From 6706b9d4b1b16d3137ccb9646ceec14d38bb54b9 Mon Sep 17 00:00:00 2001 From: Kazuhiro MUSASHI Date: Sat, 10 Oct 2020 15:49:55 +0900 Subject: [PATCH 01/11] Delete `monit` cookbook. --- .../blog/files/etc/monit/conf.d/blog-log.conf | 2 - cookbooks/blog/nginx.rb | 13 - .../consul/files/etc/monit/conf.d/consul.conf | 10 - cookbooks/consul/setup.rb | 8 - cookbooks/monit/default.rb | 39 --- cookbooks/monit/files/etc/default/monit | 10 - cookbooks/monit/files/etc/monit/monitrc | 248 -------------- cookbooks/monit/files/etc/monit/monitrc.1804 | 308 ------------------ .../files/lib/systemd/system/monit.service | 10 - roles/base.rb | 1 - 10 files changed, 649 deletions(-) delete mode 100644 cookbooks/blog/files/etc/monit/conf.d/blog-log.conf delete mode 100644 cookbooks/consul/files/etc/monit/conf.d/consul.conf delete mode 100644 cookbooks/monit/default.rb delete mode 100644 cookbooks/monit/files/etc/default/monit delete mode 100644 cookbooks/monit/files/etc/monit/monitrc delete mode 100644 cookbooks/monit/files/etc/monit/monitrc.1804 delete mode 100644 cookbooks/monit/files/lib/systemd/system/monit.service diff --git a/cookbooks/blog/files/etc/monit/conf.d/blog-log.conf b/cookbooks/blog/files/etc/monit/conf.d/blog-log.conf deleted file mode 100644 index dda15cb..0000000 --- a/cookbooks/blog/files/etc/monit/conf.d/blog-log.conf +++ /dev/null @@ -1,2 +0,0 @@ -check file nginx-blog with path /var/log/nginx/blog.access.log - if timestamp > 2 minutes for 5 cycles then exec "/bin/systemctl restart nginx" diff --git a/cookbooks/blog/nginx.rb b/cookbooks/blog/nginx.rb index 4e06e22..b68ef52 100644 --- a/cookbooks/blog/nginx.rb +++ b/cookbooks/blog/nginx.rb @@ -30,19 +30,6 @@ remote_file '/etc/cron.d/blog' do mode '644' end -# Add monit configuration file for monitoring nginx logs: -remote_file '/etc/monit/conf.d/blog-log.conf' do - owner 'root' - group 'root' - mode '644' - - notifies :reload, 'service[monit]' -end - -service 'monit' do - action :nothing -end - # Create storage directory for blog data directory '/home/webadm/works/public' do owner 'webadm' diff --git a/cookbooks/consul/files/etc/monit/conf.d/consul.conf b/cookbooks/consul/files/etc/monit/conf.d/consul.conf deleted file mode 100644 index 5a54067..0000000 --- a/cookbooks/consul/files/etc/monit/conf.d/consul.conf +++ /dev/null @@ -1,10 +0,0 @@ -check process consul - with pidfile /var/run/consul.pid - start program = "/usr/bin/supervisorctl start consul" - stop program = "/usr/bin/supervisorctl stop consul" - - if failed - host localhost - port 8500 - protocol HTTP - then restart diff --git a/cookbooks/consul/setup.rb b/cookbooks/consul/setup.rb index 3ba8fa7..b75ac7b 100644 --- a/cookbooks/consul/setup.rb +++ b/cookbooks/consul/setup.rb @@ -23,14 +23,6 @@ remote_file '/etc/consul.d/service-consul.json' do only_if '{ node["consul"]["manager"]}' end -remote_file '/etc/monit/conf.d/consul.conf' do - owner 'root' - group 'root' - mode '644' - - notifies :restart, 'service[monit]' -end - execute 'Reload supervisor' do user 'root' diff --git a/cookbooks/monit/default.rb b/cookbooks/monit/default.rb deleted file mode 100644 index 0b8fa22..0000000 --- a/cookbooks/monit/default.rb +++ /dev/null @@ -1,39 +0,0 @@ -package 'monit' - -service 'monit' do - action :disable -end - -case run_command('grep VERSION_ID /etc/os-release | awk -F\" \'{print $2}\'').stdout.chomp -when "18.04" - # do nothing -else - remote_file '/etc/monit/monitrc' do - owner 'root' - group 'root' - mode '600' - - notifies :reload, 'service[monit]' - end -end - -remote_file '/etc/default/monit' do - owner 'root' - group 'root' - mode '644' - - notifies :run, 'execute[systemctl daemon-reload]' -end - -remote_file '/lib/systemd/system/monit.service' do - owner 'root' - group 'root' - mode '644' - - notifies :run, 'execute[systemctl daemon-reload]' -end - -execute 'systemctl daemon-reload' do - action :nothing - command '/etc/init.d/monit stop && systemctl daemon-reload && systemctl enable monit && systemctl start monit' -end diff --git a/cookbooks/monit/files/etc/default/monit b/cookbooks/monit/files/etc/default/monit deleted file mode 100644 index e9f3cbf..0000000 --- a/cookbooks/monit/files/etc/default/monit +++ /dev/null @@ -1,10 +0,0 @@ -# /etc/default/monit - -# Defaults for monit initscript. This file is sourced by -# /bin/sh from /etc/init.d/monit. - -# Set START to yes to start the monit -START=yes - -# Options to pass to monit -MONIT_OPTS=-I diff --git a/cookbooks/monit/files/etc/monit/monitrc b/cookbooks/monit/files/etc/monit/monitrc deleted file mode 100644 index be176af..0000000 --- a/cookbooks/monit/files/etc/monit/monitrc +++ /dev/null @@ -1,248 +0,0 @@ -############################################################################### -## Monit control file -############################################################################### -## -## Comments begin with a '#' and extend through the end of the line. Keywords -## are case insensitive. All path's MUST BE FULLY QUALIFIED, starting with '/'. -## -## Below you will find examples of some frequently used statements. For -## information about the control file and a complete list of statements and -## options, please have a look in the Monit manual. -## -## -############################################################################### -## Global section -############################################################################### -## -## Start Monit in the background (run as a daemon): -# - set daemon 60 # check services at 2-minute intervals - with start delay 240 # optional: delay the first check by 4-minutes (by -# # default Monit check immediately after Monit start) -# -# -## Set syslog logging with the 'daemon' facility. If the FACILITY option is -## omitted, Monit will use 'user' facility by default. If you want to log to -## a standalone log file instead, specify the full path to the log file -# -# set logfile syslog facility log_daemon - set logfile /var/log/monit.log -# -# -## Set the location of the Monit id file which stores the unique id for the -## Monit instance. The id is generated and stored on first Monit start. By -## default the file is placed in $HOME/.monit.id. -# -# set idfile /var/.monit.id - set idfile /var/lib/monit/id -# -## Set the location of the Monit state file which saves monitoring states -## on each cycle. By default the file is placed in $HOME/.monit.state. If -## the state file is stored on a persistent filesystem, Monit will recover -## the monitoring state across reboots. If it is on temporary filesystem, the -## state will be lost on reboot which may be convenient in some situations. -# - set statefile /var/lib/monit/state -# -## Set the list of mail servers for alert delivery. Multiple servers may be -## specified using a comma separator. If the first mail server fails, Monit -# will use the second mail server in the list and so on. By default Monit uses -# port 25 - it is possible to override this with the PORT option. -# -# set mailserver mail.bar.baz, # primary mailserver -# backup.bar.baz port 10025, # backup mailserver on port 10025 -# localhost # fallback relay -# -# -## By default Monit will drop alert events if no mail servers are available. -## If you want to keep the alerts for later delivery retry, you can use the -## EVENTQUEUE statement. The base directory where undelivered alerts will be -## stored is specified by the BASEDIR option. You can limit the maximal queue -## size using the SLOTS option (if omitted, the queue is limited by space -## available in the back end filesystem). -# - set eventqueue - basedir /var/lib/monit/events # set the base directory where events will be stored - slots 100 # optionally limit the queue size -# -# -## Send status and events to M/Monit (for more informations about M/Monit -## see http://mmonit.com/). By default Monit registers credentials with -## M/Monit so M/Monit can smoothly communicate back to Monit and you don't -## have to register Monit credentials manually in M/Monit. It is possible to -## disable credential registration using the commented out option below. -## Though, if safety is a concern we recommend instead using https when -## communicating with M/Monit and send credentials encrypted. -# -# set mmonit http://monit:monit@192.168.1.10:8080/collector -# # and register without credentials # Don't register credentials -# -# -## Monit by default uses the following format for alerts if the the mail-format -## statement is missing:: -## --8<-- -## set mail-format { -## from: monit@$HOST -## subject: monit alert -- $EVENT $SERVICE -## message: $EVENT Service $SERVICE -## Date: $DATE -## Action: $ACTION -## Host: $HOST -## Description: $DESCRIPTION -## -## Your faithful employee, -## Monit -## } -## --8<-- -## -## You can override this message format or parts of it, such as subject -## or sender using the MAIL-FORMAT statement. Macros such as $DATE, etc. -## are expanded at runtime. For example, to override the sender, use: -# -# set mail-format { from: monit@foo.bar } -# -# -## You can set alert recipients whom will receive alerts if/when a -## service defined in this file has errors. Alerts may be restricted on -## events by using a filter as in the second example below. -# -# set alert sysadm@foo.bar # receive all