dust-deploy 0.5.0 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- data/bin/dust +1 -0
- data/changelog.md +38 -0
- data/lib/dust/examples/nodes/_ubuntu.yaml +12 -0
- data/lib/dust/examples/nodes/{mysql-production.yaml → mysql.yaml} +0 -0
- data/lib/dust/examples/nodes/postgresql.yaml +48 -0
- data/lib/dust/examples/nodes/{proxy-staging.yaml → reverse-nginx-proxy.yaml} +0 -0
- data/lib/dust/examples/templates/postgres/pacemaker.sh.erb +3 -3
- data/lib/dust/print_status.rb +9 -6
- data/lib/dust/recipes/locale.rb +4 -0
- data/lib/dust/recipes/postgres.rb +164 -52
- data/lib/dust/recipes/zabbix_agent.rb +98 -2
- data/lib/dust/server.rb +17 -8
- data/lib/dust/version.rb +1 -1
- metadata +7 -11
- data/lib/dust/examples/nodes/db-staging.yaml +0 -20
- data/lib/dust/examples/templates/postgres/pg_hba.conf.erb +0 -86
- data/lib/dust/examples/templates/postgres/pg_ident.conf +0 -42
- data/lib/dust/examples/templates/postgres/postgresql.conf.erb +0 -62
- data/lib/dust/examples/templates/postgres/recovery.conf.erb +0 -122
- data/lib/dust/examples/templates/zabbix_agent/zabbix_agentd.conf.erb +0 -129
data/bin/dust
CHANGED
@@ -12,6 +12,7 @@ module Dust
|
|
12
12
|
class Deploy < Thor::Runner
|
13
13
|
|
14
14
|
default_task :list
|
15
|
+
check_unknown_options!
|
15
16
|
|
16
17
|
desc 'deploy [--yaml server.yaml] [--filter key=value,value2] [--recipes recipe1 recipe2] [--proxy host:port]',
|
17
18
|
'deploy all recipes to the node(s) specified in server.yaml or to all nodes defined in ./nodes/'
|
data/changelog.md
CHANGED
@@ -1,6 +1,44 @@
|
|
1
1
|
Changelog
|
2
2
|
=============
|
3
3
|
|
4
|
+
0.6.0
|
5
|
+
------------
|
6
|
+
|
7
|
+
- improves postgresql recipe. now accepts every option and tries to automatically configure the settings based on your system ram (unless you specify them manually). you have to change your postgresql coniguration.
|
8
|
+
|
9
|
+
recipes:
|
10
|
+
postgres:
|
11
|
+
cluster: main
|
12
|
+
version: 9.1
|
13
|
+
dbuser: 'postgres:postgres'
|
14
|
+
|
15
|
+
postgresql.conf:
|
16
|
+
listen_addresses: *
|
17
|
+
port: 5432
|
18
|
+
|
19
|
+
pg_hba.conf:
|
20
|
+
- 'local all postgres trust'
|
21
|
+
|
22
|
+
|
23
|
+
- improves zabbix_agent recipe. accepts all options as well, no need for erb template anymore. It tries to automatically configure monitoring of adaptec raid controllers, postgres databases and system (security) updates. other UserParameters are configured using an array:
|
24
|
+
|
25
|
+
recipes:
|
26
|
+
zabbix_agent:
|
27
|
+
Server: zabbix.example.com
|
28
|
+
UserParameter:
|
29
|
+
- user.parameter,myshellcommand1
|
30
|
+
- user.otherparameter,myothershellcommand
|
31
|
+
|
32
|
+
|
33
|
+
- locale recipe now installs language-base package of selected language on ubuntu nodes
|
34
|
+
- postgres recipe now installs postgresql meta package as well on apt systems
|
35
|
+
- adds more examples (e.g. an ubuntu template)
|
36
|
+
- @node.uses_*? and collect_facts methods now caching result, reducing overhead of repeated statements
|
37
|
+
- system_update now updates repositories before performing upgrade (apt/emerge)
|
38
|
+
- dust now checks for unknown options
|
39
|
+
- several small bug fixes and improvements
|
40
|
+
|
41
|
+
|
4
42
|
0.5.0
|
5
43
|
------------
|
6
44
|
|
@@ -0,0 +1,12 @@
|
|
1
|
+
group: ubuntu
|
2
|
+
|
3
|
+
recipes:
|
4
|
+
locale: en_US.UTF-8
|
5
|
+
unattended_upgrades: true
|
6
|
+
debsecan: default
|
7
|
+
repositories:
|
8
|
+
default:
|
9
|
+
url: "http://de.archive.ubuntu.com/ubuntu/"
|
10
|
+
components: "main restricted universe multiverse"
|
11
|
+
|
12
|
+
remove_packages: [ popularity-contest, landscape-common, apport, python-apport ]
|
File without changes
|
@@ -0,0 +1,48 @@
|
|
1
|
+
hostname: [ db-1, db-2, db-3-]
|
2
|
+
inherits: [ _default, _newrelic ]
|
3
|
+
|
4
|
+
recipes:
|
5
|
+
postgres:
|
6
|
+
cluster: main
|
7
|
+
version: 9.1
|
8
|
+
dbuser: 'postgres:postgres'
|
9
|
+
|
10
|
+
postgresql.conf:
|
11
|
+
listen_addresses: *
|
12
|
+
port: 5432
|
13
|
+
ssl: on
|
14
|
+
full_page_writes: on
|
15
|
+
|
16
|
+
hot_standby: on
|
17
|
+
wal_level: 'hot_standby'
|
18
|
+
archive_mode: on
|
19
|
+
archive_command: 'cp -i %p /var/lib/postgresql/9.1/main-archive/%f < /dev/null'
|
20
|
+
max_wal_senders: 5
|
21
|
+
wal_keep_segments: 32
|
22
|
+
|
23
|
+
default_statistics_target: 50
|
24
|
+
constraint_exclusion: on
|
25
|
+
|
26
|
+
pg_hba.conf:
|
27
|
+
- 'local all postgres trust'
|
28
|
+
- 'hostssl replication replicant 192.168.1.0/24 password'
|
29
|
+
|
30
|
+
recovery.conf:
|
31
|
+
standby_mode: on
|
32
|
+
primary_conninfo: 'host=master.example.com port=5432 user=replicant password=<supersecret>'
|
33
|
+
trigger_file: '/var/lib/postgresql/9.1/master_trigger'
|
34
|
+
|
35
|
+
server.crt: staging.crt
|
36
|
+
server.key: staging.key
|
37
|
+
|
38
|
+
iptables:
|
39
|
+
input:
|
40
|
+
- ssh: { dport: 22, match: state, state: NEW }
|
41
|
+
- postgres:
|
42
|
+
dport: 5432
|
43
|
+
match: state
|
44
|
+
state: new
|
45
|
+
in-interface: eth1
|
46
|
+
source: 10.0.0.0/8
|
47
|
+
|
48
|
+
rc_local: blockdev --setra 8192 /dev/vda
|
File without changes
|
@@ -4,8 +4,8 @@
|
|
4
4
|
PG_USER=<%= @config['dbuser'] %>
|
5
5
|
|
6
6
|
# path to postgres directory (data and archives)
|
7
|
-
PG_DATA=<%= @config['
|
8
|
-
PG_ARCHIVE=<%= @config['
|
7
|
+
PG_DATA=<%= @config['postgresql.conf']['data_directory'] %>
|
8
|
+
PG_ARCHIVE=<%= @config['archive_directory'] %>
|
9
9
|
|
10
10
|
# path to recovery.conf (on slaves)
|
11
11
|
RECOVERY=$PG_DATA/recovery.conf
|
@@ -19,7 +19,7 @@ PG_INIT=/etc/init.d/postgresql
|
|
19
19
|
% end
|
20
20
|
|
21
21
|
# the clustered IP
|
22
|
-
DB_MASTER=db-<%= @node['environment'] %>-master
|
22
|
+
DB_MASTER=db-<%= @node['environment'] %>-master.flinc.org
|
23
23
|
|
24
24
|
|
25
25
|
start() {
|
data/lib/dust/print_status.rb
CHANGED
@@ -23,20 +23,23 @@ module Dust
|
|
23
23
|
end
|
24
24
|
|
25
25
|
def self.print_ok string='', options={:quiet => false, :indent => 1}
|
26
|
-
|
27
|
-
|
26
|
+
opts = options.clone
|
27
|
+
opts[:indent] = 0 if string.empty?
