tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-04-08 17:05:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add NSCA-ng support for the Vagrant VM.

Browse Source 
Fixes #5128

Signed-off-by: Gunnar Beutner <gunnar@beutner.name>
This commit is contained in:
Paul Richards 2013-11-24 16:47:34 +00:00 committed by Gunnar Beutner
parent d4cc6fb5e0
commit 593025f763
9 changed files with 272 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.vagrant-puppet/manifests/default.pp
View File

@ -2,6 +2,7 @@ include apache
include icinga-classicui
include icinga-web
include nagios-plugins
include nsca-ng
# icinga 2 docs at /icinga2-doc
file { '/etc/httpd/conf.d/icinga2-doc.conf':

85
.vagrant-puppet/modules/nsca-ng/manifests/init.pp Normal file
View File

@ -0,0 +1,85 @@
# Class: nsca-ng
#
# This class installs nsca-ng components
#
class nsca-ng {
include nsca-ng-server
include nsca-ng-client
}
# Class: nsca-ng-server
#
# This class installs nsca-ng server
#
# Parameters:
#
# Actions:
#
# Requires:
#
# Sample Usage:
#
class nsca-ng-server {
package { 'nsca-ng-server':
ensure => installed,
}
exec { 'iptables-allow-nsca-ng':
path => '/bin:/usr/bin:/sbin:/usr/sbin',
unless => 'grep -Fxqe "-A INPUT -m state --state NEW -m tcp -p tcp --dport 5668 -j ACCEPT" /etc/sysconfig/iptables',
command => 'lokkit -p 5668:tcp'
}
service { 'nsca-ng':
enable => true,
ensure => running,
hasrestart => true,
alias => 'nsca-ng',
require => [ Package['nsca-ng-server'], Exec['iptables-allow-nsca-ng'] ]
}
file { '/etc/nsca-ng.cfg':
content => template('nsca-ng/nsca-ng.cfg'),
require => Package['nsca-ng-server'],
notify => Service['nsca-ng']
}
}
# Class: nsca-ng-client
#
# This class installs nsca-ng client
#
# A example passive check result is stored in ~vagrant/passive_result.
#
# This can be called manually with:
# send_nsca -c /etc/send_nsca.cfg < /home/vagrant/passive_result
#
# Parameters:
#
# Actions:
#
# Requires:
#
# Sample Usage:
#
class nsca-ng-client {
package { 'nsca-ng-client':
ensure => installed,
}
file { '/etc/icinga2/conf.d/passive.conf':
content => template('nsca-ng/passive.conf'),
require => Package['nsca-ng-client'],
notify => Service['icinga2']
}
file { '/etc/send_nsca.cfg':
content => template('nsca-ng/send_nsca.cfg'),
require => Package['nsca-ng-client'],
}
file { '/home/vagrant/passive_result':
content => template('nsca-ng/passive_result'),
require => Package['nsca-ng-client'],
}
}

127
.vagrant-puppet/modules/nsca-ng/templates/nsca-ng.cfg Normal file
View File

@ -0,0 +1,127 @@
#
# Sample configuration for nsca-ng(8). See the nsca-ng.cfg(5) man page.
#
# PLEASE SET THE PERMISSIONS OF THIS FILE APPROPRIATELY TO MAKE SURE THAT ONLY
# AUTHORIZED USERS CAN ACCESS IT!
#
#
# Most probably, you'll have to specify the path to the Nagios command file.
#
command_file = "/var/run/icinga2/cmd/icinga2.cmd"
#
# These configuration settings are optional.
#
# listen = "monitoring.example.com:5668" # Default: "*".
# pid_file = "/var/run/nsca-ng.pid" # Default: create no PID file.
# temp_directory = "/dev/shm" # Default: "/tmp".
# tls_ciphers = "PSK-AES256-CBC-SHA" # Default: see nsca-ng.cfg(5).
# chroot = "/usr/local/nagios/var" # Default: don't chroot(2).
# user = "nagios" # Default: don't switch user.
# log_level = 2 # Default: 3.
# max_command_size = 65536 # Default: 16384.
# max_queue_size = 128 # Default: 1024.
# timeout = 15.0 # Default: 60.0.
#
user = "nsca"
#
# Clients provide a client ID (think: user name) and a password. The same
# ID/password combination may be used by multiple clients. In order to
# authorize clients to submit check results and/or other external commands, at
# least one "authorize" section must be specified. The client ID (which follows
# the "authorize" keyword) may be "*". In this case, the block will be used as
# fallback if no section is defined for a given client ID. No other wildcard
# characters are available, and "*" has no special meaning unless the client ID
# is exactly "*".
#
# Authorizations are specified using the "commands", "hosts, and/or "services"
# variables within an "authorize" section. These variables are (lists of)
# extended POSIX regular expressions (see the regex(7) man page), but with an
# implicit leading "^" and trailing "$". The "commands" patterns are matched
# against the full command string transmitted by the client, except for the
# leading bracketed timestamp. The "hosts" and "services" variables are
# syntactic sugar, e.g.:
#
# services = {
# "http@web-server",
# "disk"
# }
#
# is equivalent to
#
# commands = {
# "PROCESS_SERVICE_CHECK_RESULT;web-server;http;.+;.+",
# "PROCESS_SERVICE_CHECK_RESULT;[^;]+;disk;.+;.+"
# }
#
# Some examples:
#
# Authenticated "root" clients may submit arbitrary check results and any other
# monitoring commands.
#
# authorize "root" {
# password = "cM5vBM9CtCWTH1SwnxFEOfp8VAmQq2vd"
# commands = ".*"
# }
#
# Authenticated "checker" clients may submit arbitrary check results, but no
# other commands.
#
# authorize "checker" {
# password = "s2LDCy4CiK6yrlcHhTXT6agFh067XYE3"
# hosts = ".*"
# services = ".*"
# }
#
# Authenticated "mail-checker" clients may submit check results for arbitrary
# services on hosts whose names begin with "pop", "imap", or "smtp".
#
# authorize "mail-checker" {
# password = "1HOiwYonRoLByCaX6lfY5KDhP484THzV"
# services = {
# ".+@pop.*",
# ".+@imap.*",
# ".+@smtp.*"
# }
# }
#
# Authenticated "system-checker" clients may submit check results for the
# "disk", "swap", and "load" services on arbitrary hosts.
#
# authorize "system-checker" {
# password = "rDCnSMFaM9wb5Yzjd6JwRcvHEwmC9ZlQ"
# services = {
# "disk",
# "swap",
# "load"
# }
# }
#
#
# The "*" section applies when no other section matches the client's identity.
# In order to authorize clients to actually submit check results (or other
# commands), at least one "commands" and/or "services" expression must be
# specified.
#
authorize "*" {
password = "password"
#
# The original NSCA server permits all authenticated clients to submit
# arbitrary check results. To get this behaviour, enable the following
# lines:
#
hosts = ".*"
services = ".*"
}
#
# Other files can be included. If a directory is specified, all "*.cfg" and
# "*.conf" files within this directory and all subdirectories are included.
#
# include(nsca-ng.d/included.cfg)
#

