opendev/system-config
Code Issues Proposed changes

Split out snmpd module

Browse Source 
Change-Id: I302f0d13e0fc3d773d1c69b527c2b86b6eab39d6
This commit is contained in:
Ramy Asselin 2015-01-28 13:01:33 -08:00 committed by Joshua Hesketh
parent e7944179af
commit cb51f85a66
5 changed files with 1 additions and 358 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
modules.env
View File

@ -66,6 +66,7 @@ INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-gerrit"]="
INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-gerritbot"]="origin/master" INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-gerritbot"]="origin/master"
INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-graphite"]="origin/master" INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-graphite"]="origin/master"
INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-packagekit"]="origin/master" INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-packagekit"]="origin/master"
INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-snmpd"]="origin/master"
INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-ssl_cert_check"]="origin/master" INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-ssl_cert_check"]="origin/master"
INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-statusbot"]="origin/master" INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-statusbot"]="origin/master"
INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-storyboard"]="origin/master" INTEGRATION_MODULES["https://git.openstack.org/openstack-infra/puppet-storyboard"]="origin/master"

195
modules/snmpd/files/snmpd.conf
View File

@ -1,195 +0,0 @@
# This file is managed by puppet.
###############################################################################
#
# EXAMPLE.conf:
# An example configuration file for configuring the Net-SNMP agent ('snmpd')
# See the 'snmpd.conf(5)' man page for details
#
# Some entries are deliberately commented out, and will need to be explicitly activated
#
###############################################################################
#
# AGENT BEHAVIOUR
#
# Listen for connections from the local system only
#agentAddress udp:127.0.0.1:161
# Listen for connections on all interfaces (both IPv4 *and* IPv6)
#agentAddress udp:161,udp6:[::1]:161
###############################################################################
#
# SNMPv3 AUTHENTICATION
#
# Note that these particular settings don't actually belong here.
# They should be copied to the file /var/lib/snmp/snmpd.conf
# and the passwords changed, before being uncommented in that file *only*.
# Then restart the agent
# createUser authOnlyUser MD5 "remember to change this password"
# createUser authPrivUser SHA "remember to change this one too" DES
# createUser internalUser MD5 "this is only ever used internally, but still change the password"
# If you also change the usernames (which might be sensible),
# then remember to update the other occurances in this example config file to match.
###############################################################################
#
# ACCESS CONTROL
#
# system + hrSystem groups only
view systemonly included .1.3.6.1.2.1.1
view systemonly included .1.3.6.1.2.1.25.1
# Full access from the local host
#rocommunity public localhost
# Default access to basic system info
rocommunity public default
# Full access from an example network
# Adjust this network address to match your local
# settings, change the community string,
# and check the 'agentAddress' setting above
#rocommunity secret 10.0.0.0/16
# Full read-only access for SNMPv3
# rouser authOnlyUser
# Full write access for encrypted requests
# Remember to activate the 'createUser' lines above
#rwuser authPrivUser priv
