GithubHelp home page GithubHelp logo

isabella232 / sensu-remediation-handler Goto Github PK

View Code? Open in Web Editor NEW

This project forked from sensu/sensu-remediation-handler

0.0 0.0 0.0 98 KB

Sensu Go handler for implementing "self healing" workflows

License: MIT License

Shell 3.28% Go 96.72%

sensu-remediation-handler's Introduction

Sensu Remediation Handler

Bonsai Asset Badge Build Status

Overview

The Sensu Remediation Handler is a Sensu Go event handler that enables you to build self-healing workflows in Sensu.

The Sensu Remediation Handler โ€“ and other similar self-healing workflows in Sensu โ€“ combine a few Sensu features:

  • An "unscheduled check" configuration (i.e. a Sensu check with the "publish": false attribute set).
  • The Sensu agent's built-in entity subscriptions (e.g. entity:web-server-01), which make it possible to target a single agent with a check execution request.
  • The Sensu Checks API POST /checks/:check/execute endpoint, which allows this handler to issue ad hoc check requests.

Configuration

Environment Variables

The Sensu Remediation Handler does not honor any command line flags. Instead, it requires environment variables, either in the handler definition or in the Sensu backend service environment.

SENSU_API_URL
description URL for Sensu backend, including scheme, hostname or IP address, and port.
required false
type String
default http://127.0.0.1:8080
example SENSU_API_URL=http://sensu.example.com:8080
SENSU_USER
description Username for the Sensu API.
required true
type String
example SENSU_API_USER=remediation-handler
SENSU_PASS
description Password for the Sensu API.
required true
type String
example SENSU_API_PASS=setecastronomy
SENSU_API_CERT_FILE
description Filesystem path to certificate authority (CA) certificate used to validate https Sensu API connections.
required false
type String
example SENSU_API_CERT_FILE=/etc/sensu/cacert.pem

Annotations

Although environment variables provide connection details for the Sensu API, you'll use the io.sensu.remediation.config.actions check annotation to provide the configuration that defines remediation activities.

Annotation Specification

The Sensu Remediation Handler uses the string value of the io.sensu.remediation.config.actions check annotation to determine which remediation actions, if any, should be scheduled for a given event.

When present, the value of the io.sensu.remediation.config.actions check annotation must be a array of objects containing key/value pairs. Each object element in the array must conform to the remediation action specification.

Remediation Action Specification

description
description A human-readable representation of the remediation action.
required false
type String
example "description": "restart failed ntpd service"
request
description The name of the check to be scheduled by the remediation action.
required true
type String
example "request": "remediate-ntpd-service"
occurrences
description A list of occurrence counts at which the remediation action is triggered.
required true
type Array of integers
example "occurrences": [4,14,42]
severities
description A list of check status severities that are allowed for the remediation action.
required true
type Array of integers
example "severities": [1]
subscriptions
description A list of agent subscriptions for targeting remediation actions.
required true
type Array of strings
example "subscriptions": ["ntpd"]

Setup

  1. Create a dedicated Sensu user and role for the remediation handler.

    sensuctl role create remediation-handler --namespace=default --verb=create,update --resource checks
sensuctl role-binding create remediation-handler --role=remediation-handler --user=remediation-handler
sensuctl user create remediation-handler --password REPLACEME

  2. Register the remediation handler asset.

    sensuctl asset add sensu/sensu-remediation-handler --rename sensu-remediation-handler

  3. Configure the remediation handler.

    ---
type: Handler
api_version: core/v2
metadata:
  name: remediation
  namespace: default
spec:
  type: pipe
  command: sensu-remediation-handler
  timeout: 10
  runtime_assets:
  - sensu-remediation-handler
  env_vars:
  - "SENSU_API_URL=http://127.0.0.1:8080"
  - "SENSU_API_CERT_FILE="
  - "SENSU_API_USER=remediation-handler"
  - "SENSU_API_PASS=REPLACEME"

    Save this definition to a file named sensu-remediation-handler.yaml and run:

    sensuctl create -f sensu-remediation-handler.yaml

Examples

Example "Unscheduled" Check (Remediation Action)

---
type: CheckConfig
api_version: core/v2
metadata:
  name: systemd-start-nginx
  namespace: default
spec:
  command: sudo systemctl start nginx
  publish: false
  interval: 10 # interval is required but not used
  subscriptions: []

Example Check Definition and Remediation Request Configuration

---
type: CheckConfig
api_version: core/v2
metadata:
  name: check-nginx
  namespace: default
  labels:
    foo: bar
  annotations:
    io.sensu.remediation.config.actions: |
      [
        {
          "description": "Perform this action once after Nginx has been down for 30 seconds.",
          "request": "systemd-start-nginx",
          "occurrences": [ 3 ],
          "severities": [ 1,2 ]
        },
        {
          "description": "Perform this action once after Nginx has been down for 120 seconds.",
          "request": "systemd-restart-nginx",
          "occurrences": [ 12 ],
          "severities": [ 1,2 ]
        }
      ]
spec:
  command: check_http -H 127.0.0.1 -P 80 -N
  publish: true
  interval: 10
  handlers:
  - remediation
  subscriptions:
  - nginx

Acknowledgements

This handler implements a pattern first implemented in Nick Stielau's Sensu Remediator circa 2012. Thanks, Nick!

sensu-remediation-handler's People

Contributors

portertech avatar seifer44 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.