18
.vagrant-puppet/modules/nsca-ng/templates/passive.conf Normal file
View File

@ -0,0 +1,18 @@
/**
* A host definition. You can create your own configuration files
* in the conf.d directory (e.g. one per host). By default all *.conf
* files in this directory are included.
*/
object Host "nsca-ng" inherits "generic-host" {
display_name = "nsca-ng test",
services["PassiveService1"] = {
templates = [ "generic-service" ],
check_command = "passive",
},
services["PassiveService2"] = {
templates = [ "generic-service" ],
check_command = "passive",
},
}

3
.vagrant-puppet/modules/nsca-ng/templates/passive_result Normal file
View File

@ -0,0 +1,3 @@
nsca-ng PassiveService1 0 This is a test passive result check returning OK
nsca-ng PassiveService2 1 This is a test passive result check returning BAD

16
.vagrant-puppet/modules/nsca-ng/templates/send_nsca.cfg Normal file
View File

@ -0,0 +1,16 @@
#
# Sample configuration for send_nsca(8). See the send_nsca.cfg(5) man page.
#
# PLEASE SET THE PERMISSIONS OF THIS FILE APPROPRIATELY TO MAKE SURE THAT ONLY
# AUTHORIZED USERS CAN ACCESS IT!
#
password="password"
identity="nsca-ng"
# identity = "web-checker" # Default: `hostname`.
# password = "8a5UMsMzZhu6sSPkSmSaqC3HjMGCLwdt" # Default: "change-me".
# server = "monitoring.example.com" # Default: "localhost".
# tls_ciphers = "PSK-AES256-CBC-SHA" # See send_nsca.cfg(5).
# delay = 2 # Default: 0.
# port = 5668 # Default: 5668.
# timeout = 10 # Default: 15.

3
Vagrantfile vendored
View File

@ -30,6 +30,9 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# so you can take notice and act accordingly.
auto_correct: true
# forward port for nsca-ng. See note above regarding auto_correct
config.vm.network :forwarded_port, guest: 5668, host: 5668, auto_correct: true
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network :private_network, ip: "192.168.33.10"

12
doc/5-icinga-template-library.md
View File

@ -58,6 +58,18 @@ plugindir | **Required.** The directory containing this plugin.
state | **Optional.** The state. Can be one of 0 (ok), 1 (warning), 2 (critical) and 3 (unknown). Defaults to 0.
text | **Optional.** Plugin output. Defaults to "Check was successful.".
### passive
Specialised check command object for passive checks executing the `check_dummy` plugin with appropriate default values.
Macros:
Name | Description
----------------|--------------
plugindir | **Required.** The directory containing this plugin.
state | **Optional.** The state. Can be one of 0 (ok), 1 (warning), 2 (critical) and 3 (unknown). Defaults to 3.
text | **Optional.** Plugin output. Defaults to "No Passive Check Result Received.".
### tcp
Check command object for the `check_tcp` plugin.

7
itl/command-common.conf
View File

@ -76,6 +76,13 @@ object CheckCommand "dummy" inherits "plugin-check-command" {
}
}
object CheckCommand "passive" inherits "dummy" {
macros = {
state = 3,
text = "No Passive Check Result Received."
}
}
object CheckCommand "tcp" inherits "plugin-check-command" {
command = [
"$plugindir$/check_tcp",