latest enablerepo={{ item.repo }}
with_items
:
nagios_plugins
-
name
:
Install Nagios UMD plugins
yum
:
name={{ item }} state=latest
with_items
:
nagios_plugins_umd
when
:
nagios_plugins_umd is defined
tags
:
install
-
name
:
Copy nagios.cfg file
template
:
src=nagios.cfg.j2
dest=/etc/nagios/nagios.cfg
owner=nagios group=nagios mode=0644
notify
:
reload nagios
tags
:
config
-
name
:
Copy cgi.cfg file
template
:
src=cgi.cfg.j2
dest=/etc/nagios/cgi.cfg
owner=nagios group=nagios mode=0644
notify
:
reload nagios
tags
:
config
#FIXME: Make this tenant unaware
-
name
:
Copy ncg.conf file for EGI
template
:
src=ncg.conf.j2
dest=/etc/argo-ncg/ncg.conf
owner=root group=root
when
:
tenant_name
== "EGI
"
when
:
tenant_name
|lower == "egi
"
notify
:
reload nagios
tags
:
config
-
name
:
Copy ncg.conf file for EUDAT
template
:
src=ncg.conf.eudat.j2
dest=/etc/ncg/ncg.conf
owner=root group=root
when
:
tenant_name
== "EUDAT
"
when
:
tenant_name
|lower == "eudat
"
notify
:
reload nagios
tags
:
config
-
name
:
Copy argo-voms-htpasswd.conf file
template
:
src=argo-voms-htpasswd.conf.j2
dest=/etc/argo-voms-htpasswd/argo-voms-htpasswd.conf
owner=root group=root
when
:
voms_htpasswd is defined
tags
:
config
#FIXME: Temp workaround for tenants without BDII infrastructure.
-
name
:
Copy broker-list file
...
...
@@ -68,6 +74,7 @@
dest=/var/cache/msg/broker-cache-file/broker-list
owner=root group=root mode=0644
when
:
broker_host is defined
tags
:
config
##
-
name
:
Copy argo-msg-cache file
...
...
@@ -75,12 +82,21 @@
dest=/etc/argo-msg-cache.conf
owner=root group=root
when
:
lcg_gfal_infosys is defined and broker_network is defined
tags
:
config
-
name
:
Create unicore log dir
file
:
path=/var/log/unicore
state=directory
owner=nagios group=nagios mode=0755
when
:
enable_unicore_probes is defined and enable_unicore_probes == "1"
tags
:
config
-
name
:
Create vomses dir
-
file
:
path=/etc/vomses
file
:
path=/etc/vomses
state=directory
owner=root group=root mode=0755
when
:
vomses is defined
tags
:
config
-
name
:
Copy vomses files
template
:
src=vomses.j2
...
...
@@ -88,56 +104,92 @@
owner=root group=root mode=0644
when
:
vomses is defined
with_items
:
vomses
tags
:
config
-
name
:
Create voms lsc dir
-
file
:
path=/etc/grid-security/vomsdir/{{ item.vo }}
file
:
path=/etc/grid-security/vomsdir/{{ item.vo }}
state=directory
owner=root group=root mode=0755
when
:
vomses is defined
with_items
:
vomses
tags
:
config
-
name
:
Create voms lsc files
-
template
:
src=voms_lsc.j2
template
:
src=voms_lsc.j2
dest=/etc/grid-security/vomsdir/{{ item.vo }}/{{ item.server }}.lsc
owner=root group=root mode=0644
when
:
vomses is defined
with_items
:
vomses
tags
:
config
-
name
:
Create sha checksum for dashboard config
shell
:
echo -n {{ nagios_server }} | sha1sum | cut -f1 -d' '
register
:
sha
tags
:
config
-
name
:
Create dashboard config for msg-to-handler
template
:
src=dashboard.conf.j2
dest=/etc/msg-to-handler.d/DASHBOARD.conf
owner=root group=root mode=0644
when
:
send_to_dashboard is defined and send_to_dashboard == "1"
tags
:
config
-
name
:
Create apel config for msg-to-handler
template
:
src=apel.conf.j2
dest=/etc/msg-to-handler.d/APEL.conf
owner=root group=root mode=0644
when
:
send_to_apel is defined and send_to_apel == "1"
tags
:
config
-
name
:
Create a cron job to restart apache
cron
:
name=restart_httpd
user="root"
minute="53" hour="2,8,14,20"
job="( /sbin/service httpd status && /sbin/service httpd graceful ) > /dev/null 2>&1"
when
:
ca_bundle_install
tags
:
config
-
name
:
create apache nagios conf
template
:
src=nagios_apache.conf.j2
dest=/etc/httpd/conf.d/nagios.conf
owner=root group=root mode=0644
notify
:
reload httpd
when
:
configure_nagios_apache
tags
:
config
-
name
:
create apache ssl conf
template
:
src=ssl.conf.j2
dest=/etc/httpd/conf.d/ssl.conf
owner=root group=root mode=0644
notify
:
reload httpd
when
:
configure_apache_ssl
tags
:
config
-
name
:
Enable nagios and httpd on boot and start service
service
:
name={{ item }} state=started enabled=yes
with_items
:
-
nagios
-
httpd
tags
:
config
-
name
:
Start fetch-crl cron
service
:
name=fetch-crl-cron state=started enabled=yes
when
:
ca_bundle_install
tags
:
config
-
name
:
Start fetch-crl boot
service
:
name=fetch-crl-boot state=started enabled=no
when
:
ca_bundle_install
ignore_errors
:
yes
tags
:
config
-
name
:
Enable argo-voms-htpasswd on boot and start service
service
:
name=argo-voms-htpasswd state=started enabled=yes
when
:
voms_htpasswd is defined
tags
:
config
-
name
:
Enable argo-msg-cache on boot and start service
service
:
name=argo-msg-cache state=started enabled=yes
when
:
lcg_gfal_infosys is defined
\ No newline at end of file
when
:
lcg_gfal_infosys is defined
tags
:
config
roles/monitoring_engine/templates/argo-msg-cache.conf.j2
View file @
169b2b76
...
