Ansible nagios-client role

From Notes_Wiki
Revision as of 05:21, 27 August 2015 by Saurabh (talk | contribs) (Created page with "<yambe:breadcrumb>Ansible_roles|Ansible roles</yambe:breadcrumb> =ansible nagios-client role= Nagios client role for configuring appropriate nrpe so that nagios-servers can m...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

<yambe:breadcrumb>Ansible_roles|Ansible roles</yambe:breadcrumb>

ansible nagios-client role

Nagios client role for configuring appropriate nrpe so that nagios-servers can monitor swap, total processes, disk, zombie processes, users, load, etc. for a client can be configured using:

Create roles/nagios-client/{files,handlers,tasks,templates} folder using:

mkdir -p roles/nagios-client/{files,handlers,tasks,templates} 

Change working directory to roles/nagios-client

cd roles/nagios-client

Create files/client.nagios.conf empty file

Create files/localhost.cfg empty file

Create handlers/main.yaml file with following contents:

---
- name: restart nrpe
#  service: name=nrpe state=restarted enabled=yes
  shell: service xinetd restart; service nrpe restart

Here xinetd restart is required to ensure "nrpe" from xinetd is disabled before direct nrpe service is started.

Create tasks/main.yaml file with following contents:

---
- name: Install epel-repository
  yum: name=epel-release state=present

- name: Install necessary packages
  yum: name={{item}} state=present
  with_items:
    - nagios-plugins-all
#    - nagios-plugins-fts
    - pnp4nagios
    - nagios-nrpe

- name: Edit the nrpe.conf file to allow remote connectivity
  template: src=nrpe.cfg  dest=/etc/nagios/nrpe.cfg
  notify:
    - restart nrpe

- name: Disable nrpe through xinetd
  lineinfile: dest=/etc/xinetd.d/nrpe line="disable = yes" regexp="disable" 
  ignore_errors: yes

#This is commented as this would break nagios-server, if nagios-server is configured both as nagios-server and nagios-client for redundancy
#- name: Copy the nagios.conf file
#  copy: src=client.nagios.conf dest=/etc/httpd/conf.d/nagios.conf mode=644

- name: Replace existing localhost.cfg file with emtpy file
  copy: src=localhost.cfg dest="/etc/nagios/objects/localhost.cfg" owner=root group=nagios mode=644

- name: Start the nrpe service
  service: name={{item}} state=started  enabled=yes
  with_items:
    - nrpe

Create templates/nrpe.cfg with following contents:

log_facility=daemon
pid_file=/var/run/nrpe/nrpe.pid
server_port=5666
#server_address=127.0.0.1
nrpe_user=nrpe
nrpe_group=nrpe
allowed_hosts=127.0.0.1
{% for server1 in nagios_servers %}
allowed_hosts={{server1}}
{% endfor %}
 
# Values: 0=do not allow arguments, 1=allow command arguments
dont_blame_nrpe=0

# Values: 0=do not allow bash command substitutions, 
#         1=allow bash command substitutions
allow_bash_command_substitution=0

# command_prefix=/usr/bin/sudo 

# Values: 0=debugging off, 1=debugging on
debug=0

command_timeout=60

connection_timeout=300

# Values: 0=only seed from /dev/[u]random, 1=also seed from weak randomness
#allow_weak_random_seed=1


#include=<somefile.cfg>

command[check_users]=/usr/lib64/nagios/plugins/check_users -w 5 -c 10
command[check_load]=/usr/lib64/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
command[check_disk]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% 
command[check_swap]=/usr/lib64/nagios/plugins/check_swap -w 70% -c 50%
command[check_zombie_procs]=/usr/lib64/nagios/plugins/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/lib64/nagios/plugins/check_procs -w 150 -c 200 


# The following examples allow user-supplied arguments and can
# only be used if the NRPE daemon was compiled with support for 
# command arguments *AND* the dont_blame_nrpe directive in this
# config file is set to '1'.  This poses a potential security risk, so
# make sure you read the SECURITY file before doing this.
#command[check_users]=/usr/lib64/nagios/plugins/check_users -w $ARG1$ -c $ARG2$
#command[check_load]=/usr/lib64/nagios/plugins/check_load -w $ARG1$ -c $ARG2$
#command[check_disk]=/usr/lib64/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
#command[check_procs]=/usr/lib64/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$



# INCLUDE CONFIG DIRECTORY (.cfg files)
include_dir=/etc/nrpe.d/


Finally following variables need to be defined either in common_vars, or in vars/main.yaml of nagios-client role or in nagios-client playbook:

nagios_servers:
 - 10.4.21.12
 - 10.4.21.13

IPs are preferable as these go into nrpe.cfg to ensure that nrpe answers queries only from these IPs


<yambe:breadcrumb>Ansible_roles|Ansible roles</yambe:breadcrumb>