Juju Charms Collection
logstash package

Merge lp:~verterok/charms/trusty/logstash/lumberjack-cert-check into lp:~tanuki/charms/trusty/logstash/trunk

  1. Trusty Tahr (14.04)
  2. lumberjack-cert-check
  3. Merge into trunk
Proposed by Guillermo Gonzalez
Status: Merged
Approved by: Guillermo Gonzalez
Approved revision: 59
Merged at revision: 58
Proposed branch: lp:~verterok/charms/trusty/logstash/lumberjack-cert-check
Merge into: lp:~tanuki/charms/trusty/logstash/trunk
Diff against target: 88 lines (+52/-0)
2 files modified
config.yaml (+4/-0)
hooks/nrpe-external-master-relation-changed (+48/-0)
To merge this branch: bzr merge lp:~verterok/charms/trusty/logstash/lumberjack-cert-check
Reviewer Review Type Date Requested Status
Celso Providelo (community) Approve
Review via email: mp+272910@code.launchpad.net

Commit message

Add nrpe check of lumberjack ssl certificate expiration.

Description of the change

Add nrpe check of lumberjack ssl certificate expiration.

WARNING before 30 days and CRITICAL from 14 days until end date

To post a comment you must log in.
Revision history for this message
Celso Providelo (cprov) wrote :

Nice work! Clear and objective check shortname & description.

Hopefully it will also make its way upstream.

Thanks Guillermo.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'config.yaml'
--- config.yaml 2015-09-07 21:39:38 +0000
+++ config.yaml 2015-09-30 13:31:17 +0000
@@ -47,3 +47,7 @@
47 default: "--ssl -H localhost -p 5043 -c 0.3"47 default: "--ssl -H localhost -p 5043 -c 0.3"
48 type: string48 type: string
49 description: The parameters to pass to the nrpe plugin check_tcp.49 description: The parameters to pass to the nrpe plugin check_tcp.
50 nagios_check_cert_params:
51 default: "-D 30,14 -H 127.0.0.1 -p 5043"
52 type: string
53 description: The parameters to pass to the nrpe plugin "check_tcp --ssl" to check certificate expiration date.
5054
=== modified file 'hooks/nrpe-external-master-relation-changed'
--- hooks/nrpe-external-master-relation-changed 2015-05-05 23:38:46 +0000
+++ hooks/nrpe-external-master-relation-changed 2015-09-30 13:31:17 +0000
@@ -7,10 +7,46 @@
77
8from charmhelpers.core import hookenv8from charmhelpers.core import hookenv
9from charmhelpers.contrib.charmsupport import nrpe9from charmhelpers.contrib.charmsupport import nrpe
10from charmhelpers.contrib.charmsupport.nrpe import NRPE
1011
11hooks = hookenv.Hooks()12hooks = hookenv.Hooks()
12log = hookenv.log13log = hookenv.log
1314
15
16class CustomIntervalCheck(nrpe.Check):
17
18 service_template = ("""
19#---------------------------------------------------
20# This file is Juju managed
21#---------------------------------------------------
22define service {{
23 use active-service
24 host_name {nagios_hostname}
25 service_description {nagios_hostname}[{shortname}] """
26 """{description}
27 check_command check_nrpe!{command}
28 servicegroups {nagios_servicegroup}
29%s
30}}
31""")
32 intervals_template = " {} {}\n"
33
34 def __init__(self, shortname, description, check_cmd, normal_check_interval=None,
35 retry_check_interval=None, notification_interval=None):
36 super(CustomIntervalCheck, self).__init__(shortname, description, check_cmd)
37 intervals = {}
38 if normal_check_interval:
39 intervals['normal_check_interval'] = normal_check_interval
40 if retry_check_interval:
41 intervals['retry_check_interval'] = retry_check_interval
42 if notification_interval:
43 intervals['notification_interval'] = notification_interval
44 intervals_config = ""
45 for k, v in intervals.items():
46 intervals_config += self.intervals_template.format(k, v)
47 self.service_template = CustomIntervalCheck.service_template % intervals_config
48
49
14@hooks.hook('nrpe-external-master-relation-changed')50@hooks.hook('nrpe-external-master-relation-changed')
15def update_nrpe_checks():51def update_nrpe_checks():
16 nrpe_compat = nrpe.NRPE()52 nrpe_compat = nrpe.NRPE()
@@ -23,6 +59,7 @@
23 check_cmd='check_procs %s' % check_procs_params59 check_cmd='check_procs %s' % check_procs_params
24 )60 )
25 check_tcp_params = conf.get('nagios_check_tcp_params')61 check_tcp_params = conf.get('nagios_check_tcp_params')
62 check_cert_params = conf.get('nagios_check_cert_params')
26 config_data = hookenv.config()63 config_data = hookenv.config()
27 # Only setup lumberjack protocol if ssl cert and key are configured64 # Only setup lumberjack protocol if ssl cert and key are configured
28 if config_data['ssl_cert'] and config_data['ssl_key']:65 if config_data['ssl_cert'] and config_data['ssl_key']:
@@ -32,6 +69,17 @@
32 description='Check logstash lumberjack input tcp port',69 description='Check logstash lumberjack input tcp port',
33 check_cmd='check_tcp %s' % check_tcp_params70 check_cmd='check_tcp %s' % check_tcp_params
34 )71 )
72 if check_cert_params:
73 # check certificate expiry date, daily and retry every 2 hs
74 cert_check = CustomIntervalCheck(
75 shortname='lumberjack_ssl_check',
76 description='Check logstash ssl certificate expiry date',
77 check_cmd='check_tcp --ssl {}'.format(check_cert_params),
78 normal_check_interval=1440, # minutes
79 retry_check_interval=120, # minutes
80 )
81 nrpe_compat.checks.append(cert_check)
82
35 nrpe_compat.write()83 nrpe_compat.write()
3684
37if __name__ == "__main__":85if __name__ == "__main__":

Subscribers

People subscribed via source and target branches