alerts -# set alert manager@foo.bar only on { timeout } # receive just service- -# # timeout alert -# -# -## Monit has an embedded web server which can be used to view status of -## services monitored and manage services from a web interface. See the -## Monit Wiki if you want to enable SSL for the web server. -# -# set httpd port 2812 and -# use address localhost # only accept connection from localhost -# allow localhost # allow localhost to connect to the server and -# allow admin:monit # require user 'admin' with password 'monit' -# allow @monit # allow users of group 'monit' to connect (rw) -# allow @users readonly # allow users of group 'users' to connect readonly -# -############################################################################### -## Services -############################################################################### -## -## Check general system resources such as load average, cpu and memory -## usage. Each test specifies a resource, conditions and the action to be -## performed should a test fail. -# -# check system myhost.mydomain.tld -# if loadavg (1min) > 4 then alert -# if loadavg (5min) > 2 then alert -# if memory usage > 75% then alert -# if swap usage > 25% then alert -# if cpu usage (user) > 70% then alert -# if cpu usage (system) > 30% then alert -# if cpu usage (wait) > 20% then alert -# -# -## Check if a file exists, checksum, permissions, uid and gid. In addition -## to alert recipients in the global section, customized alert can be sent to -## additional recipients by specifying a local alert handler. The service may -## be grouped using the GROUP option. More than one group can be specified by -## repeating the 'group name' statement. -# -# check file apache_bin with path /usr/local/apache/bin/httpd -# if failed checksum and -# expect the sum 8f7f419955cefa0b33a2ba316cba3659 then unmonitor -# if failed permission 755 then unmonitor -# if failed uid root then unmonitor -# if failed gid root then unmonitor -# alert security@foo.bar on { -# checksum, permission, uid, gid, unmonitor -# } with the mail-format { subject: Alarm! } -# group server -# -# -## Check that a process is running, in this case Apache, and that it respond -## to HTTP and HTTPS requests. Check its resource usage such as cpu and memory, -## and number of children. If the process is not running, Monit will restart -## it by default. In case the service is restarted very often and the -## problem remains, it is possible to disable monitoring using the TIMEOUT -## statement. This service depends on another service (apache_bin) which -## is defined above. -# -# check process apache with pidfile /usr/local/apache/logs/httpd.pid -# start program = "/etc/init.d/httpd start" with timeout 60 seconds -# stop program = "/etc/init.d/httpd stop" -# if cpu > 60% for 2 cycles then alert -# if cpu > 80% for 5 cycles then restart -# if totalmem > 200.0 MB for 5 cycles then restart -# if children > 250 then restart -# if loadavg(5min) greater than 10 for 8 cycles then stop -# if failed host www.tildeslash.com port 80 protocol http -# and request "/somefile.html" -# then restart -# if failed port 443 type tcpssl protocol http -# with timeout 15 seconds -# then restart -# if 3 restarts within 5 cycles then timeout -# depends on apache_bin -# group server -# -# -## Check filesystem permissions, uid, gid, space and inode usage. Other services, -## such as databases, may depend on this resource and an automatically graceful -## stop may be cascaded to them before the filesystem will become full and data -## lost. -# -# check filesystem datafs with path /dev/sdb1 -# start program = "/bin/mount /data" -# stop program = "/bin/umount /data" -# if failed permission 660 then unmonitor -# if failed uid root then unmonitor -# if failed gid disk then unmonitor -# if space usage > 80% for 5 times within 15 cycles then alert -# if space usage > 99% then stop -# if inode usage > 30000 then alert -# if inode usage > 99% then stop -# group server -# -# -## Check a file's timestamp. In this example, we test if a file is older -## than 15 minutes and assume something is wrong if its not updated. Also, -## if the file size exceed a given limit, execute a script -# -# check file database with path /data/mydatabase.db -# if failed permission 700 then alert -# if failed uid data then alert -# if failed gid data then alert -# if timestamp > 15 minutes then alert -# if size > 100 MB then exec "/my/cleanup/script" as uid dba and gid dba -# -# -## Check directory permission, uid and gid. An event is triggered if the -## directory does not belong to the user with uid 0 and gid 0. In