...
@@ -9,4 +9,4 @@
LCG_GFAL_INFOSYS={% for bdii in lcg_gfal_infosys %}{{ bdii }}{% if not loop.last %},{% endif %}{% endfor %}
# BROKER_NETWORK=PROD
BROKER_NETWORK={{ broker_network }}
\ No newline at end of file
BROKER_NETWORK={{ broker_network }}
roles/monitoring_engine/templates/cgi.cfg.j2
View file @
169b2b76
...
...
@@ -168,6 +168,7 @@ authorized_for_all_hosts=*
# user who has authenticated to the web server.
authorized_for_all_service_commands={% for dn in authorized_for_all_service_commands %}{{ dn }}{% if not loop.last %},{% endif %}{% endfor %}
authorized_for_all_host_commands={% for dn in authorized_for_all_host_commands %}{{ dn }}{% if not loop.last %},{% endif %}{% endfor %}
...
...
roles/monitoring_engine/templates/nagios_apache.conf.j2
0 → 100644
View file @
169b2b76
{% include "private_files/" + ansible_fqdn + "/files/etc/httpd/conf.d/nagios.conf" %}
\ No newline at end of file
roles/monitoring_engine/templates/ncg.conf.eudat.j2
View file @
169b2b76
...
...
@@ -35,7 +35,7 @@ BACKUP_INSTANCE = {{ backup_instance }}
INCLUDE_EMPTY_HOSTS = {{ include_empty_hosts }}
ENABLE_NOTIFICATIONS = {{ enable_notifications }}
CHECK_HOSTS = {{ check_hosts }}
TENANT = {{ tenant_name }}
TENANT = {{ tenant_name
|lower
}}
</Nagios>
</NCG::ConfigGen>
...
...
roles/monitoring_engine/templates/ncg.conf.j2
View file @
169b2b76
...
...
@@ -14,12 +14,9 @@ VO = {{ vo }}
ENABLE_UNICORE_PROBES= {{ enable_unicore_probes }}
MYPROXY_SERVER = {{ myproxy_server }}
BACKUP_INSTANCE = {{ backup_instance }}
<NCG::SiteSet>
<GOCDB>
GOCDB_ROOT_URL={{ gocdb_root_url }}
CERT_STATUS={{ cert_status }}
ENABLE_UNICORE_PROBES=$ENABLE_UNICORE_PROBES
</GOCDB>
<File>
...
...
@@ -61,10 +58,10 @@ BACKUP_INSTANCE = {{ backup_instance }}
ENABLE_UNICORE_PROBES=$ENABLE_UNICORE_PROBES
BDII_HOST={{ bdii_host }}
INCLUDE_PROXY_CHECKS = {{ include_proxy_checks }}
LOCAL_METRIC_STORE = {{ local_metric_store }}
</Active>
<LDAP>
LDAP_ADDRESS={{ bdii_host }}
BDII_LEVEL={{ bdii_level }}
</LDAP>
<File>
DB_FILE=/etc/argo-ncg/ncg.localdb
...
...
@@ -74,12 +71,12 @@ BACKUP_INSTANCE = {{ backup_instance }}
<NCG::ConfigGen>
<Nagios>
NAGIOS_ROLE = {{ nagios_role }}
NAGIOS_ROLE = {{ nagios_role
|lower
}}
INCLUDE_EMPTY_HOSTS = {{ include_empty_hosts }}
ENABLE_NOTIFICATIONS = {{ enable_notifications }}
SEND_TO_DASHBOARD = {{ send_to_dashboard }}
CHECK_HOSTS = {{ check_hosts }}
TENANT = {{ tenant_name }}
TENANT = {{ tenant_name
|lower
}}
</Nagios>
</NCG::ConfigGen>
...
...
@@ -90,7 +87,7 @@ BACKUP_INSTANCE = {{ backup_instance }}
</File>
<POEM>
POEM_ROOT_URL = {{ poem_root_url }}
POEM_PROFILES = {% for poem in poem_profiles %}{{ poem }}{% if not loop.last %},{% endif %}{% endfor %}
POEM_PROFILES = {% for poem in poem_profiles %}{{ poem
|upper
}}{% if not loop.last %},{% endif %}{% endfor %}
</POEM>
</NCG::LocalMetrics>
...
...
roles/monitoring_engine/templates/ssl.conf.j2
0 → 100644
View file @
169b2b76
{% include "private_files/" + ansible_fqdn + "/templates/ssl.conf.j2" %}
\ No newline at end of file
roles/repos/tasks/main.yml
View file @
169b2b76
...
...
@@ -24,7 +24,7 @@
copy
:
src=etc/yum.repos.d/EGI-trustanchors.repo
dest=/etc/yum.repos.d/EGI-trustanchors.repo backup=no
owner=root group=root mode=0644
when
:
inventory_hostname in groups.standalone or inventory_hostname in groups.webui
when
:
inventory_hostname in groups.standalone or inventory_hostname in groups.webui
or ca_bundle_install==true
-
name
:
Install cloudera-cdh5 repo
tags
:
cloudera-cdh5_repo
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment