smart_proxy_monitoring 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 149d84b0fdd553512bd5ebd9570a688e96918579
-  data.tar.gz: b542c10c34d67dd7e0ebeea7fbf60b803be96a9f
+  metadata.gz: f4c84f67dc01b938a7c46a3d9ced307ce4c5a174
+  data.tar.gz: 9ca50c34f031129593cb1648d5537a7cd16fdde3
 SHA512:
-  metadata.gz: 3b44ef5c7e691aea3a4dfd544cd9a686dc50731c1dfabdd6f0b1a3d78693a7ba03bf37faa283f2252434511ee73705e5073f2df115a2aef539011e83201f0b7c
-  data.tar.gz: 38ad6cb5b79d4e49bc8d9916c082aa83252060e5c241e60a5638c00e87529978fec9011d5923ee36390dc9a8f53f6f5b1e983252d8ea5360a6e97bcfb2c9a16a
+  metadata.gz: 5d2ec7d14dc0b2685e5751afed84724a79377c42f1828214afcf8d93bf52f3103ca8a1b97259b9c50f902a862d46ab06ffc2f5ac57292e8c83838b4e533c991f
+  data.tar.gz: 7b18b55cf47f76b12e290d615c4c1f66e6c55fdabccd6c273bbd2613b7076e771c00ca86b2c9ce0047aa970842c4b71a20cf70c56cdee8779278a3dc5a48e589

data/README.md

@@ -7,13 +7,13 @@ It requires also the Foreman Monitoring plug-in.
 
 Please see the Foreman manual for appropriate instructions:
 
-* [Foreman: How to Install a Plugin](http://theforeman.org/manuals/latest/index.html#6.Plugins)
+* [Foreman: How to Install a Proxy Plugin](http://projects.theforeman.org/projects/foreman/wiki/How_to_Install_a_Smart-Proxy_Plugin)
 
 The gem name is `smart_proxy_monitoring`.
 
 RPM users can install the `rubygem-smart_proxy_monitoring` packages.
 
-This plug-in has not been packaged for Debian, yet.
+Deb users can install the `ruby-smart-proxy-monitoring` packages.
 
 # Configuration
 
@@ -60,9 +60,12 @@ To create Icinga 2's own CA run:
 # icinga2 pki new-ca
 ```
 
-Afterwards copy the CA certificate to Icinga 2's pki directory:
+Afterwards copy the CA certificate to Icinga 2's pki directory (depending on installation
+source and platform you have to create the pki directory first with write permissions for the
+user Icinga 2 is running with, typically `icinga` or `nagios`):
 
 ```
+# install -o icinga -g icinga -m 0775 -d /etc/icinga2/pki
 # cp /var/lib/icinga2/ca/ca.crt /etc/icinga2/pki/
 ```
 
@@ -86,7 +89,7 @@ With the certificates created and placed in Icinga 2's pki directory you can ena
 ```
 
 To allow API connections you have to create an API User. You should name him according to the use case,
-so instructions will create an user named `foreman`. 
+so instructions will create an user named `foreman`.
 
 Password authentication is easier to setup, but certificate-based authentication is more secure.
 
@@ -144,7 +147,7 @@ By default, SmartProxy will collect monitoring statuses from your monitoring sol
 Foreman. This can be disabled by setting `collect_status` to `false`.
 
 ```
-# vi /etc/foreman-proxy/settings.d/monitoring.yaml
+# vi /etc/foreman-proxy/settings.d/monitoring.yml
 ---
 :enabled: true
 :use_provider: monitoring_icinga2
@@ -157,7 +160,7 @@ in /etc/icinga2/pki/) and provide the authentication details of the API User. If
 instead of the FQDN of the server, you will have to set verify_ssl to false.
 