addition, -## the permissions have to match the octal description of 755 (see chmod(1)). -# -# check directory bin with path /bin -# if failed permission 755 then unmonitor -# if failed uid 0 then unmonitor -# if failed gid 0 then unmonitor -# -# -## Check a remote host availability by issuing a ping test and check the -## content of a response from a web server. Up to three pings are sent and -## connection to a port and an application level network check is performed. -# -# check host myserver with address 192.168.1.1 -# if failed icmp type echo count 3 with timeout 3 seconds then alert -# if failed port 3306 protocol mysql with timeout 15 seconds then alert -# if failed url http://user:password@www.foo.bar:8080/?querystring -# and content == 'action="j_security_check"' -# then alert -# -# -############################################################################### -## Includes -############################################################################### -## -## It is possible to include additional configuration parts from other files or -## directories. -# - include /etc/monit/conf.d/*.conf -# diff --git a/cookbooks/monit/files/etc/monit/monitrc.1804 b/cookbooks/monit/files/etc/monit/monitrc.1804 deleted file mode 100644 index d54034f..0000000 --- a/cookbooks/monit/files/etc/monit/monitrc.1804 +++ /dev/null @@ -1,308 +0,0 @@ -############################################################################### -## Monit control file -############################################################################### -## -## Comments begin with a '#' and extend through the end of the line. Keywords -## are case insensitive. All path's MUST BE FULLY QUALIFIED, starting with '/'. -## -## Below you will find examples of some frequently used statements. For -## information about the control file and a complete list of statements and -## options, please have a look in the Monit manual. -## -## -############################################################################### -## Global section -############################################################################### -## -## Start Monit in the background (run as a daemon): -# - set daemon 120 # check services at 2-minute intervals -# with start delay 240 # optional: delay the first check by 4-minutes (by -# # default Monit check immediately after Monit start) -# -# -## Set syslog logging. If you want to log to a standalone log file instead, -## specify the full path to the log file -# - set log /var/log/monit.log - -# -# -## Set the location of the Monit lock file which stores the process id of the -## running Monit instance. By default this file is stored in $HOME/.monit.pid -# -# set pidfile /var/run/monit.pid -# -## Set the location of the Monit id file which stores the unique id for the -## Monit instance. The id is generated and stored on first Monit start. By -## default the file is placed in $HOME/.monit.id. -# -# set idfile /var/.monit.id - set idfile /var/lib/monit/id -# -## Set the location of the Monit state file which saves monitoring states -## on each cycle. By default the file is placed in $HOME/.monit.state. If -## the state file is stored on a persistent filesystem, Monit will recover -## the monitoring state across reboots. If it is on temporary filesystem, the -## state will be lost on reboot which may be convenient in some situations. -# - set statefile /var/lib/monit/state -# -# - -## Set limits for various tests. The following example shows the default values: -## -# set limits { -# programOutput: 512 B, # check program's output truncate limit -# sendExpectBuffer: 256 B, # limit for send/expect protocol test -# fileContentBuffer: 512 B, # limit for file content test -# httpContentBuffer: 1 MB, # limit for HTTP content test -# networkTimeout: 5 seconds # timeout for network I/O -# programTimeout: 300 seconds # timeout for check program -# stopTimeout: 30 seconds # timeout for service stop -# startTimeout: 30 seconds # timeout for service start -# restartTimeout: 30 seconds # timeout for service restart -# } - -## Set global SSL options (just most common options showed, see manual for -## full list). -# -# set ssl { -# verify : enable, # verify SSL certificates (disabled by default but STRONGLY RECOMMENDED) -# selfsigned : allow # allow self signed SSL certificates (reject by default) -# } -# -# -## Set the list of mail servers for alert delivery. Multiple servers may be -## specified using a comma separator. If the first mail server fails, Monit -# will use the second mail server in the list and so on. By default Monit uses -# port 25 - it is possible to override this with the PORT