mag/checkmk_deploy_agent
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
checkmk_deploy_agent/tasks/Linux.yml

318 lines
13 KiB
YAML
Raw Normal View History

Upload files to "tasks"
2025-12-01 11:50:28 +01:00
---
- name: "{{ ansible_system }}: Get installed packages using native commands (RedHat)."
become: true
ansible.builtin.shell: rpm -qa --qf '%{NAME}\n'
register: __checkmk_agent_rpm_packages
changed_when: false
when: ansible_os_family == "RedHat"
no_log: true
tags:
- get-package-facts
- name: "{{ ansible_system }}: Get installed packages using native commands (Debian)."
become: true
ansible.builtin.shell: dpkg-query -W -f='${Package}\n'
register: __checkmk_agent_deb_packages
changed_when: false
when: ansible_os_family == "Debian"
no_log: true
tags:
- get-package-facts
- name: "{{ ansible_system }}: Create simple package list from RPM output."
ansible.builtin.set_fact:
__checkmk_agent_installed_packages: "{{ __checkmk_agent_rpm_packages.stdout_lines }}"
when: ansible_os_family == "RedHat" and __checkmk_agent_rpm_packages is defined
tags:
- get-package-facts
- name: "{{ ansible_system }}: Create simple package list from DEB output."
ansible.builtin.set_fact:
__checkmk_agent_installed_packages: "{{ __checkmk_agent_deb_packages.stdout_lines }}"
when: ansible_os_family == "Debian" and __checkmk_agent_deb_packages is defined
tags:
- get-package-facts
- name: "{{ ansible_system }}: Populate service facts."
ansible.builtin.service_facts:
- name: "{{ ansible_system }}: Check if systemd version requires xinetd."
become: true
ansible.builtin.shell: |
if command -v rpm >/dev/null 2>&1; then
rpm -q systemd --qf '%{VERSION}\n' | head -n1
elif command -v dpkg-query >/dev/null 2>&1; then
dpkg-query -W -f='${Version}\n' systemd | cut -d- -f1
else
systemctl --version | head -n1 | awk '{print $2}'
fi
register: __checkmk_agent_systemd_version
changed_when: false
failed_when: false
when: checkmk_agent_prep_legacy | bool
tags:
- check-systemd
- name: "{{ ansible_system }}: Run Legacy agent tasks."
block:
- name: "{{ ansible_system }}: Install xinetd"
become: true
ansible.builtin.package:
name: xinetd
state: present
tags:
- install-package
- install-prerequisites
- name: "{{ ansible_system }}: Enable xinetd"
become: true
ansible.builtin.service:
name: xinetd
state: started
enabled: true
tags:
- enable-xinetd
when: |
checkmk_agent_prep_legacy | bool
and __checkmk_agent_systemd_version is defined
and __checkmk_agent_systemd_version.stdout is defined
and __checkmk_agent_systemd_version.stdout | int < 220
- name: "{{ ansible_system }}: Download Vanilla agent."
ansible.builtin.get_url:
url: "{{ __checkmk_agent_agent.url.cre }}"
validate_certs: "{{ checkmk_agent_server_validate_certs | bool }}"
dest: "{{ __checkmk_agent_agent.file.cre }}"
mode: '0640'
timeout: "{{ checkmk_agent_download_timeout | default(omit) }}"
when: checkmk_agent_edition | lower == "cre"
register: __checkmk_agent_download_state
retries: 3
delay: 10
until: "not __checkmk_agent_download_state.failed | bool"
delegate_to: "{{ checkmk_agent_delegate_download }}"
tags:
- download-package
- name: "{{ ansible_os_family }}: Run OS Family specific tasks."
ansible.builtin.include_tasks: "{{ ansible_os_family }}.yml"
tags:
- include-os-family-tasks
- name: "{{ ansible_system }}: Create host on server."
