星期一, 1月 16, 2017

使用 ansible 快速佈署 nagios with openSUSE Leap 42.2

使用 ansible 快速佈署 nagios with openSUSE Leap 42.2

OS: openSUSE Leap 42.2

Notes:已經安裝 ansible 套件

上一篇文章是手動安裝 nagios 以及 client

接下來就是用 ansible 來進行快速佈署

相關檔案已經放在 GitHub 上面


下載相關檔案, 主要是 nagios_server_install.yml 以及 nagios_client_install.yml, 其他在 playbook 內都會透過 wget 來取得.

編輯或是下載 hosts 檔案, 建立相關群組

主要在 hosts 檔案內透過 群組來控制

# 安裝 nagios server
[NagiosServer]


# 安裝 nagios client
[NagiosClient]


把要安裝 nagios server 與 nagios client 的機器放到群組

要安裝 nagios server
就執行 ansible-playbook   nagios_server_install.yml

會被詢問 nagiosadmin 密碼以及要通知的 e-mail

nagios_server_install.yml 內容如下





---

#########################################################

#

- name: use when conditionals and setup module (facts)

hosts: all

tasks:

# 使用 setup moudule 列出 OS 種類

  - name: use setup module to list os distribution

# setup moudle 可以使用 filter 過濾相關內容

    setup: filter=ansible_distribution





#########################################################



- name: Install nagios server and run service

# 使用群組方式安裝 use group, 請配合 hosts 內的 [NagiosServer]

hosts: NagiosServer

become: True

# 透過提示來輸入相關變數

vars_prompt:

   - name: "nagiosadmin_password"

     prompt: "Enter nagiosadmin password"

# private 設定為 no 會顯示輸入的內容

     private: yes

# 這邊可以設定預設值

     default: nagiosadmin



   - name: "nagiosadmin_email"

     prompt: "Enter nagiosadmin e-mail"

     private: no

     default: nagios@localhost



tasks:

  - name: Install nagios and nrpe with openSUSE Leap

# 這邊使用 disable_recommends=no 加入zypper 建議的套件, 否則不會加入 apache2等其他套件

    zypper: name={{ item }} disable_recommends=no

    with_items:

      - nagios

      - monitoring-plugins

      - nrpe

      - monitoring-plugins-nrpe

    when: ansible_distribution == "openSUSE Leap"



#-------------------------------------------------------



# 設定 nagiosadmin 登入密碼

  - name: set nagiosadmin password

    shell: htpasswd2 -bc /etc/nagios/htpasswd.users nagiosadmin {{ nagiosadmin_password }}



#-------------------------------------------------------



# 由於 apache2.2 and apache2.4 相容性問題, 啟用 access_compat 模組

  - name: enable apache mod_access_compat

    shell: a2enmod mod_access_compat



#-------------------------------------------------------



# 使用修改過的 *.cfg 請詳見 github https://github.com/sakanamax/LearnAnsible/tree/master/playbook/general/nagios/files

  - name: fix localhost.cfg

    shell: wget  https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/playbook/general/nagios/files/localhost.cfg -O /etc/nagios/objects/localhost.cfg

#      get_url:

#        url: https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/playbook/general/nagios/files/localhost.cfg

#        dest: /etc/nagios/objects/localhost.cfg

#        backup: yes



#-------------------------------------------------------



# 使用修改過的 *.cfg 請詳見 github https://github.com/sakanamax/LearnAnsible/tree/master/playbook/general/nagios/files

  - name: use modified template.cfg

    shell: wget  https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/playbook/general/nagios/files/templates.cfg -O /etc/nagios/objects/templates.cfg



#-------------------------------------------------------



# 使用修改過的 *.cfg 請詳見 github https://github.com/sakanamax/LearnAnsible/tree/master/playbook/general/nagios/files

  - name: use modified commands.cfg

    shell: wget  https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/playbook/general/nagios/files/commands.cfg  -O /etc/nagios/objects/commands.cfg



#-------------------------------------------------------



# 使用修改過的 *.cfg 請詳見 github https://github.com/sakanamax/LearnAnsible/tree/master/playbook/general/nagios/files

# 用來當成監控 linux 公共服務的範本

  - name: use modified linuxPublic.cfg

    shell: wget  https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/playbook/general/nagios/files/linuxPublic.cfg   -O /etc/nagios/objects/linuxPublic.cfg



