Log output, on Centos 7.2, Ansible 2.1.1.0:

TASK [cmacrae.sensu : Stash the Sensu SSL certs/keys] **************************
fatal: [sensu]: FAILED! => {"failed": true, "msg": "the field 'args' has an invalid value, which appears to include a variable that is undefined. The error was: 'dynamic_data_store' is undefined\n\nThe error appears to have been in '/etc/ansible/roles/cmacrae.sensu/tasks/ssl_generate.yml': line 47, column 5, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n  - name: Stash the Sensu SSL certs/keys\n    ^ here\n"}

Under the "Defining your static data store" part of the docs, it suggests that one needs to simply define a static_data_store and point it at a directory. However, the roles seem to expect a certain sub-directory structure to exist, regardless if there are files to be deployed:

https://github.com/sensu/sensu-ansible/blob/master/tasks/plugins.yml#L27
https://github.com/sensu/sensu-ansible/blob/master/tasks/plugins.yml#L39
https://github.com/sensu/sensu-ansible/blob/master/tasks/plugins.yml#L48
https://github.com/sensu/sensu-ansible/blob/master/tasks/plugins.yml#L57

Without the sensu/``checks/filters/handlers and mutators directories existing, running the role results in:

TASK [cmacrae.sensu : Deploy filter plugins] ***********************************
fatal: [queue-01]: FAILED! => {"changed": false, "failed": true, "msg": "Unable to find 'sensu/static_data/sensu/filters/' in expected paths."}

/etc/sensu/conf.d is owned by root but I get this message:
@ rb_sysopen - /tmp/sensu_server_loaded_files (Errno::EACCES)
if i chage sensu to be the owner the permission error goes away

but if i run ansible again it sets it back to root

TASK [sensu-ansible : Ensure the Sensu config directory is present] ************
--- before
+++ after
@@ -1,4 +1,4 @@cd 
 {
-    "owner": 991,
+    "owner": 0,
     "path": "/etc/sensu/conf.d"
 }

with a hardening umask, the role is not working due to 2 failing parts :

ssl part

i have modify the ssl.yml to add mode :

  - name: Ensure Sensu SSL directory exists
    file:
      dest: "{{ sensu_config_path }}/ssl"
      state: directory
      owner: "{{ sensu_user_name }}"
      group: "{{ sensu_group_name }}"
      mode: "0755"
    when: sensu_ssl_gen_certs and sensu_ssl_manage_certs

  - include: ssl_generate.yml
    when: sensu_ssl_gen_certs
    static: false

  - name: Deploy the Sensu client SSL cert/key
    copy:
      src: "{{ item.src }}"
      owner: "{{ sensu_user_name }}"
      remote_src: "{{ sensu_ssl_deploy_remote_src }}"
      group: "{{ sensu_group_name }}"
      dest: "{{ sensu_config_path }}/ssl/{{ item.dest }}"
      mode: " {{ item.perm }}"
    with_items:
      - {src: "{{ sensu_ssl_client_cert }}", dest: cert.pem , perm: "0644" }
      - {src: "{{ sensu_ssl_client_key }}" , dest: key.pem  , perm: "0640" }
    notify: restart sensu-client service
when: sensu_ssl_manage_certs

--> this modification can also improve the security : previously if the umask was too open, the key.pem was readable by everybody

plugins part

(we use sensu_user_name = sensu )
sensu-install -p will install plugings not readable by every body , my modification :

  - name: Ensure any remote plugins defined are present
    shell: umask 0022; sensu-install -p {{ item }}
    with_items: "{{ sensu_remote_plugins }}"
    changed_when: false
when: sensu_remote_plugins > 0

Hi,

it's will great if prerequisite of plugins is managed by the role

i think, it's can be, only, construct empirically...
for exemple, postgres plugins (if i have add these in plugins.yml) (maybe it's for only when: ansible_os_family == 'RedHat'
:

  - name: Define pre-requisite of each plugins
    set_fact:
      package_needed: "{{ package_needed | default([]) }} + [ 'postgresql-devel' ]"
    when: "'postgres' in sensu_remote_plugins"

  - name: Install pre-requisite of each plugins
    package:
      name: "{{ item }}"
    with_items: "{{ package_needed | default([]) }}"

Maybe its the same problem : ssl download error #41

fatal: [xxxx.xxxx.xxxx]: FAILED! => {"changed": false, "failed": true, "msg": "Destination /etc/sensu/ssl_generation not writable"}

Hi again.

I have an issue when running my playbook to deploy the servers.

