From b591e78553e732013c535512b21b9e1493e9ef22 Mon Sep 17 00:00:00 2001 From: Yanis Guenane Date: Wed, 4 Feb 2015 03:49:30 -0500 Subject: [PATCH] Enable HA on monitoring infrastructure This commit aims to allow the loadbalancing for both the Sensu API and the Sensu dashboard(Uchiwa). Change-Id: I1b047919552c7e248d785acaad7154b75d7bde38 --- manifests/loadbalancer.pp | 49 +++++++++++++++++ manifests/monitoring/server/sensu.pp | 79 ++++++++++++++++++++++++---- 2 files changed, 118 insertions(+), 10 deletions(-) diff --git a/manifests/loadbalancer.pp b/manifests/loadbalancer.pp index ac98a0f4..f5d4e495 100644 --- a/manifests/loadbalancer.pp +++ b/manifests/loadbalancer.pp @@ -199,6 +199,20 @@ # If set to false, no binding will be configure. # Defaults to false # +# [*sensu_dashboard*] +# (optional) Enable or not sensu_dashboard binding. +# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false. +# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options. +# If set to false, no binding will be configure. +# Defaults to true +# +# [*sensu_api*] +# (optional) Enable or not sensu_api binding. +# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false. +# If set to ['10.0.0.1'], only IP in the array (or in the string) will be configured in the pool. They must be part of keepalived_ip options. +# If set to false, no binding will be configure. +# Defaults to true +# # [*keystone_api_admin*] # (optional) Enable or not Keystone admin binding. # If true, both public and internal will attempt to be created except if vip_internal_ip is set to false. @@ -328,6 +342,16 @@ # service configuration block. # Defaults to [] # +# [*sensu_dashboard_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# +# [*sensu_api_bind_options*] +# (optional) A hash of options that are inserted into the HAproxy listening +# service configuration block. +# Defaults to [] +# # [*galera_bind_options*] # (optional) A hash of options that are inserted into the HAproxy listening # service configuration block. @@ -420,6 +444,13 @@ # [*kibana_port*] # (optional) Port of Kibana service. # Defaults to '8300' +# [*sensu_dashboard_port*] +# (optional) Port of Sensu Dashboard service. +# Defaults to '3000' +# +# [*sensu_api_port*] +# (optional) Port of Sensu API service. +# Defaults to '4567' # # [*vip_public_ip*] # (optional) Array or string for public VIP @@ -471,6 +502,8 @@ class cloud::loadbalancer( $novnc = true, $elasticsearch = true, $kibana = true, + $sensu_dashboard = true, + $sensu_api = true, $haproxy_auth = 'admin:changeme', $keepalived_state = 'BACKUP', $keepalived_priority = '50', @@ -504,6 +537,8 @@ class cloud::loadbalancer( $galera_bind_options = [], $elasticsearch_bind_options = [], $kibana_bind_options = [], + $sensu_dashboard_bind_options = [], + $sensu_api_bind_options = [], $ks_ceilometer_public_port = 8777, $ks_cinder_public_port = 8776, $ks_ec2_public_port = 8773, @@ -526,6 +561,8 @@ class cloud::loadbalancer( $novnc_port = 6080, $elasticsearch_port = 9200, $kibana_port = 8300, + $sensu_dashboard_port = 3000, + $sensu_api_port = 4567, $vip_public_ip = ['127.0.0.1'], $vip_internal_ip = false, $vip_monitor_ip = false, @@ -664,6 +701,18 @@ class cloud::loadbalancer( bind_options => $metadata_bind_options, firewall_settings => $firewall_settings, } + cloud::loadbalancer::binding { 'sensu_dashboard': + ip => $sensu_dashboard, + port => $sensu_dashboard_port, + bind_options => $sensu_dashboard_bind_options, + firewall_settings => $firewall_settings, + } + cloud::loadbalancer::binding { 'sensu_api': + ip => $sensu_api, + port => $sensu_api_port, + bind_options => $sensu_api_bind_options, + firewall_settings => $firewall_settings, + } cloud::loadbalancer::binding { 'spice_cluster': ip => $spice, port => $spice_port, diff --git a/manifests/monitoring/server/sensu.pp b/manifests/monitoring/server/sensu.pp index 21f2ec97..5c3828b0 100644 --- a/manifests/monitoring/server/sensu.pp +++ b/manifests/monitoring/server/sensu.pp @@ -44,6 +44,11 @@ # } # } # +# [*manage_rabbitmq_resources*] +# (optionnal) A boolean that determines if the RabbitMQ resources should be exported +# from this node +# Defaults to 'true' +# # [*rabbitmq_user*] # (optionnal) Rabbitmq user # Defaults to 'sensu' @@ -56,31 +61,56 @@ # (optionnal) Rabbitmq vhost # Defaults to '/sensu' # +# [*sensu_api_ip*] +# (optionnal) IP address to bind the sensu_api to +# Defaults to '%{::ipaddress}' +# +# [*sensu_api_port*] +# (optionnal) Port to bind the sensu_api to +# Defaults to '4567' +# # [*uchiwa_ip*] # (optionnal) IP address to bind uchiwa to # Defaults to '%{::ipaddress}' +# +# [*uchiwa_port*] +# (optionnal) Port to bind uchiwa to +# Defaults to '3000' +# +# [*firewall_settings*] +# (optional) Allow to add custom parameters to firewall rules +# Should be an hash. +# Default to {} +# class cloud::monitoring::server::sensu ( $checks = {}, $handlers = {}, $plugins = {}, + $manage_rabbitmq_resources = true, $rabbitmq_user = 'sensu', $rabbitmq_password = 'rabbitpassword', $rabbitmq_vhost = '/sensu', + $sensu_api_ip = $::ipaddress, + $sensu_api_port = '4567', $uchiwa_ip = $::ipaddress, + $uchiwa_port = '3000', + $firewall_settings = {}, ) { include cloud::params - @@rabbitmq_user { $rabbitmq_user : - password => $rabbitmq_password, - } - @@rabbitmq_vhost { $rabbitmq_vhost : - ensure => present, - } - @@rabbitmq_user_permissions { "${rabbitmq_user}@${rabbitmq_vhost}" : - configure_permission => '.*', - read_permission => '.*', - write_permission => '.*', + if $manage_rabbitmq_resources { + @@rabbitmq_user { $rabbitmq_user : + password => $rabbitmq_password, + } + @@rabbitmq_vhost { $rabbitmq_vhost : + ensure => present, + } + @@rabbitmq_user_permissions { "${rabbitmq_user}@${rabbitmq_vhost}" : + configure_permission => '.*', + read_permission => '.*', + write_permission => '.*', + } } $rabbitmq_user_realized = query_nodes("Rabbitmq_user['${rabbitmq_user}']") @@ -100,6 +130,35 @@ class cloud::monitoring::server::sensu ( include ::uchiwa uchiwa::api { 'OpenStack' : host => $uchiwa_ip, + port => $uchiwa_port, + } + + if $::cloud::manage_firewall { + cloud::firewall::rule{ '100 allow sensu_dashboard access': + port => $uchiwa_port, + extras => $firewall_settings, + } + + cloud::firewall::rule{ '100 allow sensu_api access': + port => $sensu_api_port, + extras => $firewall_settings, + } + } + + @@haproxy::balancermember{"${::fqdn}-sensu_dashboard": + listening_service => 'sensu_dashoard', + server_names => $::hostname, + ipaddresses => $uchiwa_ip, + ports => $uchiwa_port, + options => 'check inter 2000 rise 2 fall 5' + } + + @@haproxy::balancermember{"${::fqdn}-sensu_api": + listening_service => 'sensu_api', + server_names => $::hostname, + ipaddresses => $sensu_api_ip, + ports => $sensu_api_port, + options => 'check inter 2000 rise 2 fall 5' } }