[debian-lan-devel] [SCM] Debian-LAN development and packaging branch, master, updated. 0.7-18-gcccd3e4
Andreas B. Mundt
andi at debian.org
Fri Feb 8 18:36:57 UTC 2013
The following commit has been merged in the master branch:
commit cccd3e4e7a4855aabe2abdc3903531bf99fdd85e
Author: Andreas B. Mundt <andi at debian.org>
Date: Fri Feb 8 18:57:38 2013 +0100
Implement Icinga system monitoring for server and clients.
Services monitored:
mainserver:
'APT'
'Current Load'
'Current Users'
'Disk Space'
'HTTP'
'IMAP'
'LDAP'
'NFS'
'NTP Server'
'SMTP'
'SSH'
'Swap'
'Total Procs'
'Zombie Procs'
workstation:
'APT'
'Current Load'
'Current Users'
'Disk Space'
'SSH'
'Swap'
'Time'
'Total Procs'
'Zombie Procs'
diskless:
'Current Load'
'Current Users'
'Swap'
'Time'
'Total Procs'
'Zombie Procs'
diff --git a/fai/config/files/etc/icinga/objects/commands.cfg/LOG_SERVER b/fai/config/files/etc/icinga/objects/commands.cfg/LOG_SERVER
new file mode 100644
index 0000000..795d749
--- /dev/null
+++ b/fai/config/files/etc/icinga/objects/commands.cfg/LOG_SERVER
@@ -0,0 +1,14 @@
+define command{
+ command_name debian-lan_check_swap
+ command_line /usr/lib/nagios/plugins/check_swap -w 50% -c 20%
+}
+
+define command{
+ command_name debian-lan_check_ldap
+ command_line /usr/lib/nagios/plugins/check_ldap -H '$HOSTNAME$' -b '$ARG1$' -T
+}
+
+define command{
+ command_name debian-lan_check-nfs
+ command_line /usr/lib/nagios/plugins/check_rpc -H '$HOSTADDRESS$' -C nfs -c2,3,4
+}
diff --git a/fai/config/files/etc/icinga/objects/hostgroups_icinga.cfg/LOG_SERVER b/fai/config/files/etc/icinga/objects/hostgroups_icinga.cfg/LOG_SERVER
new file mode 100644
index 0000000..356f5f1
--- /dev/null
+++ b/fai/config/files/etc/icinga/objects/hostgroups_icinga.cfg/LOG_SERVER
@@ -0,0 +1,61 @@
+#### all machines ####
+define hostgroup {
+ hostgroup_name all
+ alias All Servers
+ members *
+}
+
+define hostgroup {
+ hostgroup_name debian-servers
+ alias Debian GNU/Linux Servers
+ members *
+}
+
+#### server ####
+define hostgroup {
+ hostgroup_name ssh-servers
+ alias SSH servers
+ members mainserver
+ hostgroup_members workstation
+}
+
+define hostgroup {
+ hostgroup_name http-servers
+ alias HTTP servers
+ members mainserver
+}
+
+define hostgroup {
+ hostgroup_name ldap-servers
+ alias LDAP servers
+ members mainserver
+}
+
+define hostgroup {
+ hostgroup_name nfs-servers
+ alias NFS servers
+ members mainserver
+}
+
+define hostgroup {
+ hostgroup_name smtp-servers
+ alias SMTP servers
+ members mainserver
+}
+
+define hostgroup {
+ hostgroup_name imap-servers
+ alias IMAP servers
+ members mainserver
+}
+
+#### workstations and diskless ####
+define hostgroup {
+ hostgroup_name workstation
+ alias Debian GNU/Linux Workstation
+}
+
+define hostgroup {
+ hostgroup_name diskless
+ alias Debian GNU/Linux Diskless
+}
diff --git a/fai/config/files/etc/icinga/objects/hosts.cfg/LOG_SERVER b/fai/config/files/etc/icinga/objects/hosts.cfg/LOG_SERVER
new file mode 100644
index 0000000..9fe934b
--- /dev/null
+++ b/fai/config/files/etc/icinga/objects/hosts.cfg/LOG_SERVER
@@ -0,0 +1,12 @@
+define host{
+ use generic-host
+ host_name mainserver
+ address 127.0.0.1
+}
+
+define host{
+ use generic-host
+ host_name workstation00
+ hostgroups workstation
+}
+
diff --git a/fai/config/files/etc/icinga/objects/services_icinga.cfg/LOG_SERVER b/fai/config/files/etc/icinga/objects/services_icinga.cfg/LOG_SERVER
new file mode 100644
index 0000000..091376c
--- /dev/null
+++ b/fai/config/files/etc/icinga/objects/services_icinga.cfg/LOG_SERVER
@@ -0,0 +1,156 @@
+#### servers ####
+define service {
+ hostgroup_name http-servers
+ service_description HTTP
+ check_command check_http
+ use generic-service
+}
+
+define service {
+ hostgroup_name ssh-servers
+ service_description SSH
+ check_command check_ssh
+ use generic-service
+}
+
+define service{
+ hostgroup_name imap-servers
+ service_description IMAP
+ check_command check_imap
+ use generic-service
+}
+
+define service{
+ hostgroup_name smtp-servers
+ service_description SMTP
+ check_command check_smtp
+ use generic-service
+}
+
+define service{
+ hostgroup_name ldap-servers
+ service_description LDAP
+ check_command debian-lan_check_ldap!dc=intern
+ use generic-service
+}
+
+define service{
+ hostgroup_name nfs-servers
+ service_description NFS
+ check_command debian-lan_check-nfs
+ use generic-service
+}
+
+define service{
+ host mainserver
+ service_description Disk Space
+ check_command check_all_disks!20%!10%
+ use generic-service
+}
+
+define service{
+ host mainserver
+ service_description Current Users
+ check_command check_users!20!50
+ use generic-service
+}
+
+define service{
+ host mainserver
+ service_description Total Procs
+ check_command check_procs!250!400
+ use generic-service
+}
+
+define service{
+ host mainserver
+ service_description Zombie Procs
+ check_command check_procs_zombie!5!10
+ use generic-service
+}
+
+define service{
+ host mainserver
+ service_description Current Load
+ check_command check_load!5.0!4.0!3.0!10.0!6.0!4.0
+ use generic-service
+}
+
+define service{
+ host mainserver
+ service_description Swap
+ check_command debian-lan_check_swap
+ use generic-service
+}
+
+define service{
+ host mainserver
+ service_description APT
+ check_command check_apt
+ use generic-service
+}
+
+define service{
+ host mainserver
+ service_description NTP Server
+ check_command check_ntp_ntpq
+ use generic-service
+}
+
+
+#### nrpe (remote) machines
+define service{
+ hostgroup_name workstation
+ service_description Disk Space
+ check_command check_nrpe_1arg!debian-lan_check_all_disks
+ use generic-service
+}
+
+define service{
+ hostgroup_name workstation,diskless
+ service_description Current Users
+ check_command check_nrpe_1arg!debian-lan_check_users
+ use generic-service
+}
+
+define service{
+ hostgroup_name workstation,diskless
+ service_description Total Procs
+ check_command check_nrpe_1arg!debian-lan_check_procs
+ use generic-service
+}
+
+define service{
+ hostgroup_name workstation,diskless
+ service_description Zombie Procs
+ check_command check_nrpe_1arg!debian-lan_check_procs_zombie
+ use generic-service
+}
+
+define service{
+ hostgroup_name workstation,diskless
+ service_description Current Load
+ check_command check_nrpe_1arg!debian-lan_check_load
+ use generic-service
+}
+
+define service{
+ hostgroup_name workstation,diskless
+ service_description Swap
+ check_command check_nrpe_1arg!debian-lan_check_swap
+ use generic-service
+}
+
+define service{
+ hostgroup_name workstation
+ service_description APT
+ check_command check_nrpe_1arg!check_apt
+ use generic-service
+}
+
+define service{
+ hostgroup_name workstation,diskless
+ service_description Time
+ check_command check_nrpe_1arg!debian-lan_check_ntp_time
+ use generic-service
+}
diff --git a/fai/config/files/etc/nagios/nrpe.d/debian-lan.cfg/LOG_CLIENT b/fai/config/files/etc/nagios/nrpe.d/debian-lan.cfg/LOG_CLIENT
new file mode 100644
index 0000000..b470cc2
--- /dev/null
+++ b/fai/config/files/etc/nagios/nrpe.d/debian-lan.cfg/LOG_CLIENT
@@ -0,0 +1,12 @@
+## command definitions for debian-lan
+command[check_apt]=/usr/lib/nagios/plugins/check_apt
+
+## fixed arguments
+command[debian-lan_check_ntp_time]=/usr/lib/nagios/plugins/check_ntp_time -H ntp -w 0.5 -c 1
+command[debian-lan_check_procs]=/usr/lib/nagios/plugins/check_procs -w '150' -c '200'
+command[debian-lan_check_procs_zombie]=/usr/lib/nagios/plugins/check_procs -w '5' -c '10' -s Z
+command[debian-lan_check_all_disks]=/usr/lib/nagios/plugins/check_disk -w '20%' -c '10%' -e
+command[debian-lan_check_swap]=/usr/lib/nagios/plugins/check_swap -w '50%' -c '30%'
+command[debian-lan_check_load]=/usr/lib/nagios/plugins/check_load --warning='5.0,4.0,3.0' --critical='10.0,6.0,4.0'
+command[debian-lan_check_users]=/usr/lib/nagios/plugins/check_users -w '5' -c '10'
+
diff --git a/fai/config/files/usr/local/sbin/debian-lan/SERVER_A b/fai/config/files/usr/local/sbin/debian-lan/SERVER_A
index a5b4008..3a4f90a 100755
--- a/fai/config/files/usr/local/sbin/debian-lan/SERVER_A
+++ b/fai/config/files/usr/local/sbin/debian-lan/SERVER_A
@@ -12,7 +12,7 @@ HOME="/lan/$HOSTNAME/home0"
DHCPCONF="/etc/dhcp/dhcpd.conf"
usage(){
- echo "Usage: debian-lan adduser|deluser|purgehomes|addmachine argument"
+ echo "Usage: debian-lan adduser|deluser|purgehomes|key2machine argument"
echo " debian-lan add2dhcp"
echo
echo "The corresponding argument can be one of the following:"
@@ -30,7 +30,7 @@ usage(){
echo " purgehomes age"
echo " \"age\" is the number of days since the (former) user has been deleted."
echo
- echo " addmachine list"
+ echo " key2machine list"
echo " \"list\" is a list of host names."
echo
