#!/bin/bash # # priority: 850 # # Manage settings for the Zabbix installtion and # other monitor-related things # # Stephen Soltesz # Copyright (C) 2008 The Trustees of Princeton University # # $Id$ # # Source function library and configuration . /etc/plc.d/functions . /etc/planetlab/plc_config local_config=/etc/planetlab/configs/site.xml MONITORPATH=/usr/share/monitor # Be verbose set -x # Default locations PGDATA=/var/lib/pgsql/data postgresql_conf=$PGDATA/postgresql.conf pghba_conf=$PGDATA/pg_hba.conf # Export so that we do not have to specify -p to psql invocations export PGPORT=$PLC_DB_PORT ZABBIX_DB_USER="zabbixuser" ZABBIX_DB_NAME="zabbix" MONITOR_DB_USER="monitoruser" MONITOR_DB_NAME="monitor" WROTE_PG_CONFIG= if [ -z "$PLC_MONITOR_IP" ] ; then PLC_MONITOR_IP=$( gethostbyname $PLC_MONITOR_HOST ) fi function check_pg_hba () { NAME=$1 USER=$2 #### SETUP ACCESS to this user and database mkdir -p $PGDATA/pg_hba.conf.d CONF=$PGDATA/pg_hba.conf.d/${NAME}.conf if [ ! -f $CONF ] ; then echo "host $NAME $USER 127.0.0.1/32 password" > $CONF echo "host $NAME $USER $PLC_MONITOR_IP/32 password" >> $CONF WROTE_PG_CONFIG="true" fi } function check_user_and_db() { CREATED= NAME=$1 USER=$2 # confirm user is present or create it user_present=$( psql -U postgres -c "select * from pg_user;" -d template1 | grep $USER ) if [ -z $user_present ] ; then createuser --no-superuser --no-createdb --no-createrole --login --unencrypted --echo $USER -U postgres CREATED="true" fi # confirm database is present or create it db_present=$( psql -U postgres -c "select * from pg_database;" -d template1 | grep $NAME ) if [ -z $db_present ] ; then createdb --owner=$USER $NAME -U postgres CREATED="true" fi # Create/update the unprivileged database user and password if [ -z "$PLC_MONITOR_DBPASSWORD" || "$PLC_MONITOR_DBPASSWORD" = "None" ] ; then # Zabbix doesn't like plain uuidgen passwords PLC_MONITOR_DBPASSWORD=$( uuidgen | md5sum - | awk '{print $1}' ) plc-config --category=plc_monitor --variable=dbpassword --value="$PLC_MONITOR_DBPASSWORD" --save=$local_config $local_config service plc reload CREATED="true" fi if [ -n "$CREATED" ] ; then psql -d template1 -U postgres -c "ALTER USER $USER WITH PASSWORD '$PLC_MONITOR_DBPASSWORD';" fi } function if_present_load () { file=$1 if [ -f $file ] ; then psql -d $ZABBIX_DB_NAME -U $ZABBIX_DB_USER < $file fi } function check_monitor_schema_and_data() { # NOTE: call create_all() to setup the database from the info model. python -c "from monitor.database.info.model import *; from elixir import create_all; create_all()" } function check_zabbix_schema_and_data() { schema_present=$( psql -U $ZABBIX_DB_USER $ZABBIX_DB_NAME -c "\d;" < /dev/null | grep hosts ) if [ -z $schema_present ] ; then echo "... initial import can take SEVERAL minutes. please wait ..." if_present_load "/usr/local/zabbix/misc/create/schema/postgresql.sql" if_present_load "/usr/local/zabbix/misc/create/data/data.sql" if_present_load "/usr/local/zabbix/misc/create/data/images_pgsql.sql" ## TODO: update ZABBIX Server entry, "update hosts set status=0, host='MyPLC Server' where hostid=10017" fi } function check_zabbix_templates_and_import () { # LOG IN COOKIE_FILE=/tmp/cookiejar.txt rm -f ${COOKIE_FILE} TEMPLATES_DIR=${MONITORPATH}/zabbix/templates curl -s --cookie $COOKIE_FILE --cookie-jar $COOKIE_FILE \ --form "enter=Enter" \ --form "name=Admin" \ --form "password=zabbix" \ "http://${PLC_MONITOR_HOST}/zabbix/index.php?login=1" deleted=$( grep 'deleted' $COOKIE_FILE ) if [ -n "$deleted" ] ; then echo "Login to the zabbix web server failed!!!" return 1 fi for file in ${TEMPLATES_DIR}/*.xml ; do # 0 - update , 1 - skip, 0 - add echo "############### IMPORTING $file" >> /var/log/monitor.log curl -s --cookie $COOKIE_FILE --cookie-jar $COOKIE_FILE \ --form "config=1" \ --form "import_file=@${file}" \ --form "rules[host][exist]=0" \ --form "rules[host][missed]=0" \ --form "rules[template][exist]=0" \ --form "rules[template][missed]=1" \ --form "rules[item][exist]=0" \ --form "rules[item][missed]=0" \ --form "rules[trigger][exist]=0" \ --form "rules[trigger][missed]=0" \ --form "rules[graph][exist]=0" \ --form "rules[graph][missed]=0" \ --form "import=Import" \ "http://${PLC_MONITOR_HOST}/zabbix/exp_imp.php" >> /var/log/monitor.log done } function check_monitor_conf () { MONITOR_CONFIG=/etc/monitor.conf # Using plcsh add default, monitor user plcsh </dev/null AddPerson({'first_name' : 'Monitor', 'last_name' : 'Server', 'password' : '${PLC_MONITOR_DBPASSWORD}', 'email' : '${PLC_MONITOR_EMAIL}'}) AddRoleToPerson('admin', '${PLC_MONITOR_EMAIL}') AddPersonToSite('${PLC_MONITOR_EMAIL}', '${PLC_SLICE_PREFIX}') UpdatePerson('${PLC_MONITOR_EMAIL}', { 'enabled' : True, 'password' : '${PLC_MONITOR_DBPASSWORD}' }) EOF if [ ! -f ${MONITOR_CONFIG} ] ; then cat < ${MONITOR_CONFIG} [monitorconfig] RT_DB_HOST=rt.planet-lab.org RT_DB_USER= RT_DB_PASSWORD= RT_DB_NAME= # RT Web user account RT_WEB_SERVER=https://rt.planet-lab.org/ RT_WEB_TOOLS_PATH= RT_WEB_USER= RT_WEB_PASSWORD= RT_WEB_DEBUG=0 RT_QUEUE= # PLC admin account API_SERVER=https://${PLC_BOOT_HOST}/PLCAPI/ API_AUTH_USER=${PLC_MONITOR_EMAIL} API_AUTH_PASSWORD=${PLC_MONITOR_DBPASSWORD} # SERVER PATHS MONITOR_SCRIPT_ROOT=${MONITORPATH} MONITOR_DATA_ROOT=/var/lib/monitor MONITOR_ARCHIVE_ROOT=/var/lib/monitor/archive-pdb MONITOR_HOSTNAME=${PLC_MONITOR_HOST} MONITOR_IP=${PLC_MONITOR_IP} PLC_WWW_HOSTNAME=${PLC_WWW_HOST} # used for debug mode email= # all messages will appear to be from this address from_email=${PLC_MONITOR_EMAIL} # a separate address for support messages support_email=${PLC_MAIL_SUPPORT_ADDRESS} # mailing list copied on all out-going messages cc_email= [monitordatabase] monitor_dburi=postgres://${MONITOR_DB_USER}:${PLC_MONITOR_DBPASSWORD}@localhost:5432/${MONITOR_DB_NAME} zabbix_dburi=postgres://${ZABBIX_DB_USER}:${PLC_MONITOR_DBPASSWORD}@localhost:5432/${ZABBIX_DB_NAME} cachetime=60 # Evaluated as true or false [commandline] cachecalls=True echo=False debug=False mail=True bcc=False run=False checkopt=False squeeze=True policysavedb=True EOF fi } function create_httpd_conf () { MONITOR_HTTP_CONF=/etc/httpd/conf.d/monitorweb.conf if [ ! -f ${MONITOR_HTTP_CONF} ] ; then # note: we need to either start this script before httpd, or always # restart httpd, since there's no way to know beyond file's existence # whether the values have changed or not. WROTE_HTTP_CONFIG="true" fi # TODO: support HTTPS as well as port 80. currently not specifying port # 80 breaks https for other content on the myplc. # TODO: make proxy port configurable. cat < ${MONITOR_HTTP_CONF} # NOTE: I've tried other means of redirection, including mod_rewrite, but did # not have any success. The means below is not idea, b/c it does not keep # non-ssl session as non-ssl. But it works. # NOTE: redirect path without trailing '/' to path with. Favor SSL. Redirect /monitor https://${MONITOR_HOSTNAME}:${PLC_WWW_SSL_PORT}/monitor/ # NOTE: this directive strips '/monitor/' from the requested path and pastes # the remaining part to the end of the ProxyPass url below. All TG urls # should be relative to their current position, or the absolute path # that includes /monitor/ at the beginning. # TODO: make location configurable. #LogLevel debug #Errorlog /var/log/httpd/monitorwebapp-error_log #Customlog /var/log/httpd/monitorwebapp-access_log common ProxyPass http://127.0.0.1:8080/ ProxyPassReverse http://127.0.0.1:8080/ EOF } function start_tg_server () { pushd ${MONITORPATH}/web/MonitorWeb/ ./start-monitorweb.py ${MONITORPATH}/web/MonitorWeb/prod.cfg &> /var/log/monitorweb.log & popd } function stop_tg_server () { pid=$( cat /var/run/monitorweb.pid ) if [ -n "$pid" ] ; then kill $pid fi } function check_zab_server () { ZABBIXCFG=/etc/zabbix TMP_FILE=`mktemp /tmp/zbxtmpXXXXXX` if [ -f ${ZABBIXCFG}/zabbix_server.conf ] ; then sed -e "s/#DBHost=.*/DBHost=$PLC_MONITOR_HOST/g" \ -e "s#DBName=.*#DBName=$ZABBIX_DB_NAME#g" \ -e "s#DBUser=.*#DBUser=$ZABBIX_DB_USER#g" \ -e "s#DBPassword=.*#DBPassword=$PLC_MONITOR_DBPASSWORD#g" \ -e "s#.*ExternalScripts=.*#ExternalScripts=${MONITORPATH}/zabbix#g" \ ${ZABBIXCFG}/zabbix_server.conf > $TMP_FILE cat $TMP_FILE > ${ZABBIXCFG}/zabbix_server.conf fi service zabbix_server start rm -f $TMP_FILE } function check_zab_agentd () { ZABBIXCFG=/etc/zabbix TMP_FILE=`mktemp /tmp/zbxtmpXXXXXX` if [ -f ${ZABBIXCFG}/zabbix_agentd.conf ] ; then HOST=`hostname` sed -e "s#Server=.*#Server=$PLC_MONITOR_HOST#g" \ -e "s#Hostname=.*#Hostname=$HOST#g" \ ${ZABBIXCFG}/zabbix_agentd.conf > $TMP_FILE cat $TMP_FILE > ${ZABBIXCFG}/zabbix_agentd.conf fi service zabbix_agentd start rm -f $TMP_FILE } function check_zab_webconfig() { # SETUP zabbix gui configuration ZABBIX_WEB_CFG=/var/www/html/zabbix/conf/zabbix.conf.php if [ ! -f $ZABBIX_WEB_CFG ] ; then touch $ZABBIX_WEB_CFG cat < $ZABBIX_WEB_CFG EOF chmod 644 $ZABBIX_WEB_CFG fi } if [ "$PLC_MONITOR_ENABLED" != "1" ] ; then exit 0 fi case "$1" in start) MESSAGE=$"Bootstrap Monitoring (please wait...)" dialog "$MESSAGE" # DATABASE acces, creation, and data loading check_pg_hba $MONITOR_DB_NAME $MONITOR_DB_USER check_user_and_db $MONITOR_DB_NAME $MONITOR_DB_USER # WRITE default /etc/monitor.conf check_monitor_conf check_monitor_schema_and_data check_pg_hba $ZABBIX_DB_NAME $ZABBIX_DB_USER check_user_and_db $ZABBIX_DB_NAME $ZABBIX_DB_USER if [ -n "$WROTE_PG_CONFIG" ] ; then # NOTE: restart db to enable access by users granted above. service plc restart postgresql service plc restart httpd MESSAGE=$"Bootstrap Monitoring 2 (please wait...)" dialog "$MESSAGE" fi check_zabbix_schema_and_data check_zabbix_templates_and_import # create /etc/httpd/conf.d/monitorweb.conf create_httpd_conf if [ -n "$WROTE_HTTP_CONFIG" ] ; then # NOTE: restart web server to enable access web cfg service plc restart httpd MESSAGE=$"Bootstrap Monitoring 3 (please wait...)" dialog "$MESSAGE" fi start_tg_server # START zabbix services. SETUP default config files. check_zab_server check_zab_agentd check_zab_webconfig result "$MESSAGE" ;; restartweb) MESSAGE=$"Restarting monitor web app..." dialog "$MESSAGE" stop_tg_server start_tg_server result "$MESSAGE" ;; sync) MESSAGE=$"Syncing PLC db with Zabbix DB" dialog "$MESSAGE" # turn off zabbix server, etc. before writing to the db. service plc stop monitor $MONITORPATH/zabbix/zabbixsync.py --setupglobal &> /var/log/monitor-server # import any templates check_zabbix_templates_and_import service plc start monitor result "$MESSAGE" ;; delete) MESSAGE=$"Deleting databases..." dialog "$MESSAGE" dropdb -U postgres $ZABBIX_DB_NAME dropuser -U postgres $ZABBIX_DB_USER dropdb -U postgres $MONITOR_DB_NAME dropuser -U postgres $MONITOR_DB_USER result "$MESSAGE" ;; stop) MESSAGE=$"Stopping Monitor" dialog "$MESSAGE" stop_tg_server service zabbix_server stop service zabbix_agentd stop # TODO: is there anything to stop? result "$MESSAGE" ;; esac exit $ERRORS