checkmk.general.host:
server_url: "{{ checkmk_agent_server_protocol }}://{{ checkmk_agent_server }}:{{ checkmk_agent_server_port }}/"
site: "{{ checkmk_agent_site }}"
validate_certs: "{{ checkmk_agent_server_validate_certs | bool }}"
automation_user: "{{ checkmk_agent_user }}"
automation_secret: "{{ __checkmk_agent_auth }}"
folder: "{{ checkmk_agent_folder | default(omit) }}"
name: "{{ checkmk_agent_host_name }}"
attributes: "{{ checkmk_agent_host_attributes }}"
state: "present"
become: false
register: __checkmk_agent_create_result
failed_when: |
(__checkmk_agent_create_result.failed == true) and
("The host is already part of the specified target folder" not in __checkmk_agent_create_result.msg)
delegate_to: "{{ checkmk_agent_delegate_api_calls }}"
when: checkmk_agent_add_host | bool
notify: "Activate changes"
# ============================================================
# HIER IST DIE ÄNDERUNG! Diese Zeile wurde geändert:
# VORHER: when: __checkmk_agent_create_result.changed | bool
# JETZT: when: checkmk_agent_add_host | bool
# ============================================================
- name: "Ensure registration readyness." # noqa no-handler
when: checkmk_agent_add_host | bool
block:
- name: "Trigger activation of changes."
ansible.builtin.meta: flush_handlers
- name: "{{ ansible_system }}: Check for Agent Updater Binary."
ansible.builtin.stat:
path: /usr/bin/cmk-update-agent
register: __checkmk_agent_updater_binary
- name: "{{ ansible_system }}: Check for Agent Controller Binary."
ansible.builtin.stat:
path: /usr/bin/cmk-agent-ctl
register: __checkmk_agent_controller_binary
- name: "{{ ansible_system }}: Override binary checks for unsupported architectures."
ansible.builtin.set_fact:
__checkmk_agent_updater_binary:
stat:
exists: false
__checkmk_agent_controller_binary:
stat:
exists: false
when: ansible_architecture not in ['x86_64', 'aarch64']
- name: "{{ ansible_system }}: Read Updater State."
become: true
ansible.builtin.command: cat /var/lib/check_mk_agent/cache/plugins_cmk-update-agent.cache
register: __checkmk_agent_updater_state
changed_when: false
failed_when: |
not __checkmk_agent_updater_state.rc == 0
and not __checkmk_agent_updater_state.rc == 1
- name: "{{ ansible_system }}: Read Agent Controller State."
become: true
ansible.builtin.command: cat /var/lib/cmk-agent/registered_connections.json
register: __checkmk_agent_registered_connections
changed_when: false
failed_when: |
not __checkmk_agent_registered_connections.rc == 0
and not __checkmk_agent_registered_connections.rc == 1
- name: "{{ ansible_system }}: Register Agent for automatic Updates using User Password."
become: true
ansible.builtin.shell: |
cmk-update-agent register -H {{ checkmk_agent_host_name }} \
-s {{ checkmk_agent_registration_server }} -i {{ checkmk_agent_registration_site }} -p {{ checkmk_agent_registration_server_protocol }} \
-U {{ checkmk_agent_user }} -P {{ __checkmk_agent_auth | ansible.builtin.quote }}
no_log: "{{ checkmk_agent_no_log | bool }}"
register: __checkmk_agent_update_state
when: |
checkmk_agent_edition | lower != "cre"
and __checkmk_agent_updater_binary.stat.exists | bool
and checkmk_agent_update | bool
and (checkmk_agent_pass is defined and checkmk_agent_pass | length)
and (checkmk_agent_secret is not defined)
and not (
(checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_updater_state.stdout)
and ('"error": null' in __checkmk_agent_updater_state.stdout)
)
changed_when: "'Successfully registered agent of host' in __checkmk_agent_update_state.stderr"
- name: "{{ ansible_system }}: Register Agent for automatic Updates using Automation Secret."
become: true
ansible.builtin.shell: |
cmk-update-agent register -H {{ checkmk_agent_host_name }} \
-s {{ checkmk_agent_registration_server }} -i {{ checkmk_agent_registration_site }} -p {{ checkmk_agent_registration_server_protocol }} \
-U {{ checkmk_agent_user }} -S {{ __checkmk_agent_auth | ansible.builtin.quote }}
no_log: "{{ checkmk_agent_no_log | bool }}"
register: __checkmk_agent_update_state
when: |
checkmk_agent_edition | lower != "cre"
and __checkmk_agent_updater_binary.stat.exists | bool
and checkmk_agent_update | bool
and (checkmk_agent_secret is defined and checkmk_agent_secret | length)
and not (
(checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_updater_state.stdout)
and ('"error": null' in __checkmk_agent_updater_state.stdout)
)
changed_when: "'Successfully registered agent of host' in __checkmk_agent_update_state.stderr"
- name: "{{ ansible_system }}: Register Agent for TLS directly."