I have the following playbook with default variables except users, passwords/

---
 - hosts: sensu_master:test
   vars_files:
     - /etc/ansible/vars/secrets.yml
   roles:
     - role: cmacrae.sensu

Here is my group_vars file:

sensu_master: true
sensu_include_dashboard: true
rabbitmq_server: true
redis_server: true
uchiwa_dc_name: my.server.url.fr

And I have the following error:

TASK [cmacrae.sensu : Deploy the Sensu client SSL cert/key] ********************
failed: [backup.curuba.fr] => (item=/etc/ansible/data/dynamic/my.server.url.fr//etc/sensu/ssl_generation/sensu_ssl_tool/client/cert.pem) => {"failed": true, "item": "/etc/ansible/data/dynamic/my.server.url.fr//etc/sensu/ssl_generation/sensu_ssl_tool/client/cert.pem", "msg": "could not find src=/etc/ansible/data/dynamic/my.server.url.fr/etc/sensu/ssl_generation/sensu_ssl_tool/client/cert.pem"}
failed: [backup.curuba.fr] => (item=/etc/ansible/data/dynamic/my.server.url.fr//etc/sensu/ssl_generation/sensu_ssl_tool/client/key.pem) => {"failed": true, "item": "/etc/ansible/data/dynamic/my.server.url.fr//etc/sensu/ssl_generation/sensu_ssl_tool/client/key.pem", "msg": "could not find src=/etc/ansible/data/dynamic/my.server.url.fr/etc/sensu/ssl_generation/sensu_ssl_tool/client/key.pem"}
        to retry, use: --limit @3-monitoring.retry

Hello

In the README file with instructions there are several plugins listed under data/static/sensu/checks
Can you share those too ?If not , how do i deploy such plugins ?

The include_vars module override any existing variable. I wanted to override the redis repo, but couldn't do so.

I deployed the http plugin to my client with:

    sensu_remote_plugins:
      - http:0.3.0

How do I send over a configuration file, as described in https://sensuapp.org/docs/latest/reference/checks#example-check-definition ?

Hi,

I am running to setup sensu environment using sensu-ansible role. For testing purposes I disabled SSL. However, I get the following error at the end.
fatal: [192.168.0.3]: FAILED! => { "changed": false, "failed": true, "invocation": { "module_args": { "daemon_reload": false, "enabled": true, "masked": null, "name": "sensu-client", "state": "started", "user": false } }, "msg": "Unable to start service sensu-client: Job for sensu-client.service failed because the control process exited with error code. See \"systemctl status sensu-client.service\" and \"journalctl -xe\" for details.\n" } to retry, use: --limit @/root/playbook.retry

Any idea what could cause this error?

ansible 2.0.1.0
ubuntu 14.04

Running the play with defaults:

- name: Install and config sensu stack.
  hosts: prod
  become: true
  become_method: sudo
  roles:
    - role: cmacrae.sensu

$ ansible-playbook prod/sensu.yml

Things of note:

TASK [cmacrae.sensu : Deploy the Sensu client SSL cert/key] ********************
[DEPRECATION WARNING]: Skipping task due to undefined Error, in the future this 
will be a fatal error.. This feature will be removed in a future release. 
Deprecation warnings can be disabled by setting deprecation_warnings=False in 
ansible.cfg.

TASK [cmacrae.sensu : Deploy Sensu client RabbitMQ configuration] **************
fatal: [kimsufi]: FAILED! => {"changed": false, "failed": true, "msg": "AnsibleUndefinedVariable: 'dict object' has no attribute 'rabbitmq_servers'"}

The warning undefined Error is not helpful so I'm stuck as to how to resolve it and whether it is causing the failure down the chain. Any ideas?

Hi
so I want to achieve this below set up

Host debian7 to act as master/rabbitmq/redis and to communicate and monitor 3 other nodes in the lan. The role is being executed from within debian7
i have set the appropriate values in defaults/main.yml to true and i run the playbook like this:

• hosts: sensu_masters
  roles:
  - { role: cmacrae.sensu, sensu_master: true, sensu_include_dashboard: true, rabbitmq_server: true, redis_server: true }

my group_vars/all.yml is like so

cat group_vars/all.yml
dynamic_data_store: "/etc/ansible/data/dynamic"
static_data_store: "/etc/ansible/data/static/"
rabbitmq_host: debian7
redis_host: debian7
sensu_api_host: debian7

the role starts fine but it stops with this error

fatal: [debian7 -> localhost]: FAILED! => {
"changed": false,
"cmd": [
"ls",
"/etc/ansible/data/static/sensu/checks/sensu/checks"
],
"delta": "0:00:00.065060",
"end": "2016-12-10 17:38:30.377208",
"failed": true,
"invocation": {
"module_args": {
"_raw_params": "ls /etc/ansible/data/static/sensu/checks/sensu/checks",
"_uses_shell": false,
"chdir": null,
"creates": null,
"executable": null,
"removes": null,
"warn": true
},
"module_name": "command"
},
"rc": 2,
"start": "2016-12-10 17:38:30.312148",
"stderr": "ls: cannot access /etc/ansible/data/static/sensu/checks/sensu/checks: No such file or directory",
"stdout": "",
"stdout_lines": [],
"warnings": []
}

as far as i can see this path does not exist but i had previously set static_data_store: "/etc/ansible/data/static/"

thanks in advance :)

#defaults/main.yml
uchiwa_pkg_version: 0.14.2-1
uchiwa_pkg_deb_download_url: http://dl.bintray.com/palourde/uchiwa/uchiwa_{{ uchiwa_pkg_version }}_amd64.deb
uchiwa_pkg_rpm_download_url: http://dl.bintray.com/palourde/uchiwa/uchiwa-{{ uchiwa_pkg_version }}.x86_64.rpm

Hard-coding uchiwa version is not ideal here. Question is why don't we simply download uchiwa package directly from sensu repo?

[root@haphan-sensu cloud-user]# yum  info uchiwa | grep Version
Version     : 0.23.1

it would be a good thing if there was the chance to enable testing this role automatically with travis

I read http://ansible-sensu.readthedocs.io/en/latest/dynamic_checks/,

$ tree data/static
data/static
`-- sensu
    |-- checks
    |   |-- rabbitmq_servers
    |   |   `-- check_rabbitmq.sh
    |   |-- redis_servers
    |   |   `-- check_redis.sh
    |   |-- webservers
    |   |   `-- check_nginx.sh
    |   `-- zones
    |       |-- check_cpu.rb
    |       |-- check_disk.rb
    |       `-- check_mem.rb
    |-- definitions
    |   |-- check_nginx.json.j2
    |   |-- check_rabbitmq.json.j2
    |   |-- check_redis.json.j2
    |   |-- pushover.json.j2
    |   |-- pushover_handler.json.j2
    |   |-- smartos_check_cpu.json.j2
    |   |-- smartos_check_disk.json.j2
    |   `-- smartos_check_mem.json.j2
    |-- handlers
    |   `-- pushover.rb
    `-- mutators

My question is where can I download those sh files? I can see there are sensu plugins, but they are all ruby gems.

Thanks.

All i am facing the following issue after following the docs to install on a single node. my config is as follows:
inventory:

cat inventory/sensu.yml
[sensu_masters]
sensu.master

[rabbitmq_servers]
sensu.master

[redis_servers]
sensu.master

group_vars:

cat group_vars/all.yml
rabbitmq_host: sensu
redis_host: sensu
sensu_api_host: sensu
dynamic_data_store: /etc/ansible/config/data/dynamic

host_vars:

cat host_vars/sensu.yml
sensu_master: true
sensu_include_dashboard: true
rabbitmq_server: true
redis_server: true

but i continue to get the following error
fatal: [localhost]: FAILED! => {"failed": true, "msg": "{{ sensu_ssl_tool_base_path }}/client/cert.pem: {{ dynamic_data_store }}/{{ groups['sensu_masters'][0] }}{{ sensu_master_config_path }}/ssl_generation/sensu_ssl_tool: {{ hostvars[groups['sensu_masters'][0]]['sensu_config_path'] | default('/etc/sensu') }}: 'dict object' has no attribute 'sensu_masters'"}

ansible version

ansible 2.3.0.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = Default w/o overrides
  python version = 2.7.5 (default, Nov  6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)]

sensu version
0.29.0
I have looked though the other issues and was not able to find a resolution, I am fairly new to ansible but not sensu and have deployed it before with chef. thanks in advance for any help you can provide.
rr

Hi,

Not sure what I'm messing up, but I'm receiving the follow error when applying this runbook:

ERROR! failed to combine variables, expected dicts but got a 'AnsibleUnicode' and a 'Ansi

---
-
  hosts: host1
  become: yes
  roles:
    - role: ansible-sensu

I think it's the way ansible is trying to combine vars. I've commented out the vars being used in roles/ansible-sensu/defaults/main.yml from roles/ansible-sensu/vars/Debian.yml but hit the same issue later one.

ansible --version
ansible 2.1.0 (devel d60f0c94f8) last updated 2016/03/06 15:05:35 (GMT -700)
  lib/ansible/modules/core: (detached HEAD 0bbb7ba38d) last updated 2016/02/29 19:37:22 (GMT -700)
  lib/ansible/modules/extras: (detached HEAD 39e4040685) last updated 2016/02/29 19:37:22 (GMT -700)
  config file = <homedir>/ansible-test/ansible.cfg
  configured module search path = Default w/o overrides

Any help would be greatly appreciated. Thanks!

Imagine there is a bug, how to revert to a previous version?

Hello

Here is my hosts file

[sensu_masters]
debian21

[redis_servers]
debian20

[rabbitmq_servers]
debian19

[zones]
debian22
debian23
debian24
debian25

in main.yml i have sensu master to false as well as redis server set to false and the play stops with errors about SSLs

Do i have to create self signed certs and tell the role where to look for these ?

When I create a Sensu master I get the following message in uchiwa.log:

{"timestamp":"2016-04-14T13:21:55.54069187Z","level":"warn","message":"GET https://mon:4567/stashes returned: Get https://mon:4567/stashes: tls: oversized record received with length 20527"}

Plain curl won't also work:

$ curl "https://mon:4567/stashes"
curl: (35) SSL received a record that exceeded the maximum permissible length.

My configuration of the role:

sensu_include_dashboard: true
sensu_deploy_rabbitmq: true
sensu_deploy_redis: true
sensu_api_host: '{{ inventory_hostname }}'
sensu_api_ssl: 'true'
sensu_master: true
sensu_ssl_gen_certs: true
sensu_master_config_path: '{{ sensu_config_path }}'
sensu_ssl_tool_base_path: "{{ dynamic_data_store }}/{{ inventory_hostname }}{{ sensu_master_config_path }}/ssl_generation/sensu_ssl_tool"

rabbitmq_server: true
rabbitmq_host: localhost

redis_server: true
redis_host: localhost

What could be the issue?

In order to make Uchiwa highly available certificates need to be generated and provided in the uchiwa config https://docs.uchiwa.io/guides/high-availability/

The uchiwa config block in the template currently does not allow these to be specified https://github.com/sensu/sensu-ansible/blob/master/templates/uchiwa_config.json.j2

It would be nice if this role could do a multi-server installation with

1. Clustered RabbitMQ
2. Clustered Redis (Sentinel)
3. Multiple servers running sensu-server & sensu-api
4. Multiple servers running uchiwa
5. Throw in HAproxy and Keepalived to remove any single point of failure.

Hi
to ease things i followed the readme docs to deploy everything to one host. My plan is to have one host to act as sensu master , redis and rabbitmq-server and to monitor using plugins other hosts in my lan.
For starters i set sensu master , redis and rabbitmq server to false in the main.yml. In group_vars/all.yml i defined all 3 variables like the docs show to point to the IP of my intended sensu master host like so
rabbitmq_host: 192.168.1.95
redis_host: 192.168.1.95
sensu_api_host: 192.168.1.95

In group_vars i also created 3 yml files named rabbitmq_servers , redis_server and sensu_masters , like the docs show and inside each file there is a value : true accordingly .

Do all of the above seem correct? I think they do .

In my hosts file , i have defined
[sensu_servers]
the above host
[redis_servers]
same above host
[rabbitmq_servers]
the above host again

[zones]
several different hosts go here

So , one host will act as sensumaster,redis and rabbitmq and will deploy plugins to everything under [zones]

How do you execute such playbook?

hosts: all

or

hosts: sensu_masters

i tried both , and although the play finishes , the Uchiwa dashboard says sensu-api is not running. I sshed into my intended sensumaster and sensu api was running so it must be something else

some help/ideas?

thank you

Hi and congratulations for this fantastic role and nice documentation.
There is one thing I don't understand though... I see that there is a sensu_remote_plugins variable that we can set in order to define which plugins we want to deploy. At the same time, in the static data store, we can also set some checks on a per group basis.
How these two methods interact? Do we need both?
Thanks in advance for enlightening me on this topic :)

so i wonder how this can ever have worked at all

become_user is not a legal parameter in an Ansible task or handler

because this is in multiple places

rrackow$ git grep become_user handlers/main.yml: become_user: "{{ sensu_user_name }}” tasks/FreeBSD/dashboard.yml: become_user: "{{ sensu_user_name }}” tasks/SmartOS/dashboard.yml: become_user: "{{ sensu_user_name }}” tasks/rabbit.yml: become_user: rabbitmq tasks/ssl_generate.yml: become_user: "{{ sensu_user_name }}”

FAILED! => {"changed": false, "failed": true, "module_stderr": "Shared connection to 213.196.39.216 closed.\r\n", "module_stdout": "Traceback (most recent call last):\r\n File \"/tmp/ansible_ZI1hPK/ansible_module_apt_repository.py\", line 565, in <module>\r\n main()\r\n File \"/tmp/ansible_ZI1hPK/ansible_module_apt_repository.py\", line 553, in main\r\n cache.update()\r\n File \"/usr/lib/python2.7/dist-packages/apt/cache.py\", line 440, in update\r\n raise FetchFailedException(e)\r\napt.cache.FetchFailedException: E:The method driver /usr/lib/apt/methods/https could not be found.\r\n", "msg": "MODULE FAILURE", "rc": 0}

Next run
TASK [cmacrae.sensu : Ensure Sensu is installed] ******************************************************************************************************************************************************************************************************************************************************************** fatal: []: FAILED! => {"changed": false, "failed": true, "msg": "No package matching 'sensu' is available"}

on the node
root@box:~# apt-get update E: The method driver /usr/lib/apt/methods/https could not be found. N: Is the package apt-transport-https installed?

Ill update with the patch shortly

Hello,
I have two different issues with my setup:
First, if I try to modify any sensu checks with ansible, the checks are not updated and still show the old info. For example, I've modified the threshold for some checks but I still see them in uchiwa showing with the old config.
I've tried to restart all components (server,api,redis) but i still have the same issue. How is sensu reading the checks.json file that's generated by ansible?

