[MediaWiki-commits] [Gerrit] Adding an Icinga check for SSL certificate - change (operations/puppet)

Wed, 23 Mar 2016 11:02:24 -0700 

Gehel has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/279154

Change subject: Adding an Icinga check for SSL certificate
......................................................................

Adding an Icinga check for SSL certificate

This is based on
https://gerrit.wikimedia.org/r/#/c/244610/3/manifests/role/nova.pp
which implements a similar check.

Change-Id: I841b26396382411e660629775c99a6a9c031b011
---
M modules/elasticsearch/manifests/https.pp
1 file changed, 12 insertions(+), 2 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/54/279154/1

diff --git a/modules/elasticsearch/manifests/https.pp 
b/modules/elasticsearch/manifests/https.pp
index f948f7f..22dc7a1 100644
--- a/modules/elasticsearch/manifests/https.pp
+++ b/modules/elasticsearch/manifests/https.pp
@@ -3,9 +3,16 @@
 # This class configures HTTPS for elasticsearch
 #
 # == Parameters:
-# - ensure: self explanatory
+# [*ensure*]
+#   self explanatory
+#
+# [*certificate_name*]
+#   name that will be checked in the SSL certificate. This should match the
+#   value configured in `base::puppet::dns_alt_names`
+
 class elasticsearch::https (
-    $ensure = absent,
+    $ensure          = absent,
+    $certificate_name = 'search.svc.codfw.wmnet',
 ){
 
     class { [ 'nginx', 'nginx::ssl' ]:
@@ -24,6 +31,9 @@
     ::nginx::site { 'elasticsearch-ssl-termination':
         ensure  => $ensure,
         content => 
template('elasticsearch/nginx/es-ssl-termination.nginx.conf.erb'),
+    } -> ::monitoring::service { 'elasticsearch-https':
+        description   => 'Elasticsearch HTTPS',
+        check_command => "check_ssl_http!${certificate_name}",
     }
 
     ::ferm::service { 'elastic-https':

-- 
To view, visit https://gerrit.wikimedia.org/r/279154
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I841b26396382411e660629775c99a6a9c031b011
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Gehel <gleder...@wikimedia.org>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to