Module: check_mk
Branch: master
Commit: 6fda98fb8cc91a507e486c84860eadf0b8b7f709
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=6fda98fb8cc91a…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Wed Apr 11 11:48:16 2018 +0200
5970 Cascading livestatus proxy is now possible
It is now possible to cascade livestatus proxy configurations. This comes in
handy to build cascaded distributed GUI (status GUI) setups.
The feature has been build for a scenario like this:
<ul>
<li>A distributed setup where you have remote sites that are not directly
reachable</li> <li>These remote sites are only reachable through a single
"location master" site</li> <li>You use the "location
masters" for
configuration of all the related sites</li> <li>The central site is only used
as central operating site (overview, reporting) and not for configuration</li>
</ul>
To get a cascading setup, configure Check_MK like this:
<ul>
<li>Location master: Create one site in "Distributed configuration" for
each
local site. Configure the connection parameters to use the Livestatus Proxy.
Set the new option to open a TCP port for this connection and insert a TCP port
that is currently not used on the local machine (e.g. 6560).</li> <li>Central
viewer site: Create one site in "Distributed configuration" for each remote
site. Configure it to use the Livestatus Proxy. Set the destination IP address
to the IP address of the "Location master" server and set the TCP port to the
port you configured for the site in the previous step.</li>
</ul>
After this you should be able to connect to your cascaded remote sites through
the Livestatus Proxy of the "Location master".
Change-Id: I28bf7940ad6ee63462fb3bd59da0c6c1727583a4
---
.werks/5970 | 37 +++++++++++++++++++++++++++++++++++
web/htdocs/wato.py | 3 ++-
web/htdocs/watolib.py | 22 +++++++++++++++++++++
web/plugins/wato/omd_configuration.py | 22 +--------------------
4 files changed, 62 insertions(+), 22 deletions(-)
diff --git a/.werks/5970 b/.werks/5970
new file mode 100644
index 0000000..7872423
--- /dev/null
+++ b/.werks/5970
@@ -0,0 +1,37 @@
+Title: Cascading livestatus proxy is now possible
+Level: 2
+Component: liveproxy
+Compatible: compat
+Edition: cee
+Version: 1.5.0b2
+Date: 1523438853
+Class: feature
+
+It is now possible to cascade livestatus proxy configurations. This comes in
+handy to build cascaded distributed GUI (status GUI) setups.
+
+The feature has been build for a scenario like this:
+
+<ul>
+<li>A distributed setup where you have remote sites that are not directly
+reachable</li> <li>These remote sites are only reachable through a single
+"location master" site</li> <li>You use the "location
masters" for
+configuration of all the related sites</li> <li>The central site is only
used
+as central operating site (overview, reporting) and not for configuration</li>
+</ul>
+
+To get a cascading setup, configure Check_MK like this:
+
+<ul>
+<li>Location master: Create one site in "Distributed configuration" for
each
+local site. Configure the connection parameters to use the Livestatus Proxy.
+Set the new option to open a TCP port for this connection and insert a TCP port
+that is currently not used on the local machine (e.g. 6560).</li>
<li>Central
+viewer site: Create one site in "Distributed configuration" for each remote
+site. Configure it to use the Livestatus Proxy. Set the destination IP address
+to the IP address of the "Location master" server and set the TCP port to the
+port you configured for the site in the previous step.</li>
+</ul>
+
+After this you should be able to connect to your cascaded remote sites through
+the Livestatus Proxy of the "Location master".
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index 1570cca..103ed30 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -17471,7 +17471,8 @@ from watolib import \
ACTest, \
ACResultCRIT, \
ACResultWARN, \
- ACResultOK
+ ACResultOK, \
+ LivestatusViaTCP
def make_action_link(vars):
diff --git a/web/htdocs/watolib.py b/web/htdocs/watolib.py
index aef3b35..f345c05 100644
--- a/web/htdocs/watolib.py
+++ b/web/htdocs/watolib.py
@@ -10024,3 +10024,25 @@ def format_config_value(value):
return format_func(value)
+class LivestatusViaTCP(Dictionary):
+ def __init__(self, **kwargs):
+ kwargs["elements"] = [
+ ("port", Integer(
+ title = _("TCP port"),
+ minvalue = 1,
+ maxvalue = 65535,
+ default_value = kwargs.get("tcp_port", 6557),
+ )),
+ ("only_from", ListOfStrings(
+ title = _("Restrict access to IP addresses"),
+ help = _("The access to Livestatus via TCP will only be allowed from
the "
+ "configured source IP addresses. You can either configure
specific "
+ "IP addresses or networks in the syntax
<tt>10.3.3.0/24</tt>."),
+
+ valuespec = IPv4Network(),
+ orientation = "horizontal",
+ allow_empty = False,
+ )),
+ ]
+ kwargs["optional_keys"] = [ "only_from" ]
+ super(LivestatusViaTCP, self).__init__(**kwargs)
diff --git a/web/plugins/wato/omd_configuration.py
b/web/plugins/wato/omd_configuration.py
index 6933ad5..6905396 100644
--- a/web/plugins/wato/omd_configuration.py
+++ b/web/plugins/wato/omd_configuration.py
@@ -83,27 +83,7 @@ register_configvar(group,
register_configvar(group,
"site_livestatus_tcp",
Optional(
- Dictionary(
- elements = [
- ("port", Integer(
- title = _("TCP port"),
- minvalue = 1,
- maxvalue = 65535,
- default_value = 6557,
- )),
- ("only_from", ListOfStrings(
- title = _("Restrict access to IP addresses"),
- help = _("The access to Livestatus via TCP will only be allowed
from the "
- "configured source IP addresses. You can either
configure specific "
- "IP addresses or networks in the syntax
<tt>10.3.3.0/24</tt>."),
-
- valuespec = IPv4Network(),
- orientation = "horizontal",
- allow_empty = False,
- )),
- ],
- optional_keys = [ "only_from" ],
- ),
+ LivestatusViaTCP(),
title = _("Access to Livestatus via TCP"),
help = _("Check_MK Livestatus usually listens only on a local UNIX socket -
"
"for reasons of performance and security. This option is used
"