When I add new checks, they are not automatically added to the Uchiwa interface. I have to restart at least the redis database or even uchiwa. When I do restart them they appear in the checks tab in uchiwa but not on machines and I have to schedule them manually

Actually, i can't run the role without any plugins on a machine :

ansible-playbook  ... --extra-var='sensu_remote_plugins=""'
TASK [sensu-client : Ensure any remote plugins defined are present] ********************************************************************************************************************
failed: [server] (item=) => {"changed": false, "cmd": "sensu-install -p ", "delta": "0:00:00.153447", "end": "2017-07-05 11:53:58.399445", "failed": true, "item": "", "rc": 1, "start": "2017-07-05 11:53:58.245998", "stderr": "/opt/sensu/embedded/lib/ruby/gems/2.3.0/gems/sensu-0.26.5/exe/sensu-install:38:in `cli_options': missing argument: -p (OptionParser::MissingArgument)\n\tfrom /opt/sensu/embedded/lib/ruby/gems/2.3.0/gems/sensu-0.26.5/exe/sensu-install:124:in `run'\n\tfrom /opt/sensu/embedded/lib/ruby/gems/2.3.0/gems/sensu-0.26.5/exe/sensu-install:136:in `<top (required)>'\n\tfrom /opt/sensu/embedded/bin/sensu-install:22:in `load'\n\tfrom /opt/sensu/embedded/bin/sensu-install:22:in `<main>'", "stderr_lines": ["/opt/sensu/embedded/lib/ruby/gems/2.3.0/gems/sensu-0.26.5/exe/sensu-install:38:in `cli_options': missing argument: -p (OptionParser::MissingArgument)", "\tfrom /opt/sensu/embedded/lib/ruby/gems/2.3.0/gems/sensu-0.26.5/exe/sensu-install:124:in `run'", "\tfrom /opt/sensu/embedded/lib/ruby/gems/2.3.0/gems/sensu-0.26.5/exe/sensu-install:136:in `<top (required)>'", "\tfrom /opt/sensu/embedded/bin/sensu-install:22:in `load'", "\tfrom /opt/sensu/embedded/bin/sensu-install:22:in `<main>'"], "stdout": "", "stdout_lines": []}

the when condition should be changed from

when: sensu_remote_plugins > 0

To :

when: sensu_remote_plugins

So we will get a skipping tasks :

TASK [sensu-client : Ensure any remote plugins defined are present] ********************************************************************************************************************
skipping: [server] => (item=) 

With sensu_remote_plugins defined, I'm getting this error:

TASK [cmacrae.sensu : Ensure any remote plugins defined are present] ***********
Thursday 10 November 2016  18:54:38 -0800 (0:00:00.030)       0:00:01.720 *****
failed: [10.3.1.35] (item=sensu_remote_plugins) => {
    "changed": false,
    "cmd": "sensu-install -p sensu_remote_plugins",
    "delta": "0:00:54.320680",
    "end": "2016-11-11 02:55:38.443994",
    "failed": true,
    "item": "sensu_remote_plugins",
    "rc": 2,
    "start": "2016-11-11 02:54:44.123314",
    "warnings": []
}
stdout:
[SENSU-INSTALL] installing Sensu plugins ...
[SENSU-INSTALL] determining if Sensu gem 'sensu-plugins-sensu_remote_plugins' is already installed ...
false
[SENSU-INSTALL] Sensu plugin gems to be installed: ["sensu-plugins-sensu_remote_plugins"]
[SENSU-INSTALL] installing Sensu gem 'sensu-plugins-sensu_remote_plugins'
[SENSU-INSTALL] failed to install Sensu gem 'sensu-plugins-sensu_remote_plugins'
[SENSU-INSTALL] you can run the sensu-install command again with --verbose for more info
[SENSU-INSTALL] please take note of any failure messages above
[SENSU-INSTALL] make sure you have build tools installed (e.g. gcc)
[SENSU-INSTALL] trying to determine the Sensu plugin homepage for sensu-plugins-sensu_remote_plugins ...
stderr:
ERROR:  Could not find a valid gem 'sensu-plugins-sensu_remote_plugins' (>= 0) in any repository
ERROR:  Possible alternatives: sensu-plugins-messagemedia, sensu-plugins-sensu-plugins-fluentd, sensu-plugins-entropy-checks, sensu-plugins-freeradius, sensu-plugins-fsmounts
ERROR:  No gem matching 'sensu-plugins-sensu_remote_plugins (>= 0)' found

It looks like Ansible is using sensu_remote_plugins directly as a string instead of a variable.
Changing the with_items line to with_items: "{{ sensu_remote_plugins }}" fixes it for me.

Using Ansible 2.2.0.0

There is no mention of "dynamic_data_store" and "static_data_store" on the "obvious" pages, like README.md and role variables. But the role won't run without those being defined and, in the case of static data store, having the right structure, i.e., "sensu/{checks,definitions,filters,handlers,mutators}". Those sub-directories have to be present, even if empty, or the role won't run.

Hi
i understand i have to create a host_vars directory and inside that a yaml file like debian7.yml to define pushover key and token.

Exactly how do i find where these files are located so i can define their paths?

This can probably be achieved using with_file_glob and Jinja filters:

  - name: Deploy check/handler/filter/mutator definitions to the master
    template:
      src: "{{ static_data_store }}/sensu/definitions/{{ item }}.j2"
      dest: "{{ sensu_config_path }}/conf.d/{{ item }}"
      owner: "{{ sensu_user_name }}"
      group: "{{ sensu_group_name }}"
    when: sensu_master
    with_lines:
      - ls {{ static_data_store }}/sensu/definitions | sed 's/\.j2//'
    notify: restart sensu-server service

reading the docs , there is an example where you set up one host to act as sensu master , redis and rabbitmq. When utilizing such a set up , how do you deploy the plugins ( defined in defaults/main.yml ) to the rest of the hosts in an infrastructure ?

None of the definitions or checks defined in the documentation seem to exist.

rtisdale@aliveagain:~/repos/ansible-personal$ tree data/static/
data/static/
└── sensu
    ├── checks
    ├── definitions
    ├── filters
    ├── handlers
    └── mutators

6 directories, 0 files

The documentation seems to indicate these exist

$ tree data/static
data/static
`-- sensu
    |-- checks
    |   |-- rabbitmq_servers
    |   |   `-- check_rabbitmq.sh
    |   |-- redis_servers
    |   |   `-- check_redis.sh
    |   |-- webservers
    |   |   `-- check_nginx.sh
    |   `-- zones
    |       |-- check_cpu.rb
    |       |-- check_disk.rb
    |       `-- check_mem.rb
    |-- definitions
    |   |-- check_nginx.json.j2
    |   |-- check_rabbitmq.json.j2
    |   |-- check_redis.json.j2
    |   |-- pushover.json.j2
    |   |-- pushover_handler.json.j2
    |   |-- smartos_check_cpu.json.j2
    |   |-- smartos_check_disk.json.j2
    |   `-- smartos_check_mem.json.j2
    |-- handlers
    |   `-- pushover.rb
    `-- mutators

hello
it finally builds ok with no errors during the process but it fails to start

it fails with this error
See 'systemctl status sensu-client.service' and 'journalctl -xn' for details.

and from logs i see this

systemctl status sensu-client.service
● sensu-client.service - LSB: Sensu monitoring framework client
Loaded: loaded (/etc/init.d/sensu-client)
Active: failed (Result: exit-code) since Wed 2016-12-07 17:22:12 EST; 6s ago
Process: 20521 ExecStart=/etc/init.d/sensu-client start (code=exited, status=1/FAILURE)

Dec 07 17:22:12 debian3 sensu-client[20521]: Starting sensu-client: failed!
Dec 07 17:22:12 debian3 systemd[1]: sensu-client.service: control process exited, code=exited status=1
Dec 07 17:22:12 debian3 systemd[1]: Failed to start LSB: Sensu monitoring framework client.
Dec 07 17:22:12 debian3 systemd[1]: Unit sensu-client.service entered failed state.

any ideas.... ? @smuth4 @cmacrae

I am extending this repo so that it can deploy sensu enterprise.

Do you guys think it would be interesting to merge it back to sensu/sensu-ansible?

Hi,

sorry for dummies questions,

All definitions are copied into sensu master servers. And master server tries to run all checks.
I don't know how to avoid this behaviour.

May be smth wrong with my .j2 template?

{
"checks": {
"check_disk_usage": {
"command": "{{ sensu_config_path }}/plugins/check-disk-usage.rb -w :::disk.warning|80::: -c :::disk.critical|90:::",

  "subscribers": {{ group_names | to_nice_json }},

  "interval": 60
}

}
}

Thanks in advance
Vital

Testing this role on Ubuntu 16.10 x64 with redis repository left as default, I found that the PIDFile setting in files/redis_systemd.service needs to refer to redis-server.pid instead of redis.pid.

Great experience overall with the role! Thank you for sharing this.

There is one thing I would suggest. It's a great practice to prefix all the variables of the role with the role name (sensu_). The practical reason for that is that you reduce the risk of interfering with the rest of the Ansible project you are working on.

It just happened to me. I have an independent RabbitMQ server absolutely not related to Sensu, just for some application purposes. I wanted to install a separate instance of a RabbitMQ server with your role. I spent quite some time figuring out why my own RabbitMQ server gets SSL keys and restarts while I'm provisioning my servers with your role :) Finally I realized that my server has an inventory variable rabbitmq_server which causes the role to do some actions for that.

