packer/monit: remove verify_worker_connection

This is currently not working because workers in aoc no longer use mTLS. Definitely something we want to fix in the future I think. Signed-off-by: Ondřej Budai <ondrej@budai.cz>
2021-11-25 19:55:37 +01:00 · 2021-11-25 19:55:37 +01:00 · 15c46544b6
commit 15c46544b6
parent cc81e919ca
3 changed files with 1 additions and 42 deletions
--- a/templates/packer/ansible/roles/common/files/monit_scripts/verify_worker_connection
+++ b/templates/packer/ansible/roles/common/files/monit_scripts/verify_worker_connection
@ -1,28 +0,0 @@
-#!/bin/bash
-# Verifies that a composer worker can reach its composer server.
-
-# Get the hostname of the composer instance.
-COMPOSER_HOST=$(grep -Eo "[a-z0-9\.]+.composer.[a-z0-9\.]+" /etc/hosts)
-
-# Exit now if this is not a worker.
-if [[ -z "${COMPOSER_HOST}" ]]; then
-  echo "Not a worker. Skipping check."
-  exit 2
-fi
-
-# Test a connection to composer.
-CONNECTION_TEST=$(
-  curl -s --connect-timeout 5 \
-    --cert /etc/osbuild-composer/worker-crt.pem \
-    --key /etc/osbuild-composer/worker-key.pem \
-    --cacert /etc/osbuild-composer/ca-crt.pem \
-    https://${COMPOSER_HOST}:8700/api/worker/v1/status
-)
-
-if [[ $CONNECTION_TEST =~ OK ]]; then
-  echo "Connection to ${COMPOSER_HOST} succeeded."
-  exit 0
-fi
-
-echo "Connection to ${COMPOSER_HOST} failed."
-exit 1
--- a/templates/packer/ansible/roles/common/tasks/monitoring.yml
+++ b/templates/packer/ansible/roles/common/tasks/monitoring.yml
@ -15,11 +15,8 @@

 - name: Deploy monit scripts
  copy:
-    src: "monit_scripts/{{ item }}"
+    src: monit_scripts/pozorbot_alert
    dest: /opt/monit/
    mode: "0755"
    owner: root
    group: root
-  loop:
-    - pozorbot_alert
-    - verify_worker_connection
--- a/templates/packer/ansible/roles/common/templates/monitrc.j2
+++ b/templates/packer/ansible/roles/common/templates/monitrc.j2
@ -48,13 +48,3 @@ CHECK HOST rhel_cdn WITH ADDRESS cdn.redhat.com
    with ssl options { CACERTIFICATEFILE: /etc/rhsm/ca/redhat-uep.pem }
    then exec {{ pozorbot_script }}
    else if succeeded then exec {{ pozorbot_script }}
-
-# Check for a valid connection to a composer server (valid for workers only).
-CHECK PROGRAM verify_worker_connection WITH PATH /opt/monit/verify_worker_connection
-  # A worker can't talk to its composer.
-  if status == 1
-    then exec {{ pozorbot_script }}
-    else if succeeded then exec {{ pozorbot_script }}
-  # This is not a worker.
-  if status == 2
-    then UNMONITOR