From: Matt Birkholz Date: Mon, 3 Jun 2024 22:25:30 +0000 (-0600) Subject: Add Munin monitoring. X-Git-Url: https://birchwood-abbey.net/git?a=commitdiff_plain;h=aab83c62fe733e160264696b49719de021ff70e3;p=Network Add Munin monitoring. --- diff --git a/README.org b/README.org index 9519b0d..a8dd701 100644 --- a/README.org +++ b/README.org @@ -1325,6 +1325,89 @@ define service { } #+END_SRC +** Install Munin + +The abbey is experimenting with Munin. NAGIOS is all about notifying +the Sys. Admin. of failed services. Munin is more about tracking +trends in resource usage. + +#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]] +#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml + +- name: Install Munin. + become: yes + apt: + pkg: munin + +- name: Add {{ ansible_user }} to Munin group. + become: yes + user: + name: "{{ ansible_user }}" + append: yes + groups: munin + +- name: Enable network access to Munin. + become: yes + lineinfile: + path: /etc/munin/apache24.conf + regexp: '([^#]*)Require' + line: '\1Require all granted' + backrefs: yes + notify: Restart Apache2. + +- name: Punt default Munin node. + become: yes + replace: + path: /etc/munin/munin.conf + regexp: '^\[localhost.*\n\n' + +- name: Configure actual Munin nodes. + become: yes + copy: + content: | + [dantooine.birchwood.private] + address 127.0.0.1 + + [anoat.birchwood.private] + address {{ gate_addr }} + + [kessel.birchwood.private] + address {{ kessel_addr }} + + [devaron.birchwood.private] + address {{ devaron_addr }} + dest: /etc/munin/munin-conf.d/zzz-site.cfg + notify: Restart Munin. +#+END_SRC + +The core machine's sensors produce some unfortunate measurements. The +next task configures ~libsensors~ to ignore them. + +#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]] +#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml + +- name: Configure core sensors(1). + become: yes + copy: + content: | + chip "iwlwifi_1-virtual-0" + ignore temp1 + + chip "acpitz-acpi-0" + ignore temp1 + dest: /etc/sensors.d/site.conf +#+END_SRC + +#+CAPTION: [[file:roles_t/abbey-core/handlers/main.yml][=roles_t/abbey-core/handlers/main.yml=]] +#+BEGIN_SRC conf :tangle roles_t/abbey-core/handlers/main.yml + +- name: Restart Munin. + become: yes + systemd: + service: munin + state: restarted +#+END_SRC + ** Install Analog The abbey's public web site's access and error logs are emailed @@ -1527,9 +1610,9 @@ Birchwood Abbey's cloister is a small institute campus. The ~campus~ role configures all campus machines to trust the institute's CA, sync with the campus time server, and forward email to Core. The ~abbey-cloister~ role additionally configures cloistered machines to -use the cloister Apt cache, respond to Core's NAGIOS network monitor, -and to install Emacs. There are also a few OS specific tasks, namely -configuration required on Raspberry Pi OS machines. +use the cloister Apt cache, respond to Core's NAGIOS and Munin network +monitors, and to install Emacs. There are also a few OS specific +tasks, namely configuration required on Raspberry Pi OS machines. Wireless clients are issued keys for the cloister VPN by the ~./abbey client~ command which is currently identical to the ~./inst client~ @@ -1603,6 +1686,45 @@ Raspberry Pis (architecture ~aarch64~) only. state: reloaded #+END_SRC +** Install Munin Node + +Each cloistered host is a Munin node. + +#+CAPTION: [[file:roles_t/abbey-cloister/tasks/main.yml][=roles_t/abbey-cloister/tasks/main.yml=]] +#+BEGIN_SRC conf :tangle roles_t/abbey-cloister/tasks/main.yml + +- name: Install Munin Node. + become: yes + apt: + pkg: munin-node + +- name: Add {{ ansible_user }} to Munin group. + become: yes + user: + name: "{{ ansible_user }}" + append: yes + groups: munin +#+END_SRC + +Again, one of our cloistered hosts has sensors producing unfortunate +measurements. The next task configures Anoat's ~libsensors~ to ignore +them. + +#+CAPTION: [[file:roles_t/abbey-cloister/tasks/main.yml][=roles_t/abbey-cloister/tasks/main.yml=]] +#+BEGIN_SRC conf :tangle roles_t/abbey-cloister/tasks/main.yml + +- name: Configure {{ inventory_hostname }} sensors(1). + copy: + content: | + chip "iwlwifi_1-virtual-0" + ignore temp1 + + chip "acpitz-acpi-0" + ignore temp1 + dest: /etc/sensors.d/site.conf + when: inventory_hostname == 'anoat' +#+END_SRC + ** Install Emacs The monks of the abbey are masters of the staff and Emacs. diff --git a/roles_t/abbey-cloister/tasks/main.yml b/roles_t/abbey-cloister/tasks/main.yml index 9be626f..1ae7fe4 100644 --- a/roles_t/abbey-cloister/tasks/main.yml +++ b/roles_t/abbey-cloister/tasks/main.yml @@ -25,6 +25,29 @@ when: ansible_architecture == 'aarch64' notify: Reload NRPE server. +- name: Install Munin Node. + become: yes + apt: + pkg: munin-node + +- name: Add {{ ansible_user }} to Munin group. + become: yes + user: + name: "{{ ansible_user }}" + append: yes + groups: munin + +- name: Configure {{ inventory_hostname }} sensors(1). + copy: + content: | + chip "iwlwifi_1-virtual-0" + ignore temp1 + + chip "acpitz-acpi-0" + ignore temp1 + dest: /etc/sensors.d/site.conf + when: inventory_hostname == 'anoat' + - name: Install monastic software. become: yes apt: pkg=emacs diff --git a/roles_t/abbey-core/handlers/main.yml b/roles_t/abbey-core/handlers/main.yml index 23e7299..576d518 100644 --- a/roles_t/abbey-core/handlers/main.yml +++ b/roles_t/abbey-core/handlers/main.yml @@ -18,3 +18,9 @@ systemd: service: nagios4 state: reloaded + +- name: Restart Munin. + become: yes + systemd: + service: munin + state: restarted diff --git a/roles_t/abbey-core/tasks/main.yml b/roles_t/abbey-core/tasks/main.yml index 39be636..3971600 100644 --- a/roles_t/abbey-core/tasks/main.yml +++ b/roles_t/abbey-core/tasks/main.yml @@ -206,6 +206,62 @@ loop: [ devaron, kessel ] notify: Reload NAGIOS4. +- name: Install Munin. + become: yes + apt: + pkg: munin + +- name: Add {{ ansible_user }} to Munin group. + become: yes + user: + name: "{{ ansible_user }}" + append: yes + groups: munin + +- name: Enable network access to Munin. + become: yes + lineinfile: + path: /etc/munin/apache24.conf + regexp: '([^#]*)Require' + line: '\1Require all granted' + backrefs: yes + notify: Restart Apache2. + +- name: Punt default Munin node. + become: yes + replace: + path: /etc/munin/munin.conf + regexp: '^\[localhost.*\n\n' + +- name: Configure actual Munin nodes. + become: yes + copy: + content: | + [dantooine.birchwood.private] + address 127.0.0.1 + + [anoat.birchwood.private] + address {{ gate_addr }} + + [kessel.birchwood.private] + address {{ kessel_addr }} + + [devaron.birchwood.private] + address {{ devaron_addr }} + dest: /etc/munin/munin-conf.d/zzz-site.cfg + notify: Restart Munin. + +- name: Configure core sensors(1). + become: yes + copy: + content: | + chip "iwlwifi_1-virtual-0" + ignore temp1 + + chip "acpitz-acpi-0" + ignore temp1 + dest: /etc/sensors.d/site.conf + - name: Install Analog. become: yes apt: pkg=analog