option. -# -# set mailserver mail.bar.baz, # primary mailserver -# backup.bar.baz port 10025, # backup mailserver on port 10025 -# localhost # fallback relay -# -# -## By default Monit will drop alert events if no mail servers are available. -## If you want to keep the alerts for later delivery retry, you can use the -## EVENTQUEUE statement. The base directory where undelivered alerts will be -## stored is specified by the BASEDIR option. You can limit the queue size -## by using the SLOTS option (if omitted, the queue is limited by space -## available in the back end filesystem). -# - set eventqueue - basedir /var/lib/monit/events # set the base directory where events will be stored - slots 100 # optionally limit the queue size -# -# -## Send status and events to M/Monit (for more informations about M/Monit -## see https://mmonit.com/). By default Monit registers credentials with -## M/Monit so M/Monit can smoothly communicate back to Monit and you don't -## have to register Monit credentials manually in M/Monit. It is possible to -## disable credential registration using the commented out option below. -## Though, if safety is a concern we recommend instead using https when -## communicating with M/Monit and send credentials encrypted. The password -## should be URL encoded if it contains URL-significant characters like -## ":", "?", "@". Default timeout is 5 seconds, you can customize it by -## adding the timeout option. -# -# set mmonit http://monit:monit@192.168.1.10:8080/collector -# # with timeout 30 seconds # Default timeout is 5 seconds -# # and register without credentials # Don't register credentials -# -# -## Monit by default uses the following format for alerts if the mail-format -## statement is missing:: -## --8<-- -## set mail-format { -## from: Monit -## subject: monit alert -- $EVENT $SERVICE -## message: $EVENT Service $SERVICE -## Date: $DATE -## Action: $ACTION -## Host: $HOST -## Description: $DESCRIPTION -## -## Your faithful employee, -## Monit -## } -## --8<-- -## -## You can override this message format or parts of it, such as subject -## or sender using the MAIL-FORMAT statement. Macros such as $DATE, etc. -## are expanded at runtime. For example, to override the sender, use: -# -# set mail-format { from: monit@foo.bar } -# -# -## You can set alert recipients whom will receive alerts if/when a -## service defined in this file has errors. Alerts may be restricted on -## events by using a filter as in the second example below. -# -# set alert sysadm@foo.bar # receive all alerts -# -## Do not alert when Monit starts, stops or performs a user initiated action. -## This filter is recommended to avoid getting alerts for trivial cases. -# -# set alert your-name@your.domain not on { instance, action } -# -# -## Monit has an embedded HTTP interface which can be used to view status of -## services monitored and manage services from a web interface. The HTTP -## interface is also required if you want to issue Monit commands from the -## command line, such as 'monit status' or 'monit restart service' The reason -## for this is that the Monit client uses the HTTP interface to send these -## commands to a running Monit daemon. See the Monit Wiki if you want to -## enable SSL for the HTTP interface. -# -# set httpd port 2812 and -# use address localhost # only accept connection from localhost -# allow localhost # allow localhost to connect to the server and -# allow admin:monit # require user 'admin' with password 'monit' -# #with ssl { # enable SSL/TLS and set path to server certificate -# # pemfile: /etc/ssl/certs/monit.pem -# #} - -############################################################################### -## Services -############################################################################### -## -## Check general system resources such as load average, cpu and memory -## usage. Each test specifies a resource, conditions and the action to be -## performed should a test fail. -# -# check system $HOST -# if loadavg (1min) > 4 then alert -# if loadavg (5min) > 2 then alert -# if cpu usage > 95% for 10 cycles then alert -# if memory usage > 75% then alert -# if swap usage > 25% then alert -# -# -## Check if a file exists, checksum, permissions, uid and gid. In addition -## to alert recipients in the global section, customized alert can be sent to -## additional recipients by specifying a local alert handler. The service may -## be grouped using the GROUP option. More than one group can be specified by -## repeating the 'group name' statement. -# -# check file apache_bin with path /usr/local/apache/bin/httpd -# if failed checksum