diff --git a/site-modules/profile/manifests/icinga2/objects/common_checks.pp b/site-modules/profile/manifests/icinga2/objects/common_checks.pp index 2ab78f7b..91bc0308 100644 --- a/site-modules/profile/manifests/icinga2/objects/common_checks.pp +++ b/site-modules/profile/manifests/icinga2/objects/common_checks.pp @@ -1,149 +1,150 @@ # Icinga2 common check definitions class profile::icinga2::objects::common_checks { $service_configuration = lookup('icinga2::service_configuration') $target_file = '/etc/icinga2/zones.d/global-templates/services.conf' # Done locally on the master ::icinga2::object::service {'ping4': import => ['generic-service'], apply => true, check_command => 'ping4', assign => ['host.address'], + ignore => ['host.vars.noping'], target => $target_file, } ::icinga2::object::service {'linux-ssh': import => ['generic-service'], apply => true, check_command => 'ssh', assign => ['host.vars.os == Linux'], target => $target_file, } # Done remotely on the client: command_endpoint = host.name. each($service_configuration['load']) |$name, $vars| { if $name == 'default' { $assign = 'host.vars.os == Linux' $ignore = 'host.vars.noagent || host.vars.load' } else { $assign = "host.vars.os == Linux && host.vars.load == ${name}" $ignore = 'host.vars.noagent' } ::icinga2::object::service {"linux_load_${name}": import => ['generic-service'], service_name => 'load', apply => true, check_command => 'load', command_endpoint => 'host.name', assign => [$assign], ignore => [$ignore], target => $target_file, vars => $vars, } } ::icinga2::object::service {'linux_disks': import => ['generic-service'], apply => 'disk_name => config in host.vars.disks', check_command => 'disk', command_endpoint => 'host.name', vars => 'vars + config', assign => ['host.vars.os == Linux'], ignore => ['host.vars.noagent'], target => $target_file, } ::icinga2::object::service {'apt': import => ['generic-service'], apply => true, check_command => 'apt', command_endpoint => 'host.name', check_interval => '3h', vars => { apt_timeout => '120', apt_only_critical => 'true', }, assign => ['host.vars.os == Linux'], ignore => ['host.vars.noagent'], target => $target_file, } ::icinga2::object::service {'ntp': import => ['generic-service'], apply => true, check_command => 'ntp_peer', command_endpoint => 'host.name', vars => { ntp_address => 'localhost', }, assign => ['host.vars.os == Linux'], ignore => ['host.vars.noagent'], target => $target_file, } ::icinga2::object::service {'journalbeat': import => ['generic-service'], apply => true, check_command => 'check_journal', command_endpoint => 'host.name', assign => ['host.vars.os == Linux'], ignore => ['-:"check_journal" !in host.vars.plugins', 'host.vars.noagent'], target => $target_file, } ::icinga2::object::service {'puppet_agent': import => ['generic-service'], apply => true, check_command => 'file_age', command_endpoint => 'host.name', vars => { file_age_file => '/var/lib/puppet/state/agent_disabled.lock', file_age_warning_time => '14400', # in seconds, warning after 4h file_age_critical_time => '86400', # in seconds, critical after 24h file_age_ignoremissing => 'true', }, assign => ['host.vars.os == Linux'], ignore => ['host.vars.noagent'], target => $target_file, } ::icinga2::object::service {'check_systemd': import => ['generic-service'], apply => true, name => "Check systemd state", check_command => "check_systemd", command_endpoint => 'host.name', assign => ['host.vars.os == Linux'], ignore => ['host.vars.noagent'], target => $target_file, } ::icinga2::object::service {'check_postfix': import => ['generic-service'], apply => true, name => "Check postfix service", check_command => "check_systemd", command_endpoint => 'host.name', assign => ['host.vars.os == Linux'], vars => { systemd_units => ['postfix@-.service'], }, ignore => ['host.vars.noagent'], target => $target_file, } ::icinga2::object::service {'logstash_errors': import => ['generic-service'], apply => true, check_command => 'check_logstash_errors.sh', command_endpoint => 'host.name', assign => ['check_logstash_errors.sh in host.vars.plugins'], ignore => ['host.vars.noagent'], target => $target_file, } } diff --git a/site-modules/profile/manifests/icinga2/objects/static_checks.pp b/site-modules/profile/manifests/icinga2/objects/static_checks.pp index 752df8fc..1bd0bd89 100644 --- a/site-modules/profile/manifests/icinga2/objects/static_checks.pp +++ b/site-modules/profile/manifests/icinga2/objects/static_checks.pp @@ -1,170 +1,171 @@ # Static checks on the icinga master class profile::icinga2::objects::static_checks { $checks_file = '/etc/icinga2/conf.d/static-checks.conf' ::icinga2::object::host {'www.softwareheritage.org': import => ['generic-host'], check_command => 'dummy', address => 'www.softwareheritage.org', target => $checks_file, vars => { dummy_state => 0, # up dummy_text => "HTTP-only host", }, } ::icinga2::object::host {'softwareheritage.org': import => ['generic-host'], check_command => 'dummy', address => 'softwareheritage.org', target => $checks_file, vars => { dummy_state => 0, # up dummy_text => "HTTP-only host", }, } ::icinga2::object::host {'graphql.staging.swh.network': import => ['generic-host'], check_command => 'dummy', address => 'graphql.staging.swh.network', target => $checks_file, vars => { dummy_state => 0, # up dummy_text => "HTTP-only host", }, } ::icinga2::object::host {'ArgoCD Kubernetes cluster': import => ['generic-host'], host_name => 'k8s-argo.internal.admin.swh.network', check_command => 'dummy', address => 'k8s-argocd.internal.admin.swh.network', target => $checks_file, vars => { dummy_state => 0, # up dummy_text => "HTTP-only host", + noping => true, }, } ::icinga2::object::service {'Software Heritage Homepage': import => ['generic-service'], host_name => 'www.softwareheritage.org', check_command => 'http', target => $checks_file, vars => { http_vhost => 'www.softwareheritage.org', http_uri => '/', http_ssl => true, http_sni => true, http_string => '