become: true
ansible.builtin.shell: |
cmk-agent-ctl register -H {{ checkmk_agent_host_name }} \
-s {{ checkmk_agent_registration_server }} -i {{ checkmk_agent_registration_site }} \
-U {{ checkmk_agent_user }} -P {{ __checkmk_agent_auth }} --trust-cert
no_log: "{{ checkmk_agent_no_log | bool }}"
register: __checkmk_agent_tls_state
retries: 3
delay: 5
until: __checkmk_agent_tls_state.rc == 0
failed_when: false
when: |
__checkmk_agent_controller_binary.stat.exists | bool
and checkmk_agent_tls | bool
changed_when: "'Registration complete' in __checkmk_agent_tls_state.stdout"
- name: "{{ ansible_system }}: Log registration failure details."
ansible.builtin.debug:
msg: |
========================================
REGISTRATION FAILED AFTER 3 RETRIES
========================================
Host: {{ checkmk_agent_host_name }}
Server: {{ checkmk_agent_registration_server }}
Site: {{ checkmk_agent_registration_site }}
Return Code: {{ __checkmk_agent_tls_state.rc | default('N/A') }}
STDOUT:
{{ __checkmk_agent_tls_state.stdout | default('No output') }}
STDERR:
{{ __checkmk_agent_tls_state.stderr | default('No errors') }}
Possible causes:
- Agent receiver service not running on monitoring server
- Network connectivity issues (firewall, routing)
- Authentication failed (check username/password)
- Host not created in CheckMK yet
- TLS certificate issues
- Timing issue (agent controller not fully started)
Troubleshooting steps:
1. Check agent receiver logs on monitoring server
2. Verify host exists in CheckMK: Setup -> Hosts
3. Test connection: curl -k https://{{ checkmk_agent_registration_server }}:8000/{{ checkmk_agent_registration_site }}/agent-receiver/register_existing
4. Check cmk-agent-ctl status on this host
========================================
when: |
__checkmk_agent_tls_state is defined
and __checkmk_agent_tls_state.rc is defined
and __checkmk_agent_tls_state.rc != 0
- name: "{{ ansible_system }}: Create temporary proxy-register file."
become: true
ansible.builtin.copy:
dest: "{{ __checkmk_agent_host_tmp_dir }}/checkmk-import"
mode: u=r,g=,o=
owner: cmk-agent
group: cmk-agent
content: "{{ __checkmk_agent_proxy_registration_state.stdout }}"
no_log: "{{ checkmk_agent_no_log | bool }}"
when: |
__checkmk_agent_controller_binary.stat.exists | bool
and checkmk_agent_tls | bool
and checkmk_agent_delegate_registration | bool
and (__checkmk_agent_auth is defined and __checkmk_agent_auth | length)
and not checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_registered_connections.stdout
and __checkmk_agent_proxy_registration_state is defined
- name: "{{ ansible_system }}: Import proxy-register file."
become: true
ansible.builtin.command: "cmk-agent-ctl import {{ __checkmk_agent_host_tmp_dir }}/checkmk-import"
no_log: "{{ checkmk_agent_no_log | bool }}"
register: __checkmk_agent_import_result
when: |
__checkmk_agent_controller_binary.stat.exists | bool
and checkmk_agent_tls | bool
and checkmk_agent_delegate_registration | bool
and (__checkmk_agent_auth is defined and __checkmk_agent_auth | length)
and not checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_registered_connections.stdout
and __checkmk_agent_proxy_registration_state is defined
changed_when: __checkmk_agent_import_result.rc == 0
- name: "{{ ansible_system }}: Clean-up proxy-register temporary file."
become: true
ansible.builtin.file:
path: "{{ __checkmk_agent_host_tmp_dir }}/checkmk-import"
state: absent
no_log: "{{ checkmk_agent_no_log | bool }}"
when: |
__checkmk_agent_controller_binary.stat.exists | bool
and checkmk_agent_tls | bool
and checkmk_agent_delegate_registration | bool
and (__checkmk_agent_auth is defined and __checkmk_agent_auth | length)
and not checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_registered_connections.stdout
and __checkmk_agent_proxy_registration_state is defined
- name: "{{ ansible_system }}: Verify Checkmk Agent Port is open."
ansible.builtin.wait_for:
port: "{{ checkmk_agent_port }}"
timeout: 60
when: checkmk_agent_mode == 'pull'
- name: "{{ ansible_system }}: Initial push of data for push agent" # noqa no-changed-when
become: true
ansible.builtin.command: cmk-agent-ctl push
when: checkmk_agent_mode == 'push'
Reference in a new issue Copy permalink