and -# expect the sum 8f7f419955cefa0b33a2ba316cba3659 then unmonitor -# if failed permission 755 then unmonitor -# if failed uid "root" then unmonitor -# if failed gid "root" then unmonitor -# alert security@foo.bar on { -# checksum, permission, uid, gid, unmonitor -# } with the mail-format { subject: Alarm! } -# group server -# -# -## Check that a process is running, in this case Apache, and that it respond -## to HTTP and HTTPS requests. Check its resource usage such as cpu and memory, -## and number of children. If the process is not running, Monit will restart -## it by default. In case the service is restarted very often and the -## problem remains, it is possible to disable monitoring using the TIMEOUT -## statement. This service depends on another service (apache_bin) which -## is defined above. -# -# check process apache with pidfile /usr/local/apache/logs/httpd.pid -# start program = "/etc/init.d/httpd start" with timeout 60 seconds -# stop program = "/etc/init.d/httpd stop" -# if cpu > 60% for 2 cycles then alert -# if cpu > 80% for 5 cycles then restart -# if totalmem > 200.0 MB for 5 cycles then restart -# if children > 250 then restart -# if loadavg(5min) greater than 10 for 8 cycles then stop -# if disk read > 500 kb/s for 10 cycles then alert -# if disk write > 500 kb/s for 10 cycles then alert -# if failed host www.tildeslash.com port 80 protocol http and request "/somefile.html" then restart -# if failed port 443 protocol https with timeout 15 seconds then restart -# if 3 restarts within 5 cycles then unmonitor -# depends on apache_bin -# group server -# -# -## Check filesystem permissions, uid, gid, space usage, inode usage and disk I/O. -## Other services, such as databases, may depend on this resource and an automatically -## graceful stop may be cascaded to them before the filesystem will become full and data -## lost. -# -# check filesystem datafs with path /dev/sdb1 -# start program = "/bin/mount /data" -# stop program = "/bin/umount /data" -# if failed permission 660 then unmonitor -# if failed uid "root" then unmonitor -# if failed gid "disk" then unmonitor -# if space usage > 80% for 5 times within 15 cycles then alert -# if space usage > 99% then stop -# if inode usage > 30000 then alert -# if inode usage > 99% then stop -# if read rate > 1 MB/s for 5 cycles then alert -# if read rate > 500 operations/s for 5 cycles then alert -# if write rate > 1 MB/s for 5 cycles then alert -# if write rate > 500 operations/s for 5 cycles then alert -# if service time > 10 milliseconds for 3 times within 5 cycles then alert -# group server -# -# -## Check a file's timestamp. In this example, we test if a file is older -## than 15 minutes and assume something is wrong if its not updated. Also, -## if the file size exceed a given limit, execute a script -# -# check file database with path /data/mydatabase.db -# if failed permission 700 then alert -# if failed uid "data" then alert -# if failed gid "data" then alert -# if timestamp > 15 minutes then alert -# if size > 100 MB then exec "/my/cleanup/script" as uid dba and gid dba -# -# -## Check directory permission, uid and gid. An event is triggered if the -## directory does not belong to the user with uid 0 and gid 0. In addition, -## the permissions have to match the octal description of 755 (see chmod(1)). -# -# check directory bin with path /bin -# if failed permission 755 then unmonitor -# if failed uid 0 then unmonitor -# if failed gid 0 then unmonitor -# -# -## Check a remote host availability by issuing a ping test and check the -## content of a response from a web server. Up to three pings are sent and -## connection to a port and an application level network check is performed. -# -# check host myserver with address 192.168.1.1 -# if failed ping then alert -# if failed port 3306 protocol mysql with timeout 15 seconds then alert -# if failed port 80 protocol http -# and request /some/path with content = "a string" -# then alert -# -# -## Check a network link status (up/down), link capacity changes, saturation -## and bandwidth usage. -# -# check network public with interface eth0 -# if failed link then alert -# if changed link then alert -# if saturation > 90% then alert -# if download > 10 MB/s then alert -# if total uploaded > 1 GB in last hour then alert -# -# -## Check custom program status output. -# -# check program myscript with path /usr/local/bin/myscript.sh -# if status != 0 then alert -# -# -############################################################################### -## Includes -############################################################################### -## -## It