automate/puppetize Nagios installs
one part of our install process is to configure Nagios, by hand, in the git repository. I usually do this by copy-pasting some similar blob of config from a possibly similar machine and hope for the best.
this is a manual step, and as part of the automation of the install process, it should be made automatic.
one way this could (and probably should) be done is by making Puppet automatically add its nodes into Nagios. this can be done using the icinga2 module, for example. care should be taken to do a smooth transition, keeping existing configurations and just adding the Puppet ones on top, for new machines.
but this could (eventually) be retroactively added to all nodes, removing all manual configuration.
checklist:
-
audit and import the module in our monorepo -
enable on the nagios server, without writing any config (hopefully a noop)not possible, config is overwritten by module, instead... -
move the base configuration ( config/static
) from git into Puppet (mostly icinga.cfg and so on, because they are overwritten by the module) -
enable a single config from puppet, as a test -
add a new host check configuration -
add a new service check configuration -
add all base service checks for the new host (e.g. the services defined for the computers
hostgroup, equivalent of pieces offrom-git/generated/auto-services.cfg
) -
[ ] convert legacy config into puppet (at this stage we only have the old hosts as legacy config)done in third step -
convert NRPE service definitions ( puppet:///modules/nagios/tor-nagios/generated/nrpe_tor.cfg
, generated from the git repo) -
remove NRPE config sync from nagios to Puppet (the rsync to pauli
inconfig/Makefile
) -
convert old hosts checks into puppet -
convert old services checks into puppet -
remove git hook receiver on nagios server ( /etc/ssh/userkeys/nagiosadm
key, which calls/home/nagiosadm/bin/from-git-rw
)
It's a long way there, but getting to the state where new hosts are covered would already be a great improvement.