munin-formula/README.rst

munin
=====
``munin`` is a monioring application with a master/node architecture. The master periodically connects to each node and collects information from it. The nodes each run a ``munin-node`` service that listens for these connections.

States
======
``munin.master``
    Installs the munin master package. The master runs as a cronjob, not a service. The distro packages normally automatically create those.
``munin.master.config`` (includes ``munin.master``)
    Generates a config file for the munin master based on pillar data.
``munin.node``
    Installs the munin node package and enables the node service.
``munin.node.config`` (includes ``munin.node``)
    Generates a config file for the munin node based on pillar data.
``munin.tls``
    Installs the Perl package Net::SSLEay so munin can use TLS.
    
    Also, if the private key, certificate, or CA certificate are specified (as in ``pillar.example``), then the appropriate files are created. Note that it is up to the user to correctly specify the location of these files in their master and node config files.

Configuration
=============
The ``pillar.example`` has example pillar data for both the master and node, though ``munin.master.config`` only uses data from ``munin_master`` and ``munin.node.config`` only uses data from ``munin_node``.

Master Config
-------------
Consult http://munin-monitoring.org/wiki/munin.conf and ``man munin.conf`` for the full list of directives.

Node Config
-----------
Consult http://munin-monitoring.org/wiki/munin-node.conf and ``man munin-node.conf`` for the full list of directives.

For node configuration directives that allow repetition (ie: ``ignore_files``), make ``pillar['munin_node']['ignore_files']`` a list of values (see ``pillar.example`` for an example of this).

TLS
---
Consult http://munin-monitoring.org/wiki/MuninConfigurationNetworkTLS.

Instructions for the non-paraonid TLS setup:

1. Generate a private key. For this example, we create a 1024-bit key: ``openssl genrsa -out private.pem 1024``
#. Create a Certificate Signing Reqest: ``openssl req -new -key private.pem -out request.csr``
#. Generate a self-signed certificate: ``openssl x509 -req -in request.csr -signkey private.pem -out certificate.crt``
#. Inline the contents of ``private.pem`` into ``pillar['munin_tls']['private_key']``.
#. Inline the contents of ``certificate.crt`` into ``pillar['munin_tls']['certificate_pem']``.
#. Optional: delete the ``private.pem``, ``request.csr``, and ``certificate.crt`` files you generated. They aren't really needed now that you've inlined the important stuff into pillar.
#. Update your munin config to enable TLS and also to point to the salt-managed PEM files. The default paths where this salt formula puts the PEM files are specified in ``munin/map.jinja``
Updated README with states and configuration 2014-01-05 20:47:06 -05:00			`munin`
			`=====`
			``munin`` is a monioring application with a master/node architecture. The master periodically connects to each node and collects information from it. The nodes each run a ``munin-node`` service that listens for these connections.
Initial commit 2014-01-05 00:15:31 -05:00
Updated README with states and configuration 2014-01-05 20:47:06 -05:00			`States`
			`======`
			``munin.master``
			`Installs the munin master package. The master runs as a cronjob, not a service. The distro packages normally automatically create those.`
			``munin.master.config`` (includes ``munin.master``)
			`Generates a config file for the munin master based on pillar data.`
			``munin.node``
			`Installs the munin node package and enables the node service.`
			``munin.node.config`` (includes ``munin.node``)
			`Generates a config file for the munin node based on pillar data.`
added munin.tls state to install Perl Net::SSLEay package 2014-01-06 01:34:51 -05:00			``munin.tls``
			`Installs the Perl package Net::SSLEay so munin can use TLS.`
Added TLS instructions to README 2014-01-06 20:56:55 -05:00
create private, certificate, and CA certificate files in munin.tls 2014-01-06 20:38:14 -05:00			Also, if the private key, certificate, or CA certificate are specified (as in ``pillar.example``), then the appropriate files are created. Note that it is up to the user to correctly specify the location of these files in their master and node config files.
Updated README with states and configuration 2014-01-05 20:47:06 -05:00
			`Configuration`
			`=============`
			The ``pillar.example`` has example pillar data for both the master and node, though ``munin.master.config`` only uses data from ``munin_master`` and ``munin.node.config`` only uses data from ``munin_node``.

			`Master Config`
			`-------------`
			Consult http://munin-monitoring.org/wiki/munin.conf and ``man munin.conf`` for the full list of directives.

			`Node Config`
			`-----------`
			Consult http://munin-monitoring.org/wiki/munin-node.conf and ``man munin-node.conf`` for the full list of directives.

			For node configuration directives that allow repetition (ie: ``ignore_files``), make ``pillar['munin_node']['ignore_files']`` a list of values (see ``pillar.example`` for an example of this).
Added TLS instructions to README 2014-01-06 20:56:55 -05:00
			`TLS`
			`---`
			`Consult http://munin-monitoring.org/wiki/MuninConfigurationNetworkTLS.`

			`Instructions for the non-paraonid TLS setup:`

			1. Generate a private key. For this example, we create a 1024-bit key: ``openssl genrsa -out private.pem 1024``
			#. Create a Certificate Signing Reqest: ``openssl req -new -key private.pem -out request.csr``
			#. Generate a self-signed certificate: ``openssl x509 -req -in request.csr -signkey private.pem -out certificate.crt``
			#. Inline the contents of ``private.pem`` into ``pillar['munin_tls']['private_key']``.
			#. Inline the contents of ``certificate.crt`` into ``pillar['munin_tls']['certificate_pem']``.
			#. Optional: delete the ``private.pem``, ``request.csr``, and ``certificate.crt`` files you generated. They aren't really needed now that you've inlined the important stuff into pillar.
			#. Update your munin config to enable TLS and also to point to the salt-managed PEM files. The default paths where this salt formula puts the PEM files are specified in ``munin/map.jinja``