A highly customizable Ansible role to configure a Check_Mk client.
- Installs check-mk-agent on clients; Does use locally provided packages or a systems repositories; See Role Variables.
- Puts basic check_mk plugins in place
- Adds ssh hostkey to the check_mk site user
- Creates a user and group to run check-mk-agent with
- Creates sudo configuration for this monitoring user
- Puts ssh-public-key in place for the monitoring user
- Adds a managed System to Check_Mk
- Removes the System from Check_Mk; This is not implemented in
main.yaml
. The tasks responsible for this are stored inremove_host_from_cmk.yml
and can be called seperatly withimport_role
in decommision playbooks.
The system this role is run on needs network access to the check_mk server (80/tcp).
-
Check_Mk Server host; required: yes
The ansible_inventory name of the check_mk server.
cmkclient_server:
-
Check_Mk Package name and version; required: yes
These are used to check if the desired package is already installed. This is only used if you the package is not installed by a packagemanagers repository.
cmkclient_pkgname: check-mk-agent cmkclient_pkgver: 1.4.0p27-1
-
Check_Mk Site user name; required: yes
The username of the user running your Check_Mk site.
cmkclient_site_user: example-site
-
Check_Mk package and plugins; (
vars/apt.yml
orvars/dnf.yml
)These vars are defined in files dependend on the
ansible_pkg_mgr
var. Below defaults are only showing the defaults for Debian.-
Packages; required: no
Either one of these should be defined to install a package. If
cmkclient_pkgmanager_pkg
is defined the systems configured repositories will be used to install the package. Ifcmkclient_package
is defined you have to provide the package in some way (eg. in your 'files' directory and provide the full path). If both are defined the distributions packagemanager has precedence.cmkclient_pkgmanager_pkg: files/checkmk/check-mk-agent cmkclient_package: check-mk-agent_1.4.0p27-1_all.deb
-
Plugins; required: no
cmkclient_plugins: - plugin_src: files/checkmk/mk_apt plugin_dst: /usr/lib/check_mk_agent/plugins/86400/mk_apt
-
-
Command used for checking if the package is already installed; required: yes
cmkclient_pkg_test: "dpkg -l | grep -P \'^ii\\s+{{ cmkclient_pkgname }}\\s+{{ cmkclient_pkgver }}\'"
-
User configuration if check-mk-agent is not executed as
root
-
Create user or not; required: yes; (True/False)
cmkclient_createuser: False
-
Group configuration
cmkclient_group_name: checkmk cmkclient_group_gid: 601
-
User configuration
Sudo configuration is only applied if
cmkclient_createuser
isTrue
andcmkclient_user_sudo
is notFalse
.cmkclient_user_name: checkmk cmkclient_user_uid: 601 cmkclient_user_comment: "check_mk monitoring user" cmkclient_user_group: checkmk cmkclient_user_shell: /bin/bash cmkclient_user_password: '!!' cmkclient_user_home: /home/checkmk cmkclient_user_pwexpire: '99999' # This must be a string! cmkclient_user_sudo: checkmk cmkclient_user_publickey: "{{ lookup('file', 'files/authorized_keys/checkmk') }}"
-
-
Host creation configuration
-
Create host or not; required: yes; (True/False)
cmkclient_createhost: False
-
User for Check_Mk WebAPI
cmkclient_api_user: automation
-
Secret for Check_Mk's WebAPI User
cmkclient_api_password: "my-automation-secret"
-
None;
- name: Configure Check_MK Client
hosts: MonitoredServers
roles:
- { role: CheckMkClient }
BSD
Created in 2018 by Thomas.