smart_proxy_monitoring 0.1.0 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 149d84b0fdd553512bd5ebd9570a688e96918579
4
- data.tar.gz: b542c10c34d67dd7e0ebeea7fbf60b803be96a9f
3
+ metadata.gz: f4c84f67dc01b938a7c46a3d9ced307ce4c5a174
4
+ data.tar.gz: 9ca50c34f031129593cb1648d5537a7cd16fdde3
5
5
  SHA512:
6
- metadata.gz: 3b44ef5c7e691aea3a4dfd544cd9a686dc50731c1dfabdd6f0b1a3d78693a7ba03bf37faa283f2252434511ee73705e5073f2df115a2aef539011e83201f0b7c
7
- data.tar.gz: 38ad6cb5b79d4e49bc8d9916c082aa83252060e5c241e60a5638c00e87529978fec9011d5923ee36390dc9a8f53f6f5b1e983252d8ea5360a6e97bcfb2c9a16a
6
+ metadata.gz: 5d2ec7d14dc0b2685e5751afed84724a79377c42f1828214afcf8d93bf52f3103ca8a1b97259b9c50f902a862d46ab06ffc2f5ac57292e8c83838b4e533c991f
7
+ data.tar.gz: 7b18b55cf47f76b12e290d615c4c1f66e6c55fdabccd6c273bbd2613b7076e771c00ca86b2c9ce0047aa970842c4b71a20cf70c56cdee8779278a3dc5a48e589
data/README.md CHANGED
@@ -7,13 +7,13 @@ It requires also the Foreman Monitoring plug-in.
7
7
 
8
8
  Please see the Foreman manual for appropriate instructions:
9
9
 
10
- * [Foreman: How to Install a Plugin](http://theforeman.org/manuals/latest/index.html#6.Plugins)
10
+ * [Foreman: How to Install a Proxy Plugin](http://projects.theforeman.org/projects/foreman/wiki/How_to_Install_a_Smart-Proxy_Plugin)
11
11
 
12
12
  The gem name is `smart_proxy_monitoring`.
13
13
 
14
14
  RPM users can install the `rubygem-smart_proxy_monitoring` packages.
15
15
 
16
- This plug-in has not been packaged for Debian, yet.
16
+ Deb users can install the `ruby-smart-proxy-monitoring` packages.
17
17
 
18
18
  # Configuration
19
19
 
@@ -60,9 +60,12 @@ To create Icinga 2's own CA run:
60
60
  # icinga2 pki new-ca
61
61
  ```
62
62
 
63
- Afterwards copy the CA certificate to Icinga 2's pki directory:
63
+ Afterwards copy the CA certificate to Icinga 2's pki directory (depending on installation
64
+ source and platform you have to create the pki directory first with write permissions for the
65
+ user Icinga 2 is running with, typically `icinga` or `nagios`):
64
66
 
65
67
  ```
68
+ # install -o icinga -g icinga -m 0775 -d /etc/icinga2/pki
66
69
  # cp /var/lib/icinga2/ca/ca.crt /etc/icinga2/pki/
67
70
  ```
68
71
 
@@ -86,7 +89,7 @@ With the certificates created and placed in Icinga 2's pki directory you can ena
86
89
  ```
87
90
 
88
91
  To allow API connections you have to create an API User. You should name him according to the use case,
89
- so instructions will create an user named `foreman`.
92
+ so instructions will create an user named `foreman`.
90
93
 
91
94
  Password authentication is easier to setup, but certificate-based authentication is more secure.
92
95
 
@@ -144,7 +147,7 @@ By default, SmartProxy will collect monitoring statuses from your monitoring sol
144
147
  Foreman. This can be disabled by setting `collect_status` to `false`.
145
148
 