 ```
-# vi /etc/foreman-proxy/settings.d/monitoring_icinga2.yaml
+# vi /etc/foreman-proxy/settings.d/monitoring_icinga2.yml
 ---
 :enabled: true
 :server: icinga2.localdomain
@@ -170,6 +173,12 @@ instead of the FQDN of the server, you will have to set verify_ssl to false.
 :verify_ssl: true
 ```
 
+Afterwards restart the service.
+
+```
+# systemctl restart foreman-proxy.service
+```
+
 ## Icinga 2 and Icinga Web 2 Module Director
 
 This requires you to do the configuration steps above so
@@ -177,7 +186,11 @@ Downtimes could be send to and Status information could be
 read from Icinga 2.
 
 In addition you have to configure the provider Icingadirector
-for managing hosts in the Icinga Web 2 Module Director.
+for managing hosts in the Icinga Web 2 Module Director. This
+graphical configuration frontend for Icinga 2 will allow you
+to customize the host, e.g.  adding additional required objects
+for using Icinga 2 as a monitoring agent or assign more attributes
+and services. By default it requires a template named `foreman-host`.
 
 ### Icinga Web 2 Module Director
 
@@ -209,7 +222,7 @@ backend = "external"
 
 Furthermore a role is required assigning permissions to your user.
 ```
-# vi /etc/icingaweb2/roles.ini 
+# vi /etc/icingaweb2/roles.ini
 [Foreman]
 users = "foreman"
 permissions = "module/director, director/api, director/*"
@@ -220,10 +233,10 @@ permissions = "module/director, director/api, director/*"
 Ensure that the Monitoring module is enabled and uses the provider monitoring_icinga2
 and monitoring_icingadirector.
 ```
-# vi /etc/foreman-proxy/settings.d/monitoring.yaml
+# vi /etc/foreman-proxy/settings.d/monitoring.yml
 ---
 :enabled: true
-:use_provider: 
+:use_provider:
  - monitoring_icinga2
  - monitoring_icingadirector
 ```
@@ -242,6 +255,25 @@ but not required.
 :verify_ssl: true
 ```
 
+Afterwards restart the service.
+
+```
+# systemctl restart foreman-proxy.service
+```
+
+# Troubleshooting
+
+The plug-in uses the configuration of the Smart Proxy to write its logs and does
+not provide a seperate log for now. So have a look into `/var/log/foreman-proxy/proxy.log`
+for default installations.
+
+Also look into the logs of the monitoring solution and when opening issues attach relevant entries
+for both logs. For Icinga 2 it is typically `/var/log/icinga2/icinga2.log` or if enabled
+`/var/log/icinga2/debug.log`. Icinga Web 2 Director uses Icinga Web 2's configuration
+which is typically logging to syslog with faciltiy `user` and application prefix `icingaweb2`
+which will result in logging entry in `/var/log/message` for osfamily Red Hat and `/var/log/syslog`
+for osfamily Debian.
+
 # TODO
 
 Provider Icinga2:

data/lib/smart_proxy_monitoring/monitoring_api.rb

@@ -13,67 +13,43 @@ module Proxy::Monitoring
     authorize_with_ssl_client
 
     get '/host/:host' do |host|
-      begin
+      log_provider_errors do
         validate_dns_name!(host)
         host = strip_domain(host)
 
         server.query_host(host).to_json
-      rescue Proxy::Monitoring::NotFound => e
-        log_halt 404, e
-      rescue Proxy::Monitoring::ConnectionError => e
-        log_halt 503, e
-      rescue Exception => e
-        log_halt 400, e
       end
     end
 
     put '/host/:host' do |host|
-      begin
+      log_provider_errors do
         validate_dns_name!(host)
         host = strip_domain(host)
         attributes = params[:attributes]
         logger.debug "Creating host #{host} object with attributes #{attributes.inspect}"
 
         server.create_host(host, attributes)
-      rescue Proxy::Monitoring::NotFound => e
-        log_halt 404, e
-      rescue Proxy::Monitoring::ConnectionError => e
-        log_halt 503, e
-      rescue Exception => e
-        log_halt 400, e
       end
     end
 
