Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

nagios: Replace check_website_response with standard check_http plugin. 

Signed-off-by: Anders Kaseorg <anders@zulip.com>
This commit is contained in:
Anders Kaseorg 2021-06-24 17:15:26 -07:00 committed by Alex Vandiver
parent eb8283c089
commit 93f62b999e
8 changed files with 10 additions and 216 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/THIRDPARTY
View File

@ -33,10 +33,6 @@ Copyright: 2005 Francesc Guasch
License: GPL-2.0
Comment: Not linked.
Files: puppet/zulip/files/nagios_plugins/zulip_nagios_server/check_website_response.sh
Copyright: 2011 Chris Freeman
License: GPL-2.0
Files: puppet/zulip_ops/files/zulip-ec2-configure-interfaces
Copyright: 2013-2017, Dropbox, Inc., Kandra Labs, Inc., and contributors
License: Expat

1
docs/production/troubleshooting.md
View File

@ -260,7 +260,6 @@ Database monitoring:
Standard server monitoring:
* `check_website_response.sh`: Basic HTTP check.
* `check_debian_packages`: Checks whether the system is behind on `apt
upgrade`.

199
puppet/zulip/files/nagios_plugins/zulip_nagios_server/check_website_response.sh
View File

@ -1,199 +0,0 @@
#!/bin/sh
#
# Nagios script to check website is up and responding in a timely manner
# Written by Chris Freeman (cfree6223@gmail.com)
# Version 1.1
# (c) GPLv2 2011
#
# Special thanks to dkwiebe and Konstantine Vinogradov for suggestions and feedback
#
### Environment paths
NETCAT=/bin/nc
DATE=/bin/date
WGET=/usr/bin/wget
ECHO=/bin/echo
AWK=/usr/bin/awk
CKSUM=/usr/bin/cksum
TR=/usr/bin/tr
# Temp file
WGETOUT=/tmp/wgetoutput
### Functions
# Check dependencies and paths
checkpaths(){
for PATH in $NETCAT $DATE $WGET $ECHO $AWK $CKSUM $TR; do
if [ ! -f "$PATH" ]; then
STATUS=UNKNOWN
OUTMSG="ERROR: $PATH does does not exist"
output
fi
done
}
# Check inputs and formats
checkinputs(){
if [ ! -n "$WARN" ]; then
ERROR="Warning not set"
usage
fi
case $WARN in
*[!0-9]*)
ERROR="Warning must be an integer in milliseconds"
usage
esac
if [ ! -n "$CRIT" ]; then
ERROR="Critical not set"
usage
fi
case $CRIT in
*[!0-9]*)
ERROR="Critical must be an integer in milliseconds"
usage
esac
if [ "$CRIT" -lt "$WARN" ]; then
ERROR="Critical must be greater than Warning"
usage
fi
if [ ! -n "$URL" ]; then
ERROR="URL not set"
usage
fi
}
# Make temp file unique for URL
mktmpfile(){
WGETOUTCKSUM=$WGETOUT`$ECHO $URL |$CKSUM |$AWK '{print $1}'`
}
# Print usage statement
usage(){
$ECHO "RESPONSE: UNKNOWN - Error: $ERROR"
$ECHO "Usage: check_website_response.sh -w <warning milliseconds> -c <critical milliseconds> -u <url> [ -nocert ]"
exit 3
}
# Check if URL resolves, port is open and webpage contains data
checkopen(){
# Determine PORT from scheme
SCHEME=`$ECHO $URL |$AWK -F: '{print $1}'| $TR [:upper:] [:lower:]`
# Strip scheme out of URL
case $URL in
*://*)
SHORTURL=`$ECHO $URL |$AWK -F"://" '{print $2}'`;;
*)
SHORTURL=$URL;;
esac
# Strip path out of URL
case $SHORTURL in
*/*)
SHORTURL=`$ECHO $SHORTURL |$AWK -F/ '{print $1}'`;;
esac
# if no scheme check for ports in SHORTURL or else default to 80
case $SHORTURL in
*:*@*:*)
if [ ! -n "$PORT" ]; then
PORT=`$ECHO $SHORTURL |$AWK -F: '{print $3}'`
fi
SHORTURL=`$ECHO $SHORTURL |$AWK -F@ '{print $2}'`
SHORTURL=`$ECHO $SHORTURL |$AWK -F: '{print $1}'`;;
*:*@*)
if [ ! -n "$PORT" ]; then
PORT=80
fi
SHORTURL=`$ECHO $SHORTURL |$AWK -F@ '{print $2}'`;;
*:*)
if [ ! -n "$PORT" ]; then
PORT=`$ECHO $SHORTURL |$AWK -F: '{print $2}'`
fi
SHORTURL=`$ECHO $SHORTURL |$AWK -F: '{print $1}'`;;
*)
if [ "$SCHEME" = "https" ]; then
PORT=443
fi
if [ ! -n "$PORT" ]; then
PORT=80
fi;;
esac
# Check if URL resolves and port is open
if ! $NETCAT -z $SHORTURL $PORT > /dev/null 2>&1; then
OUTMSG="URL $SHORTURL can't resolve or port $PORT not open"
STATUS=CRITICAL
output
fi
# Check if page can be loaded and contains data
if [ -n "$NOCERT" ]; then
$WGET --no-check-certificate -q -O $WGETOUTCKSUM $URL
else
$WGET -q -O $WGETOUTCKSUM $URL
fi
if [ ! -s "$WGETOUTCKSUM" ]; then
OUTMSG="$URL does not contain any data"
STATUS=CRITICAL
output
fi
}
# Check page response time
pageload(){
if [ -n "$NOCERT" ]; then
STARTTIME=$($DATE +%s%N)
$WGET --no-check-certificate -q $URL
ENDTIME=$($DATE +%s%N)
else
STARTTIME=$($DATE +%s%N)
$WGET -q $URL
ENDTIME=$($DATE +%s%N)
fi
TIMEDIFF=$((($ENDTIME-$STARTTIME)/1000000))
if [ "$TIMEDIFF" -lt "$WARN" ]; then
STATUS=OK
elif [ "$TIMEDIFF" -ge "$WARN" ] && [ "$TIMEDIFF" -lt "$CRIT" ]; then
STATUS=WARNING
elif [ "$TIMEDIFF" -ge "$CRIT" ]; then
STATUS=CRITICAL
fi
OUTMSG="$TIMEDIFF ms"
}
# Output statement and exit
output(){
$ECHO "RESPONSE: $STATUS - $OUTMSG""|Response="$TIMEDIFF"ms;"$WARN";"$CRIT";0"
if [ "$STATUS" = "OK" ]; then
exit 0
elif [ "$STATUS" = "WARNING" ]; then
exit 1
elif [ "$STATUS" = "CRITICAL" ]; then
exit 2
fi
exit 3
}
### Main
# Input variables
while getopts w:c:u:n: option
do case "$option" in
w) WARN=$OPTARG;;
c) CRIT=$OPTARG;;
u) URL=$OPTARG;;
n) NOCERT=$OPTARG;;
*) ERROR="Illegal option used"
usage;;
esac
done
checkpaths
checkinputs
mktmpfile
checkopen
pageload
output

