Install and configure the monit monitoring utility.
aspects_monit uses package repositories when possible. Updating to the latest version of monit is done by copying the latest monit excutable over the installed version.
This means that if you want to keep using the old way of installing it in /opt/monit, or you use a non-RedHat or non-Debian distro, you will need to set these new variables:
aspects_monit_run_manual_installaspects_monit_use_manual_tasks
OracleLinux has monit in the ol7_developer_EPEL repository. This role will install the oracle-epel-release-el7 package
before it tries to install monit.
Set hash_behaviour=merge in your ansible.cfg file.
See the template file for how these are used.
aspects_monit_check_intervalaspects_monit_start_delayaspects_monit_logfileaspects_monit_idfileaspects_monit_statefileaspects_monit_mailserveraspects_monit_eventqueueaspects_monit_mmonitaspects_monit_mail_formataspects_monit_alert_recipientsaspects_monit_web_serveraspects_monit_remote_probesaspects_monit_local_probes
Enable or disable the aspects_monit role.
Default is False.
Set to True if you want to use this role.
The name of the monit executable.
Default is monit. Only change this if you really need to.
Install using the OS package manager.
Default is True. Set to False if you are using a different method of installation, or you do not want to run the package manager tasks every time the role is played.
Overwrite the OS executable with a file copied from your system. Use this to update Monit when the OS repositories are farther behind the current release version than you need.
Default is False.
Set to True to run the update tasks.
This is the path, relative to your inventory file, to the updated monit executable you want to overwrite what is on your remote host.
Default is files/monit/bin/monit. Since decompressing the monit binary tar creates a monit directory with the excutable in bin/monit.
If your inventory file is at /home/user/project/inventory and your monit excutable is at /home/user/project/files/monit/monit, then set aspects_monit_update_ecutable_relative_path to files/monit/monit.
This is the absolute path on your remote host that is returned by which monit.
Default is /usr/bin/monit.
Only change it if which monit returns something other than /usr/bin/monit.
Path to the htpasswd file you wish to use.
Default: /etc/monit/htpasswd
Note: You need the
python-passliborpython3-passlibpackages installed before you can use the httpasswd Ansible module. That is why the packages are added via aspects_packages in defaults/main.yml.
A dictionary/hash of users to place in the htpasswd file.
Default is undefined.
Use this pattern:
aspects_monit_htpasswd_users:
<item key>:
state: <present or absent>
crypt_scheme: <valid scheme from the htpasswd Ansible module>
username: <username>
password: <password>I suggest placing the password in an encrypted file, or a file outside of your version control system.
Read the Monit documentation about how it works with htpasswd files.
Read the Ansible documenation on the htpasswd module.
Note: While testing, I had some segfaults using an encrypted password. Plain text worked just fine.
If you need to test ldap servers, a very basic bind script can be generated by the ldaptest.sh.j2 template.
Set aspects_monit_use_ldap_test: True to install it.
Look at the template to see how the variables are used.
Make sure the ldapsearch command is available.
---
# Configure Monit
aspects_monit_enabled: True
aspects_monit_run_install: True
aspects_monit_run_update: True
aspects_monit_update_excutable_relative_path: files/monit/bin/monit
aspects_monit_update_excutable_destination: /usr/bin/monit
aspects_monit_mmonit: ""
#aspects_monit_mmonit: "set mmonit http://mmonit/collector"
aspects_monit_check_interval: "60"
aspects_monit_logfile: "syslog facility log_daemon"
aspects_monit_mailserver: "localhost"
aspects_monit_alert_recipients:
reagand: "you@example.tld"
aspects_monit_web_server: |
set httpd
port 2812
use address {{ ansible_fqdn }}
allow localhost
allow 127.0.0.1
allow 192.168.0.15
allow 192.168.88.200
allow 10.152.10.100
aspects_monit_local_probes:
localresources: |
check system {{ ansible_hostname }}
if loadavg (1min) > 10 for 3 times within 5 cycles then alert
if loadavg (5min) > 6 for 3 times within 5 cycles then alert
if memory usage > 82% for 3 times within 5 cycles then alert
if swap usage > 15% for 3 times within 5 cycles then alert
if cpu usage (user) > 70% for 3 times within 5 cycles then alert
if cpu usage (system) > 30% for 3 times within 5 cycles then alert
if cpu usage (wait) > 20% for 3 times within 5 cycles then alert
not every "* 1-2 * * *" ---
# Configure Monit
aspects_monit_enabled: True
aspects_monit_run_install: False
aspects_monit_run_manual_install: True
aspects_monit_use_manual_tasks: True
aspects_monit_run_update: False
aspects_monit_update_excutable_relative_path: files/monit/bin/monit
aspects_monit_update_excutable_destination: /usr/bin/monit
aspects_monit_mmonit: ""
#aspects_monit_mmonit: "set mmonit http://mmonit/collector"
aspects_monit_check_interval: "60"
aspects_monit_logfile: "syslog facility log_daemon"
aspects_monit_mailserver: "localhost"
aspects_monit_alert_recipients:
reagand: "you@example.tld"
aspects_monit_web_server: |
set httpd
port 2812
use address {{ ansible_fqdn }}
allow localhost
allow 127.0.0.1
allow 192.168.0.15
allow 192.168.88.200
allow 10.152.10.100
aspects_monit_local_probes:
localresources: |
check system {{ ansible_hostname }}
if loadavg (1min) > 10 for 3 times within 5 cycles then alert
if loadavg (5min) > 6 for 3 times within 5 cycles then alert
if memory usage > 82% for 3 times within 5 cycles then alert
if swap usage > 15% for 3 times within 5 cycles then alert
if cpu usage (user) > 70% for 3 times within 5 cycles then alert
if cpu usage (system) > 30% for 3 times within 5 cycles then alert
if cpu usage (wait) > 20% for 3 times within 5 cycles then alert
not every "* 1-2 * * *" - hosts:
- vm.redhat.lab
- vm.nichedistro.lab
roles:
- aspects_monitMIT