     post '/host/:host' do |host|
-      begin
+      log_provider_errors do
         validate_dns_name!(host)
         host = strip_domain(host)
         attributes = params[:attributes]
         logger.debug "Updating host #{host} object with attributes #{attributes.inspect}"
 
         server.update_host(host, attributes)
-      rescue Proxy::Monitoring::NotFound => e
-        log_halt 404, e
-      rescue Proxy::Monitoring::ConnectionError => e
-        log_halt 503, e
-      rescue Exception => e
-        log_halt 400, e
       end
     end
 
     delete '/host/:host' do |host|
-      begin
+      log_provider_errors do
         validate_dns_name!(host)
         host = strip_domain(host)
         logger.debug "Removing host #{host} object"
 
         server.remove_host(host)
-      rescue Proxy::Monitoring::NotFound => e
-        log_halt 404, e
-      rescue Proxy::Monitoring::ConnectionError => e
-        log_halt 503, e
-      rescue Exception => e
-        log_halt 400, e
       end
     end
 
@@ -83,17 +59,11 @@ module Proxy::Monitoring
       start_time = params[:start_time] || Time.now.to_i
       end_time = params[:end_time] || (Time.now.to_i + (24 * 3600))
 
-      begin
+      log_provider_errors do
         validate_dns_name!(host)
         host = strip_domain(host)
 
         server.set_downtime_host(host, author, comment, start_time, end_time)
-      rescue Proxy::Monitoring::NotFound => e
-        log_halt 404, e
-      rescue Proxy::Monitoring::ConnectionError => e
-        log_halt 503, e
-      rescue Exception => e
-        log_halt 400, e
       end
     end
 
@@ -101,20 +71,26 @@ module Proxy::Monitoring
       author = params[:author] || 'foreman'
       comment = params[:comment] || 'triggered by foreman'
 
-      begin
+      log_provider_errors do
         validate_dns_name!(host)
         host = strip_domain(host)
 
         server.remove_downtime_host(host, author, comment)
-      rescue Proxy::Monitoring::NotFound => e
-        log_halt 404, e
-      rescue Proxy::Monitoring::ConnectionError => e
-        log_halt 503, e
-      rescue Exception => e
-        log_halt 400, e
       end
     end
 
+    def log_provider_errors
+      yield
+    rescue Proxy::Monitoring::NotFound => e
+      log_halt 404, e
+    rescue Proxy::Monitoring::ConnectionError => e
+      log_halt 503, e
+    rescue Proxy::Monitoring::AuthenticationError => e
+      log_halt 500, e
+    rescue Exception => e
+      log_halt 400, e
+    end
+
     def validate_dns_name!(name)
       raise Proxy::Monitoring::Error.new("Invalid DNS name #{name}") unless name =~ /^([a-zA-Z0-9]([-a-zA-Z0-9]+)?\.?)+$/
     end

data/lib/smart_proxy_monitoring/version.rb

@@ -1,5 +1,5 @@
 module Proxy
   module Monitoring
-    VERSION = '0.1.0'.freeze
+    VERSION = '0.1.1'.freeze
   end
 end

data/lib/smart_proxy_monitoring_common/monitoring_common.rb

@@ -1,6 +1,7 @@
 module Proxy::Monitoring
   class Error < RuntimeError; end
   class NotFound < RuntimeError; end
+  class AuthenticationError < RuntimeError; end
 
   class Provider; end
 end

data/lib/smart_proxy_monitoring_icinga2/monitoring_icinga2_main.rb

@@ -49,7 +49,7 @@ module Proxy::Monitoring::Icinga2
     end
 
     def remove_downtime_host(host, author, comment)
-      request_url = "/actions/remove-downtime?type=Host&filter=host.name==\"#{host}\"\&\&author==\"#{author}\"\&\&comment=\"#{comment}\""
+      request_url = "/actions/remove-downtime?type=Host&filter=#{uri_encode_filter("host.name==\"#{host}\"\&\&author==\"#{author}\"\&\&comment=\"#{comment}\"")}"
       data = {}
 
       result = with_errorhandling("Remove downtime from #{host}") do
@@ -59,7 +59,7 @@ module Proxy::Monitoring::Icinga2
     end
 
     def set_downtime_host(host, author, comment, start_time, end_time)
