From fe980cb11866b37c5404ac676036f5331c7e2d45 Mon Sep 17 00:00:00 2001 From: "W. Trevor King" Date: Wed, 29 Oct 2014 13:36:40 -0700 Subject: [PATCH] nagios: Add a Nagios image for service monitoring The lighttpd config snippet is based on Gentoo's lighttpd_nagios3-r1.conf from net-analyzer/nagios-core. I've dropped the auth snippets (you can put your auth in a reverse-proxy in front of the nagios container) and added a redirect from / to /nagios. I had to add mod_fastcgi.conf to avoid: NOT handling file as static file, extension forbidden for *.php files. I set timezones to avoid the following PHP warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier --- README.md | 1 + build.sh | 1 + nagios/Dockerfile.template | 55 ++++++++++++ nagios/README.md | 27 ++++++ nagios/lighttpd-nagios.conf | 18 ++++ nagios/lighttpd-syslog.conf | 2 + nagios/redis/README.md | 9 ++ nagios/redis/cfg/redis.cfg | 31 +++++++ nagios/redis/plugins/check_redis_list_length | 95 ++++++++++++++++++++ 9 files changed, 239 insertions(+) create mode 100644 nagios/Dockerfile.template create mode 100644 nagios/README.md create mode 100644 nagios/lighttpd-nagios.conf create mode 100644 nagios/lighttpd-syslog.conf create mode 100644 nagios/redis/README.md create mode 100644 nagios/redis/cfg/redis.cfg create mode 100755 nagios/redis/plugins/check_redis_list_length diff --git a/README.md b/README.md index 45472e9..dd82104 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,7 @@ The dependency graph is: | `-- hubot (adds hubot with an IRC adapter) |-- irker (adds irker, and spawns irkerd by default) |-- memcached (adds Memcached) + |-- nagios (adds Nagios) |-- nginx (adds Nginx) | |-- nginx-proxy (SSL/TLS proxying via SNI) | |-- kibana (adds Kibana) diff --git a/build.sh b/build.sh index 78b0e30..b70ced8 100755 --- a/build.sh +++ b/build.sh @@ -57,6 +57,7 @@ REPOS="${REPOS:- hubot irker memcached + nagios nginx nginx-proxy kibana diff --git a/nagios/Dockerfile.template b/nagios/Dockerfile.template new file mode 100644 index 0000000..73bcca7 --- /dev/null +++ b/nagios/Dockerfile.template @@ -0,0 +1,55 @@ +# Copyright (C) 2014 W. Trevor King +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# * Redistributions of source code must retain the above copyright notice, this +# list of conditions and the following disclaimer. +# +# * Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + +FROM ${NAMESPACE}/gentoo-syslog:${TAG} +MAINTAINER ${MAINTAINER} +#VOLUME ["${PORTAGE}:/usr/portage:ro", "${PORTAGE}/distfiles:/usr/portage/distfiles:rw"] +RUN echo 'media-libs/gd jpeg png' >> /etc/portage/package.use +RUN echo 'net-analyzer/nagios-core lighttpd' >> /etc/portage/package.use +RUN echo 'net-analyzer/nagios-plugins nagios-dns nagios-ntp nagios-ssh' >> /etc/portage/package.use +RUN echo 'dev-lang/php cgi' >> /etc/portage/package.use +RUN emerge -v net-analyzer/nagios +RUN eselect news read new +ADD lighttpd-syslog.conf /etc/lighttpd/syslog.conf +RUN echo 'include "mod_fastcgi.conf"' >> /etc/lighttpd/lighttpd.conf +RUN echo 'include "syslog.conf"' >> /etc/lighttpd/lighttpd.conf +ADD lighttpd-nagios.conf /etc/lighttpd/nagios.conf +RUN echo 'include "nagios.conf"' >> /etc/lighttpd/lighttpd.conf +# https://bugs.gentoo.org/show_bug.cgi?id=528184 +RUN chmod 755 /etc/nagios +RUN sed -i 's|\(#use_timezone=Australia/Brisbane\)|\1\nuse_timezone=UTC|' /etc/nagios/nagios.cfg +RUN sed -i 's|\(;date.timezone.*\)|\1\ndate.timezone = "UTC"|' /etc/php/*/php.ini +RUN sed -i 's|\(#default_user_name=.*\)|\1\ndefault_user_name=guest|' /etc/nagios/cgi.cfg +RUN sed -i 's|\(authorized_for_system_information=.*\)|\1,guest|' /etc/nagios/cgi.cfg +RUN sed -i 's|\(authorized_for_configuration_information=.*\)|\1,guest|' /etc/nagios/cgi.cfg +RUN sed -i 's|\(authorized_for_all_services=.*\)|\1,guest|' /etc/nagios/cgi.cfg +RUN sed -i 's|\(authorized_for_all_hosts=.*\)|\1,guest|' /etc/nagios/cgi.cfg +RUN sed -i 's|\(authorized_for_read_only=.*\)|\1,guest|' /etc/nagios/cgi.cfg +RUN mkdir /etc/nagios/cfg +RUN chown nagios:nagios /etc/nagios/cfg +RUN sed -i 's|\(#cfg_dir=/etc/nagios/routers.*\)|\1\ncfg_dir=/etc/nagios/cfg|' /etc/nagios/nagios.cfg +RUN rc-update add nagios default +RUN rc-update add lighttpd default + +EXPOSE 80 diff --git a/nagios/README.md b/nagios/README.md new file mode 100644 index 0000000..f023609 --- /dev/null +++ b/nagios/README.md @@ -0,0 +1,27 @@ +Run this [Nagios][] image with: + + $ docker run -d --name nagios-0 -p 80:80 wking/nagios + +You'll want to [volume mount][volume-mount] your config. For example: + + $ docker run -d --name nagios-0 \ + > -v ~/src/dockerfile/nagios/redis/plugins:/usr/local/bin \ + > -v ~/src/dockerfile/nagios/redis/cfg:/etc/nagios/cfg \ + > -p 80:80 \ + > wking/nagios \ + > /bin/bash -c ' + > emerge -v dev-db/redis && rc default && exec tail-syslog + > ' + +Of course, if you were using this in production you'd want to create a +new image `FROM` this one with `dev-db/redis` already installed, after +which you could drop the explicit command. + +For information about writing your own plugins, see the [plugin API +docs][plugin-api]. For more information about Nagios on Gentoo, see +the [wiki][]. + +[Nagios]: http://www.nagios.org/ +[volume-mount]: http://docs.docker.com/userguide/dockervolumes/#mount-a-host-directory-as-a-data-volume +[plugin-api]: http://nagios.sourceforge.net/docs/3_0/pluginapi.html +[wiki]: http://wiki.gentoo.org/wiki/Nagios diff --git a/nagios/lighttpd-nagios.conf b/nagios/lighttpd-nagios.conf new file mode 100644 index 0000000..b1ff67c --- /dev/null +++ b/nagios/lighttpd-nagios.conf @@ -0,0 +1,18 @@ +server.modules += ("mod_cgi") +server.modules += ("mod_alias") +server.modules += ("mod_rewrite") + +$HTTP["url"] =~ "^/nagios/cgi-bin/" { + dir-listing.activate = "disable" + cgi.assign = ( + ".pl" => "/usr/bin/perl", + ".cgi" => "" + ) +} + +alias.url += ( + "/nagios/cgi-bin" => "/usr/lib/nagios/cgi-bin", + "/nagios" => "/usr/share/nagios/htdocs" +) + +url.rewrite = ( "^/$" => "/nagios" ) diff --git a/nagios/lighttpd-syslog.conf b/nagios/lighttpd-syslog.conf new file mode 100644 index 0000000..75c9c9e --- /dev/null +++ b/nagios/lighttpd-syslog.conf @@ -0,0 +1,2 @@ +server.errorlog-use-syslog = "enable" +accesslog.use-syslog = "enable" diff --git a/nagios/redis/README.md b/nagios/redis/README.md new file mode 100644 index 0000000..58d7e1f --- /dev/null +++ b/nagios/redis/README.md @@ -0,0 +1,9 @@ +This directory includes a `check_redis_list_length` plugin and sample +Nagios config for monitoring the length of a [Redis][] list. If +you're using Redis as your [Celery][] [broker][], the list name should +match your queue name. You'll need the command line `redis-cli` to +run the plugin. + +[Redis]: http://redis.io/ +[Celery]: http://celery.readthedocs.org/en/latest/ +[broker]: http://celery.readthedocs.org/en/latest/getting-started/brokers/redis.html diff --git a/nagios/redis/cfg/redis.cfg b/nagios/redis/cfg/redis.cfg new file mode 100644 index 0000000..d0f2c74 --- /dev/null +++ b/nagios/redis/cfg/redis.cfg @@ -0,0 +1,31 @@ +define host{ + use linux-server + host_name redis-host + alias redis-host + address 192.168.0.2 +} + +define hostgroup{ + hostgroup_name my-servers + alias My Servers + members redis-host +} + +define service{ + use local-service + host_name redis-host + service_description PING + check_command check_ping!100.0,20%!500.0,60% +} + +define service{ + use local-service + host_name redis-host + service_description Default Celery Queue + check_command check_redis_list_length!default!50!100 +} + +define command{ + command_name check_redis_list_length + command_line /usr/local/bin/check_redis_list_length -h $HOSTADDRESS$ -l $ARG1$ -w $ARG2$ -c $ARG3$ +} diff --git a/nagios/redis/plugins/check_redis_list_length b/nagios/redis/plugins/check_redis_list_length new file mode 100755 index 0000000..72b6b5a --- /dev/null +++ b/nagios/redis/plugins/check_redis_list_length @@ -0,0 +1,95 @@ +#!/bin/sh +# +# Check a Redis list length (e.g. a Celery queue) +# +# Copyright (C) 2014 W. Trevor King +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# * Redistributions of source code must retain the above copyright notice, this +# list of conditions and the following disclaimer. +# +# * Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + +HOST='127.0.0.1' +PORT='6379' +LIST='default' +WARNING='50' +CRITICAL='100' + +STATE_OK=0 +STATE_WARNING=1 +STATE_CRITICAL=2 +STATE_UNKNOWN=3 + +while [ "$#" -gt 0 ] +do + case "$1" in + -h) + HOST="$2" + shift + ;; + -p) + PORT="$2" + shift + ;; + -l) + LIST="$2" + shift + ;; + -w) + WARNING="$2" + shift + ;; + -c) + CRITICAL="$2" + shift + ;; + *) + echo "LIST UNKNOWN - unrecognized option: '$1'" >&2 + exit "${STATE_UNKNOWN}" + esac + shift +done + +LENGTH=$(redis-cli -h "${HOST}" -p "${PORT}" llen "${LIST}") +REDIS_STATUS="$?" +if [ "${REDIS_STATUS}" -eq 127 ] +then + echo "LIST UNKNOWN - command not found (did you install redis-cli?)" + exit "${STATE_UNKNOWN}" +elif [ "${REDIS_STATUS}" -ne 0 ] +then + echo "LIST WARNING - redis-cli returned state ${REDIS_STATUS}" + exit "${STATE_WARNING}" +fi + +STATUS='OK' +EXIT="${STATE_OK}" +if [ "${LENGTH}" -gt "${CRITICAL}" ] +then + STATUS='CRITICAL' + EXIT="${STATE_CRITICAL}" +elif [ "${LENGTH}" -gt "${WARNING}" ] +then + STATUS='WARNING' + EXIT="${STATE_WARNING}" +fi + +echo "LIST ${STATUS} - ${LIST} length: ${LENGTH}" +exit "${EXIT}" -- 2.26.2