[MediaWiki-commits] [Gerrit] operations/puppet[production]: Add NRPE check to monitor timesyncd

Fri, 06 Jan 2017 03:51:07 -0800 

Muehlenhoff has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/330854 )

Change subject: Add NRPE check to monitor timesyncd
......................................................................


Add NRPE check to monitor timesyncd

This reuses an existing Nagios check implemented by Peter Palfrader of the
Debian DSA team.

Bug: T150257
Change-Id: Ia86161e0a57a7670da5787ef50a8e4f8e4ae1998
---
A modules/base/files/check_timedatectl
M modules/standard/manifests/ntp/timesyncd.pp
2 files changed, 76 insertions(+), 1 deletion(-)

Approvals:
  Ema: Looks good to me, but someone else must approve
  Muehlenhoff: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/modules/base/files/check_timedatectl 
b/modules/base/files/check_timedatectl
new file mode 100755
index 0000000..700d857
--- /dev/null
+++ b/modules/base/files/check_timedatectl
@@ -0,0 +1,61 @@
+#!/bin/bash
+
+# Copyright 2016 Peter Palfrader
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+
+set -e
+set -u
+
+MAX=2
+
+temp="$(mktemp)"
+trap "rm -f '$temp'" EXIT
+
+timedatectl > "$temp"
+ut=$(sed '/Universal time:/ { s/^[^:]*: *//; p}; d' "$temp")
+rtc=$(sed '/RTC time:/ { s/^[^:]*: *//; p}; d' "$temp")
+
+uts=$(date -d "$ut" +%s)
+rtcs=$(date -d "$rtc" +%s)
+
+d=$((uts - rtcs))
+
+if [ "$d" -lt "-$MAX" ] ||
+   [ "$d" -gt "$MAX" ]; then
+       echo "Warning: time desync $d: RTC vs. system time: $rtc vs. $ut"
+       exit 1
+fi
+
+
+bool=$(sed '/NTP enabled:/ { s/^[^:]*: *//; p}; d' "$temp")
+if [ "$bool" != "yes" ]; then
+       echo "Warning: NTP not enabled!"
+       exit 1
+fi
+
+bool=$(sed '/NTP synchronized:/ { s/^[^:]*: *//; p}; d' "$temp")
+if [ "$bool" != "yes" ]; then
+       echo "Warning: not synced with NTP (but clock is OK for now)."
+       exit 1
+fi
+
+echo "OK: synced at $ut."
diff --git a/modules/standard/manifests/ntp/timesyncd.pp 
b/modules/standard/manifests/ntp/timesyncd.pp
index 50b3958..3044f35 100644
--- a/modules/standard/manifests/ntp/timesyncd.pp
+++ b/modules/standard/manifests/ntp/timesyncd.pp
@@ -32,5 +32,19 @@
         provider => systemd,
         enable   => true,
     }
-}
 
+    file { '/usr/lib/nagios/plugins/check_timedatectl':
+        source => 'puppet:///modules/base/check_timedatectl',
+        owner  => 'root',
+        group  => 'root',
+        mode   => '0555',
+    }
+
+    nrpe::monitor_service { 'timesynd_ntp_status':
+        ensure        => 'present',
+        description   => 'Check the NTP synchronisation status of timesyncd',
+        nrpe_command  => '/usr/lib/nagios/plugins/check_timedatectl',
+        require       => File['/usr/lib/nagios/plugins/check_timedatectl'],
+        contact_group => 'admins',
+    }
+}

-- 
To view, visit https://gerrit.wikimedia.org/r/330854
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Ia86161e0a57a7670da5787ef50a8e4f8e4ae1998
Gerrit-PatchSet: 3
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Muehlenhoff <mmuhlenh...@wikimedia.org>
Gerrit-Reviewer: Ema <e...@wikimedia.org>
Gerrit-Reviewer: Muehlenhoff <mmuhlenh...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to