is possible to include additional configuration parts from other files or -## directories. -# - include /etc/monit/conf.d/* - include /etc/monit/conf-enabled/* -# diff --git a/cookbooks/monit/files/lib/systemd/system/monit.service b/cookbooks/monit/files/lib/systemd/system/monit.service deleted file mode 100644 index b83ab40..0000000 --- a/cookbooks/monit/files/lib/systemd/system/monit.service +++ /dev/null @@ -1,10 +0,0 @@ -[Service] -Type=simple -KillMode=process -ExecStart=/etc/init.d/monit start -ExecStop=/etc/init.d/monit stop -ExecReload=/etc/init.d/monit reload -Restart=always - -[Install] -WantedBy=multi-user.target diff --git a/roles/base.rb b/roles/base.rb index ca8f14e..ce92884 100644 --- a/roles/base.rb +++ b/roles/base.rb @@ -1,7 +1,6 @@ include_recipe '../cookbooks/base/default.rb' include_recipe '../cookbooks/kazu634/default.rb' include_recipe '../cookbooks/supervisor/default.rb' -include_recipe '../cookbooks/monit/default.rb' include_recipe '../cookbooks/consul/default.rb' include_recipe '../cookbooks/fzf/default.rb' include_recipe '../cookbooks/promtail/default.rb' From 4a9e3d62868654c732bb07bf5e6152dcc6dcfabc Mon Sep 17 00:00:00 2001 From: Kazuhiro MUSASHI Date: Sat, 10 Oct 2020 15:52:09 +0900 Subject: [PATCH 02/11] Delete `fluentd` cookbook. --- cookbooks/fluentd/attributes.rb | 11 -- cookbooks/fluentd/auth.rb | 0 cookbooks/fluentd/default.rb | 40 ----- .../files/etc/monit/conf.d/td-agent.conf | 4 - .../files/etc/security/limits.d/90-nfile.conf | 6 - .../files/etc/td-agent/conf.d/forwarder.conf | 38 ----- .../td-agent/conf.d/forwarder_aptitude.conf | 20 --- .../etc/td-agent/conf.d/forwarder_auth.conf | 28 ---- .../etc/td-agent/conf.d/forwarder_consul.conf | 30 ---- .../td-agent/conf.d/forwarder_cron-apt.conf | 29 ---- .../etc/td-agent/conf.d/forwarder_monit.conf | 20 --- .../etc/td-agent/conf.d/forwarder_nginx.conf | 21 --- .../td-agent/conf.d/forwarder_td-agent.conf | 29 ---- .../files/etc/td-agent/conf.d/processor.conf | 146 ------------------ .../etc/td-agent/conf.d/processor_consul.conf | 39 ----- .../etc/td-agent/conf.d/processor_nginx.conf | 15 -- .../files/etc/td-agent/conf.d/receiver.conf | 5 - .../etc/td-agent/conf.d/syslog_esxi.conf | 38 ----- .../etc/td-agent/conf.d/syslog_synology.conf | 41 ----- .../etc/td-agent/conf.d/syslog_vyos.conf | 45 ------ .../files/etc/td-agent/conf.d/watcher.conf | 44 ------ .../fluentd/files/etc/td-agent/td-agent.conf | 1 - cookbooks/fluentd/install.rb | 57 ------- cookbooks/fluentd/nginx.rb | 22 --- cookbooks/fluentd/prerequisites.rb | 5 - cookbooks/fluentd/processor.rb | 7 - cookbooks/fluentd/setup.rb | 73 --------- cookbooks/fluentd/slack.rb | 12 -- cookbooks/fluentd/syslog.rb | 15 -- .../apt/sources.list.d/treasure-data.list.erb | 1 - .../etc/consul.d/service-td-agent.json.erb | 7 - cookbooks/fluentd/templates/etc/hosts.erb | 11 -- 32 files changed, 860 deletions(-) delete mode 100644 cookbooks/fluentd/attributes.rb delete mode 100644 cookbooks/fluentd/auth.rb delete mode 100644 cookbooks/fluentd/default.rb delete mode 100644 cookbooks/fluentd/files/etc/monit/conf.d/td-agent.conf delete mode 100644 cookbooks/fluentd/files/etc/security/limits.d/90-nfile.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_aptitude.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_auth.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_consul.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_cron-apt.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_monit.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_nginx.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_td-agent.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/processor.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/processor_consul.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/processor_nginx.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/receiver.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/syslog_esxi.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/syslog_synology.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/syslog_vyos.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/conf.d/watcher.conf delete mode 100644 cookbooks/fluentd/files/etc/td-agent/td-agent.conf delete mode 100644 cookbooks/fluentd/install.rb delete mode 100644 cookbooks/fluentd/nginx.rb delete mode 100644 cookbooks/fluentd/prerequisites.rb delete mode 100644 cookbooks/fluentd/processor.rb delete mode 100644 cookbooks/fluentd/setup.rb delete mode 100644 cookbooks/fluentd/slack.rb delete mode 100644 cookbooks/fluentd/syslog.rb delete mode 100644 cookbooks/fluentd/templates/etc/apt/sources.list.d/treasure-data.list.erb delete mode 100644 cookbooks/fluentd/templates/etc/consul.d/service-td-agent.json.erb delete mode 100644 cookbooks/fluentd/templates/etc/hosts.erb diff --git a/cookbooks/fluentd/attributes.rb b/cookbooks/fluentd/attributes.rb deleted file mode 100644 index df35d4f..0000000 --- a/cookbooks/fluentd/attributes.rb +++ /dev/null @@ -1,11 +0,0 @@ -# ------------------------------------------- -# Specifying the default settings: -# ------------------------------------------- -node.reverse_merge!