Wrapping MCollective with Nagios
I’ve been doing a little tinkering with pre/post release checklists and compliance reporting using cucumber and some Nagios wrapping (among other things) in my test lab and recently needed to do some higher level entire environment checks before moving on to the next step. While it’s possible to wrap something like nmaps ping check and then Nagios each target it does feel like stepping back a few years in the tool chain.
Luckily I’m running MCollective, so all this synchronous discovery and polling is in my past. After a little bit of delving in to the existing package and service clients I’ve come up with a prototype environment wide MCollective backed service check and an MCollective backed package check.
I’m not sure if I’d be willing to replace existing low level checks (for things like cron and ssh processes) with this just yet but it does show how easy it is to wrap MCollective with third party code in order reap its benefits from further down the tool chain. With a little scaffolding hopefully it’ll be useful in validating individual policies in security policies and guidelines. But more about that later.
Phase two is probably to pull the scripts together (and just use another parameter to select the resource to check) and to be green or red based on percentage. As an example, requiring 40% of the web servers to be returning 200 before starting the next batch of host upgrades.