confdroid/confdroid_nrpe
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

edited README

Browse Source
This commit is contained in:
Arne Teuke
2017-07-30 13:25:04 +01:00
parent ae65987869
commit 106e7b4e14
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@@ -86,6 +86,8 @@ There are currently no mandatory parameters, i.e. the module will function right
* `$ne_manage_cmds` : Whether to manage check command definitions dynamically through a define, i.e. from other Puppet modules or profiles. Defaults to `true`. * `$ne_manage_cmds` : Whether to manage check command definitions dynamically through a define, i.e. from other Puppet modules or profiles. Defaults to `true`.
* `$ne_incl_fw` : Whether to manage relevant firewall rules through this modules. Defaults to `true`. * `$ne_incl_fw` : Whether to manage relevant firewall rules through this modules. Defaults to `true`.
* `$ne_include_selinux` : Whether to manage selinux exception rules. Defaults to `true`. * `$ne_include_selinux` : Whether to manage selinux exception rules. Defaults to `true`.
* `$ne_enable_ssl` : Whether to allow SSL settings. See [known problems](#konwn-problems) for more details.
### Managing Check Commands ### Managing Check Commands
In order to connect a Nagios monitoring server to clients through NRPE, you must define commands and the desired argument strings on the clients. The default NRPE installation comes with a few examples of such commands, which are also included in this module. However, every environment is very different in their requirements and Nagios via Puppet is all about the ability to dynamicically set command arguments based on default variables / overrides. For that reason no hard-coded commands are included, but instead all commands are set via argument strings, where possible. In order to connect a Nagios monitoring server to clients through NRPE, you must define commands and the desired argument strings on the clients. The default NRPE installation comes with a few examples of such commands, which are also included in this module. However, every environment is very different in their requirements and Nagios via Puppet is all about the ability to dynamicically set command arguments based on default variables / overrides. For that reason no hard-coded commands are included, but instead all commands are set via argument strings, where possible.
@@ -99,13 +101,14 @@ Defining commands is as simple as that:
`ne_cmd_argstring` => '-w $ARG1$ -c $ARG2$', `ne_cmd_argstring` => '-w $ARG1$ -c $ARG2$',
} }
``` ```
It is very recommendable to define such commands within Puppet modules controlling services, so any node running the particular service will automatically get the required check commands defined as well. It is very recommendable to define such commands within Puppet modules controlling services, so any node running the particular service will automatically get the required check commands defined as well, while nodes not running the service also do not contain the command check.
### SELINUX ### SELINUX
All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored. All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored.
### Known Problems ### Known Problems
* SSL/TLS support: Version 3 of NRPE supposedly has support for SSL/ TLs. However, at the time of writing this module, this seems to be buggy, as I was unable to start the NRPE service as soon as the `ssl_cert_file` line was uncommented in teh configuration file, despite having valid certs in the right position on the node. This happened when installing manually, not through this Puppet module. For that reason I included the `$ne_enable_ssl` boolean parameter, which is set to `false` by default, hence disabling SSL/TLS options until this has been fixed upstream, or a valid workaround has been found. Setting this option to `true` will include all SSL / TLS settings.
### Support ### Support
* OS: CentOS 6, 7 * OS: CentOS 6, 7