|
28
|
+
print_msg "#{string} #{blue}[ ok ]#{none}\n", opts
|
28
29
|
true
|
29
30
|
end
|
30
31
|
|
31
32
|
def self.print_failed string='', options={:quiet => false, :indent => 1}
|
32
|
-
|
33
|
-
|
33
|
+
opts = options.clone
|
34
|
+
opts[:indent] = 0 if string.empty?
|
35
|
+
print_msg "#{string} #{red}[ failed ]#{none}\n", opts
|
34
36
|
false
|
35
37
|
end
|
36
38
|
|
37
39
|
def self.print_warning string='', options={:quiet => false, :indent => 1}
|
38
|
-
|
39
|
-
|
40
|
+
opts = options.clone
|
41
|
+
opts[:indent] = 0 if string.empty?
|
42
|
+
print_msg "#{string} #{yellow}[ warning ]#{none}\n", opts
|
40
43
|
end
|
41
44
|
|
42
45
|
def self.print_hostname hostname, options={:quiet => false, :indent => 0}
|
data/lib/dust/recipes/locale.rb
CHANGED
@@ -1,6 +1,10 @@
|
|
1
1
|
class Locale < Recipe
|
2
2
|
desc 'locale:deploy', 'configures system locale'
|
3
3
|
def deploy
|
4
|
+
# ubuntu needs a proper language pack
|
5
|
+
language = @config.split('_').first
|
6
|
+
@node.install_package "language-pack-#{language}-base" if @node.is_ubuntu?
|
7
|
+
|
4
8
|
if @node.uses_apt?
|
5
9
|
::Dust.print_msg "setting locale to '#{@config}'"
|
6
10
|
@node.write '/etc/default/locale', "LANGUAGE=#{@config}\nLANG=#{@config}\nLC_ALL=#{@config}\nLC_CTYPE=#{@config}\n", :quiet => true
|
@@ -2,83 +2,93 @@ class Postgres < Recipe
|
|
2
2
|
desc 'postgres:deploy', 'installs and configures postgresql database'
|
3
3
|
def deploy
|
4
4
|
return ::Dust.print_failed 'no version specified' unless @config['version']
|
5
|
-
return
|
5
|
+
return unless install_postgres
|
6
6
|
|
7
|
+
# default cluster on debian-like systems is 'main'
|
8
|
+
@config['cluster'] ||= 'main' if @node.uses_apt?
|
9
|
+
|
10
|
+
set_default_directories
|
7
11
|
deploy_config
|
8
12
|
deploy_recovery
|
9
|
-
deploy_certificates
|
13
|
+
deploy_certificates if @config['server.crt'] and @config['server.key']
|
14
|
+
create_archive
|
15
|
+
set_permissions
|
10
16
|
configure_sysctl
|
11
17
|
|
12
|
-
deploy_pacemaker_script if @node.package_installed? 'pacemaker'
|
18
|
+
deploy_pacemaker_script if @node.package_installed? 'pacemaker', :quiet => true
|
13
19
|
configure_for_zabbix if zabbix_installed?
|
14
20
|
|
15
21
|
# reload/restart postgres if command line option is given
|
16
|
-
@node.restart_service @config['
|
17
|
-
@node.reload_service @config['
|
22
|
+
@node.restart_service @config['service_name'] if options.restart?
|
23
|
+
@node.reload_service @config['service_name'] if options.reload?
|
18
24
|
end
|
19
25
|
|
20
26
|
|
21
27
|
private
|
22
28
|
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
@config['conf-dir'] ||= "/etc/postgresql-#{@config['version']}"
|
29
|
-
@config['archive-dir'] ||= "/var/lib/postgresql/#{@config['version']}/archive"
|
30
|
-
@config['service-name'] ||= "postgresql-#{@config['version']}"
|
31
|
-
|
32
|
-
elsif @node.uses_apt?
|
33
|
-
return unless @node.package_installed? "postgresql-#{@config['version']}"
|
34
|
-
@config['data-dir'] ||= "/var/lib/postgresql/#{@config['version']}/#{@config['cluster']}"
|
35
|
-
@config['conf-dir'] ||= "/etc/postgresql/#{@config['version']}/#{@config['cluster']}"
|
36
|
-
@config['archive-dir'] ||= "/var/lib/postgresql/#{@config['version']}/#{@config['cluster']}-archive"
|
37
|
-
@config['service-name'] ||= 'postgresql'
|
38
|
-
|
29
|
+
def install_postgres
|
30
|
+
if @node.uses_apt?
|
31
|
+
package = "postgresql-#{@config['version']}"
|
32
|
+
elsif @node.uses_emerge?
|
33
|
+
package = 'postgresql-server'
|
39
34
|
else
|
40
|
-
return ::Dust.print_failed 'os not supported
|
35
|
+
return ::Dust.print_failed 'os not supported'
|
41
36
|
end
|
37
|
+
|
38
|
+
@node.install_package package
|
39
|
+
|
40
|
+
# also install the postgresql meta package
|
41
|
+
@node.install_package 'postgresql' if @node.uses_apt?
|
42
42
|
end
|
43
43
|
|
44
|
-
#
|
44
|
+
# set conf-dir, archive-dir and data-dir as well as service-name
|
45
|
+
# according to config file, or use standard values of distribution
|
46
|
+
def set_default_directories
|
47
|
+
if @node.uses_emerge?
|
48
|
+
@config['conf_directory'] ||= "/etc/postgresql-#{@config['version']}"
|
49
|
+
@config['archive_directory'] ||= "/var/lib/postgresql/#{@config['version']}/archive"
|
50
|
+
@config['service_name'] ||= "postgresql-#{@config['version']}"
|
51
|
+
@config['postgresql.conf']['data_directory'] ||= "/var/lib/postgresql/#{@config['version']}/data"
|
52
|
+
|
53
|
+
elsif @node.uses_apt?
|
54
|
+
@config['postgresql.conf']['data_directory'] ||= "/var/lib/postgresql/#{@config['version']}/#{@config['cluster']}"
|
55
|
+
@config['conf_directory'] ||= "/etc/postgresql/#{@config['version']}/#{@config['cluster']}"
|
56
|
+
@config['archive_directory'] ||= "/var/lib/postgresql/#{@config['version']}/#{@config['cluster']}-archive"
|
57
|
+
@config['service_name'] ||= 'postgresql'
|
58
|
+
end
|
59
|
+
|
60
|
+
@config['postgresql.conf']['hba_file'] ||= "#{@config['conf_directory']}/pg_hba.conf"
|
61
|
+
@config['postgresql.conf']['ident_file'] ||= "#{@config['conf_directory']}/pg_ident.conf"
|
62
|
+
end
|
63
|
+
|
64
|
+
# deploy postgresql.conf, pg_hba.conf and pg_ident.conf
|
45
65
|
def deploy_config
|
46
|
-
@node.
|
47
|
-
@node.
|
48
|
-
@node.
|
49
|
-
|
50
|
-
@node.chmod '644', "#{@config['
|
51
|
-
@node.chmod '644', "#{@config['
|
52
|
-
@node.chmod '644', "#{@config['conf-dir']}/pg_ident.conf"
|
66
|
+
@node.write "#{@config['conf_directory']}/postgresql.conf", generate_postgresql_conf
|
67
|
+
@node.write "#{@config['conf_directory']}/pg_hba.conf", generate_pg_hba_conf
|
68
|
+
@node.write "#{@config['conf_directory']}/pg_ident.conf", generate_pg_ident_conf
|
69
|
+
@node.chmod '644', "#{@config['conf_directory']}/postgresql.conf"
|
70
|
+
@node.chmod '644', "#{@config['conf_directory']}/pg_hba.conf"
|
71
|
+
@node.chmod '644', "#{@config['conf_directory']}/pg_ident.conf"
|
53
72
|
end
|
54
73
|
|
55
74
|
# copy recovery.conf to either recovery.conf or recovery.done
|
56
75
|
# depending on which file already exists.
|
57
76
|
def deploy_recovery
|
58
|
-
if @node.file_exists? "#{@config['
|
59
|
-
@node.
|
77
|
+
if @node.file_exists? "#{@config['postgresql.conf']['data_directory']}/recovery.conf", :quiet => true
|
78
|
+
@node.write "#{@config['postgresql.conf']['data_directory']}/recovery.conf", generate_recovery_conf
|
60
79
|
else
|
61
|
-
@node.
