On 28.01.2014 16:47, Mark Haney wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 1/28/2014 10:41 AM, Michael Friedrich wrote:
1 point for me for guessing correctly. You're reaching beer level
soon :-P
No problem there. I've got a batch of Winter Ale (which, living near
Raleigh, NC is rather appropriate right now) just about ready to
bottle. Plus, if time permits I'm brewing a stout this weekend. If
you have a preference, let me know. A six-pack is yours.
Save it for the first meetup (whenever that may happen though).
I wouldn't use -a on nrpe given its lack of security in its
current ssl implementation. Rather put those credentials directly
on the client, for instance available as environment variables
passed using the init script includes. That way they are hidden
on ps output, and users may not see them by cat'ing nrpe.cfg
either.
Okay, I don't get the '-a' part of that. But that's not a big deal at
the moment, just curious for curiousity's sake.
check_nrpe -H ... -c check_pgsql -a foo bar
would actually pass 2 additional arguments towards the nrpe daemon,
which would translate "-a foo bar" into "$ARG1$" and "$ARG2$"
internally. That's only possible with those additional command arguments
are enabled by default.
In Debian they are not as you may easily override the previous command
line options (no further details here for security matters).
Note: the nrpe implementation is not ours, and therefore its config
language is seperate from what you see in icinga 2 configuration syntax.
at some later point we will be able to ship our own agent, but that
won't happen before not all existing bugs are fixed towards the first
stable release.
Automation tools such as puppet can easily deploy such snippets
from your central configuration entity, if it exists.
FWIW, I've been rather underwhelmed by Puppet so far. CFEngine has
been a much better experience for me. (Totally off-topic.)
Religious discussion. My employer uses puppet, my previous employer used
CFEngine. I love the puppet provisioner of vagrant allowing me to easily
put demos and test vms for our (icinga 2) development.
So replace puppet with the automation tool of your choice.
- --
Mark Haney
Network Administrator/IT Support
Practichem
W:919-714-8428
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJS59ELAAoJEDgEuzPE0JQvKMUIAJMHeE+OlfoRE7/iflrzj7qO
4EBfrtnoh1q388bLvJckXFT52cPVI9zgCKo8jiJtzSH31jFVDLo1KiYg6M36JeRG
aPy5S4IBKp/tuASyt2LpgkaDE69mCdd/VgCzU+S+wfq2r0PleiBvvnUE9j9kAqDo
K9Zq9jhEK/A07in1SvQmvzni9u+dnNwe9U5t4/LLHnG4QlyRz6bleB1hEgx1hX3z
fz0W19vo6G5gQAcHAAJbSuk8RuzSBD/rh7XAH0Ty/mMxm68AsSeHx4i/dTSc7ncQ
4QG4lUSyQKAtqSqRZfUyGNj/3kHEqzKxoT7JCn6emizlRUWAbJeLPksvtFOJ5uE=
=0M7M
-----END PGP SIGNATURE-----
_______________________________________________
icinga-users mailing list
icinga-users@lists.icinga.org
https://lists.icinga.org/mailman/listinfo/icinga-users
--
DI (FH) Michael Friedrich
mail: michael.friedr...@gmail.com
twitter: https://twitter.com/dnsmichi
jabber: dnsmi...@jabber.ccc.de
irc: irc.freenode.net/icinga dnsmichi
icinga open source monitoring
position: lead core developer
url: https://www.icinga.org
_______________________________________________
icinga-users mailing list
icinga-users@lists.icinga.org
https://lists.icinga.org/mailman/listinfo/icinga-users
