[MediaWiki-commits] [Gerrit] operations/puppet[production]: WIP: icinga: add check_sysctl.sh script

Thu, 07 Sep 2017 11:54:53 -0700 

Herron has uploaded a new change for review. ( 
https://gerrit.wikimedia.org/r/376566 )

Change subject: WIP: icinga: add check_sysctl.sh script
......................................................................

WIP: icinga: add check_sysctl.sh script

Add check_sysctl.sh script to compare configured sysctl values
to running values.

Bug: T160060
Change-Id: I5c6aaa746e81d1733074a102e78372ac55a09901
---
A modules/icinga/files/check_sysctl.sh
1 file changed, 85 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/66/376566/1

diff --git a/modules/icinga/files/check_sysctl.sh 
b/modules/icinga/files/check_sysctl.sh
new file mode 100644
index 0000000..0618ea6
--- /dev/null
+++ b/modules/icinga/files/check_sysctl.sh
@@ -0,0 +1,85 @@
+#!/bin/bash
+#
+# check_sysctl.sh - check running sysctl values against configuration files
+# note: this will print only one mismatch to keep alert text concise
+# 2017 Keith Herron <kher...@wikimedia.org>
+
+# Command locations
+sysctl_cmd="/sbin/sysctl"
+
+function print_help() {
+  echo "
+    $0 - check sysctl config file(s) against running values
+
+    usage: $0 -f <file>
+
+    options:
+          -f  Required - Sysctl configuration file location(s).  To supply 
multiple
+              files use a space delimited list.
+          -h  Print this help text
+    "
+
+  exit 3
+}
+
+# Check that options were provided
+if [ $# -lt 1 ]; then
+  print_help
+fi
+
+# Gather options.  -f requres an argument -h does not.
+while getopts 'f:h' OPT; do
+  case $OPT in
+    f)  files=$OPTARG;;
+    h)  print_help;;
+    *)  print_help;;
+  esac
+done
+
+# Check if provided file(s) exist.
+for file in ${files}; do
+  if [ ! -r $file ]; then
+    echo "error: config file $file does not exist"
+    print_help
+    exit 1
+  fi
+done
+
+for file in ${files}; do
+
+  while read -r line; do
+
+    # Skip lines that do not begin with an alphanumeric
+    [[ "$line" =~ ^[:alnum:] ]] || continue
+
+    # Remove whitespace from line
+    line=${line//[[:space:]]/}
+
+    # Split line into key/val variables using = delimiter
+    configured_key=${line%=*};
+    configured_val=${line#*=};
+
+    running_val=`$sysctl_cmd -b "${configured_key}" 2>/dev/null`
+
+    if [ $running_val ]; then
+      if [ ${running_val} != ${configured_val} ]; then
+        echo -n "WARNING: "
+        echo "${configured_key}" running value ${running_val} does not match 
value of "${configured_val} configured in ${file}"
+        exit 1
+      else
+        matched=yes
+      fi
+    fi
+
+  done < "$file"
+
+done
+
+if [ $matched ]; then
+    echo -n "OK: "
+    echo "Running sysctl values match config file(s) $files"
+    exit 0
+else
+    echo "UNKNOWN: No entries in this file match matched running values.  Are 
you sure this is a sysctl config file?"
+    exit 3
+fi

-- 
To view, visit https://gerrit.wikimedia.org/r/376566
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I5c6aaa746e81d1733074a102e78372ac55a09901
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Herron <kher...@wikimedia.org>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to