Commit 10b1db09 authored by Walter Heck's avatar Walter Heck

Merge branch '6-elastic-stack-upgrade' of...

Merge branch '6-elastic-stack-upgrade' of gitlab.olindata.com:opstheater/opstheater into 6-elastic-stack-upgrade

# Conflicts:
#	site/opstheater/manifests/profile/icinga/db.pp
parents 070697ba 4d3e3d01
Pipeline #346 passed with stages
in 2 minutes and 29 seconds
......@@ -53,6 +53,7 @@ opstheater::profile::mysql::override_options:
log_slow_admin_statements: 1
log_slow_rate_limit: 1000
log_slow_verbosity: query_plan,innodb
log_warnings: 2
long_query_time: 10
max_allowed_packet: 32M
max_connect_errors: 999999
......
......@@ -119,7 +119,7 @@
# Variable: opstheater::icinga::ido_password
# Description:
# Default value: "password"
'opstheater::icinga::ido_password': "password"
'opstheater::icinga::ido_password': 'OpsTheaterIcingaPassWord'
# Variable: opstheater::icingaweb::fqdn
# Description:
......@@ -144,7 +144,7 @@
# Variable: opstheater::icingaweb::webdb_password
# Description:
# Default value: "password"
'opstheater::icingaweb::webdb_password': "password"
'opstheater::icingaweb::webdb_password': 'OpsTheaterIcingaPassWord'
'opstheater::icingaweb::ldap::auth_base_dn': "%{hiera('opstheater::ldap::base_dn')}"
'opstheater::icingaweb::ldap::auth_filter': '!(objectClass=computer)'
......
/*
* Generic template examples.
*/
/**
* Provides default settings for hosts. By convention
* all hosts should import this template.
*
* The CheckCommand object `hostalive` is provided by
* the plugin check command templates.
* Check the documentation for details.
*/
template Host "generic-host" {
max_check_attempts = 3
check_interval = 1m
retry_interval = 30s
check_command = "hostalive"
}
template Host "linux-host" {
import "generic-host"
vars.os = "Linux"
vars.disks["disk /"] = {
disk_partition = "/"
}
}
template Host "postgres-dbms" {
}
/**
* Provides default settings for services. By convention
* all services should import this template.
*/
template Service "generic-service" {
max_check_attempts = 5
check_interval = 1m
retry_interval = 30s
}
/**
* Provides default settings for users. By convention
* all users should inherit from this template.
*/
template User "generic-user" {
}
/**
* Provides default settings for host notifications.
* By convention all host notifications should import
* this template.
*/
template Notification "mail-host-notification" {
command = "mail-host-notification"
states = [ Up, Down ]
types = [ Problem, Acknowledgement, Recovery, Custom,
FlappingStart, FlappingEnd,
DowntimeStart, DowntimeEnd, DowntimeRemoved ]
period = "24x7"
}
/**
* Provides default settings for service notifications.
* By convention all service notifications should import
* this template.
*/
template Notification "mail-service-notification" {
command = "mail-service-notification"
states = [ OK, Warning, Critical, Unknown ]
types = [ Problem, Acknowledgement, Recovery, Custom,
FlappingStart, FlappingEnd,
DowntimeStart, DowntimeEnd, DowntimeRemoved ]
period = "24x7"
}
......@@ -8,24 +8,4 @@ class opstheater::profile::base::icinga {
}
}
$lowercase_fqdn = downcase($::fqdn)
Icinga2::Object::Host {
display_name => $lowercase_fqdn,
check_command => 'cluster-zone',
target => "/etc/icinga2/conf.d/${lowercase_fqdn}.conf",
}
@@icinga2::object::host { $lowercase_fqdn:
vars => {
os => 'Linux',
remote => true,
remote_endpoint => $lowercase_fqdn,
notification => {
'mail' => {
'groups' => [ 'icingaadmins' ]
}
}
},
}
}
class opstheater::profile::icinga::client (
$parent_endpoints,
$parent_zone,
$parent_endpoints = {
hiera('opstheater::icinga::fqdn') => {
