sbitio / puppet-monit Goto Github PK

The use address parameter is optional in monit configs, and setting it to localhost as is done by the module is too restrictive. This patch relaxes this limitation.

At present system checks can't be removed.

Hi,

Puppet 6 already reached its EOF on February, are there plans to support puppet 7 in this module?

Thanks

/etc/monitrc expects to be 0600
the file is getting created as 0644

I added
mode => '600',
to config.pp
to fix it.

At present, the "system" checks added by the module only check the root filesystem. We want to detect and check all filesystems.

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Monit::Check::System[wh3]:
  parameter 'tests' index 1 entry 'value' expects a value of type Array, Hash, Integer, or String, got Float
  parameter 'tests' index 2 entry 'value' expects a value of type Array, Hash, Integer, or String, got Float (file: /etc/puppetlabs/code/environments/master/modules/monit/manifests/config.pp, line: 53) on node w
h3

It seems a regression in 8eeced0

It seems that an error is thrown indicating lsbmajdistrelease is Undef.

After doing some searching it seems that yum install redhat-lsb-core is needed so that required modules are installed for faceter to pull data.

lsbdistcodename => Core
lsbdistdescription => CentOS Linux release 7.9.2009 (Core)
lsbdistid => CentOS
lsbdistrelease => 7.9.2009
lsbmajdistrelease => 7
lsbminordistrelease => 9
lsbrelease => :core-4.1-amd64:core-4.1-noarch

It may be an idea to replace with modern facts, found this ticket on another plugin.
puppetlabs/puppetlabs-kubernetes#174

If not I would gladly take ownership...

As described here: https://mmonit.com/monit/documentation/monit.html#PROCESS-UPTIME-TESTING

I'd like to be able to monitor process uptime and restart as required so that processes don't become stale, as they sometimes do. Unless I'm missing something, this isn't supported by the puppet module right now.

Cheers!

class { '::monit':
      system_fs  => ['/'],
      httpserver => false,
      checks     => {
        "mycheck"             => {
          type   => 'host',
          config => {
            'address'       => '127.0.0.1',
          },
          tests  => [
            {
              'type'          => 'connection',
              'host'          => '127.0.0.1',
              'port'          => '9091',
              'protocol'      => 'http',
              'protocol_test' => {'request'=>'/ping'},
              'tolerance'     => {'cycles' =>5},
              'action'        => 'exec',
              'exec'          => '/sbin/poweroff',
            },
          ],
        }
      }

produce:

# This file is managed by Puppet. DO NOT EDIT.
CHECK HOST mycheck ADDRESS 127.0.0.1
  GROUP mycheck

  IF FAILED HOST 127.0.0.1 PORT 9091
    PROTOCOL HTTP
    REQUEST /ping
    FOR 5 CYCLES
  THEN EXEC "/SBIN/POWEROFF"

These two parameters are optional in the monit config, while the current puppet module makes them mandatory.

Using just the example configuration given plus a single process monitor, we get the following on every run.

[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:11: warning: already initialized constant RESOURCE_TESTS
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:17: warning: already initialized constant RESOURCE_TESTS_OPERATORS
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:23: warning: already initialized constant PROTOCOL_TESTS
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:30: warning: already initialized constant TEST_TYPES
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:42: warning: already initialized constant TEST_ACTIONS
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:11: warning: already initialized constant RESOURCE_TESTS
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:17: warning: already initialized constant RESOURCE_TESTS_OPERATORS
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:23: warning: already initialized constant PROTOCOL_TESTS
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:30: warning: already initialized constant TEST_TYPES
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:42: warning: already initialized constant TEST_ACTIONS
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:11: warning: already initialized constant RESOURCE_TESTS
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:17: warning: already initialized constant RESOURCE_TESTS_OPERATORS
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:23: warning: already initialized constant PROTOCOL_TESTS
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:30: warning: already initialized constant TEST_TYPES
[foo.bar.org] out: /home/ubuntu/puppet/modules/monit/lib/puppet/parser/functions/monit_validate_tests.rb:42: warning: already initialized constant TEST_ACTIONS

Various parts for the module need updating to support puppet 4.

Since hiera 5, lookup_options is the way to go.

Looks like epel repo is required on centos to install monit.

this can be fixed by adding module to Puppetfile:

mod 'stahnma-epel'

and then manifest file can look like this:

  include ::epel
  include ::monit

  Class['epel'] -> Class['monit::install'] # cannot do just Class['monit'] because the way module is constructed

Ref https://puppet.com/docs/puppet/6.18/lang_type_aliases.html

Using ntpd as example.

CentOs 7:

# service ntpd status
Redirecting to /bin/systemctl status  ntpd.service
ntpd.service - Network Time Service
   Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled)
   Active: active (running) since jue 2015-06-25 13:04:51 CEST; 1 weeks 4 days ago
  Process: 685 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 703 (ntpd)
   CGroup: /system.slice/ntpd.service
           └─703 /usr/sbin/ntpd -u ntp:ntp -g

Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.

Debian 8:

# service ntp status
● ntp.service - LSB: Start NTP daemon
   Loaded: loaded (/etc/init.d/ntp)
   Active: active (running) since lun 2015-07-06 22:20:36 CEST; 2min 5s ago
  Process: 17754 ExecStop=/etc/init.d/ntp stop (code=exited, status=0/SUCCESS)
  Process: 17779 ExecStart=/etc/init.d/ntp start (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/ntp.service
           └─17788 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 106:111

Hello,

I'm having some warnings that concat is not supported (currently it's supported until 3.0.0) but concat is now at version 4.1.1

I've tried so far to update metadata.json to {"name":"puppetlabs/concat","version_requirement":">= 1.2.1 < 5.0.0"} and it's seems to work correctly.