#-------------------------------------------------------



# 使用修改過的 *.cfg 請詳見 github https://github.com/sakanamax/LearnAnsible/tree/master/playbook/general/nagios/files

# 用來當成監控 linux 服務的範本( 自己控管的主機 )

  - name: use modified linux.cfg

    shell: wget  https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/playbook/general/nagios/files/linux.cfg    -O /etc/nagios/objects/linux.cfg



#-------------------------------------------------------



# 使用修改過的 *.cfg 請詳見 github https://github.com/sakanamax/LearnAnsible/tree/master/playbook/general/nagios/files

# 用來當成監控 windows 公共服務的範本( 非自己控管的主機 )

  - name: use modified windowsPublic.cfg

    shell: wget  https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/playbook/general/nagios/files/windowsPublic.cfg    -O /etc/nagios/objects/windowsPublic.cfg



#-------------------------------------------------------



# 使用修改過的 *.cfg 請詳見 github https://github.com/sakanamax/LearnAnsible/tree/master/playbook/general/nagios/files

# 用來當成監控 windows 服務的範本( 自己控管的主機 )

  - name: use modified windows.cfg

    shell: wget  https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/playbook/general/nagios/files/windows.cfg     -O /etc/nagios/objects/windows.cfg



#-------------------------------------------------------



# 使用修改過的 *.cfg 請詳見 github https://github.com/sakanamax/LearnAnsible/tree/master/playbook/general/nagios/files

# 用來當成監控 switch 的範本, 只監控 IP 不監控 snmp

  - name: use modified switchSimple.cfg

    shell: wget  https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/playbook/general/nagios/files/switchSimple.cfg    -O /etc/nagios/objects/switchSimple.cfg



#-------------------------------------------------------



# 使用修改過的 *.cfg 請詳見 github https://github.com/sakanamax/LearnAnsible/tree/master/playbook/general/nagios/files

# 用來當成監控 rack 的範本, 只監控 IP

  - name: use modified rackHost.cfg

    shell: wget   https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/playbook/general/nagios/files/rackHost.cfg    -O /etc/nagios/objects/rackHost.cfg



#-------------------------------------------------------



# 使用修改過的 *.cfg 請詳見 github https://github.com/sakanamax/LearnAnsible/tree/master/playbook/general/nagios/files

# 修改使用 cfg_dir= 參數於 nagios.cfg

  - name: use modified nagios.cfg

    shell: wget  https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/playbook/general/nagios/files/nagios.cfg      -O /etc/nagios/nagios.cfg



#-------------------------------------------------------



# 建立相關工作目錄

  - name:  create working dir for nagios *.cfg

    shell: mkdir  /etc/nagios/{servers,pcs,racks,switches,projects,labs}





#-------------------------------------------------------

# 使用 replace module 去修改 nagiosadmin 通知 e-mail

  - name: Set nagiosadmin e-mail

    replace:

      dest: /etc/nagios/objects/contacts.cfg

      regexp: 'nagios@localhost'

      replace: "{{ nagiosadmin_email }}"

      backup: yes



#-------------------------------------------------------



# 設定 apache2 啟動與開機啟動

  - name: Set apache2 enable and run

    service: name=apache2 state=started enabled=yes



#-------------------------------------------------------



# 設定 nagios 啟動與開機啟動

  - name: Set nagios enable and run

    service: name=nagios state=started enabled=yes



#-------------------------------------------------------





要安裝 nagios client
就執行 ansible-playbook   nagios_client_install.yml

會被詢問 nagios server 的IP

nagios_client_install.yml 的內容如下





#########################################################

#

- name: use when conditionals and setup module (facts)

hosts: all

tasks:

# 使用 setup moudule 列出 OS 種類

  - name: use setup module to list os distribution

# setup moudle 可以使用 filter 過濾相關內容

    setup: filter=ansible_distribution





#########################################################



- name: Install nagios client and run service

# 使用群組方式安裝 use group, 請配合 hosts 內的 [NagiosServer]

hosts: NagiosClient

become: True

# 透過提示來輸入相關變數

vars_prompt:

   - name: "nagios_ip"

     prompt: "Enter nagios server's ip"

# private 設定為 no 會顯示輸入的內容

     private: no

# 這邊可以設定預設值

#       default:

tasks:

  - name: Install nrpe with openSUSE Leap

# 這邊使用 disable_recommends=no 加入zypper 建議的套件, 否則不會加入 apache2等其他套件

    zypper: name={{ item }} disable_recommends=no

    with_items:

      - nrpe

      - monitoring-plugins

      - monitoring-plugins-nrpe

    when: ansible_distribution == "openSUSE Leap"



#-------------------------------------------------------



# 使用修改過的 *.cfg 請詳見 github https://github.com/sakanamax/LearnAnsible/tree/master/playbook/general/nagios/files

# 加入相關 commands

  - name: use modified nrpe.cfg

    shell: wget  https://raw.githubusercontent.com/sakanamax/LearnAnsible/master/playbook/general/nagios/files/nrpe.cfg  -O /etc/nrpe.cfg



#-------------------------------------------------------



# 使用 replace module 去修改 allowed_hosts

  - name: Set allowed_hosts

    replace:

      dest: /etc/nrpe.cfg

      regexp: 'allowed_hosts=127.0.0.1'

      replace: "allowed_hosts=127.0.0.1,{{ nagios_ip }}"

      backup: yes



#-------------------------------------------------------



# 設定 nrpe 啟動與開機啟動

  - name: Set nrpe enable and run

    service: name=nrpe state=started enabled=yes



#-------------------------------------------------------





- name: Copy client config to folder

# 使用群組方式安裝 use group, 請配合 hosts 內的 [NagiosServer]

hosts: NagiosServer

become: True

# 透過提示來輸入相關變數

vars_prompt:

   - name: "cfg_type"

     prompt: "Enter client config template name"

# private 設定為 no 會顯示輸入的內容

     private: no

# 這邊可以設定預設值

     default: linux.cfg



   - name: "cfg_folder"

     prompt: "Enter client config save folder name in /etc/nagios"

     private: no

     default: labs



tasks:

  - name: copy template config to folder

#      shell: cp  /etc/nagios/objects/{{ cfg_type }}  /etc/nagios/{{ cfg_folder }}/{{ hostvars['test4']['ansible_default_ipv4'].address }}.cfg

# 這邊卡了我很久, 這邊透過 hostvars 與 item ( with_item ) 來指定 facts 感謝 https://groups.google.com/forum/#!topic/ansible-project/X6zCbW6S1fo

    shell: cp  /etc/nagios/objects/{{ cfg_type }}  /etc/nagios/{{ cfg_folder }}/{{ hostvars[item]['ansible_default_ipv4'].address }}.cfg

# 這邊透過 with_item 來使用 loop , 將 NagiosClient 群組內的主機放進來

    with_items: "{{ groups['NagiosClient'] }}"



# 將預設 IP 改為 client IP

  - name: replace with client's ip

# 使用 replace module 更改 IP

    replace:

      dest: /etc/nagios/{{ cfg_folder }}/{{ hostvars[item]['ansible_default_ipv4'].address }}.cfg

      regexp: '192.168.3.129'

      replace: "{{ hostvars[item]['ansible_default_ipv4'].address }}"

#        backup: yes

# 這邊 with_items 沒有跟 replace 對齊造成 loop 失敗花了我很多時間, 下次要注意

    with_items: "{{ groups['NagiosClient'] }}"



# 將預設 hostname 更改

  - name: replace with client's hostname

    replace:

      dest: /etc/nagios/{{ cfg_folder }}/{{ hostvars[item]['ansible_default_ipv4'].address }}.cfg

      regexp: 'suseserver129'

      replace: "{{ hostvars[item]['ansible_hostname'] }}"

#        backup: yes

    with_items: "{{ groups['NagiosClient'] }}"





#-------------------------------------------------------



# 將 nagios reload

  - name: Set nagios reload conf

    service: name=nagios state=reloaded



#-------------------------------------------------------


這樣以後佈署上面就輕鬆多了

~ enjoy it



沒有留言: