The Puppet Labs Issue Tracker has Moved: https://tickets.puppetlabs.com

Monit Recipe

Introduction

I’m building a library of Monit for my system.

To use, in my node, I do:

    include monit
    monit::package { "rsyslog": }

drmikecrowe

Recipe

Put in modules/monit/manifests/init.pp:

class monit {
    $configdir = "/etc/monit.d"
    case $operatingsystem {
        'Ubuntu': { $config = "/etc/monitrc" }
        'CentOS': { $config = "/etc/monit.conf" }
        default: { fail("\$operatingsystem of ${fqdn} is not recognized ( '${operatingsystem}' ). ") }
    }

    $monitrc = "monit/monitrc.erb"

    package {
        "monit": ensure => installed;
    }

    service { monit:
        ensure => running,
        require => Package["monit"],
        provider => init;
    }

    file { 
        $configdir:
            ensure => directory;
        $config:
            ensure => present,
            content => template($monitrc),
            group => root,
            require => File[$configdir],
            notify => Service[monit],
            mode => 0700;
    }    
}

define monit::package()
{
    file { $name:
            path => "$monit::configdir/${name}.conf",
            ensure => present,
            content => template("monit/${name}.conf.erb"),
            group => root,
            require => File[$monit::configdir],
            notify => Service[monit],
            mode => 0700;
    }
}

monitrc Config File

  • NOTE: I probably didn’t need to go this far, but I put individual configs in monit.d, and I wanted to insure I had a core monitrc.

Put in modules/monit/templates/monitrc.erb:

set daemon  120
set mailserver MYMAILSERVER,
        USERNAME "MYMAILUSERNAME" PASSWORD "MYMAILPASSWORD"

include /etc/monit.d/*

Config Files for various Packages

Apache

Put in modules/monit/templates/apache2.conf.erb:

check process apache with pidfile /var/run/apache2.pid
   group www
   start program = "/etc/init.d/apache2 start"
   stop  program = "/etc/init.d/apache2 stop"
   #if failed host 192.168.1.1 port 80 
   #     protocol HTTP request /monit/token then restart
   #if failed host 192.168.1.1 port 443 type TCPSSL 
   #     certmd5 12-34-56-78-90-AB-CD-EF-12-34-56-78-90-AB-CD-EF
   #     protocol HTTP request /monit/token  then restart
   if 5 restarts within 5 cycles then timeout
   depends on apache_bin
   depends on apache_rc

check file apache_bin with path /usr/sbin/apache2
   group www
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor

check file apache_rc with path /etc/init.d/apache2
   group www
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor

Exim4

Put in modules/monit/templates/exim4.conf.erb:

check process exim with pidfile /var/run/exim4/exim.pid
   group mail
   start program = "/etc/init.d/exim4 start"
   stop  program = "/etc/init.d/exim4 stop"
   if failed port 25 protocol smtp then restart
   if 5 restarts within 5 cycles then timeout
   depends on exim_bin
   depends on exim_rc

check file exim_bin with path /usr/sbin/exim
   group mail
   if failed checksum then unmonitor
   if failed permission 4755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor

check file exim_rc with path /etc/init.d/exim4
   group mail
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor

MySQL

Put in modules/monit/templates/mysql.conf.erb:

check process mysql with pidfile /var/run/mysqld/mysqld.pid
   group database
   start program = "/etc/init.d/mysql start"
   stop program = "/etc/init.d/mysql stop"
   if failed host 127.0.0.1 port 3306 protocol mysql then restart
   if 5 restarts within 5 cycles then timeout
   depends on mysql_bin
   depends on mysql_rc

 check file mysql_bin with path /usr/sbin/mysqld
   group database
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor

 check file mysql_rc with path /etc/init.d/mysql
   group database
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor

rsyslog

Put in modules/monit/templates/rsyslog.conf.erb:

check process syslogd with pidfile /var/run/rsyslogd.pid
   start program = "/etc/init.d/rsyslog start"
   stop program = "/etc/init.d/rsyslog stop"
   if 5 restarts within 5 cycles then timeout

ssh

Put in modules/monit/templates/sshd.conf.erb:

check process sshd with pidfile /var/run/sshd.pid
   start program  "/etc/init.d/<%= sshdaemon %> start"
   stop program  "/etc/init.d/<%= sshdaemon %> stop"
   if failed port <%= ssh_port %> protocol ssh then restart
   if 5 restarts within 5 cycles then timeout

webmin

Put in modules/monit/templates/webmin.conf.erb:

check process webmin with pidfile /var/webmin/miniserv.pid
   start program  "/etc/init.d/webmin start"
   stop program  "/etc/init.d/webmin stop"
   if 5 restarts within 5 cycles then timeout