|
80
|
+
@node.write "#{@config['postgresql.conf']['data_directory']}/recovery.done", generate_recovery_conf
|
62
81
|
end
|
63
82
|
end
|
64
83
|
|
65
84
|
# deploy certificates to data-dir
|
66
85
|
def deploy_certificates
|
67
|
-
@node.deploy_file "#{@template_path}
|
68
|
-
@node.deploy_file "#{@template_path}
|
69
|
-
|
70
|
-
@node.chown @config['dbuser'], @config['data-dir'] if @config['dbuser']
|
71
|
-
@node.chmod 'u+Xrw,g-rwx,o-rwx', @config['data-dir']
|
72
|
-
|
73
|
-
# create archive dir
|
74
|
-
@node.mkdir @config['archive-dir']
|
75
|
-
@node.chown @config['dbuser'], @config['archive-dir'] if @config['dbuser']
|
76
|
-
@node.chmod 'u+Xrw,g-rwx,o-rwx', @config['archive-dir']
|
86
|
+
@node.deploy_file "#{@template_path}/#{@config['server.crt']}", "#{@config['postgresql.conf']['data_directory']}/server.crt", :binding => binding
|
87
|
+
@node.deploy_file "#{@template_path}/#{@config['server.key']}", "#{@config['postgresql.conf']['data_directory']}/server.key", :binding => binding
|
77
88
|
end
|
78
89
|
|
79
90
|
# increase shm memory
|
80
91
|
def configure_sysctl
|
81
|
-
|
82
92
|
if @node.uses_apt?
|
83
93
|
::Dust.print_msg "setting postgres sysctl keys\n"
|
84
94
|
@node.collect_facts :quiet => true
|
@@ -103,15 +113,117 @@ class Postgres < Recipe
|
|
103
113
|
file += "vm.swappiness=0\n" # rather shrink cache then use swap as filesystem cache
|
104
114
|
|
105
115
|
@node.write "/etc/sysctl.d/30-postgresql-shm.conf", file
|
116
|
+
|
117
|
+
else
|
118
|
+
::Dust.print_warning 'sysctl configuration not supported for your os'
|
119
|
+
end
|
120
|
+
end
|
121
|
+
|
122
|
+
# default settings for postgresql.conf
|
123
|
+
def default_postgres_conf
|
124
|
+
{ 'max_connections' => 100,
|
125
|
+
'datestyle' => 'iso, mdy',
|
126
|
+
'lc_messages' => 'en_US.UTF-8',
|
127
|
+
'lc_monetary' => 'en_US.UTF-8',
|
128
|
+
'lc_numeric' => 'en_US.UTF-8',
|
129
|
+
'lc_time' => 'en_US.UTF-8',
|
130
|
+
'default_text_search_config' => 'pg_catalog.english' }
|
131
|
+
end
|
132
|
+
|
133
|
+
def generate_postgresql_conf
|
134
|
+
@config['postgresql.conf'] = default_postgres_conf.merge @config['postgresql.conf']
|
135
|
+
|
136
|
+
calculate_values
|
137
|
+
|
138
|
+
postgresql_conf = ''
|
139
|
+
@config['postgresql.conf'].each do |key, value|
|
140
|
+
value = "'#{value}'" if value.is_a? String # enclose strings in ''
|
141
|
+
postgresql_conf.concat "#{key} = #{value}\n"
|
106
142
|
end
|
143
|
+
|
144
|
+
postgresql_conf
|
145
|
+
end
|
146
|
+
|
147
|
+
def generate_recovery_conf
|
148
|
+
@config['recovery.conf'] ||= []
|
149
|
+
|
150
|
+
recovery_conf = ''
|
151
|
+
@config['recovery.conf'].each do |key, value|
|
152
|
+
value = "'#{value}'" if value.is_a? String # enclose strings in ''
|
153
|
+
recovery_conf.concat "#{key} = #{value}\n"
|
154
|
+
end
|
155
|
+
|
156
|
+
recovery_conf
|
157
|
+
end
|
158
|
+
|
159
|
+
def generate_pg_hba_conf
|
160
|
+
@config['pg_hba.conf'] ||= [ 'local all postgres trust' ]
|
161
|
+
@config['pg_hba.conf'].join "\n"
|
107
162
|
end
|
108
163
|
|
109
|
-
def
|
110
|
-
@
|
111
|
-
@
|
164
|
+
def generate_pg_ident_conf
|
165
|
+
@config['pg_ident.conf'] ||= []
|
166
|
+
@config['pg_ident.conf'].join "\n"
|
167
|
+
end
|
168
|
+
|
169
|
+
# try to find good values (but don't overwrite if set in config file) for
|
170
|
+
# shared_buffers, work_mem and maintenance_work_mem, effective_cache_size and wal_buffers
|
171
|
+
def calculate_values
|
172
|
+
@node.collect_facts :quiet => true
|
173
|
+
system_mem = ::Dust.convert_size(@node['memorysize']).to_f
|
174
|
+
|
175
|
+
::Dust.print_msg "calculating recommended settings for #{kb2mb system_mem} ram\n"
|
176
|
+
|
177
|
+
# every connection uses up to work_mem memory, so make sure that even if
|
178
|
+
# max_connections is reached, there's still a bit left.
|
179
|
+
# total available memory / (2 * max_connections)
|
180
|
+
@config['postgresql.conf']['work_mem'] ||= kb2mb(system_mem * 0.9 / @config['postgresql.conf']['max_connections'])
|
181
|
+
::Dust.print_ok "work_mem: #{@config['postgresql.conf']['work_mem']}", :indent => 2
|
182
|
+
|
183
|
+
# shared_buffers should be 0.2 - 0.3 of system ram
|
184
|
+
# unless ram is lower than 1gb, then less (32mb maybe)
|
185
|
+
@config['postgresql.conf']['shared_buffers'] ||= kb2mb(system_mem * 0.25)
|
186
|
+
::Dust.print_ok "shared_buffers: #{@config['postgresql.conf']['shared_buffers']}", :indent => 2
|
187
|
+
|
188
|
+
# maintenance_work_mem, should be a lot higher than work_mem
|
189
|
+
# recommended value: 50mb for each 1gb of system ram
|
190
|
+
@config['postgresql.conf']['maintenance_work_mem'] ||= kb2mb(system_mem / 1024 * 50)
|
191
|
+
::Dust.print_ok "maintenance_work_mem: #{@config['postgresql.conf']['maintenance_work_mem']}", :indent => 2
|
192
|
+
|
193
|
+
# effective_cache_size between 0.6 and 0.8 of system ram
|
194
|
+
@config['postgresql.conf']['effective_cache_size'] ||= kb2mb(system_mem * 0.75)
|
195
|
+
::Dust.print_ok "effective_cache_size: #{@config['postgresql.conf']['effective_cache_size']}", :indent => 2
|
196
|
+
|
197
|
+
# wal_buffers should be between 2-16mb
|
198
|
+
@config['postgresql.conf']['wal_buffers'] ||= '12MB'
|
199
|
+
::Dust.print_ok "wal_buffers: #{@config['postgresql.conf']['wal_buffers']}", :indent => 2
|
200
|
+
end
|
201
|
+
|
202
|
+
# converts plain kb value to "1234MB"
|
203
|
+
def kb2mb value
|
204
|
+
"#{(value / 1024).to_i}MB"
|
205
|
+
end
|
206
|
+
|
207
|
+
# give the configured dbuser the data_directory
|
208
|
+
def set_permissions
|
209
|
+
@node.chown @config['dbuser'], @config['postgresql.conf']['data_directory'] if @config['dbuser']
|
210
|
+
@node.chmod 'u+Xrw,g-rwx,o-rwx', @config['postgresql.conf']['data_directory']
|
211
|
+
end
|
212
|
+
|
213
|
+
# create archive dir
|
214
|
+
def create_archive
|
215
|
+
@node.mkdir @config['archive_directory']
|
216
|
+
@node.chown @config['dbuser'], @config['archive_directory'] if @config['dbuser']
|
217
|
+
@node.chmod 'u+Xrw,g-rwx,o-rwx', @config['archive_directory']
|
112
218
|
end
|
113
219
|
|
114
|
-
#
|
220
|
+
# deploy the pacemaker script
|
221
|
+
def deploy_pacemaker_script
|
222
|
+
@node.deploy_file "#{@template_path}/pacemaker.sh", "#{@config['conf_directory']}/pacemaker.sh", :binding => binding
|
223
|
+
@node.chmod '755', "#{@config['conf_directory']}/pacemaker.sh"
|
224
|
+
end
|
225
|
+
|
226
|
+
# check if zabbix is installed
|
115
227
|
def zabbix_installed?
|
116
228
|
if @node.uses_emerge?