146
149
  ```
147
- # vi /etc/foreman-proxy/settings.d/monitoring.yaml
150
+ # vi /etc/foreman-proxy/settings.d/monitoring.yml
148
151
  ---
149
152
  :enabled: true
150
153
  :use_provider: monitoring_icinga2
@@ -157,7 +160,7 @@ in /etc/icinga2/pki/) and provide the authentication details of the API User. If
157
160
  instead of the FQDN of the server, you will have to set verify_ssl to false.
158
161
 
159
162
  ```
160
- # vi /etc/foreman-proxy/settings.d/monitoring_icinga2.yaml
163
+ # vi /etc/foreman-proxy/settings.d/monitoring_icinga2.yml
161
164
  ---
162
165
  :enabled: true
163
166
  :server: icinga2.localdomain
@@ -170,6 +173,12 @@ instead of the FQDN of the server, you will have to set verify_ssl to false.
170
173
  :verify_ssl: true
171
174
  ```
172
175
 
176
+ Afterwards restart the service.
177
+
178
+ ```
179
+ # systemctl restart foreman-proxy.service
180
+ ```
181
+
173
182
  ## Icinga 2 and Icinga Web 2 Module Director
174
183
 
175
184
  This requires you to do the configuration steps above so
@@ -177,7 +186,11 @@ Downtimes could be send to and Status information could be
177
186
  read from Icinga 2.
178
187
 
179
188
  In addition you have to configure the provider Icingadirector
180
- for managing hosts in the Icinga Web 2 Module Director.
189
+ for managing hosts in the Icinga Web 2 Module Director. This
190
+ graphical configuration frontend for Icinga 2 will allow you
191
+ to customize the host, e.g. adding additional required objects
192
+ for using Icinga 2 as a monitoring agent or assign more attributes
193
+ and services. By default it requires a template named `foreman-host`.
181
194
 
182
195
  ### Icinga Web 2 Module Director
183
196
 
@@ -209,7 +222,7 @@ backend = "external"
209
222
 
210
223
  Furthermore a role is required assigning permissions to your user.
211
224
  ```
212
- # vi /etc/icingaweb2/roles.ini
225
+ # vi /etc/icingaweb2/roles.ini
213
226
  [Foreman]
214
227
  users = "foreman"
215
228
  permissions = "module/director, director/api, director/*"
@@ -220,10 +233,10 @@ permissions = "module/director, director/api, director/*"
220
233
  Ensure that the Monitoring module is enabled and uses the provider monitoring_icinga2
221
234
  and monitoring_icingadirector.
222
235
  ```
223
- # vi /etc/foreman-proxy/settings.d/monitoring.yaml
236
+ # vi /etc/foreman-proxy/settings.d/monitoring.yml
224
237
  ---
225
238
  :enabled: true
226
- :use_provider:
239
+ :use_provider:
227
240
  - monitoring_icinga2
228
241
  - monitoring_icingadirector
229
242
  ```
@@ -242,6 +255,25 @@ but not required.
242
255
  :verify_ssl: true
243
256
  ```
244
257
 
258
+ Afterwards restart the service.
259
+
260
+ ```
261
+ # systemctl restart foreman-proxy.service
262
+ ```
263
+
264
+ # Troubleshooting
265
+
266
+ The plug-in uses the configuration of the Smart Proxy to write its logs and does
267
+ not provide a seperate log for now. So have a look into `/var/log/foreman-proxy/proxy.log`
268
+ for default installations.
269
+
270
+ Also look into the logs of the monitoring solution and when opening issues attach relevant entries
271
+ for both logs. For Icinga 2 it is typically `/var/log/icinga2/icinga2.log` or if enabled
272
+ `/var/log/icinga2/debug.log`. Icinga Web 2 Director uses Icinga Web 2's configuration
273
+ which is typically logging to syslog with faciltiy `user` and application prefix `icingaweb2`
274
+ which will result in logging entry in `/var/log/message` for osfamily Red Hat and `/var/log/syslog`
275
+ for osfamily Debian.
276
+
245
277
  # TODO
246
278
 
247
279
  Provider Icinga2:
@@ -13,67 +13,43 @@ module Proxy::Monitoring
13
13
  authorize_with_ssl_client
14
14
 
15
15
  get '/host/:host' do |host|
16
- begin
16
+ log_provider_errors do
17
17
  validate_dns_name!(host)
18
18
  host = strip_domain(host)
19
19
 
20
20
  server.query_host(host).to_json
21
- rescue Proxy::Monitoring::NotFound => e
22
- log_halt 404, e
23
- rescue Proxy::Monitoring::ConnectionError => e
24
- log_halt 503, e
25
- rescue Exception => e
26
- log_halt 400, e
27
21
  end
28
22
  end
29
23
 
30
24
  put '/host/:host' do |host|
