Monitoring-Automatisierung mit Ansible

/ Ansible, Icinga / Von

Installation von Ansible

dnf install ansible

Installation des Icinga T-Systems-Modul

ansible-galaxy collection install t_systems_mms.icinga_director

ansible.cfg

[defaults]
inventory      = /opt/ansible
ask_pass = False
host_key_checking = False
gathering = explicit

[inventory]

[privilege_escalation]

[paramiko_connection]

[ssh_connection]

[persistent_connection]
command_timeout = 180
connect_timeout = 100
connect_retry_timeout = 100

[accelerate]

[selinux]

[colors]


[diff]

In der Datei icinga_vars erstelle ich die Hostvariablen. Soll für das Monitoring ein neuer Server eingerichtet werden, muss nur diese Datei bearbeitet werden. Ich habe das ganze kundenspezifisch(Mandanten) aufgebaut. Deshalb erhält jeder Kunde eine ID. Diese ID findet sich zum einen in den Hostnamen wieder, sodass sich diese leicht gruppieren lassen. Zum anderen ist die ID das 3. Oktett der IP-Adresse. Damit hat jeder Kunde sein eigenes Netzwerk an der Firewall und man ist damit flexibler in der Adressierung.

id: 1
id_ort: BlaBlubLand
virthost: servervm01


domaincontroller:
  - name: server{{ id }}dc1
    ip: 192.168.{{ id }}.31
    os: Windows
    host: Running on {{ virthost }}

fileserver:
  - name: server{{ id }}fs1
    ip: 192.168.{{ id }}.51
    os: Windows
    host: Running on {{ virthost }}

database:
  - name: server{{ id }}db1
    ip: 192.168.{{ id }}.61
    os: Linux
    host: Running on {{ virthost }}
  - name: vberk{{ id }}db2
    ip: 192.168.{{ id }}.62
    os: Linux
    host: Running on {{ virthost }}

Hier nun das eigentliche Playbook icinga.yml

- name: Konfiguration Icinga Monitoring
  hosts: localhost
  collections:
    - T_Systems_MMS.icinga-director
  vars:
    icinga_url: http://ICINGA_IP_ADDRESS/icingaweb2
    icinga_user: USERNAME
    icinga_pass: PASSWORD
  vars_files:
    - /opt/ansible/icinga_vars

  tasks:

    - name: Create host template
      t_systems_mms.icinga_director.icinga_host_template:
        state: present
        url: "{{ icinga_url }}"
        url_username: "{{ icinga_user }}"
        url_password: "{{ icinga_pass }}"
        accept_config: true
        check_command: hostalive
        check_interval: 90s
        check_timeout: 60
        command_endpoint: icinga2.domain.local
        disabled: false
        display_name: Windows-Server-Template
        enable_active_checks: true
        enable_event_handler: false
        enable_flapping: false
        enable_notifications: false
        enable_passive_checks: true
        enable_perfdata: true
        has_agent: false
        icon_image: "windows.png"
        master_should_connect: true
        max_check_attempts: 3
        object_name: Windows-Server-Template
        retry_interval: "1m"
        volatile: false
        imports:
          - ''
        vars:
          dnscheck: "no"

    - name: Create host template
      t_systems_mms.icinga_director.icinga_host_template:
        state: present
        url: "{{ icinga_url }}"
        url_username: "{{ icinga_user }}"
        url_password: "{{ icinga_pass }}"
        accept_config: true
        check_command: hostalive
        check_interval: 90s
        check_timeout: 60
        command_endpoint: icinga2.domain.local
        disabled: false
        display_name: Linux-Server-Template
        enable_active_checks: true
        enable_event_handler: false
        enable_flapping: false
        enable_notifications: false
        enable_passive_checks: true
        enable_perfdata: true
        has_agent: false
        icon_image: "linux.png"
        master_should_connect: true
        max_check_attempts: 3
        object_name: Linux-Server-Template
        retry_interval: "1m"
        volatile: false
        imports:
          - ''
        vars:
          dnscheck: "no"


    - name: Erstelle Hostgroup {{ id_ort }} in Icinga
      t_systems_mms.icinga_director.icinga_hostgroup:
        state: present
        url: "{{ icinga_url }}"
        url_username: "{{ icinga_user }}"
        url_password: "{{ icinga_pass }}"
        object_name: "{{ id_ort }}"
        display_name: "{{ id_ort }}"

    - name: Erstelle Hostgroup Windows in Icinga
      t_systems_mms.icinga_director.icinga_hostgroup:
        state: present
        url: "{{ icinga_url }}"
        url_username: "{{ icinga_user }}"
        url_password: "{{ icinga_pass }}"
        object_name: "Windows"
        display_name: "Windows"

    - name: Erstelle Hostgroup Linux in Icinga
      t_systems_mms.icinga_director.icinga_hostgroup:
        state: present
        url: "{{ icinga_url }}"
        url_username: "{{ icinga_user }}"
        url_password: "{{ icinga_pass }}"
        object_name: "Linux"
        display_name: "Linux"

    - name: Erstelle Domaincontroller Host server{{ id }}dc1 in Icinga
      t_systems_mms.icinga_director.icinga_host:
        state: present
        url: "{{ icinga_url }}"
        url_username: "{{ icinga_user }}"
        url_password: "{{ icinga_pass }}"
        object_name: "{{ item.name }}"
        address: "{{ item.ip }}"
        display_name: "{{ item.name }}"
        groups:
          - "{{ item.os }}"
          - "{{ id_ort }}"
        imports:
          - "{{ item.os }}-Server-Template"
        vars:
          dnscheck: "no"
      loop: "{{ domaincontroller }}"

    - name: Erstelle Datenbank Host server{{ id }}db in Icinga
      t_systems_mms.icinga_director.icinga_host:
        state: present
        url: "{{ icinga_url }}"
        url_username: "{{ icinga_user }}"
        url_password: "{{ icinga_pass }}"
        object_name: "{{ item.name }}"
        address: "{{ item.ip }}"
        display_name: "{{ item.name }}"
        groups:
          - "{{ item.os }}"
          - "{{ id_ort }}"
        imports:
          - "{{ item.os }}-Server-Template"
        vars:
          dnscheck: "no"
      loop: "{{ database }}"

    - name: Erstelle Fileserver Host server{{ id }}fs in Icinga
      t_systems_mms.icinga_director.icinga_host:
        state: present
        url: "{{ icinga_url }}"
        url_username: "{{ icinga_user }}"
        url_password: "{{ icinga_pass }}"
        object_name: "{{ item.name }}"
        address: "{{ item.ip }}"
        display_name: "{{ item.name }}"
        groups:
          - "{{ item.os }}"
          - "{{ id_ort }}"
        imports:
          - "{{ item.os }}-Server-Template"
        vars:
          dnscheck: "no"
      loop: "{{ fileserver }}"