It's possible to update metadata.json to accept the new version of concat?

Also a new tag in forge would be so nice like #23 said

Thank you very much

The templated monitrc config has incorrect permissions leading to the following message:

monit[186142]: The control file '/etc/monitrc' permission 0644 is wrong, maximum 0700 allowed.

Monit service fails to start

Fix issues listed in https://forge.puppetlabs.com/sbitio/monit/scores

The idfile and statefile are set to undef on RedHat however the variables are then validated in the monit class as not being Optional.

Stdlib::Absolutepath $idfile = $monit::params::idfile,
Stdlib::Absolutepath $statefile = $monit::params::statefile,

This then throws a puppet agent error on RedHat based systems.

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluat
ing a Resource Statement, Evaluation Error: Error while evaluating a Resource Statement, Class[Monit]:
parameter 'idfile' expects a Stdlib::Absolutepath = Variant[Stdlib::Windowspath = Pattern[/^(([a-zA-Z]:[\/])|([\/][\/]
[^\\\/]+[\/][^\\\/]+)|([\/][\/]?[\/][^\\\/]+))/], Stdlib::Unixpath = Pattern[/^/([^\/\0]+/)$/]] value, got Undef

These settings should be Optional since they are set to default values by monit itself if undefined.

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Monit::Check::Instance[wh3]: parameter 'every' expects a String value, got Undef (file: /etc/puppetlabs/code/environments/master/modules/monit/manifests/check/system.pp, line: 46) on node wh3

I need some of the changes since 1.0.0 and I'd still like to point to a forge version, or a tag, rather than a commit hash

I use many different services in foreman puppet and would like to know if there is any way to automatically configure monit service based on what services I have installed in my machine? Defining them one by one is a bit over kill

maybe somekindow profile system?

Those ones are used by docker and generates a lot of noise.

On a puppet agent run

Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Evaluation Error: Error while evaluating a Resource Statement, Invalid resource type concat at /etc/puppetlabs/code/environments/production/modules/monit/manifests/check/instance.pp:26:5 on node client.example.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run

I had to add puppetlabs-concat to my Puppetfile to fix this

New monit versions support regex matching of process[1]

CHECK PROCESS <unique name> <PIDFILE <path> | MATCHING <regex>>

In some distributions there are services which doesn't generate a proper pidfile (b.e.: ntpd service on Centos 7)

Provide a way to deal with that

[1] https://mmonit.com/monit/documentation/monit.html

In our environment, the change to scope results in a configuration where all undefined variables are set as undef in the config files.

Prepending each scope with a test like '! [:undefined, :undef, nil, ''].include?' works for us. Do you have a preferred fix?

Hi!

Puppet7 and Ubuntu 22.

Why we can't configure start_program or stop_program with type "host"?

I get the next error:

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Monit::Check::Host[dockerd]: has no parameter named 'program_start' (file: /etc/puppetlabs/code/environments/testing/modules/monit/manifests/check.pp, line: 62) on node xxxxx

In your examples, in type "host" of HTTP_HEADERS, you put "action: restart", but what restart do?

I dont know if is another method to restart the service from Host TCP check, but if i put the next configuration, and one port is failling, monit dont execute the "start".

monit::check:
'dockerd':
type: 'process'
config:
pidfile: '/var/run/docker.pid'
program_start: '/etc/es-ops-puppet7-docker/monit_deploy_puppet.sh'
tests:
- type: 'connection'
host: 'localhost'
port: 8088
socket_type: 'tcp'
action: 'start'
- type: 'connection'
host: 'localhost'
port: 8140
socket_type: 'tcp'
action: 'start'

Only execute the action if the PID is loss. To do an action if host tcp check port is failling i do the next configuration manually and works.

CHECK HOST WITH ADDRESS 127.0.0.1
START PROGRAM = "/etc/es-ops-puppet7-docker/monit_deploy_puppet.sh"
GROUP dockerd
IF FAILED HOST localhost PORT 8088 TYPE TCP
THEN START
IF FAILED HOST localhost PORT 8140 TYPE TCP
THEN START

how can i do this configuration with the puppet module? Thank you!! Sorry if i am doing some mistake.

Debian Squeeze's version of monit needs "startup=0" changed to "startup=1" in /etc/default/monit.

The line host.pp:21 has an error in the if check:
"if !is_domain_name($address) or !is_ip_address($address)"

The "or" should be "and", since now it only passes if the address is both a domain_name AND and ip_address because of the double-negative.
With an "and" it would check if it's neither a domain_name or an ip_address.

I have the fix ready if you grant me rights for creating a branch/pull request.

CentOS 7 comes, mostly, without /etc/init.d scrips.

Actions should be generated with /sbin/service (Redhat family) or /usr/sbin/service (Debian family) instead of traditional /etc/init.d pattern

I'm using this module with a puppet master 3.8.6 and i get lots of these errors:

Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Evaluation Error: Error while evaluating a Function Call, Failed to parse template monit/check/common.erb:
  Filepath: /etc/puppet/modules/monit/templates/check/common.erb
  Line: 2
  Detail: undefined method `empty?' for nil:NilClass
 at /etc/puppet/modules/monit/manifests/check/instance.pp:33:16

This template is called by various defines which don't have a local variable called alerts, yet in the template you try to access @alterts. Wouldn't the correct way be scope['monit::alerts']?

The same issue happens in /etc/monit/monitrc:

include /*

In the template it says include <%= @conf_dir %>/* and it's called from monit::config but there is no local param conf_dir in this class. Changing the template to include <%= scope['monit::conf_dir'] %>/* fixes this problem.

It would be very useful if we had a nice ref to include for versioning.
Following master is't a good idea in prod, and had coding commit hashes isn't great either.

Can you maybe create tag for the current state, or even better make a 2.x stable branch or something to follow?