host => hiera('opstheater::icinga::ipaddress'),
}
},
$parent_zone = 'master',
$agent_ip = $::facts[ipaddress],
) inherits opstheater::profile::params {
......@@ -49,12 +53,24 @@ class opstheater::profile::icinga::client (
tag => 'icinga2::zone',
}
$icinga_host = hiera_hash(icinga2::host, {
'vars' => {
'os' => 'Linux',
'disks' => {
'disk /' => {
'disk_partition' => '/'
}
}
},
'import' => ['linux-host']
})
@@::icinga2::object::host { $::fqdn:
* => merge({
display_name => $::hostname,
address => $agent_ip,
target => "/etc/icinga2/zones.d/${parent_zone}/${::hostname}.conf",
}, hiera_hash(icinga2::host)),
}, $icinga_host),
}
@firewall { '201 allow access to icinga client':
......
......@@ -11,11 +11,11 @@ class opstheater::profile::icinga::db (
grant => ['ALL'],
}
mysql::db { 'icinga2':
user => 'icinga2',
password => $icinga2_ido_password,
host => $mysql_whitelist_range,
grant => ['ALL'],
mysql_grant { "icinga2@${mysql_whitelist_range}/icinga2.*":
ensure => 'present',
privileges => ['ALL'],
table => 'icinga2.*',
user => "icinga2@${mysql_whitelist_range}",
}
}
class opstheater::profile::icinga::server (
$icinga2_db_ipaddress = hiera('opstheater::icinga::mysql_ipaddress'),
$icinga2_web_fqdn = hiera('opstheater::icingaweb::fqdn'),
$icinga2_ido_password = hiera('opstheater::icinga::ido_password'),
String $icinga2_db_ipaddress = hiera('opstheater::icinga::mysql_ipaddress'),
String $icinga2_web_fqdn = hiera('opstheater::icingaweb::fqdn'),
String $icinga2_ido_password = hiera('opstheater::icinga::ido_password'),
) inherits opstheater::profile::params {
class { 'icinga2':
confd => false,
manage_repo => true,
features => ['checker','mainlog','notification','statusdata','compatlog','command'],
features => ['checker','mainlog','notification','statusdata','compatlog','command','perfdata'],
constants => {
'ZoneName' => 'master',
},
......@@ -29,7 +29,6 @@ class opstheater::profile::icinga::server (
assign => [ 'host.name == NodeName' ],
}
icinga2::object::zone { 'global-templates':
global => true,
}
......@@ -69,11 +68,21 @@ class opstheater::profile::icinga::server (
}
}
File <<| tag == "icinga2::zone" |>>
File <<| tag == 'icinga2::zone' |>>
::Icinga2::Object::Host <<| |>>
::Icinga2::Object::Service <<| |>>
::Icinga2::Object::Zone <<| |>>
::Icinga2::Object::Endpoint <<| |>>
# Static config files
file { '/etc/icinga2/zones.d/global-templates/templates.conf':
ensure => file,
owner => 'icinga',
group => 'icinga',
mode => '0640',
source => 'puppet:///modules/opstheater/icinga2/templates.conf',
}
@firewall { '201 allow access to icinga master':
chain => 'INPUT',
......
......@@ -190,12 +190,12 @@ class opstheater::profile::icinga::web (
manage_apache_vhost => true,
ido_db => 'mysql',
ido_db_host => $icinga2_db_ipaddress,
ido_db_name => 'icinga2_data',
ido_db_name => 'icinga2',
ido_db_user => 'icinga2',
ido_db_pass => $icinga2_ido_password,
ido_db_port => '3306',
web_db => 'mysql',
web_db_name => 'icinga2_web',
web_db_name => 'icinga2',
web_db_host => $icinga2_db_ipaddress,
web_db_user => 'icinga2_web',
web_db_pass => $icinga2_webdb_password,
......@@ -221,12 +221,12 @@ class opstheater::profile::icinga::web (
manage_apache_vhost => true,
ido_db => 'mysql',
ido_db_host => $icinga2_db_ipaddress,
ido_db_name => 'icinga2_data',
ido_db_name => 'icinga2',
ido_db_user => 'icinga2',
ido_db_pass => $icinga2_ido_password,
ido_db_port => '3306',
web_db => 'mysql',
web_db_name => 'icinga2_web',
web_db_name => 'icinga2',
web_db_host => $icinga2_db_ipaddress,
web_db_user => 'icinga2_web',
web_db_pass => $icinga2_webdb_password,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment