From 86a9e457d1883f1923912d6b8a54aee71aa712bd Mon Sep 17 00:00:00 2001 From: Scott Wallace Date: Tue, 6 Mar 2018 18:11:42 +0000 Subject: [PATCH] Add basic Sensu installation and configuration with Ansible. --- .ansible/inventory.yaml | 10 +- .../roles/home_server/handlers/firewalld.yaml | 3 + .ansible/roles/home_server/handlers/main.yaml | 3 + .../roles/home_server/handlers/sensu.yaml | 7 + .ansible/roles/home_server/tasks/basics.yaml | 16 ++ .ansible/roles/home_server/tasks/main.yaml | 3 + .ansible/roles/home_server/tasks/sensu.yaml | 156 ++++++++++++++++++ .../roles/home_server/tasks/sensu_checks.yaml | 51 ++++++ .ansible/roles/mac_desktop/vars/main.yaml | 1 + .ansible/site.yaml | 7 +- 10 files changed, 253 insertions(+), 4 deletions(-) create mode 100644 .ansible/roles/home_server/handlers/firewalld.yaml create mode 100644 .ansible/roles/home_server/handlers/main.yaml create mode 100644 .ansible/roles/home_server/handlers/sensu.yaml create mode 100644 .ansible/roles/home_server/tasks/basics.yaml create mode 100644 .ansible/roles/home_server/tasks/main.yaml create mode 100644 .ansible/roles/home_server/tasks/sensu.yaml create mode 100644 .ansible/roles/home_server/tasks/sensu_checks.yaml diff --git a/.ansible/inventory.yaml b/.ansible/inventory.yaml index dbf736c..f93567f 100644 --- a/.ansible/inventory.yaml +++ b/.ansible/inventory.yaml @@ -1,4 +1,8 @@ mac_desktops: - hosts: - localhost: - ansible_connection: local + hosts: + localhost: + ansible_connection: local + +home_servers: + hosts: + homer diff --git a/.ansible/roles/home_server/handlers/firewalld.yaml b/.ansible/roles/home_server/handlers/firewalld.yaml new file mode 100644 index 0000000..9427195 --- /dev/null +++ b/.ansible/roles/home_server/handlers/firewalld.yaml @@ -0,0 +1,3 @@ +- name: restart firewalld + service: name=firewalld state=restarted + become: true \ No newline at end of file diff --git a/.ansible/roles/home_server/handlers/main.yaml b/.ansible/roles/home_server/handlers/main.yaml new file mode 100644 index 0000000..3afbc59 --- /dev/null +++ b/.ansible/roles/home_server/handlers/main.yaml @@ -0,0 +1,3 @@ +- name: Home server handlers + import_tasks: sensu.yaml +- import_tasks: firewalld.yaml \ No newline at end of file diff --git a/.ansible/roles/home_server/handlers/sensu.yaml b/.ansible/roles/home_server/handlers/sensu.yaml new file mode 100644 index 0000000..ad85f36 --- /dev/null +++ b/.ansible/roles/home_server/handlers/sensu.yaml @@ -0,0 +1,7 @@ +- name: restart sensu-client + service: name=sensu-client state=restarted + become: true + +- name: restart uchiwa + service: name=uchiwa state=restarted + become: true \ No newline at end of file diff --git a/.ansible/roles/home_server/tasks/basics.yaml b/.ansible/roles/home_server/tasks/basics.yaml new file mode 100644 index 0000000..8bc6793 --- /dev/null +++ b/.ansible/roles/home_server/tasks/basics.yaml @@ -0,0 +1,16 @@ +- name: Basic package installs + tags: + - install + yum: + name: "{{ item }}" + state: latest + with_items: + - epel-release + - git + - lsof + - net-tools + - psmisc + - rsync + - telnet + - vim + become: true \ No newline at end of file diff --git a/.ansible/roles/home_server/tasks/main.yaml b/.ansible/roles/home_server/tasks/main.yaml new file mode 100644 index 0000000..01f2020 --- /dev/null +++ b/.ansible/roles/home_server/tasks/main.yaml @@ -0,0 +1,3 @@ +- name: Home server tasks + import_tasks: basics.yaml +- import_tasks: sensu.yaml diff --git a/.ansible/roles/home_server/tasks/sensu.yaml b/.ansible/roles/home_server/tasks/sensu.yaml new file mode 100644 index 0000000..df2c061 --- /dev/null +++ b/.ansible/roles/home_server/tasks/sensu.yaml @@ -0,0 +1,156 @@ +- name: Add Sensu repo + tags: + - install + yum_repository: + name: sensu + description: Sensu YUM repo + baseurl: https://sensu.global.ssl.fastly.net/yum/$releasever/$basearch/ + gpgcheck: false + become: true + +- name: Install Erlang + tags: + - install + yum: + name: erlang + state: present + become: true + +- name: Install RabbitMQ & Redis + tags: + - install + yum: + name: "{{ item }}" + state: present + become: true + with_items: + - http://www.rabbitmq.com/releases/rabbitmq-server/current/rabbitmq-server-3.6.15-1.el7.noarch.rpm + - redis + +- name: Install the latest version of Sensu + tags: + - install + yum: + name: "{{ item }}" + state: latest + become: true + with_items: + - sensu + - uchiwa + +- name: Set Sensu base path + tags: + - config + set_fact: + sensu_basepath: /etc/sensu + +- name: Configure Sensu client + tags: + - config + sensu_client: + subscriptions: + - default + notify: + - restart sensu-client + become: true + +- name: Configure the Sensu transport + tags: + - config + copy: + content: | + { + "transport": { + "name": "rabbitmq", + "reconnect_on_error": true + } + } + dest: "{{ sensu_basepath }}/conf.d/transport.json" + become: true + +- name: Configure the Sensu API + tags: + - config + copy: + content: | + { + "api": { + "host": "localhost", + "bind": "0.0.0.0", + "port": 4567 + } + } + dest: "{{ sensu_basepath }}/conf.d/api.json" + become: true + +- name: Configure Redis + tags: + - config + copy: + content: | + { + "redis": { + "host": "127.0.0.1", + "port": 6379 + } + } + dest: "{{ sensu_basepath }}/conf.d/redis.json" + notify: + - restart sensu-client + become: true + + +- name: Configure Uchiwa dashboard + tags: + - config + copy: + content: | + { + "sensu": [ + { + "name": "home network", + "host": "localhost", + "port": 4567, + "timeout": 10 + } + ], + "uchiwa": { + "host": "0.0.0.0", + "port": 3000, + "refresh": 10 + } + } + dest: "{{ sensu_basepath }}/uchiwa.json" + notify: + - restart uchiwa + become: true + +- name: Enable Sensu services + tags: + - services + service: + name: "{{ item }}" + enabled: true + state: started + with_items: + - sensu-client + - sensu-server + - sensu-api + - uchiwa + - rabbitmq-server + - redis + become: true + +- name: Uchiwa firewalld + tags: + - services + firewalld: + port: 3000/tcp + permanent: true + zone: public + state: enabled + notify: + - restart firewalld + become: true + +- import_tasks: sensu_checks.yaml diff --git a/.ansible/roles/home_server/tasks/sensu_checks.yaml b/.ansible/roles/home_server/tasks/sensu_checks.yaml new file mode 100644 index 0000000..972af6b --- /dev/null +++ b/.ansible/roles/home_server/tasks/sensu_checks.yaml @@ -0,0 +1,51 @@ +- name: Install Sensu basic checks + tags: + - install + command: "sensu-install -p {{ item }}" + become: true + with_items: + - cpu-checks + - disk-checks + - memory-checks + - process-checks + - load-checks + - vmstats + +- name: Get CPU metrics + tags: + - config + sensu_check: + name: CPU + command: /opt/sensu/embedded/bin/check-cpu.rb -w 80 -c 90 + metric: yes + handlers: default + subscribers: default + interval: 60 + notify: restart sensu-server + become: true + +- name: Get disk metrics + tags: + - config + sensu_check: + name: Disk + command: /opt/sensu/embedded/bin/check-disk-usage.rb -t xfs -w 80 -c 90 + metric: yes + handlers: default + subscribers: default + interval: 60 + notify: restart sensu-server + become: true + +- name: Get memory metrics + tags: + - config + sensu_check: + name: Memory + command: /opt/sensu/embedded/bin/check-memory-percent.rb -w 80 -c 90 + metric: yes + handlers: default + subscribers: default + interval: 60 + notify: restart sensu-server + become: true \ No newline at end of file diff --git a/.ansible/roles/mac_desktop/vars/main.yaml b/.ansible/roles/mac_desktop/vars/main.yaml index 8afa1d5..fe465c6 100644 --- a/.ansible/roles/mac_desktop/vars/main.yaml +++ b/.ansible/roles/mac_desktop/vars/main.yaml @@ -38,6 +38,7 @@ homebrew_cask_items: - handbrake - iterm2 - itsycal + - keybase - osxfuse - resilio-sync - signal diff --git a/.ansible/site.yaml b/.ansible/site.yaml index d6273fb..6e8caac 100644 --- a/.ansible/site.yaml +++ b/.ansible/site.yaml @@ -1,4 +1,9 @@ - name: Mac desktops hosts: mac_desktops roles: - - mac_desktop + - mac_desktop + +- name: Home server + hosts: home_servers + roles: + - home_server