4
puppet/zulip/manifests/profile/base.pp
View File

@ -39,10 +39,7 @@ class zulip::profile::base {
'python3-yaml',
'puppet',
'git',
# Used for most downloads
'curl',
# Used in check_website_response.sh
'wget',
'jq',
'procps',
# Used to read /etc/zulip/zulip.conf for `zulipconf` Puppet function
@ -67,7 +64,6 @@ class zulip::profile::base {
'puppet',
'git',
'curl',
'wget',
'jq',
'crudini',
'ntp',

10
puppet/zulip_ops/files/nagios3/commands.cfg
View File

@ -176,11 +176,6 @@ define command {
command_line /usr/lib/nagios/plugins/check_by_ssh -l nagios -t 30 -i /var/lib/nagios/.ssh/id_ed25519 -H $HOSTADDRESS$ -C '/usr/lib/nagios/plugins/zulip_app_frontend/check_email_deliverer_backlog'
}
define command{
command_name check_website_response
command_line /usr/lib/nagios/plugins/zulip_nagios_server/check_website_response.sh -u $ARG1$ -w $ARG2$ -c $ARG3$
}
define command{
command_name check_worker_memory
command_line /usr/lib/nagios/plugins/check_by_ssh -l nagios -t 30 -i /var/lib/nagios/.ssh/id_ed25519 -H $HOSTADDRESS$ -C '/usr/lib/nagios/plugins/zulip_app_frontend/check_worker_memory'
@ -205,3 +200,8 @@ define command{
command_name check_apt_repo_status
command_line /usr/lib/nagios/plugins/check_http --sni --ssl -H '$ARG1$' -u 'https://$ARG1$$ARG2$/dists/stable/Release' --expect=200 -s Contents-amd64
}
define command{
command_name check_camo
command_line /usr/lib/nagios/plugins/check_http --sni --ssl -H '$ARG1$' -u '$ARG2$' -k 'Accept-Encoding: identity' -w '$ARG3$' -c '$ARG4$'
}

5
puppet/zulip_ops/manifests/profile/nagios.pp
View File

@ -16,7 +16,10 @@ class zulip_ops::profile::nagios {
$nagios_mail_domain = zulipconf('nagios', 'mail_domain', undef)
$nagios_mail_host = zulipconf('nagios', 'mail_host', undef)
$nagios_mail_password = zulipsecret('secrets', 'nagios_mail_password', '')
$nagios_camo_check_url = zulipconf('nagios', 'camo_check_url', undef)
if zulipconf('nagios', 'camo_check_url', undef) =~ /^https:\/\/([^\/]*)(\/.*)$/ {
$nagios_camo_check_host = $1
$nagios_camo_check_path = $2
}
$default_host_domain = zulipconf('nagios', 'default_host_domain', undef)
$hosts_zmirror = split(zulipconf('nagios', 'hosts_zmirror', undef), ',')

2
puppet/zulip_ops/templates/nagios3/localhost.cfg.template.erb
View File

@ -38,5 +38,5 @@ define service{
use generic-service
host_name nagios
service_description Check Camo is operational
check_command check_website_response!<%= @nagios_camo_check_url %>!6000!12000!
check_command check_camo!<%= @nagios_camo_check_host %>!<%= @nagios_camo_check_path %>!6!12
}

1
tools/linter_lib/exclude.py
View File

@ -1,7 +1,6 @@
# Exclude some directories and files from lint checking
EXCLUDED_FILES = [
# Third-party code that doesn't match our style
"puppet/zulip/files/nagios_plugins/zulip_nagios_server/check_website_response.sh",
"static/third",
# Transifex syncs translation.json files without trailing
# newlines; there's nothing other than trailing newlines we'd be