({ - 'td-agent' => { - 'user' => 'td-agent', - 'group' => 'td-agent', - 'forward' => false, - 'role' => 'primary' - } -}) diff --git a/cookbooks/fluentd/auth.rb b/cookbooks/fluentd/auth.rb deleted file mode 100644 index e69de29..0000000 diff --git a/cookbooks/fluentd/default.rb b/cookbooks/fluentd/default.rb deleted file mode 100644 index 0cac0d9..0000000 --- a/cookbooks/fluentd/default.rb +++ /dev/null @@ -1,40 +0,0 @@ -##################################### -# Common Settings: -##################################### - -include_recipe './attributes.rb' - -include_recipe './prerequisites.rb' -include_recipe './install.rb' - -include_recipe './setup.rb' - -##################################### -# Manager Settings: -##################################### - -if node['td-agent']['forward'] - include_recipe './processor.rb' - include_recipe './syslog.rb' - include_recipe './slack.rb' -end - -##################################### -# monitoring Settings: -##################################### - -include_recipe './nginx.rb' - -%w( aptitude auth cron-apt monit consul ).each do |c| - remote_file "/etc/td-agent/conf.d/forwarder_#{c}.conf" do - owner 'root' - group 'root' - mode '644' - - notifies :restart, 'service[td-agent]' - end -end - -service 'td-agent' do - action :restart -end diff --git a/cookbooks/fluentd/files/etc/monit/conf.d/td-agent.conf b/cookbooks/fluentd/files/etc/monit/conf.d/td-agent.conf deleted file mode 100644 index c7760a3..0000000 --- a/cookbooks/fluentd/files/etc/monit/conf.d/td-agent.conf +++ /dev/null @@ -1,4 +0,0 @@ -check process td-agent - with pidfile /var/run/td-agent/td-agent.pid - start program = "/etc/init.d/td-agent start" - stop program = "/etc/init.d/td-agent stop" diff --git a/cookbooks/fluentd/files/etc/security/limits.d/90-nfile.conf b/cookbooks/fluentd/files/etc/security/limits.d/90-nfile.conf deleted file mode 100644 index 929b7b8..0000000 --- a/cookbooks/fluentd/files/etc/security/limits.d/90-nfile.conf +++ /dev/null @@ -1,6 +0,0 @@ -# - nofile - max number of open files - -root soft nofile 65536 -root hard nofile 65536 -* soft nofile 65536 -* hard nofile 65536 diff --git a/cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder.conf b/cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder.conf deleted file mode 100644 index 48eaad0..0000000 --- a/cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder.conf +++ /dev/null @@ -1,38 +0,0 @@ - diff --git a/cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_aptitude.conf b/cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_aptitude.conf deleted file mode 100644 index abda2a5..0000000 --- a/cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_aptitude.conf +++ /dev/null @@ -1,20 +0,0 @@ - - @type tail - path /var/log/apt/history.log - pos_file /var/log/td-agent/aptitude.pos - format none - tag aptitude - - - - @type record_transformer - - hostname ${hostname} - message ${hostname}: ${record["message"]} - - - - - @type relabel - @label @forward - diff --git a/cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_auth.conf b/cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_auth.conf deleted file mode 100644 index 257bae5..0000000 --- a/cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_auth.conf +++ /dev/null @@ -1,28 +0,0 @@ - - @type tail - path /var/log/auth.log - pos_file /var/log/td-agent/auth.pos - format syslog - tag auth - - - - @type record_transformer - - message ${hostname}: ${record["message"]} - - - - - @type grep - - - key message - pattern (CRON|Did not receive identification string from|sudo|pam_unix|seat|Removed session|Received disconnect|New session|Accepted publickey|Disconnected) - - - - - @type relabel - @label @forward - diff --git a/cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_consul.conf b/cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_consul.conf deleted file mode 100644 index e8cd7cc..0000000 --- a/cookbooks/fluentd/files/etc/td-agent/conf.d/forwarder_consul.conf +++ /dev/null @@ -1,30 +0,0 @@ - - @type tail - path /var/log/supervisor/consul.log - pos_file /var/log/td-agent/consul.pos - format /^( (?