diff options
author | Sam Chudnick <sam@chudnick.com> | 2022-04-17 12:32:41 -0400 |
---|---|---|
committer | Sam Chudnick <sam@chudnick.com> | 2022-04-17 12:32:41 -0400 |
commit | a520bf1bba2c6889c4473bc57354aab4e0f7b8ed (patch) | |
tree | 76efef6fdd3429fdc6041f8806a5d5766e16ebab /monitoring/icinga-influx | |
parent | 313af9efa65641516ae41f1c1ea0549ee445e455 (diff) |
Added script for configuring InfluxDB and configuring Icinga2 to write metrics to InfluxDB.
Diffstat (limited to 'monitoring/icinga-influx')
-rwxr-xr-x | monitoring/icinga-influx | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/monitoring/icinga-influx b/monitoring/icinga-influx new file mode 100755 index 0000000..c1b7116 --- /dev/null +++ b/monitoring/icinga-influx | |||
@@ -0,0 +1,97 @@ | |||
1 | #!/bin/sh | ||
2 | # | ||
3 | # Configures influxdb and configures icinga2 to write data to influxdb | ||
4 | # Assumes that influxdb and icinga master are on the same host | ||
5 | |||
6 | dbname="icinga2" | ||
7 | admin="admin" | ||
8 | adminpass="changeme" | ||
9 | icingauser="icinga2" | ||
10 | icingapass="changeme" | ||
11 | rouser="readonly" | ||
12 | ropass="changeme" | ||
13 | |||
14 | # install packages | ||
15 | apt install -y influxdb influxdb-client ssl-cert | ||
16 | |||
17 | # configure influx | ||
18 | mv /etc/influxdb/influxdb.conf /etc/influxdb/influxdb.conf.orig | ||
19 | |||
20 | # generate self-signed certificate | ||
21 | make-ssl-cert generate-default-snakeoil | ||
22 | usermod -aG ssl-cert influxdb | ||
23 | |||
24 | echo "reporting-enabled = false | ||
25 | [meta] | ||
26 | dir = \"/var/lib/influxdb/meta\" | ||
27 | [data] | ||
28 | dir = \"/var/lib/influxdb/data\" | ||
29 | wal-dir = \"/var/lib/influxdb/wal\" | ||
30 | [coordinator] | ||
31 | [retention] | ||
32 | [shard-precreation] | ||
33 | [monitor] | ||
34 | [http] | ||
35 | enabled = true | ||
36 | bind-address = \":8086\" | ||
37 | auth-enabled = false | ||
38 | https-enabled = true | ||
39 | https-certificate = \"/etc/ssl/certs/ssl-cert-snakeoil.pem\" | ||
40 | https-private-key = \"/etc/ssl/private/ssl-cert-snakeoil.key\" | ||
41 | [ifql] | ||
42 | [logging] | ||
43 | [subscriber] | ||
44 | [[graphite]] | ||
45 | [[collectd]] | ||
46 | [[opentsdb]] | ||
47 | [[udp]] | ||
48 | [continuous_queries] | ||
49 | [tls] | ||
50 | min-version = \"tls1.2\" | ||
51 | " > /etc/influxdb/influxdb.conf | ||
52 | |||
53 | systemctl enable --now influxdb | ||
54 | sleep 2 | ||
55 | |||
56 | # create influx database and users | ||
57 | # uses unsafeSsl because of self-signed cert | ||
58 | influx -ssl -unsafeSsl -execute \ | ||
59 | "create database $dbname; \ | ||
60 | create user $admin with password '$adminpass'; \ | ||
61 | create user $icingauser with password '$icingapass'; \ | ||
62 | create user $rouser with password '$ropass'; \ | ||
63 | grant all to $admin; \ | ||
64 | grant write on $dbname to $icingauser; \ | ||
65 | grant read on $dbname to $rouser;" | ||
66 | |||
67 | |||
68 | # enable influxdb auth after creation of admin user | ||
69 | sed -i "s/auth-enabled = false/auth-enabled = true/" /etc/influxdb/influxdb.conf | ||
70 | systemctl restart influxdb | ||
71 | |||
72 | # enable and configure influx feature in icinga | ||
73 | icinga2 feature enable influxdb | ||
74 | echo "object InfluxdbWriter \"influxdb\" { | ||
75 | host = \"127.0.0.1\" | ||
76 | port = 8086 | ||
77 | username = \"$icingauser\" | ||
78 | password = \"$icingapass\" | ||
79 | ssl_enable = true | ||
80 | database = \"$dbname\" | ||
81 | flush_threshold = 1024 | ||
82 | flush_interval = 10s | ||
83 | host_template = { | ||
84 | measurement = \"\$host.check_command$\" | ||
85 | tags = { | ||
86 | hostname = \"\$host.name$\" | ||
87 | } | ||
88 | } | ||
89 | service_template = { | ||
90 | measurement = \"\$service.check_command$\" | ||
91 | tags = { | ||
92 | hostname = \"\$host.name$\" | ||
93 | service = \"\$service.name$\" | ||
94 | } | ||
95 | } | ||
96 | } " > /etc/icinga2/features-available/influxdb.conf | ||
97 | systemctl restart icinga2 | ||