# It's no longer typically necessary to use the full 'com2sec/group/access' configuration
# r[ou]user and r[ow]community, together with suitable views, should cover most requirements
###############################################################################
#
# SYSTEM INFORMATION
#
# Note that setting these values here, results in the corresponding MIB objects being 'read-only'
# See snmpd.conf(5) for more details
sysLocation Sitting on the Dock of the Bay
sysContact Me <me@example.org>
# Application + End-to-End layers
sysServices 72
#
# Process Monitoring
#
# At least one 'mountd' process
proc mountd
# No more than 4 'ntalkd' processes - 0 is OK
proc ntalkd 4
# At least one 'sendmail' process, but no more than 10
proc sendmail 10 1
# Walk the UCD-SNMP-MIB::prTable to see the resulting output
# Note that this table will be empty if there are no "proc" entries in the snmpd.conf file
#
# Disk Monitoring
#
# 10MBs required on root disk, 5% free on /var, 10% free on all other disks
disk / 10000
disk /var 5%
includeAllDisks 10%
# Walk the UCD-SNMP-MIB::dskTable to see the resulting output
# Note that this table will be empty if there are no "disk" entries in the snmpd.conf file
#
# System Load
#
# Unacceptable 1-, 5-, and 15-minute load averages
load 12 10 5
# Walk the UCD-SNMP-MIB::laTable to see the resulting output
# Note that this table *will* be populated, even without a "load" entry in the snmpd.conf file
###############################################################################
#
# ACTIVE MONITORING
#
# send SNMPv1 traps
# trapsink localhost public
# send SNMPv2c traps
#trap2sink localhost public
# send SNMPv2c INFORMs
#informsink localhost public
# Note that you typically only want *one* of these three lines
# Uncommenting two (or all three) will result in multiple copies of each notification.
#
# Event MIB - automatically generate alerts
#
# Remember to activate the 'createUser' lines above
#iquerySecName internalUser
#rouser internalUser
# generate traps on UCD error conditions
#defaultMonitors yes
# generate traps on linkUp/Down
#linkUpDownNotifications yes
###############################################################################
#
# EXTENDING THE AGENT
#
#
# Arbitrary extension commands
#
# extend test1 /bin/echo Hello, world!
# extend-sh test2 echo Hello, world! ; echo Hi there ; exit 35
#extend-sh test3 /bin/sh /tmp/shtest
# Note that this last entry requires the script '/tmp/shtest' to be created first,
# containing the same three shell commands, before the line is uncommented
# Walk the NET-SNMP-EXTEND-MIB tables (nsExtendConfigTable, nsExtendOutput1Table
# and nsExtendOutput2Table) to see the resulting output
# Note that the "extend" directive supercedes the previous "exec" and "sh" directives
# However, walking the UCD-SNMP-MIB::extTable should still returns the same output,
# as well as the fuller results in the above tables.
#
# "Pass-through" MIB extension command
#
#pass .1.3.6.1.4.1.8072.2.255 /bin/sh PREFIX/local/passtest
#pass .1.3.6.1.4.1.8072.2.255 /usr/bin/perl PREFIX/local/passtest.pl
# Note that this requires one of the two 'passtest' scripts to be installed first,
# before the appropriate line is uncommented.
# These scripts can be found in the 'local' directory of the source distribution,
# and are not installed automatically.
# Walk the NET-SNMP-PASS-MIB::netSnmpPassExamples subtree to see the resulting output
#
# AgentX Sub-agents
#
# Run as an AgentX master agent
# master agentx
# Listen for network connections (from localhost)
# rather than the default named socket /var/agentx/master
#agentXSocket tcp:localhost:705

102
modules/snmpd/files/snmpd.init
View File

@ -1,102 +0,0 @@
#! /bin/sh -e
### BEGIN INIT INFO
# Provides: snmpd snmptrapd
# Required-Start: $network $remote_fs $syslog
# Required-Stop: $network $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: SNMP agents
# Description: NET SNMP (Simple Network Management Protocol) Agents
### END INIT INFO
#
# Author: Jochen Friedrich <jochen@scram.de>
#
set -e
. /lib/lsb/init-functions
export PATH=/sbin:/usr/sbin:/bin:/usr/bin
test -x /usr/sbin/snmpd || exit 0
test -x /usr/sbin/snmptrapd || exit 0
# Defaults
export MIBDIRS=/usr/share/mibs/site:/usr/share/snmp/mibs:/usr/share/mibs/iana:/usr/share/mibs/ietf:/usr/share/mibs/netsnmp
SNMPDRUN=yes
SNMPDOPTS='-Lsd -Lf /dev/null -p /var/run/snmpd.pid'
TRAPDRUN=no
TRAPDOPTS='-Lsd -p /var/run/snmptrapd.pid'
# Reads config file (will override defaults above)
[ -r /etc/default/snmpd ] && . /etc/default/snmpd
# Cd to / before starting any daemons.
cd /
# Create compatibility link to old AgentX socket location
if [ "$SNMPDCOMPAT" = "yes" ] && [ "$1" != status ]; then
ln -sf /var/agentx/master /var/run/agentx
fi
case "$1" in
start)
log_daemon_msg "Starting network management services:"
if [ "$SNMPDRUN" = "yes" -a -f /etc/snmp/snmpd.conf ]; then
start-stop-daemon --quiet --start --oknodo --exec /usr/sbin/snmpd \
-- $SNMPDOPTS
log_progress_msg " snmpd"
fi
if [ "$TRAPDRUN" = "yes" -a -f /etc/snmp/snmptrapd.conf ]; then
start-stop-daemon --quiet --start --oknodo --exec /usr/sbin/snmptrapd \
-- $TRAPDOPTS
log_progress_msg " snmptrapd"
fi
;;
stop)
log_daemon_msg "Stopping network management services:"
start-stop-daemon --quiet --stop --oknodo --exec /usr/sbin/snmpd
log_progress_msg " snmpd"
start-stop-daemon --quiet --stop --oknodo --exec /usr/sbin/snmptrapd
log_progress_msg " snmptrapd"
;;
restart)
log_daemon_msg "Restarting network management services:"
start-stop-daemon --quiet --stop --oknodo --exec /usr/sbin/snmpd
start-stop-daemon --quiet --stop --oknodo --exec /usr/sbin/snmptrapd
# Allow the daemons time to exit completely.
sleep 2
if [ "$SNMPDRUN" = "yes" -a -f /etc/snmp/snmpd.conf ]; then
start-stop-daemon --quiet --start --exec /usr/sbin/snmpd -- $SNMPDOPTS
log_progress_msg " snmpd"
fi
if [ "$TRAPDRUN" = "yes" -a -f /etc/snmp/snmptrapd.conf ]; then
# Allow snmpd time to start up.
sleep 1
start-stop-daemon --quiet --start --exec /usr/sbin/snmptrapd -- $TRAPDOPTS
log_progress_msg " snmptrapd"
fi
;;
reload|force-reload)
log_daemon_msg "Reloading network management services:"
if [ "$SNMPDRUN" = "yes" -a -f /etc/snmp/snmpd.conf ]; then
start-stop-daemon --quiet --stop --signal 1 \
--pidfile /var/run/snmpd.pid --exec /usr/sbin/snmpd
log_progress_msg " snmpd"
fi
;;
status)
status=0
if [ "$SNMPDRUN" = "yes" -a -f /etc/snmp/snmpd.conf ]; then
status_of_proc /usr/sbin/snmpd snmpd || status=$?
fi
if [ "$TRAPDRUN" = "yes" -a -f /etc/snmp/snmptrapd.conf ]; then
status_of_proc /usr/sbin/snmptrapd snmptrapd || status=$?
fi
exit $status
;;
*)
echo "Usage: /etc/init.d/snmpd {start|stop|restart|reload|force-reload|status}"
exit 1
esac
exit 0

44
modules/snmpd/manifests/init.pp
View File

@ -1,44 +0,0 @@
# == Class: snmpd
#
class snmpd {
include snmpd::params
package { 'snmpd':
ensure => present,
name => $::snmpd::params::package_name,
}
service { 'snmpd':
ensure => running,
hasrestart => true,
require => File['/etc/snmp/snmpd.conf']
}
if ($::osfamily == 'Debian') {
# This file is only needed on machines pre-precise. There is a bug in
# the previous init script versions which causes them to attempt
# snmptrapd even if it's configured not to run, and then to report
# failure.
file { '/etc/init.d/snmpd':
ensure => present,
owner => 'root',
group => 'root',
mode => '0755',
source => 'puppet:///modules/snmpd/snmpd.init',
replace => true,
require => Package['snmpd'],
}
File['/etc/init.d/snmpd'] -> Service['snmpd']
}
file { '/etc/snmp/snmpd.conf':
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
source => 'puppet:///modules/snmpd/snmpd.conf',
replace => true,
}
}

17
modules/snmpd/manifests/params.pp
View File

@ -1,17 +0,0 @@
# Class: snmpd::params
#
# This class holds parameters that need to be
# accessed by other classes.
class snmpd::params {
case $::osfamily {
/^(RedHat|Suse)$/: {
$package_name = 'net-snmp'
}
'Debian': {
$package_name = 'snmpd'
}
default: {
fail("Unsupported osfamily: ${::osfamily} The 'snmpd' module only supports osfamily Debian, RedHat or SUSE (slaves only).")
}
}
}