secc_nrpe

pdk
Dieses Modul bietet eine teilweise Abdeckung der SoC Anforderungen für NRPE unter Linux.

T-Systems Multimedia Solutions GmbH

tsystemsmms

24,703 downloads

2,216 latest version

5.0 quality score

Version information

  • 3.2.0 (latest)
  • 3.1.0
  • 3.0.0
  • 2.1.1
released Oct 11th 2019
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.4.x
  • Puppet >= 4.9.4 < 7.0.0
  • RedHat
    ,
    CentOS

Start using this module

Documentation

tsystemsmms/secc_nrpe — version 3.2.0 Oct 11th 2019

AMCS SecC - NRPE Module

Build Status

Table of Contents

  1. Overview
  2. Module Description - What the module does and why it is useful
  3. Setup - The basics of getting started with [nrpe]
  4. Usage - Configuration options and additional functionality
  5. Reference - An under-the-hood peek at what the module is doing and how
  6. Limitations - OS compatibility, etc.
  7. Development - Guide for contributing to the module

Overview

This module provides a partial coverage of the SoC conditions for NRPE under Linux.

Module Description

This module installs and configures NRPE on a Linux system. Further it will define a separate nrpe user and create sudo rules in /etc/sudoers.d/nrpe,

Setup

What [nrpe] affects

  1. Templates
    • '/etc/nagios/nrpe.cfg'
    • '/etc/sudoers.d/nrpe'
  2. Packages
    • 'nrpe' (EPEL Repo has to be installed. Default for reponame is 'epel'.)
    • 'nagios-plugins-nrpe' (check_nrpe -> Test of SSL handshake)
  3. Services
    • 'nrpe' (The service will be restarted on configuration changes.)
  4. User / Groups
    • 'nrpe'
    • 'nagios'

Beginning with [nrpe]

  • for base configuration include the class secc_nrpe
  • sudo has to be installed beforehand

Usage

  • nrpe.cfg is placed in /etc/nagios/
  • nrpe is placed in /etc/sudoers.d/
  • if the NRPE user should run checks as root, set nrpe_must_be_root = true
  • 127.0.0.1 and 172.29.70.2 are default allowed_hosts in nrpe.cfg
  • if further allowed_hosts are needed, these can be specified in a list, eg. allowed_hosts => ['127.0.0.1', '192.168.0.1']
  • if server_addressis unspecified, the default IP (puppet-fact ipaddress) is used
  • the SSL handshake can be checked with /usr/lib64/nagios/plugins/check_nrpe <IP> (Expected result: NRPEvXX)

Reference

  1. Classes
    • secc_nrpe
    • secc_nrpe::user
    • secc_nrpe::install
    • secc_nrpe::config
    • secc_nrpe::permissions
    • secc_nrpe::service

Limitations

  • This module was tested with CentOS6 and CentOS7

Development

  • Please document changes within the module using git commits
  • Execution of tests: bundler install, bundler exec rake