confdroid/confdroid_nagios
3
0
Fork 0
Code Issues Projects Wiki Activity
Files
5f134c9d535992d8f07e93069f08a2e2edad6480
confdroid_nagios/doc/file.README.html

386 lines
13 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
File: README
&mdash; Documentation by YARD 0.9.9
</title>
<link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
<link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
<script type="text/javascript" charset="utf-8">
pathId = "";
relpath = '';
</script>
<script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="file_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="_index.html">Index</a> &raquo;
<span class="title">File: README</span>
</div>
<div id="search">
<a class="full_list_link" id="puppet_class_list_link"
href="puppet_class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><div id='filecontents'>
<p>|Repo Name| version | Build
Status|
|---|---|---|---|
|<code>cd_nagios</code>| 0.0.0.9 | <a
href="https://jenkins.confdroid.com/buildStatus/icon?job=cd_nagios">{Build
Status</a>/]|</p>
<h3 id="label-Synopsis">Synopsis</h3>
<p>Nagios is a powerful open source software solution for monitoring your IT
environments.</p>
<p><code>cd_nagios</code> is a Puppet module allowing to fully automate the
setup &amp; configuration of the Nagios server, as well as actively adding
client hosts and services to the monitoring environment through PuppetDB.</p>
<h3 id="label-WARNING">WARNING</h3>
<p><code>**__!!! Attention: Never use this puppet module on systems which have
been previously configured manually. It is impossible to predict how and
what would have been configured, hence previuos configurations outside the
scope of this module may be overwritten! Automated configurations require a
test environment to verify that the module suits the purpose intended by
the user, as well as tune the parameters, before deploying into live
production!!! __**</code></p>
<h3 id="label-Table+of+Contents">Table of Contents</h3>
<ul><li>
<p><a href="#features">Features</a></p>
</li><li>
<p><a
href="https://gitlab.puppetsoft.com/12WW1160/cd_nagios/blob/master/REPOSTRUCTURE.md">Repo
Structure</a></p>
</li><li>
<p><a href="#dependencies">Dependencies</a></p>
</li><li>
<p><a href="#deployment">Deployment</a></p>
</li><li>
<p><a href="#native-puppet-deployment">native Puppet deployment</a></p>
</li><li>
<p><a href="#through-foreman">through Foreman</a></p>
</li><li>
<p><a href="#parameters">Parameters</a></p>
</li><li>
<p><a href="#mandatory-parameters">Mandatory Parameters</a></p>
</li><li>
<p><a href="#optional-parameters">Optional Parameters</a></p>
</li><li>
<p>[PuppetDB]</p>
</li><li>
<p><a href="#selinux">SELINUX</a></p>
</li><li>
<p><a href="#certbot">Certbot</a></p>
</li><li>
<p><a href="#httpd-vhost-files">Httpd vHost Files</a></p>
</li><li>
<p>[Manage additional resources]</p>
</li><li>
<p><a href="#known-problems">Known Problems</a></p>
</li><li>
<p><a href="#support">Support</a></p>
</li><li>
<p><a href="#tests">Tests</a></p>
</li><li>
<p><a
href="https://gitlab.puppetsoft.com/12WW1160/cd_nagios/blob/master/CHANGELOG.md">Changelog</a></p>
</li><li>
<p><a href="https://confdroid.com/contact/">Contact Us</a></p>
</li><li>
<p><a href="#disclaimer">Disclaimer</a></p>
</li></ul>
<h3 id="label-Features">Features</h3>
<p>Installation:
* install httpd
* install server binaries on Nagios server
*
install client binaries on clients</p>
<p>Configuration
* configure all aspects of Nagios on server
* manage
directories (filesystem permissions, selinux )
* manage cgi.cfg through
parameters
* manage nagios.cfg through parameters
* manage Nagios users
through external Puppet rules via define
* manage Nagios commands through
Puppet exports
* manage Nagios template definitions through external Puppet
rules via define
* manage Nagios main contacts through Puppet exports.
Additional contacts can be created through external Puppet rules via
define, to avoid having to alter the module code.
* manage Nagios main
contactgroups through Puppet exports. Additional contact groups can be
created through external Puppet rules via define, to avoid having to alter
the module code.
* manage Nagios main hostgroups through Puppet exports.