echo " add2dhcp"
@@ -83,6 +83,40 @@ deluserLDAP(){
fi
}
+add2log () {
+ MACHINE=$1
+ ## munin:
+ CONFDIR='/etc/munin/munin-conf.d/'
+ if [ -d $CONFDIR ] && ! grep -sq ${MACHINE} $CONFDIR/nodes.conf ; then
+ cat >> $CONFDIR/nodes.conf <<EOF
+[${MACHINE}.intern]
+ address ${MACHINE}
+
+EOF
+ echo "${MACHINE} will be monitored by munin from now on. "
+ else
+ echo "$CONFDIR does not exist or machine already present in $CONFDIR/nodes.conf. "
+ fi
+
+ ## icinga:
+ CONF='/etc/icinga/objects/hosts.cfg'
+ if ! grep -sq ${MACHINE} $CONF ; then
+ cat >> $CONF <<EOF
+define host{
+ use generic-host
+ host_name ${MACHINE}
+ hostgroups ${MACHINE%%[0-9]*}
+}
+
+EOF
+ echo "${MACHINE} will be monitored by icinga from now on. "
+ else
+ echo "Machine ${MACHINE} already present in '${CONF}'. "
+ fi
+}
+
+
+
##############################
COMMAND=$1
@@ -166,20 +200,9 @@ case $COMMAND in
fi
done
;;
- addmachine)
+ key2machine)
for MACHINE in $@ ; do
scp -p $DATADIR/${MACHINE}.keytab root@${MACHINE}:/etc/krb5.keytab
- MUNIN_CONFDIR='/etc/munin/munin-conf.d/'
- if [ -d $MUNIN_CONFDIR ] && ! grep -sq ${MACHINE} $MUNIN_CONFDIR/nodes.conf ; then
- cat >> $MUNIN_CONFDIR/nodes.conf <<EOF
-[${MACHINE}.intern]
- address ${MACHINE}
-
-EOF
- echo "${MACHINE} will be monitored by munin from now on. "
- else
- echo "$MUNIN_CONFDIR does not exist or machine already present in $MUNIN_CONFDIR/nodes.conf. "
- fi
done
echo
;;
@@ -215,12 +238,14 @@ EOF
;;
esac
sed -i "0,/\(host ${NAME}.*\) A1:B2:C3:D4:E5:\w\{2\};/s//\1 ${HWaddr};/" ${DHCPCONF}
- echo "MAC address $HWaddr added as:"
- grep $HWaddr ${DHCPCONF}
+ MACHINE=$(grep $HWaddr ${DHCPCONF} | awk -F " " '{print $2}')
+ echo -n "MAC address $HWaddr added as: ${MACHINE}"
+ add2log ${MACHINE}
fi
echo
done
/etc/init.d/isc-dhcp-server restart
+ /etc/init.d/icinga reload
;;
*)
usage
diff --git a/fai/config/files/usr/local/sbin/dhcpd-keytab/SERVER_A b/fai/config/files/usr/local/sbin/dhcpd-keytab/SERVER_A
index f9fb280..06bf0eb 100755
--- a/fai/config/files/usr/local/sbin/dhcpd-keytab/SERVER_A
+++ b/fai/config/files/usr/local/sbin/dhcpd-keytab/SERVER_A
@@ -61,18 +61,7 @@ for i in `seq 8` ; do
echo "$DATADIR/${MACHINE}.keytab copied to ${MACHINE}."
DATE=`date +%F`
mv -v $DATADIR/${MACHINE}.keytab $DATADIR/${MACHINE}.keytab_$DATE
- MUNIN_CONFDIR='/etc/munin/munin-conf.d/'
- if [ -d $MUNIN_CONFDIR ] && ! grep -sq ${MACHINE} $MUNIN_CONFDIR/nodes.conf ; then
- cat >> $MUNIN_CONFDIR/nodes.conf <<EOF
-[${MACHINE}.intern]
- address ${MACHINE}
-
-EOF
- echo "${MACHINE} will be monitored by munin from now on."
- else
- echo "$MUNIN_CONFDIR does not exist or machine already present in $MUNIN_CONFDIR/nodes.conf."
- fi
cleanup "Success! ${MACHINE} activated."
done
-cleanup "Failed to activate ${MACHINE}. Run 'debian-lan addmachine ${MACHINE}' manually."
+cleanup "Failed to activate ${MACHINE}. Run 'debian-lan key2machine ${MACHINE}' manually."
diff --git a/fai/config/package_config/LOG_CLIENT b/fai/config/package_config/LOG_CLIENT
index 3a8912b..a06b633 100644
--- a/fai/config/package_config/LOG_CLIENT
+++ b/fai/config/package_config/LOG_CLIENT
@@ -4,3 +4,5 @@ PACKAGES aptitude
munin-node
smartmontools
lm-sensors
+nagios-nrpe-server
+nagios-plugins-basic
diff --git a/fai/config/package_config/LOG_SERVER b/fai/config/package_config/LOG_SERVER
index 7381ccc..8d6a995 100644
--- a/fai/config/package_config/LOG_SERVER
+++ b/fai/config/package_config/LOG_SERVER
@@ -4,6 +4,10 @@ PACKAGES aptitude
apache2
munin
munin-node
+icinga
+nagios-images
+nagios-plugins-standard
+nagios-nrpe-plugin
smartmontools
lm-sensors
diff --git a/fai/config/scripts/LOG_CLIENT/10-rsyslog-nrpe.conf b/fai/config/scripts/LOG_CLIENT/10-rsyslog-nrpe.conf
new file mode 100755
index 0000000..ae6419e
--- /dev/null
+++ b/fai/config/scripts/LOG_CLIENT/10-rsyslog-nrpe.conf
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+fcopy -r /etc/rsyslog.d/
+fcopy -r /etc/nagios/
+
diff --git a/fai/config/scripts/LOG_CLIENT/10-rsyslog.conf b/fai/config/scripts/LOG_CLIENT/10-rsyslog.conf
deleted file mode 100755
index adf9403..0000000
--- a/fai/config/scripts/LOG_CLIENT/10-rsyslog.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/bash
-
-fcopy -r /etc/rsyslog.d/
diff --git a/fai/config/scripts/LOG_CLIENT/20-access-node.conf b/fai/config/scripts/LOG_CLIENT/20-access-node.conf
new file mode 100755
index 0000000..b253c45
--- /dev/null
+++ b/fai/config/scripts/LOG_CLIENT/20-access-node.conf
@@ -0,0 +1,14 @@
+#!/bin/bash
+#
+# allow the host syslog to access the client node
+#
+
+set -e
+
+IP=$(host syslog | tail -n 1 | awk '{print $NF}' | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
+
+if [ -n $IP ] ; then
+ ainsl -a /etc/nagios/nrpe.d/debian-lan.cfg "allowed_hosts=${IP}"
+ IP=${IP//\./\\\.}
+ ainsl -Q /etc/munin/munin-node.conf "allow ^${IP}$" "allow ^${IP}$"
+fi
diff --git a/fai/config/scripts/LOG_CLIENT/20-munin-node.conf b/fai/config/scripts/LOG_CLIENT/20-munin-node.conf
deleted file mode 100755
index b7bd2db..0000000
--- a/fai/config/scripts/LOG_CLIENT/20-munin-node.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/bash
-#
-# allow the host syslog to access the munin node
-#
-
-set -e
-
-IP=`host syslog | tail -n 1 | awk '{print $NF}'| sed "s%\.%\\\\\\\.%g"`
-
-if [ -n $IP ] ; then
- ainsl -Q /etc/munin/munin-node.conf "allow ^${IP}$" "allow ^${IP}$"
-fi
diff --git a/fai/config/scripts/LOG_SERVER/10-rsyslog.conf b/fai/config/scripts/LOG_SERVER/10-rsyslog.conf
deleted file mode 100755
index adf9403..0000000
--- a/fai/config/scripts/LOG_SERVER/10-rsyslog.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/bash
-
-fcopy -r /etc/rsyslog.d/
diff --git a/fai/config/scripts/LOG_SERVER/10-rsyslog_icinga.conf b/fai/config/scripts/LOG_SERVER/10-rsyslog_icinga.conf
new file mode 100755
index 0000000..5c343d3
--- /dev/null
+++ b/fai/config/scripts/LOG_SERVER/10-rsyslog_icinga.conf
@@ -0,0 +1,19 @@
+#!/bin/bash
+#
+# Configure rsyslog and icinga
+#
+
+set -e
+
+fcopy -r /etc/rsyslog.d/
+fcopy /etc/icinga/objects/hostgroups_icinga.cfg
+fcopy /etc/icinga/objects/services_icinga.cfg
+fcopy /etc/icinga/objects/commands.cfg
+
+if [ "$FAI_ACTION" == "install" ] || $CONVERT ; then
+ ## Machines are added here, so do not overwrite them on softupdate:
+ fcopy /etc/icinga/objects/hosts.cfg
+ mv $target/etc/icinga/objects/localhost_icinga.cfg $target/etc/icinga/objects/localhost_icinga.cfg_orig
+ # FIXME: empty password for now:
+ $ROOTCMD htpasswd -bc /etc/icinga/htpasswd.users icingaadmin ""
+fi
diff --git a/fai/config/scripts/LOG_SERVER/30-munin.conf b/fai/config/scripts/LOG_SERVER/20-munin.conf
similarity index 100%
rename from fai/config/scripts/LOG_SERVER/30-munin.conf
rename to fai/config/scripts/LOG_SERVER/20-munin.conf
--
Debian-LAN development and packaging
More information about the debian-lan-devel
mailing list