TASK [cmacrae.sensu : Stash the Sensu SSL certs/keys] **************************
fatal: [ee-sensu.ee.ic.ac.uk]: FAILED! => {"failed": true, "msg": "failed to transfer file to /etc/ansible/data/dynamic/ee-sensu.ee.ic.ac.uk/etc/sensu/ssl_generation/sensu_ssl_tool/sensu_ca/cacert.pem:\n\n/etc/sensu/ssl_generation/sensu_ssl_tool/sensu_ca/cacert.pem: No such file or directory\n"}

dynamic_data_store: /etc/ansible/data/dynamic is defined in all.yml

Not sure why i get this
FAILED! => {"changed": false, "dest": "/etc/sensu/ssl_generation/sensu_ssl_tool.tar", "failed": true, "msg": "Request failed", "response": "HTTP Error 505: HTTP Version Not Supported", "state": "absent", "status_code": 505, "url": "http://sensuapp.org/docs/0.23/files/sensu_ssl_tool.tar"}

Is it possible to run the Server and API components on different instances? From the looks of the docs, it appears the two always get deployed side-by-side.

Hi,

We are running a feasibility study for Sensu and ELK platform and we were finally able to set up Sensu after running into some minor issues., right now we can't start / restart sensu services for some reason and we've been stuck to this for a day now, So I hope you could give us some advice. We would truly appreciate your response.

Expected Behavior:
Sensu-Server will be started
Sensu-api will be started

Current Behavior:
After initializing startup, the following message is returned:

"Job for sensu-server.service failed because the control process exited with error code. See "systemctl status sensu-server.service" and "journalctl -xe" for details."

**> status sensu-server.service **

● sensu-server.service - LSB: Sensu monitoring framework server
Loaded: loaded (/etc/init.d/sensu-server; bad; vendor preset: enabled)
Active: failed (Result: exit-code) since Mon 2017-02-27 13:38:21 GMT; 11s ago
Docs: man:systemd-sysv-generator(8)
Process: 9041 ExecStop=/etc/init.d/sensu-server stop (code=exited, @@@status=0/SUCCESS)
Process: 21292 ExecStart=/etc/init.d/sensu-server start (code=exited, status=1/FAILURE)

Feb 27 13:38:20 systemd[1]: Stopped LSB: Sensu monitoring framework server.
Feb 27 13:38:20 systemd[1]: Starting LSB: Sensu monitoring framework server...
Feb 27 13:38:20 sensu-server[21292]: * Starting sensu-server
Feb 27 13:38:21 sensu-server[21292]: ...fail!
Feb 27 13:38:21 systemd[1]: sensu-server.service: Control process exited, code=exited status=1
Feb 27 13:38:21 systemd[1]: Failed to start LSB: Sensu monitoring framework server.
Feb 27 13:38:21 systemd[1]: sensu-server.service: Unit entered failed state.
Feb 27 13:38:21 systemd[1]: sensu-server.service: Failed with result 'exit-code'
(fyi, the same happens when trying to restart other sensu services)

> $ tail /var/log/sensu/sensu-client.log

{"timestamp":"2017-02-27T12:52:26.172506+0000","level":"error","message":"[amqp] Detected TCP connection failure: Errno::ECONNREFUSED"}
{"timestamp":"2017-02-27T12:52:46.173374+0000","level":"error","message":"[amqp] Detected TCP connection failure: Errno::ECONNREFUSED"}
{"timestamp":"2017-02-27T13:09:46.226619+0000","level":"error","message":"[amqp] Detected TCP connection failure: Errno::ECONNREFUSED"}
{"timestamp":"2017-02-27T13:10:06.227236+0000","level":"error","message":"[amqp] Detected TCP connection failure: Errno::ECONNREFUSED"}
{"timestamp":"2017-02-27T13:10:26.228142+0000","level":"error","message":"[amqp] Detected TCP connection failure: Errno::ECONNREFUSED"}
{"timestamp":"2017-02-27T13:10:46.229256+0000","level":"error","message":"[amqp] Detected TCP connection failure: Errno::ECONNREFUSED"}
{"timestamp":"2017-02-27T13:11:06.230354+0000","level":"error","message":"[amqp] Detected TCP connection failure: Errno::ECONNREFUSED"}
{"timestamp":"2017-02-27T13:11:26.231242+0000","level":"error","message":"[amqp] Detected TCP connection failure: Errno::ECONNREFUSED"}
{"timestamp":"2017-02-27T13:11:46.232049+0000","level":"error","message":"[amqp] Detected TCP connection failure: Errno::ECONNREFUSED"}
{"timestamp":"2017-02-27T13:12:06.233025+0000","level":"error","message":"[amqp] Detected TCP connection failure: Errno::ECONNREFUSED"}

Environment

Sensu version used: Sensu 0.27
Operating System and version (e.g. Ubuntu 14.04): Ubuntu 16.04 LTS
Transport and runtime versions (e.g. RabbitMQ 3.6.2 on Erlang 18.2): RabbitMQ 3.6.6

Hi,

When combining sensu_api_ssl with sensu_include_dashboard there is an syntax error in the generated uchiwa.json file. When enabling SSL the jinja template outputs True capitalized, which is valid python but not json.