Additional host groups can be created through external Puppet rules via
define, to avoid having to alter the module code.
* manage Nagios main
servicegroups through Puppet exports. Additional service groups can be
created through external Puppet rules via define, to avoid having to alter
the module code.
* manage Nagios main timeperiods through Puppet exports.
Additional timeperiods can be created through external Puppet rules via
define, to avoid having to alter the module code.
* configure NRPE on
clients (optional)
* configure firewall (optional)
* configure selinux
policies (optional)
* configure forwarding http to https including accesing
the /nagios url directly (optional)
* manage TLS certificates through
certbot (optional)</p>
<p>Service
* manage Nagios service on server
* manage NRPE service on clients
(optional)</p>
<p>Monitoring
* monitor Nagios host
* monitor Nagios service</p>
<h3 id="label-Repo+Structure">Repo Structure</h3>
<p>Repostructure has moved to REPOSTRUCTURE.md in repo.</p>
<h3 id="label-Dependencies">Dependencies</h3>
<p>All dependencies must be included in the catalogue.</p>
<ul><li>
<p><a
href="https://gitlab.puppetsoft.com/12WW1160/cd_resources">cd_resources</a>
for Yum repos.</p>
</li><li>
<p><a href="https://gitlab.puppetsoft.com/12WW1160/cd_apache">cd_apache</a>
for installing httpd</p>
</li><li>
<p><a
href="https://gitlab.puppetsoft.com/12WW1160/cd_firewall">cd_firewall</a>
or <a href="https://github.com/puppetlabs/puppetlabs-firewall">puppetlabs
firewall</a> (optional)</p>
</li><li>
<p><a href="https://gitlab.puppetsoft.com/12WW1160/cd_selinux">cd_selinux</a>
for selinux policy adjustments</p>
</li><li>
<p><a href="https://gitlab.puppetsoft.com/12WW1160/cd_certbot">cd_certbot</a>
to auto-manage TLS certificates (optional)</p>
</li><li>
<p><a href="https://gitlab.puppetsoft.com/12WW1160/cd_stdlib">cd_stdlib</a> or
<a href="https://github.com/puppetlabs/puppetlabs-stdlib">puppetlabs
stdlib</a> to facilitate concat</p>
</li><li>
<p><a href="https://gitlab.puppetsoft.com/12WW1160/cd_stdlib">cd-concat</a> or
<a href="https://github.com/puppetlabs/puppetlabs-concat">puppetlabs
concat</a> to concatenate configuration files from different sources.</p>
</li></ul>
<h3 id="label-Deployment">Deployment</h3>
<h5 id="label-native+Puppet+deployment">native Puppet deployment</h5>
<p>via site.pp or nodes.pp</p>
<pre class="code ruby"><code class="ruby">node &#39;example.example.net&#39; {
include cd_puppetdb
}</code></pre>
<h4 id="label-through+Foreman%3A">through Foreman:</h4>
<p>In order to apply parameters through Foreman,
<strong>cd_nagios::params</strong> must be added to the host or hostgroup
in question.</p>
<p>See <a
href="https://confdroid.com/2017/05/deploying-our-puppet-modules/">more
details about class deployment on Confdroid.com</a>.</p>
<h3 id="label-Parameters">Parameters</h3>
<p>The following parameters are editable via params.pp or through ENC
(<strong>recommended</strong>). Values changed will take immediate effect
at next puppet run. Services will be restarted where neccessary.</p>
<h4 id="label-Mandatory+Parameters">Mandatory Parameters</h4>
<p>The following parameters must be set to make the module logic work
properly:</p>
<ul><li>
<p><code>$ng_nagios_server</code> : Specify the FQDN of the nagios server
host. Must be a proper A-name, no CNAME i.e. on Loadbalancers. When the
FQDN matches the configured value, Nagios server components will be
installed and the clients will allow to be connected by that host. Impacts
also firewall ports (optional).</p>
</li></ul>
<h4 id="label-Optional+Parameters">Optional Parameters</h4>
<ul><li>
<p><code>$ng_include_nrpe</code> : Whether to include NRPE as means for the
Nagios server to connect to clients. Defaults to <code>true</code>.</p>
</li><li>
<p><code>$ng_include_fw</code> : Whether to include firewall management.