31
- begin
25
+ log_provider_errors do
32
26
  validate_dns_name!(host)
33
27
  host = strip_domain(host)
34
28
  attributes = params[:attributes]
35
29
  logger.debug "Creating host #{host} object with attributes #{attributes.inspect}"
36
30
 
37
31
  server.create_host(host, attributes)
38
- rescue Proxy::Monitoring::NotFound => e
39
- log_halt 404, e
40
- rescue Proxy::Monitoring::ConnectionError => e
41
- log_halt 503, e
42
- rescue Exception => e
43
- log_halt 400, e
44
32
  end
45
33
  end
46
34
 
47
35
  post '/host/:host' do |host|
48
- begin
36
+ log_provider_errors do
49
37
  validate_dns_name!(host)
50
38
  host = strip_domain(host)
51
39
  attributes = params[:attributes]
52
40
  logger.debug "Updating host #{host} object with attributes #{attributes.inspect}"
53
41
 
54
42
  server.update_host(host, attributes)
55
- rescue Proxy::Monitoring::NotFound => e
56
- log_halt 404, e
57
- rescue Proxy::Monitoring::ConnectionError => e
58
- log_halt 503, e
59
- rescue Exception => e
60
- log_halt 400, e
61
43
  end
62
44
  end
63
45
 
64
46
  delete '/host/:host' do |host|
65
- begin
47
+ log_provider_errors do
66
48
  validate_dns_name!(host)
67
49
  host = strip_domain(host)
68
50
  logger.debug "Removing host #{host} object"
69
51
 
70
52
  server.remove_host(host)
71
- rescue Proxy::Monitoring::NotFound => e
72
- log_halt 404, e
73
- rescue Proxy::Monitoring::ConnectionError => e
74
- log_halt 503, e
75
- rescue Exception => e
76
- log_halt 400, e
77
53
  end
78
54
  end
79
55
 
@@ -83,17 +59,11 @@ module Proxy::Monitoring
83
59
  start_time = params[:start_time] || Time.now.to_i
84
60
  end_time = params[:end_time] || (Time.now.to_i + (24 * 3600))
85
61
 
86
- begin
62
+ log_provider_errors do
87
63
  validate_dns_name!(host)
88
64
  host = strip_domain(host)
89
65
 
90
66
  server.set_downtime_host(host, author, comment, start_time, end_time)
91
- rescue Proxy::Monitoring::NotFound => e
92
- log_halt 404, e
93
- rescue Proxy::Monitoring::ConnectionError => e
94
- log_halt 503, e
95
- rescue Exception => e
96
- log_halt 400, e
97
67
  end
98
68
  end
99
69
 
@@ -101,20 +71,26 @@ module Proxy::Monitoring
101
71
  author = params[:author] || 'foreman'
102
72
  comment = params[:comment] || 'triggered by foreman'
103
73
 
104
- begin
74
+ log_provider_errors do
105
75
  validate_dns_name!(host)
106
76
  host = strip_domain(host)
107
77
 
108
78
  server.remove_downtime_host(host, author, comment)
109
- rescue Proxy::Monitoring::NotFound => e
110
- log_halt 404, e
111
- rescue Proxy::Monitoring::ConnectionError => e
112
- log_halt 503, e
113
- rescue Exception => e
114
- log_halt 400, e
115
79
  end
116
80
  end
117
81
 
82
+ def log_provider_errors
83
+ yield
84
+ rescue Proxy::Monitoring::NotFound => e
85
+ log_halt 404, e
86
+ rescue Proxy::Monitoring::ConnectionError => e
87
+ log_halt 503, e
88
+ rescue Proxy::Monitoring::AuthenticationError => e
89
+ log_halt 500, e
90
+ rescue Exception => e
91
+ log_halt 400, e
92
+ end
93
+
118
94
  def validate_dns_name!(name)
119
95
  raise Proxy::Monitoring::Error.new("Invalid DNS name #{name}") unless name =~ /^([a-zA-Z0-9]([-a-zA-Z0-9]+)?\.?)+$/
120
96
  end
@@ -1,5 +1,5 @@
1
1
  module Proxy
2
2
  module Monitoring
3
- VERSION = '0.1.0'.freeze
3
+ VERSION = '0.1.1'.freeze
4
4
  end
5
5
  end
@@ -1,6 +1,7 @@
1
1
  module Proxy::Monitoring
2
2
  class Error < RuntimeError; end
3
3
  class NotFound < RuntimeError; end
4
+ class AuthenticationError < RuntimeError; end
4
5
 
5
6
  class Provider; end
6
7
  end
@@ -49,7 +49,7 @@ module Proxy::Monitoring::Icinga2
49
49
  end
50
50
 
51
51
  def remove_downtime_host(host, author, comment)
52
- request_url = "/actions/remove-downtime?type=Host&filter=host.name==\"#{host}\"\&\&author==\"#{author}\"\&\&comment=\"#{comment}\""
52
+ request_url = "/actions/remove-downtime?type=Host&filter=#{uri_encode_filter("host.name==\"#{host}\"\&\&author==\"#{author}\"\&\&comment=\"#{comment}\"")}"
53
53
  data = {}
54
54
 
55
55
  result = with_errorhandling("Remove downtime from #{host}") do
@@ -59,7 +59,7 @@ module Proxy::Monitoring::Icinga2
59
59
  end
60
60
 
61
61
  def set_downtime_host(host, author, comment, start_time, end_time)
62
- request_url = "/actions/schedule-downtime?type=Host&filter=host.name==\"#{host}\""
62
+ request_url = "/actions/schedule-downtime?type=Host&filter=#{uri_encode_filter("host.name==\"#{host}\"")}"
63
63
  data = {
64
64
  'author' => author,
65
65
  'comment' => comment,
@@ -76,6 +76,10 @@ module Proxy::Monitoring::Icinga2
76
76
 
77
77
  private
78
78
 
79
+ def uri_encode_filter(filter)
80
+ URI.encode(filter)
81
+ end
82
+
79
83
  def host_attributes(host, data)
80
84
  attributes = {}
81
85
 
@@ -130,7 +134,9 @@ module Proxy::Monitoring::Icinga2
130
134
  result
131
135
  rescue JSON::ParserError => e
132
136
  raise Proxy::Monitoring::Error.new("Icinga server at #{::Proxy::Monitoring::Icinga2::Plugin.settings.server} returned invalid JSON: '#{e.message}'")
133
- rescue RestClient::NotFound => e
137
+ rescue RestClient::Unauthorized => e
138
+ raise Proxy::Monitoring::AuthenticationError.new("Error authenicating to Icinga server at #{::Proxy::Monitoring::Icinga2::Plugin.settings.server}: #{e.message}.")
139
+ rescue RestClient::ResourceNotFound => e
134
140
  raise Proxy::Monitoring::NotFound.new("Icinga server at #{::Proxy::Monitoring::Icinga2::Plugin.settings.server} returned: #{e.message}.")
135
141
  rescue RestClient::Exception => e
136
142
  raise Proxy::Monitoring::Error.new("Icinga server at #{::Proxy::Monitoring::Icinga2::Plugin.settings.server} returned an error: '#{e.response}'")
@@ -23,25 +23,29 @@ module ::Proxy::Monitoring::IcingaDirector
23
23
  def get(url)
24
24
  logger.debug "IcingaDirector: GET request to #{url}"
25
25
  client(url).get.body
26
- rescue RestClient::NotFound
27
- raise Proxy::Monitoring::NotFound.new("Icinga Director returned not found for #{url}.")
26
+ rescue StandardError => e
27
+ raise handle_http_exception(e, url)
28
28
  end
29
29
 
30
30
  def post(url, payload)
31
31
  logger.debug "IcingaDirector: POST request to #{url} with payload: #{payload}"
32
32
  client(url).post(payload).body
33
+ rescue StandardError => e
34
+ raise handle_http_exception(e, url)
33
35
  end
34
36
 
35
37
  def put(url, payload)
36
38
  logger.debug "IcingaDirector: PUT request to #{url} with payload: #{payload}"
37
39
  client(url).put(payload).body
40
+ rescue StandardError => e
41
+ raise handle_http_exception(e, url)
38
42
  end
39
43
 
40
44
  def delete(url)
41
45
  logger.debug "IcingaDirector: DELETE request to #{url}"
42
46
  client(url).delete.body
43
- rescue RestClient::NotFound
44
- raise Proxy::Monitoring::NotFound.new("Icinga Director returned not found for #{url}.")
47
+ rescue StandardError => e
48
+ raise handle_http_exception(e, url)
45
49
  end
46
50
 
47
51
  private
@@ -72,6 +76,17 @@ module ::Proxy::Monitoring::IcingaDirector
72
76
  }
73
77
  end
74
78
 
79
+ def handle_http_exception(e, url)
80
+ case e
81
+ when RestClient::ResourceNotFound
82
+ Proxy::Monitoring::NotFound.new("Icinga Director returned not found for #{request_url(url)}.")
83
+ when RestClient::Unauthorized
84
+ Proxy::Monitoring::AuthenticationError.new("Error authenicating to Icinga Director at #{request_url(url)}: #{e.message}")
85
+ else
86
+ Proxy::Monitoring::Error.new("Error connecting to Icinga Director at #{request_url(url)}: #{e.message}")
87
+ end
88
+ end
89
+
75
90
  def baseurl
76
91
  Proxy::Monitoring::IcingaDirector::Plugin.settings.director_url + '/'
77
92
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: smart_proxy_monitoring
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Timo Goebel
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2017-04-13 00:00:00.000000000 Z
12
+ date: 2017-10-17 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rest-client
@@ -141,7 +141,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
141
141
  version: '0'
142
142
  requirements: []
143
143
  rubyforge_project:
144
- rubygems_version: 2.6.11
144
+ rubygems_version: 2.6.12
145
145
  signing_key:
146
146
  specification_version: 4
147
147
  summary: Monitoring plug-in for Foreman's smart proxy