Would you accept a pull-request with the easy fix of adding | to_nice_json on the following line?

Regards,
Wezzle

Hello

I am reading the docs at the moment and i have a question about Dynamic Check Deployment. In the readme it shows a tree list command showing several check scripts to check each of your servers. To clone this scenario do i have to manually download sensu plugins from sensu official pluging page and copy them in dynamic and static datastore ?

in defaults/main i have these lines

sensu_remote_plugins:

• graphite
• process-checks
• sensu-plugins-disk-usage

thanks

Hello
i have this problem , where the play stops because it can not copy ssl cers. Some help?

tasks/ssl_generate.yml:7
skipping: [debian3] => {"changed": false, "skip_reason": "Conditional check failed", "skipped": true}
skipping: [debian5] => {"changed": false, "skip_reason": "Conditional check failed", "skipped": true}

TASK [cmacrae.sensu : Untar the ssl_certs tarball from sensuapp.org] ***********
task path: /home/dimtheo/my-roles/cmacrae.sensu/tasks/ssl_generate.yml:17
skipping: [debian3] => {"changed": false, "skip_reason": "Conditional check failed", "skipped": true}
skipping: [debian5] => {"changed": false, "skip_reason": "Conditional check failed", "skipped": true}

TASK [cmacrae.sensu : Generate SSL certs] **************************************
task path: /home/dimtheo/my-roles/cmacrae.sensu/tasks/ssl_generate.yml:25
skipping: [debian3] => {"changed": false, "skip_reason": "Conditional check failed", "skipped": true}
skipping: [debian5] => {"changed": false, "skip_reason": "Conditional check failed", "skipped": true}

TASK [cmacrae.sensu : Stash the Sensu SSL certs/keys] **************************
task path: /home/dimtheo/my-roles/cmacrae.sensu/tasks/ssl_generate.yml:36
skipping: [debian3] => (item=sensu_ca/cacert.pem) => {"changed": false, "item": "sensu_ca/cacert.pem", "skip_reason": "Conditional check failed", "skipped": true}
skipping: [debian5] => (item=sensu_ca/cacert.pem) => {"changed": false, "item": "sensu_ca/cacert.pem", "skip_reason": "Conditional check failed", "skipped": true}
skipping: [debian5] => (item=server/cert.pem) => {"changed": false, "item": "server/cert.pem", "skip_reason": "Conditional check failed", "skipped": true}
skipping: [debian3] => (item=server/cert.pem) => {"changed": false, "item": "server/cert.pem", "skip_reason": "Conditional check failed", "skipped": true}
skipping: [debian5] => (item=server/key.pem) => {"changed": false, "item": "server/key.pem", "skip_reason": "Conditional check failed", "skipped": true}
skipping: [debian3] => (item=server/key.pem) => {"changed": false, "item": "server/key.pem", "skip_reason": "Conditional check failed", "skipped": true}
skipping: [debian5] => (item=client/cert.pem) => {"changed": false, "item": "client/cert.pem", "skip_reason": "Conditional check failed", "skipped": true}
skipping: [debian3] => (item=client/cert.pem) => {"changed": false, "item": "client/cert.pem", "skip_reason": "Conditional check failed", "skipped": true}
skipping: [debian5] => (item=client/key.pem) => {"changed": false, "item": "client/key.pem", "skip_reason": "Conditional check failed", "skipped": true}
skipping: [debian3] => (item=client/key.pem) => {"changed": false, "item": "client/key.pem", "skip_reason": "Conditional check failed", "skipped": true}

Deploy the Sensu client SSL cert/key] ********************
task path: /home/dimtheo/my-roles/cmacrae.sensu/tasks/ssl.yml:16
[DEPRECATION WARNING]: Skipping task due to undefined Error, in the future this will be a fatal error.: {{ sensu_ssl_tool_base_path }}/client/cert.pem: {{
dynamic_data_store }}/{{ groups['sensu_masters'][0] }}{{ sensu_master_config_path }}/ssl_generation/sensu_ssl_tool: {{
hostvars[groups['sensu_masters'][0]]['sensu_config_path'] | default('/etc/sensu') }}: 'dict object' has no attribute 'sensu_masters'.
This feature will be
removed in a future release. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: Skipping task due to undefined Error, in the future this will be a fatal error.: {{ sensu_ssl_tool_base_path }}/client/cert.pem: {{
dynamic_data_store }}/{{ groups['sensu_masters'][0] }}{{ sensu_master_config_path }}/ssl_generation/sensu_ssl_tool: {{
hostvars[groups['sensu_masters'][0]]['sensu_config_path'] | default('/etc/sensu') }}: 'dict object' has no attribute 'sensu_masters'.
This feature will be
removed in a future release. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
fatal: [debian3]: FAILED! => {"failed": true, "msg": "'item' is undefined"}
fatal: [debian5]: FAILED! => {"failed": true, "msg": "'item' is undefined"}