|
117
229
|
return @node.package_installed? 'zabbix', :quiet => true
|
@@ -120,6 +232,7 @@ class Postgres < Recipe
|
|
120
232
|
end
|
121
233
|
end
|
122
234
|
|
235
|
+
# configures postgres for zabbix monitoring:
|
123
236
|
# adds zabbix user to postgres group
|
124
237
|
# creates zabbix user in postgres and grant access to postgres database
|
125
238
|
def configure_for_zabbix
|
@@ -147,13 +260,12 @@ class Postgres < Recipe
|
|
147
260
|
# checks if this server is a postgres master
|
148
261
|
def is_master? options = {}
|
149
262
|
::Dust.print_msg 'checking if this host is the postgres master: ', options
|
150
|
-
if @node.file_exists? "#{@config['
|
263
|
+
if @node.file_exists? "#{@config['postgresql.conf']['data_directory']}/recovery.done", :quiet => true
|
151
264
|
::Dust.print_ok 'yes', :indent => 0
|
152
265
|
return true
|
153
|
-
|
266
|
+
else
|
154
267
|
::Dust.print_ok 'no', :indent => 0
|
155
268
|
return false
|
156
269
|
end
|
157
|
-
end
|
270
|
+
end
|
158
271
|
end
|
159
|
-
|
@@ -2,12 +2,12 @@ class ZabbixAgent < Recipe
|
|
2
2
|
desc 'zabbix_agent:deploy', 'installs and configures zabbix agent'
|
3
3
|
def deploy
|
4
4
|
return unless install_zabbix
|
5
|
-
|
6
|
-
@node.deploy_file "#{@template_path}/zabbix_agentd.conf", '/etc/zabbix/zabbix_agentd.conf', :binding => binding
|
7
5
|
|
8
6
|
# set daemon name, according zu distribution
|
9
7
|
daemon = @node.uses_emerge? ? 'zabbix-agentd' : 'zabbix-agent'
|
10
8
|
|
9
|
+
@node.write '/etc/zabbix/zabbix_agentd.conf', generate_zabbix_agentd_conf
|
10
|
+
|
11
11
|
# restart using new configuration
|
12
12
|
@node.autostart_service daemon
|
13
13
|
@node.restart_service daemon if options.restart?
|
@@ -38,4 +38,100 @@ class ZabbixAgent < Recipe
|
|
38
38
|
|
39
39
|
true
|
40
40
|
end
|
41
|
+
|
42
|
+
# generate zabbix_agentd.conf
|
43
|
+
def generate_zabbix_agentd_conf
|
44
|
+
@config = default_config.merge @config
|
45
|
+
|
46
|
+
# system updates
|
47
|
+
@config['UserParameter'] |= enable_apt if @node.uses_apt?
|
48
|
+
@config['UserParameter'] |= enable_rpm if @node.uses_rpm?
|
49
|
+
@config['UserParameter'] |= enable_emerge if @node.uses_emerge?
|
50
|
+
|
51
|
+
# additional monitoring (raid status and postgresql)
|
52
|
+
@config['UserParameter'] |= enable_postgres if @node.package_installed? [ 'postgresql-server', 'postgresql' ], :quiet => true
|
53
|
+
@config['UserParameter'] |= enable_arcconf if @node.package_installed? 'arcconf', :quiet => true
|
54
|
+
|
55
|
+
zabbix_agentd_conf = ''
|
56
|
+
|
57
|
+
# add normal configuration variables
|
58
|
+
@config.each do |key, value|
|
59
|
+
next if key == 'UserParameter'
|
60
|
+
zabbix_agentd_conf.concat "#{key}=#{value}\n"
|
61
|
+
end
|
62
|
+
|
63
|
+
# add user parameters
|
64
|
+
@config['UserParameter'].each do |user_parameter|
|
65
|
+
zabbix_agentd_conf.concat "UserParameter=#{user_parameter}\n"
|
66
|
+
end
|
67
|
+
|
68
|
+
zabbix_agentd_conf
|
69
|
+
end
|
70
|
+
|
71
|
+
# default zabbix_agentd.conf configuration options
|
72
|
+
def default_config
|
73
|
+
defaults = {
|
74
|
+
'StartAgents' => 5,
|
75
|
+
'DebugLevel' => 3,
|
76
|
+
'Timeout' => 30,
|
77
|
+
'Hostname' => @node['fqdn'],
|
78
|
+
'UserParameter' => []
|
79
|
+
}
|
80
|
+
|
81
|
+
if @node.uses_apt?
|
82
|
+
defaults['PidFile'] ||= '/var/run/zabbix-agent/zabbix_agentd.pid'
|
83
|
+
defaults['LogFile'] ||= '/var/log/zabbix-agent/zabbix_agentd.log'
|
84
|
+
elsif @node.uses_emerge? or @node.uses_rpm?
|
85
|
+
defaults['PidFile'] ||= '/var/run/zabbix/zabbix_agentd.pid'
|
86
|
+
defaults['LogFile'] ||= '/var/log/zabbix/zabbix_agentd.log'
|
87
|
+
end
|
88
|
+
|
89
|
+
defaults
|
90
|
+
end
|
91
|
+
|
92
|
+
# monitor postgres database
|
93
|
+
def enable_postgres
|
94
|
+
[ 'psql.version,psql --version|head -n1',
|
95
|
+
'psql.server_processes,psql -U zabbix -t -c "select sum(numbackends) from pg_stat_database" postgres',
|
96
|
+
'psql.db_connections,psql -U zabbix -t -c "select count(*) from pg_stat_activity" postgres',
|
97
|
+
'psql.db_fetched,psql -U zabbix -t -c "select sum(tup_fetched) from pg_stat_database" postgres',
|
98
|
+
'psql.db_deleted,psql -U zabbix -t -c "select sum(tup_deleted) from pg_stat_database" postgres',
|
99
|
+
'psql.db_inserted,psql -U zabbix -t -c "select sum(tup_inserted) from pg_stat_database" postgres',
|
100
|
+
'psql.db_returned,psql -U zabbix -t -c "select sum(tup_returned) from pg_stat_database" postgres',
|
101
|
+
'psql.db_updated,psql -U zabbix -t -c "select sum(tup_updated) from pg_stat_database" postgres',
|
102
|
+
'psql.tx_commited,psql -U zabbix -t -c "select sum(xact_commit) from pg_stat_database" postgres',
|
103
|
+
'psql.tx_rolledback,psql -U zabbix -t -c "select sum(xact_rollback) from pg_stat_database" postgres',
|
104
|
+
'psql.blks_hit,psql -U zabbix -t -c "select sum(blks_hit) from pg_stat_database" postgres',
|
105
|
+
'psql.blks_read,psql -U zabbix -t -c "select sum(blks_read) from pg_stat_database" postgres'
|
106
|
+
]
|
107
|
+
end
|
108
|
+
|
109
|
+
# monitor adaptec raid status
|
110
|
+
def enable_arcconf
|
111
|
+
[ 'raid.smart_warnings,/sbin/arcconf getconfig 1 pd |grep "S.M.A.R.T. warnings" | awk "{SMART += $4} END {print SMART}"',
|
112
|
+
'raid.disk_rpm,/sbin/arcconf getconfig 1 pd |grep "Power State" |grep -v "Full rpm" |wc -l',
|
113
|
+
'raid.disk_state,/sbin/arcconf getconfig 1 pd |grep "\s\sState" |grep -v "Online" |wc -l'
|
114
|
+
]
|
115
|
+
end
|
116
|
+
|
117
|
+
# check for security patches and system updates on emerge systems
|
118
|
+
def enable_apt
|
119
|
+
[ 'debian.updates,aptitude search \'~U\' |wc -l',
|
120
|
+
'debian.security,debsecan --suite squeeze --only-fixed --format packages |wc -l'
|
121
|
+
]
|
122
|
+
end
|
123
|
+
|
124
|
+
# check for security patches and system updates on emerge systems
|
125
|
+
def enable_rpm
|
126
|
+
[ 'centos.updates,yum check-update -q |wc -l' ]
|
127
|
+
end
|
128
|
+
|
129
|
+
# check for security patches and system updates on emerge systems
|
130
|
+
def enable_emerge
|
131
|
+
[ 'gentoo.security,glsa-check -t all 2>/dev/null | wc -l',
|
132
|
+
'gentoo.updates,emerge -uNDp @world | grep ebuild|wc -l',
|
133
|
+
'gentoo.portage,emerge --info| grep "Timestamp of tree" | sed -e s/\'Timestamp of tree\':// -e \'s/\n//\' | xargs -I {} date --date={} +%s |xargs -I {} expr $(date +%s) - {}',
|
134
|
+
'gentoo.config,find /etc/ -name "._cfg*" 2>/dev/null|wc -l'
|
135
|
+
]
|
136
|
+
end
|
41
137
|
end
|
data/lib/dust/server.rb
CHANGED
@@ -110,8 +110,9 @@ module Dust
|
|
110
110
|
options = default_options.merge options
|
111
111
|
|
112
112
|
Dust.print_msg "symlinking #{File.basename source} to '#{destination}'", options
|
113
|
-
Dust.print_result exec("ln -s #{source} #{destination}")[:exit_code], options
|
113
|
+
ret = Dust.print_result exec("ln -s #{source} #{destination}")[:exit_code], options
|
114
114
|
restorecon destination, options # restore SELinux labels
|
115
|
+
ret
|
115
116
|
end
|
116
117
|
|
117
118
|
def chmod mode, file, options = {}
|
@@ -141,8 +142,9 @@ module Dust
|
|
141
142
|
return true if dir_exists? dir, :quiet => true
|
142
143
|
|
143
144
|
Dust.print_msg "creating directory #{dir}", options
|
144
|
-
Dust.print_result exec("mkdir -p #{dir}")[:exit_code], options
|
145
|
+
ret = Dust.print_result exec("mkdir -p #{dir}")[:exit_code], options
|
145
146
|
restorecon dir, options # restore SELinux labels
|
147
|
+
ret
|
146
148
|
end
|
147
149
|
|
148
150
|
# check if restorecon (selinux) is available
|
@@ -254,7 +256,9 @@ module Dust
|
|
254
256
|
|
255
257
|
def system_update options = {}
|
256
258
|
options = default_options.merge options
|
257
|
-
|
259
|
+
|
260
|
+
update_repos
|
261
|
+
|
258
262
|
Dust.print_msg 'installing system updates', options
|
259
263
|
|
260
264
|
if uses_apt?
|
@@ -281,29 +285,32 @@ module Dust
|
|
281
285
|
def uses_apt? options = {}
|
282
286
|
options = default_options(:quiet => true).merge options
|
283
287
|
|
288
|
+
return @uses_apt if @uses_apt
|
284
289
|
Dust.print_msg 'determining whether node uses apt', options
|
285
|
-
Dust.print_result exec('test -e /etc/debian_version')[:exit_code], options
|
290
|
+
@uses_apt = Dust.print_result exec('test -e /etc/debian_version')[:exit_code], options
|
286
291
|
end
|
287
292
|
|
288
293
|
def uses_rpm? options = {}
|
289
294
|
options = default_options(:quiet => true).merge options
|
290
295
|
|
296
|
+
return @uses_rpm if @uses_rpm
|
291
297
|
Dust.print_msg 'determining whether node uses rpm', options
|
292
|
-
Dust.print_result exec('test -e /etc/redhat-release')[:exit_code], options
|
298
|
+
@uses_rpm = Dust.print_result exec('test -e /etc/redhat-release')[:exit_code], options
|
293
299
|
end
|
294
300
|
|
295
301
|
def uses_emerge? options = {}
|
296
302
|
options = default_options(:quiet => true).merge options
|
297
303
|
|
304
|
+
return @uses_emerge if @uses_emerge
|
298
305
|
Dust.print_msg 'determining whether node uses emerge', options
|
299
|
-
Dust.print_result exec('test -e /etc/gentoo-release')[:exit_code], options
|
306
|
+
@uses_emerge = Dust.print_result exec('test -e /etc/gentoo-release')[:exit_code], options
|
300
307
|
end
|
301
308
|
|
302
309
|
def is_os? os_list, options = {}
|
303
310
|
options = default_options(:quiet => true).merge options
|
304
311
|
|
305
312
|
Dust.print_msg "checking if this machine runs #{os_list.join(' or ')}", options
|
306
|
-
collect_facts options
|
313
|
+
collect_facts options
|
307
314
|
|
308
315
|
os_list.each do |os|
|
309
316
|
if @node['operatingsystem'].downcase == os.downcase
|
@@ -427,7 +434,7 @@ module Dust
|
|
427
434
|
options = default_options(:quiet => true).merge options
|
428
435
|
|
429
436
|
Dust.print_msg "getting home directory of #{user}"
|
430
|
-
ret = exec "grep
|
437
|
+
ret = exec "grep '^#{user}' /etc/passwd |cut -d':' -f6"
|
431
438
|
if Dust.print_result ret[:exit_code]
|
432
439
|
return ret[:stdout].chomp
|
433
440
|
else
|
@@ -439,6 +446,8 @@ module Dust
|
|
439
446
|
def collect_facts options = {}
|
440
447
|
options = default_options.merge options
|
441
448
|
|
449
|
+
# if facts already have been collected, just return
|
450
|
+
return true if @node['operatingsystem']
|
442
451
|
|
443
452
|
# check if lsb-release (on apt systems) and facter are installed
|
444
453
|
# and install them if not
|
data/lib/dust/version.rb
CHANGED
metadata
CHANGED
@@ -4,9 +4,9 @@ version: !ruby/object:Gem::Version
|
|
4
4
|
prerelease: false
|
5
5
|
segments:
|
6
6
|
- 0
|
7
|
-
-
|
7
|
+
- 6
|
8
8
|
- 0
|
9
|
-
version: 0.
|
9
|
+
version: 0.6.0
|
10
10
|
platform: ruby
|
11
11
|
authors:
|
12
12
|
- kris kechagia
|
@@ -14,7 +14,7 @@ autorequire:
|
|
14
14
|
bindir: bin
|
15
15
|
cert_chain: []
|
16
16
|
|
17
|
-
date: 2012-01-
|
17
|
+
date: 2012-01-30 00:00:00 +01:00
|
18
18
|
default_executable:
|
19
19
|
dependencies:
|
20
20
|
- !ruby/object:Gem::Dependency
|
@@ -99,12 +99,13 @@ files:
|
|
99
99
|
- lib/dust/examples/nodes/_debian.yaml
|
100
100
|
- lib/dust/examples/nodes/_default.yaml
|
101
101
|
- lib/dust/examples/nodes/_newrelic.yaml
|
102
|
-
- lib/dust/examples/nodes/
|
102
|
+
- lib/dust/examples/nodes/_ubuntu.yaml
|
103
103
|
- lib/dust/examples/nodes/home.yaml
|
104
104
|
- lib/dust/examples/nodes/mail.yaml
|
105
105
|
- lib/dust/examples/nodes/myhost.yaml
|
106
|
-
- lib/dust/examples/nodes/mysql
|
107
|
-
- lib/dust/examples/nodes/
|
106
|
+
- lib/dust/examples/nodes/mysql.yaml
|
107
|
+
- lib/dust/examples/nodes/postgresql.yaml
|
108
|
+
- lib/dust/examples/nodes/reverse-nginx-proxy.yaml
|
108
109
|
- lib/dust/examples/templates/aliases/aliases
|
109
110
|
- lib/dust/examples/templates/basic_setup/.your-inputrc
|
110
111
|
- lib/dust/examples/templates/basic_setup/.your-vimrc
|
@@ -116,12 +117,7 @@ files:
|
|
116
117
|
- lib/dust/examples/templates/nginx/sites/othersite.erb
|
117
118
|
- lib/dust/examples/templates/nginx/sites/somesite.erb
|
118
119
|
- lib/dust/examples/templates/postgres/pacemaker.sh.erb
|
119
|
-
- lib/dust/examples/templates/postgres/pg_hba.conf.erb
|
120
|
-
- lib/dust/examples/templates/postgres/pg_ident.conf
|
121
|
-
- lib/dust/examples/templates/postgres/postgresql.conf.erb
|
122
|
-
- lib/dust/examples/templates/postgres/recovery.conf.erb
|
123
120
|
- lib/dust/examples/templates/ssh_authorized_keys/users.yaml
|
124
|
-
- lib/dust/examples/templates/zabbix_agent/zabbix_agentd.conf.erb
|
125
121
|
- lib/dust/helper.rb
|
126
122
|
- lib/dust/print_status.rb
|
127
123
|
- lib/dust/recipe.rb
|
@@ -1,20 +0,0 @@
|
|
1
|
-
hostname: [ db-1, db-2, db-3-]
|
2
|
-
inherits: [ _default, _newrelic ]
|
3
|
-
|
4
|
-
recipes:
|
5
|
-
postgres:
|
6
|
-
cluster: main
|
7
|
-
version: 9.1
|
8
|
-
dbuser: 'postgres:postgres'
|
9
|
-
|
10
|
-
iptables:
|
11
|
-
input:
|
12
|
-
- ssh: { dport: 22, match: state, state: NEW }
|
13
|
-
- postgres:
|
14
|
-
dport: 5432
|
15
|
-
match: state
|
16
|
-
state: new
|
17
|
-
in-interface: eth1
|
18
|
-
source: 10.0.0.0/8
|
19
|
-
|
20
|
-
rc_local: blockdev --setra 8192 /dev/vda
|
@@ -1,86 +0,0 @@
|
|
1
|
-
# PostgreSQL Client Authentication Configuration File
|
2
|
-
# ===================================================
|
3
|
-
#
|
4
|
-
# Refer to the "Client Authentication" section in the PostgreSQL
|
5
|
-
# documentation for a complete description of this file. A short
|
6
|
-
# synopsis follows.
|
7
|
-
#
|
8
|
-
# This file controls: which hosts are allowed to connect, how clients
|
9
|
-
# are authenticated, which PostgreSQL user names they can use, which
|
10
|
-
# databases they can access. Records take one of these forms:
|
11
|
-
#
|
12
|
-
# local DATABASE USER METHOD [OPTIONS]
|
13
|
-
# host DATABASE USER CIDR-ADDRESS METHOD [OPTIONS]
|
14
|
-
# hostssl DATABASE USER CIDR-ADDRESS METHOD [OPTIONS]
|
15
|
-
# hostnossl DATABASE USER CIDR-ADDRESS METHOD [OPTIONS]
|
16
|
-
#
|
17
|
-
# (The uppercase items must be replaced by actual values.)
|
18
|
-
#
|
19
|
-
# The first field is the connection type: "local" is a Unix-domain
|
20
|
-
# socket, "host" is either a plain or SSL-encrypted TCP/IP socket,
|
21
|
-
# "hostssl" is an SSL-encrypted TCP/IP socket, and "hostnossl" is a
|
22
|
-
# plain TCP/IP socket.
|
23
|
-
#
|
24
|
-
# DATABASE can be "all", "sameuser", "samerole", "replication", a
|
25
|
-
# database name, or a comma-separated list thereof.
|
26
|
-
#
|
27
|
-
# USER can be "all", a user name, a group name prefixed with "+", or a
|
28
|
-
# comma-separated list thereof. In both the DATABASE and USER fields
|
29
|
-
# you can also write a file name prefixed with "@" to include names
|
30
|
-
# from a separate file.
|
31
|
-
#
|
32
|
-
# CIDR-ADDRESS specifies the set of hosts the record matches. It is
|
33
|
-
# made up of an IP address and a CIDR mask that is an integer (between
|
34
|
-
# 0 and 32 (IPv4) or 128 (IPv6) inclusive) that specifies the number
|
35
|
-
# of significant bits in the mask. Alternatively, you can write an IP
|
36
|
-
# address and netmask in separate columns to specify the set of hosts.
|
37
|
-
# Instead of a CIDR-address, you can write "samehost" to match any of
|
38
|
-
# the server's own IP addresses, or "samenet" to match any address in
|
39
|
-
# any subnet that the server is directly connected to.
|
40
|
-
#
|
41
|
-
# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi",
|
42
|
-
# "krb5", "ident", "pam", "ldap", "radius" or "cert". Note that
|
43
|
-
# "password" sends passwords in clear text; "md5" is preferred since
|
44
|
-
# it sends encrypted passwords.
|
45
|
-
#
|
46
|
-
# OPTIONS are a set of options for the authentication in the format
|
47
|
-
# NAME=VALUE. The available options depend on the different
|
48
|
-
# authentication methods -- refer to the "Client Authentication"
|
49
|
-
# section in the documentation for a list of which options are
|
50
|
-
# available for which authentication methods.
|
51
|
-
#
|
52
|
-
# Database and user names containing spaces, commas, quotes and other
|
53
|
-
# special characters must be quoted. Quoting one of the keywords
|
54
|
-
# "all", "sameuser", "samerole" or "replication" makes the name lose
|
55
|
-
# its special character, and just match a database or username with
|
56
|
-
# that name.
|
57
|
-
#
|
58
|
-
# This file is read on server startup and when the postmaster receives
|
59
|
-
# a SIGHUP signal. If you edit the file on a running system, you have
|
60
|
-
# to SIGHUP the postmaster for the changes to take effect. You can
|
61
|
-
# use "pg_ctl reload" to do that.
|
62
|
-
|
63
|
-
# Put your actual configuration here
|
64
|
-
# ----------------------------------
|
65
|
-
#
|
66
|
-
# If you want to allow non-local connections, you need to add more
|
67
|
-
# "host" records. In that case you will also need to make PostgreSQL
|
68
|
-
# listen on a non-local interface via the listen_addresses
|
69
|
-
# configuration parameter, or via the -i or -h command line switches.
|
70
|
-
|
71
|
-
# CAUTION: Configuring the system for local "trust" authentication
|
72
|
-
# allows any local user to connect as any PostgreSQL user, including
|
73
|
-
# the database superuser. If you do not trust all your local users,
|
74
|
-
# use another authentication method.
|
75
|
-
|
76
|
-
|
77
|
-
# TYPE DATABASE USER CIDR-ADDRESS METHOD
|
78
|
-
|
79
|
-
# IPv4 local connections:
|
80
|
-
#host all all 127.0.0.1/32 trust
|
81
|
-
# IPv6 local connections:
|
82
|
-
#host all all ::1/128 trust
|
83
|
-
|
84
|
-
|
85
|
-
# "local" is for Unix domain socket connections only
|
86
|
-
local all postgres trust
|
@@ -1,42 +0,0 @@
|
|
1
|
-
# PostgreSQL User Name Maps
|
2
|
-
# =========================
|
3
|
-
#
|
4
|
-
# Refer to the PostgreSQL documentation, chapter "Client
|
5
|
-
# Authentication" for a complete description. A short synopsis
|
6
|
-
# follows.
|
7
|
-
#
|
8
|
-
# This file controls PostgreSQL user name mapping. It maps external
|
9
|
-
# user names to their corresponding PostgreSQL user names. Records
|
10
|
-
# are of the form:
|
11
|
-
#
|
12
|
-
# MAPNAME SYSTEM-USERNAME PG-USERNAME
|
13
|
-
#
|
14
|
-
# (The uppercase quantities must be replaced by actual values.)
|
15
|
-
#
|
16
|
-
# MAPNAME is the (otherwise freely chosen) map name that was used in
|
17
|
-
# pg_hba.conf. SYSTEM-USERNAME is the detected user name of the
|
18
|
-
# client. PG-USERNAME is the requested PostgreSQL user name. The
|
19
|
-
# existence of a record specifies that SYSTEM-USERNAME may connect as
|
20
|
-
# PG-USERNAME.
|
21
|
-
#
|
22
|
-
# If SYSTEM-USERNAME starts with a slash (/), it will be treated as a
|
23
|
-
# regular expression. Optionally this can contain a capture (a
|
24
|
-
# parenthesized subexpression). The substring matching the capture
|
25
|
-
# will be substituted for \1 (backslash-one) if present in
|
26
|
-
# PG-USERNAME.
|
27
|
-
#
|
28
|
-
# Multiple maps may be specified in this file and used by pg_hba.conf.
|
29
|
-
#
|
30
|
-
# No map names are defined in the default configuration. If all
|
31
|
-
# system user names and PostgreSQL user names are the same, you don't
|
32
|
-
# need anything in this file.
|
33
|
-
#
|
34
|
-
# This file is read on server startup and when the postmaster receives
|
35
|
-
# a SIGHUP signal. If you edit the file on a running system, you have
|
36
|
-
# to SIGHUP the postmaster for the changes to take effect. You can
|
37
|
-
# use "pg_ctl reload" to do that.
|
38
|
-
|
39
|
-
# Put your actual configuration here
|
40
|
-
# ----------------------------------
|
41
|
-
|
42
|
-
# MAPNAME SYSTEM-USERNAME PG-USERNAME
|
@@ -1,62 +0,0 @@
|
|
1
|
-
data_directory = '<%= @config['data-dir'] %>'
|
2
|
-
hba_file = '<%= @config['conf-dir'] %>/pg_hba.conf'
|
3
|
-
ident_file = '<%= @config['conf-dir'] %>/pg_ident.conf'
|
4
|
-
|
5
|
-
listen_addresses = '*'
|
6
|
-
port = 5432
|
7
|
-
ssl = on
|
8
|
-
|
9
|
-
% if @node['environment'] == 'production'
|
10
|
-
max_connections = 200
|
11
|
-
% else
|
12
|
-
max_connections = 100
|
13
|
-
% end
|
14
|
-
|
15
|
-
|
16
|
-
% if @node['environment'] == 'production'
|
17
|
-
shared_buffers = 1152MB # min 128kB
|
18
|
-
work_mem = 12MB # min 64kB
|
19
|
-
maintenance_work_mem = 288MB # min 1MB
|
20
|
-
% else
|
21
|
-
shared_buffers = 24MB # min 128kB
|
22
|
-
work_mem = 16MB # min 64kB
|
23
|
-
maintenance_work_mem = 128MB # min 1MB
|
24
|
-
% end
|
25
|
-
|
26
|
-
full_page_writes = yes # make xfs usage safe
|
27
|
-
|
28
|
-
wal_level = hot_standby # minimal, archive, or hot_standby
|
29
|
-
|
30
|
-
% if @node['environment'] == 'production'
|
31
|
-
wal_buffers = 8MB # min 32kB
|
32
|
-
checkpoint_segments = 16 # in logfile segments, min 1, 16MB each
|
33
|
-
checkpoint_completion_target = 0.9 # checkpoint target duration, 0.0 - 1.0
|
34
|
-
% else
|
35
|
-
#wal_buffers = 64kB # min 32kB
|
36
|
-
#checkpoint_segments = 3 # in logfile segments, min 1, 16MB each
|
37
|
-
#checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0
|
38
|
-
% end
|
39
|
-
|
40
|
-
|
41
|
-
archive_mode = yes
|
42
|
-
archive_command = 'cp -i %p <%= @config['archive-dir'] %>/%f < /dev/null'
|
43
|
-
|
44
|
-
max_wal_senders = 5
|
45
|
-
wal_keep_segments = 32
|
46
|
-
hot_standby = on
|
47
|
-
|
48
|
-
% if @node['environment'] == 'production'
|
49
|
-
effective_cache_size = 3584MB
|
50
|
-
% else
|
51
|
-
#effective_cache_size = 128MB
|
52
|
-
% end
|
53
|
-
|
54
|
-
default_statistics_target = 50 # range 1-10000
|
55
|
-
constraint_exclusion = on # on, off, or partition
|
56
|
-
|
57
|
-
datestyle = 'iso, mdy'
|
58
|
-
lc_messages = 'en_US.UTF-8' # locale for system error message
|
59
|
-
lc_monetary = 'en_US.UTF-8' # locale for monetary formatting
|
60
|
-
lc_numeric = 'en_US.UTF-8' # locale for number formatting
|
61
|
-
lc_time = 'en_US.UTF-8' # locale for time formatting
|
62
|
-
default_text_search_config = 'pg_catalog.english'
|
@@ -1,122 +0,0 @@
|
|
1
|
-
# -------------------------------
|
2
|
-
# PostgreSQL recovery config file
|
3
|
-
# -------------------------------
|
4
|
-
#
|
5
|
-
# Edit this file to provide the parameters that PostgreSQL needs to
|
6
|
-
# perform an archive recovery of a database, or to act as a log-streaming
|
7
|
-
# replication standby.
|
8
|
-
#
|
9
|
-
# If "recovery.conf" is present in the PostgreSQL data directory, it is
|
10
|
-
# read on postmaster startup. After successful recovery, it is renamed
|
11
|
-
# to "recovery.done" to ensure that we do not accidentally re-enter
|
12
|
-
# archive recovery or standby mode.
|
13
|
-
#
|
14
|
-
# This file consists of lines of the form:
|
15
|
-
#
|
16
|
-
# name = 'value'
|
17
|
-
#
|
18
|
-
# (The quotes around the value are NOT optional, but the "=" is.)
|
19
|
-
#
|
20
|
-
# Comments are introduced with '#'.
|
21
|
-
#
|
22
|
-
# The complete list of option names and allowed values can be found
|
23
|
-
# in the PostgreSQL documentation.
|
24
|
-
#
|
25
|
-
#---------------------------------------------------------------------------
|
26
|
-
# ARCHIVE RECOVERY PARAMETERS
|
27
|
-
#---------------------------------------------------------------------------
|
28
|
-
#
|
29
|
-
# restore_command
|
30
|
-
#
|
31
|
-
# specifies the shell command that is executed to copy log files
|
32
|
-
# back from archival storage. The command string may contain %f,
|
33
|
-
# which is replaced by the name of the desired log file, and %p,
|
34
|
-
# which is replaced by the absolute path to copy the log file to.
|
35
|
-
#
|
36
|
-
# This parameter is *required* for an archive recovery, but optional
|
37
|
-
# for streaming replication.
|
38
|
-
#
|
39
|
-
# It is important that the command return nonzero exit status on failure.
|
40
|
-
# The command *will* be asked for log files that are not present in the
|
41
|
-
# archive; it must return nonzero when so asked.
|
42
|
-
#
|
43
|
-
# NOTE that the basename of %p will be different from %f; do not
|
44
|
-
# expect them to be interchangeable.
|
45
|
-
#
|
46
|
-
restore_command = 'cp -i <%= @config['archive-dir'] %>/%f %p < /dev/null'
|
47
|
-
#
|
48
|
-
#
|
49
|
-
# archive_cleanup_command
|
50
|
-
#
|
51
|
-
# specifies an optional shell command to execute at every restartpoint.
|
52
|
-
# This can be useful for cleaning up the archive of a standby server.
|
53
|
-
#
|
54
|
-
#archive_cleanup_command = ''
|
55
|
-
#
|
56
|
-
# recovery_end_command
|
57
|
-
#
|
58
|
-
# specifies an optional shell command to execute at completion of recovery.
|
59
|
-
# This can be useful for cleaning up after the restore_command.
|
60
|
-
#
|
61
|
-
#recovery_end_command = ''
|
62
|
-
#
|
63
|
-
#---------------------------------------------------------------------------
|
64
|
-
# RECOVERY TARGET PARAMETERS
|
65
|
-
#---------------------------------------------------------------------------
|
66
|
-
#
|
67
|
-
# By default, recovery will rollforward to the end of the WAL log.
|
68
|
-
# If you want to stop rollforward at a specific point, you
|
69
|
-
# must set a recovery target.
|
70
|
-
#
|
71
|
-
# You may set a recovery target either by transactionId, or
|
72
|
-
# by timestamp. Recovery may either include or exclude the
|
73
|
-
# transaction(s) with the recovery target value (ie, stop either
|
74
|
-
# just after or just before the given target, respectively).
|
75
|
-
#
|
76
|
-
#recovery_target_time = '2011-07-25 14:10:00 CEST' # e.g. '2004-07-14 22:39:00 EST'
|
77
|
-
#
|
78
|
-
#recovery_target_xid = ''
|
79
|
-
#
|
80
|
-
#recovery_target_inclusive = 'true'
|
81
|
-
#
|
82
|
-
#
|
83
|
-
# If you want to recover into a timeline other than the "main line" shown in
|
84
|
-
# pg_control, specify the timeline number here, or write 'latest' to get
|
85
|
-
# the latest branch for which there's a history file.
|
86
|
-
#
|
87
|
-
#recovery_target_timeline = 'latest'
|
88
|
-
#
|
89
|
-
#---------------------------------------------------------------------------
|
90
|
-
# STANDBY SERVER PARAMETERS
|
91
|
-
#---------------------------------------------------------------------------
|
92
|
-
#
|
93
|
-
# When standby_mode is enabled, the PostgreSQL server will work as
|
94
|
-
# a standby. It tries to connect to the primary according to the
|
95
|
-
# connection settings primary_conninfo, and receives XLOG records
|
96
|
-
# continuously.
|
97
|
-
#
|
98
|
-
standby_mode = 'on'
|
99
|
-
#
|
100
|
-
% if @node['environment'] == 'production'
|
101
|
-
primary_conninfo = '<your pg connection string here>'
|
102
|
-
% elsif @node['environment'] == 'staging'
|
103
|
-
primary_conninfo = '<your pg connection string here>'
|
104
|
-
% end
|
105
|
-
|
106
|
-
#
|
107
|
-
#
|
108
|
-
# By default, a standby server keeps streaming XLOG records from the
|
109
|
-
# primary indefinitely. If you want to stop streaming and finish recovery,
|
110
|
-
# opening up the system in read/write mode, specify path to a trigger file.
|
111
|
-
# Server will poll the trigger file path periodically and stop streaming
|
112
|
-
# when it's found.
|
113
|
-
#
|
114
|
-
trigger_file = '/var/lib/postgresql/<%= @config['version'] %>/master_trigger'
|
115
|
-
#
|
116
|
-
#---------------------------------------------------------------------------
|
117
|
-
# HOT STANDBY PARAMETERS
|
118
|
-
#---------------------------------------------------------------------------
|
119
|
-
#
|
120
|
-
# Hot Standby related parameters are listed in postgresql.conf
|
121
|
-
#
|
122
|
-
#---------------------------------------------------------------------------
|
@@ -1,129 +0,0 @@
|
|
1
|
-
# This is config file for zabbix_agentd
|
2
|
-
# in case the agent is started standalone from init.d (not via inetd).
|
3
|
-
#
|
4
|
-
# To get more information about ZABBIX, go http://www.zabbix.com
|
5
|
-
|
6
|
-
############ GENERAL PARAMETERS #################
|
7
|
-
|
8
|
-
# List of comma delimited IP addresses (or hostnames) of ZABBIX servers.
|
9
|
-
# No spaces allowed. First entry is used for sending active checks.
|
10
|
-
# Note that hostnames must resolve hostname->IP address and
|
11
|
-
# IP address->hostname.
|
12
|
-
|
13
|
-
Server=zabbix.<%= @node['domain'] %>
|
14
|
-
|
15
|
-
# Server port for sending active checks
|
16
|
-
|
17
|
-
#ServerPort=10051
|
18
|
-
|
19
|
-
# Unique hostname. Required for active checks.
|
20
|
-
|
21
|
-
Hostname=<%= @node['fqdn'] %>
|
22
|
-
|
23
|
-
# Listen port. Default is 10050
|
24
|
-
|
25
|
-
#ListenPort=10050
|
26
|
-
|
27
|
-
# IP address to bind agent
|
28
|
-
# If missing, bind to all available IPs
|
29
|
-
|
30
|
-
#ListenIP=127.0.0.1
|
31
|
-
|
32
|
-
# Number of pre-forked instances of zabbix_agentd.
|
33
|
-
# Default value is 5
|
34
|
-
# This parameter must be between 1 and 16
|
35
|
-
|
36
|
-
StartAgents=5
|
37
|
-
|
38
|
-
# How often refresh list of active checks. 2 minutes by default.
|
39
|
-
|
40
|
-
#RefreshActiveChecks=120
|
41
|
-
|
42
|
-
# Disable active checks. The agent will work in passive mode listening server.
|
43
|
-
|
44
|
-
#DisableActive=1
|
45
|
-
|
46
|
-
# Enable remote commands for ZABBIX agent. By default remote commands disabled.
|
47
|
-
|
48
|
-
#EnableRemoteCommands=1
|
49
|
-
|
50
|
-
# Specifies debug level
|
51
|
-
# 0 - debug is not created
|
52
|
-
# 1 - critical information
|
53
|
-
# 2 - error information
|
54
|
-
# 3 - warnings
|
55
|
-
# 4 - information (default)
|
56
|
-
# 5 - for debugging (produces lots of information)
|
57
|
-
|
58
|
-
DebugLevel=3
|
59
|
-
|
60
|
-
# Name of PID file
|
61
|
-
|
62
|
-
% if @node.uses_apt?
|
63
|
-
PidFile=/var/run/zabbix-agent/zabbix_agentd.pid
|
64
|
-
% elsif @node.uses_emerge?
|
65
|
-
PidFile=/var/run/zabbix/zabbix_agentd.pid
|
66
|
-
% elsif @node.uses_rpm?
|
67
|
-
PidFile=/var/run/zabbix/zabbix_agentd.pid
|
68
|
-
% end
|
69
|
-
|
70
|
-
# Name of log file.
|
71
|
-
# If not set, syslog will be used
|
72
|
-
|
73
|
-
% if @node.uses_apt?
|
74
|
-
LogFile=/var/log/zabbix-agent/zabbix_agentd.log
|
75
|
-
% elsif @node.uses_emerge?
|
76
|
-
LogFile=/var/log/zabbix/zabbix_agentd.log
|
77
|
-
% elsif @node.uses_emerge?
|
78
|
-
LogFile=/var/log/zabbix/zabbix_agentd.log
|
79
|
-
% end
|
80
|
-
|
81
|
-
# Maximum size of log file in MB. Set to 0 to disable automatic log rotation.
|
82
|
-
#LogFileSize=1
|
83
|
-
|
84
|
-
# Spend no more than Timeout seconds on processing
|
85
|
-
# Must be between 1 and 30
|
86
|
-
|
87
|
-
Timeout=30
|
88
|
-
|
89
|
-
####### USER-DEFINED MONITORED PARAMETERS #######
|
90
|
-
# Format: UserParameter=<key>,<shell command>
|
91
|
-
# Note that shell command must not return empty string or EOL only
|
92
|
-
|
93
|
-
# system updates
|
94
|
-
% if @node.uses_apt?
|
95
|
-
UserParameter=debian.updates,aptitude search '~U' |wc -l
|
96
|
-
UserParameter=debian.security,debsecan --suite squeeze --only-fixed --format packages |wc -l
|
97
|
-
|
98
|
-
% elsif @node.uses_emerge?
|
99
|
-
UserParameter=gentoo.security,glsa-check -t all 2>/dev/null | wc -l
|
100
|
-
UserParameter=gentoo.updates,emerge -uNDp @world | grep ebuild|wc -l
|
101
|
-
UserParameter=gentoo.portage,emerge --info| grep 'Timestamp of tree' | sed -e s/'Timestamp of tree':// -e 's/\n//' | xargs -I {} date --date={} +%s |xargs -I {} expr $(date +%s) - {}
|
102
|
-
UserParameter=gentoo.config,find /etc/ -name '._cfg*' 2>/dev/null|wc -l
|
103
|
-
|
104
|
-
% elsif @node.uses_rpm?
|
105
|
-
UserParameter=centos.updates,yum check-update -q |wc -l
|
106
|
-
% end
|
107
|
-
|
108
|
-
% if @node.package_installed?( [ 'postgresql-server', 'postgresql' ], true )
|
109
|
-
# postgres
|
110
|
-
UserParameter=psql.version,psql --version|head -n1
|
111
|
-
UserParameter=psql.server_processes,psql -U zabbix -t -c "select sum(numbackends) from pg_stat_database" postgres
|
112
|
-
UserParameter=psql.db_connections,psql -U zabbix -t -c "select count(*) from pg_stat_activity" postgres
|
113
|
-
UserParameter=psql.db_fetched,psql -U zabbix -t -c "select sum(tup_fetched) from pg_stat_database" postgres
|
114
|
-
UserParameter=psql.db_deleted,psql -U zabbix -t -c "select sum(tup_deleted) from pg_stat_database" postgres
|
115
|
-
UserParameter=psql.db_inserted,psql -U zabbix -t -c "select sum(tup_inserted) from pg_stat_database" postgres
|
116
|
-
UserParameter=psql.db_returned,psql -U zabbix -t -c "select sum(tup_returned) from pg_stat_database" postgres
|
117
|
-
UserParameter=psql.db_updated,psql -U zabbix -t -c "select sum(tup_updated) from pg_stat_database" postgres
|
118
|
-
UserParameter=psql.tx_commited,psql -U zabbix -t -c "select sum(xact_commit) from pg_stat_database" postgres
|
119
|
-
UserParameter=psql.tx_rolledback,psql -U zabbix -t -c "select sum(xact_rollback) from pg_stat_database" postgres
|
120
|
-
UserParameter=psql.blks_hit,psql -U zabbix -t -c "select sum(blks_hit) from pg_stat_database" postgres
|
121
|
-
UserParameter=psql.blks_read,psql -U zabbix -t -c "select sum(blks_read) from pg_stat_database" postgres
|
122
|
-
% end
|
123
|
-
|
124
|
-
% if @node.package_installed?('arcconf', true)
|
125
|
-
# adaptec raid
|
126
|
-
UserParameter=raid.smart_warnings,/sbin/arcconf getconfig 1 pd |grep "S.M.A.R.T. warnings" | awk '{SMART += $4} END {print SMART}'
|
127
|
-
UserParameter=raid.disk_rpm,/sbin/arcconf getconfig 1 pd |grep "Power State" |grep -v "Full rpm" |wc -l
|
128
|
-
UserParameter=raid.disk_state,/sbin/arcconf getconfig 1 pd |grep "\s\sState" |grep -v "Online" |wc -l
|
129
|
-
% end
|