-      request_url = "/actions/schedule-downtime?type=Host&filter=host.name==\"#{host}\""
+      request_url = "/actions/schedule-downtime?type=Host&filter=#{uri_encode_filter("host.name==\"#{host}\"")}"
       data = {
         'author' => author,
         'comment' => comment,
@@ -76,6 +76,10 @@ module Proxy::Monitoring::Icinga2
 
     private
 
+    def uri_encode_filter(filter)
+      URI.encode(filter)
+    end
+
     def host_attributes(host, data)
       attributes = {}
 
@@ -130,7 +134,9 @@ module Proxy::Monitoring::Icinga2
       result
     rescue JSON::ParserError => e
       raise Proxy::Monitoring::Error.new("Icinga server at #{::Proxy::Monitoring::Icinga2::Plugin.settings.server} returned invalid JSON: '#{e.message}'")
-    rescue RestClient::NotFound => e
+    rescue RestClient::Unauthorized => e
+      raise Proxy::Monitoring::AuthenticationError.new("Error authenicating to Icinga server at #{::Proxy::Monitoring::Icinga2::Plugin.settings.server}: #{e.message}.")
+    rescue RestClient::ResourceNotFound => e
       raise Proxy::Monitoring::NotFound.new("Icinga server at #{::Proxy::Monitoring::Icinga2::Plugin.settings.server} returned: #{e.message}.")
     rescue RestClient::Exception => e
       raise Proxy::Monitoring::Error.new("Icinga server at #{::Proxy::Monitoring::Icinga2::Plugin.settings.server} returned an error: '#{e.response}'")

data/lib/smart_proxy_monitoring_icingadirector/director_client.rb

@@ -23,25 +23,29 @@ module ::Proxy::Monitoring::IcingaDirector
     def get(url)
       logger.debug "IcingaDirector: GET request to #{url}"
       client(url).get.body
-    rescue RestClient::NotFound
-      raise Proxy::Monitoring::NotFound.new("Icinga Director returned not found for #{url}.")
+    rescue StandardError => e
+      raise handle_http_exception(e, url)
     end
 
     def post(url, payload)
       logger.debug "IcingaDirector: POST request to #{url} with payload: #{payload}"
       client(url).post(payload).body
+    rescue StandardError => e
+      raise handle_http_exception(e, url)
     end
 
     def put(url, payload)
       logger.debug "IcingaDirector: PUT request to #{url} with payload: #{payload}"
       client(url).put(payload).body
+    rescue StandardError => e
+      raise handle_http_exception(e, url)
     end
 
     def delete(url)
       logger.debug "IcingaDirector: DELETE request to #{url}"
       client(url).delete.body
-    rescue RestClient::NotFound
-      raise Proxy::Monitoring::NotFound.new("Icinga Director returned not found for #{url}.")
+    rescue StandardError => e
+      raise handle_http_exception(e, url)
     end
 
     private
@@ -72,6 +76,17 @@ module ::Proxy::Monitoring::IcingaDirector
       }
     end
 
+    def handle_http_exception(e, url)
+      case e
+      when RestClient::ResourceNotFound
+        Proxy::Monitoring::NotFound.new("Icinga Director returned not found for #{request_url(url)}.")
+      when RestClient::Unauthorized
+        Proxy::Monitoring::AuthenticationError.new("Error authenicating to Icinga Director at #{request_url(url)}: #{e.message}")
+      else
+        Proxy::Monitoring::Error.new("Error connecting to Icinga Director at #{request_url(url)}: #{e.message}")
+      end
+    end
+
     def baseurl
       Proxy::Monitoring::IcingaDirector::Plugin.settings.director_url + '/'
     end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_monitoring
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Timo Goebel
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-04-13 00:00:00.000000000 Z
+date: 2017-10-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -141,7 +141,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.11
+rubygems_version: 2.6.12
 signing_key: 
 specification_version: 4
 summary: Monitoring plug-in for Foreman's smart proxy