Requires <a
href="https://github.com/puppetlabs/puppetlabs-firewall">puppetlabs
firewall</a> or <a
href="https://gitlab.puppetsoft.com/12WW1160/cd_firewall">cd_firewall</a>,
which is a backdated clone of the puppetlabs firewall but tested to be
fully functioning with all our features.</p>
</li></ul>
<p>See the <a href="https://confdroid.com/2017/07/cd_nagios-parameters/">full
list of all available parameters</a>.</p>
<h3 id="label-PuppetDB">PuppetDB</h3>
<p>A working instance of PuppetDBconnected to the Puppet master is required
for this to work. Installation and configuration of PuppetDB is out of
scope for this module, however <a
href="https://gitlab.puppetsoft.com/12WW1160/cd_puppetdb">cd_puppetdb</a>
is available to automate this task for you as well within a few minutes.</p>
<h3 id="label-SELINUX">SELINUX</h3>
<p>All files and directories are configured with correct selinux context. If
selinux is disabled, these contexts are ignored.</p>
<h3 id="label-Certbot">Certbot</h3>
<p>This module can optionally setup <a
href="https://certbot.eff.org/">certbot</a> TLS certificate management for
the frontend GUI. In order to do so, set <code>$ng_enable_certbot</code> as
well as <code>$ng_use_https</code> to <code>true</code> (default).
Effectively, this will manage the certs before even installing Nagios, so
there will be no problems with the Nagios showing up with a self-signed
certificate. Once enabled, the module will go and try to obtain a
certificate automatically. For this to work, you need to have proper DNS
resolution set up for your domain / nagios server. Certs are also
automatically renewed.</p>
<p>If you prefer to use https but use self-signed certs or your own CA, simply
set to false. This will point the SSL vhost config file to the default
location for TLS certificates.</p>
<h3 id="label-httpd+vHost+files">httpd vHost files</h3>
<p>by Default, Nagios creates its own nagios.conf file, which is not a vhost
file and relies on the main ssd.conf. However, as Nagios might be running
on a regular web server with various other web instances (not recommended
through for performance reasons), we will not want to manage ssl.conf
directly, hence the module creates a vhost for the ssl host.</p>
<h3 id="label-Manage+additional+resources">Manage additional resources</h3>
<h3 id="label-Known+Problems">Known Problems</h3>
<h3 id="label-Support">Support</h3>
<ul><li>
<p>OS: CentOS 6, 7</p>
</li><li>
<p>Puppet 3.x</p>
</li></ul>
<h3 id="label-Tests">Tests</h3>
<ul><li>
<p>Puppet Lint</p>
</li><li>
<p>excluded tests:</p>
<ul><li>
<p><code>--no-class_inherits_from_params_class-check</code>:relavant only to
non-supported outdated puppet versions</p>
</li><li>
<p><code>--no-variable_scope-check</code>: not applicable as we are inheriting
parameters from params class. the lint check does not distinguish between
facts and inherited parameters.</p>
</li><li>
<p><code>--no-80chars-check</code>: it is not always possible to stay within
80 characters, although typically only occurring on the parameter vault
<code>params.pp</code>.</p>
</li><li>
<p><code>--no-140chars-check</code>: it is not always possible to stay within
140 characters, although typically only occurring on the parameter vault
<code>params.pp</code>.</p>
</li><li>
<p><code>--no-arrow_alignment-check</code>: this check leads to actually not
having am easily readable arrow alignment, as this checks <code>per
block</code>, not per class.</p>
</li></ul>
</li><li>
<p>Puppet Parser</p>
</li><li>
<p>ERB Template Parser</p>
</li><li>
<p>Test for unwanted UTF8 files in the Puppet code as this causes problems
with PuppetDB (see tests/UTF_Files)</p>
</li></ul>
<h3 id="label-Contact+Us">Contact Us</h3>
<p><a href="https://confdroid.com/contact/">contact Us</a></p>
<h3 id="label-Disclaimer">Disclaimer</h3>
<p>ConfDroid as entity is entirely independent from Puppet. We provide custom
configuration modules, written for specific purposes and specific
environments.
The modules are tested and supported only as documented, and
require testing in designated environments (i.e. lab or development
environments) for parameter tuning etc. before deploying into production
environments.</p>
</div></div>
<div id="footer">
Generated on Thu Jul 27 17:34:45 2017 by
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.9 (ruby-2.0.0).
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink