tools/appsre: remove monit setup code & scripts

Since it doesn't not work since we moved workers to app-sre
2022-09-27 12:30:04 +02:00 · 2022-09-27 12:30:04 +02:00 · 5ffb9e693e
commit 5ffb9e693e
parent 420097ae63
6 changed files with 1 additions and 104 deletions
--- a/templates/packer/ansible/roles/common/files/monit_scripts/pozorbot_alert
+++ b/templates/packer/ansible/roles/common/files/monit_scripts/pozorbot_alert
@ -1,18 +0,0 @@
-#!/bin/bash
-# Send alerts to pozorbot.
-# Monit's environment variables are documented here:
-# https://mmonit.com/monit/documentation/monit.html#ENVIRONMENT
-
-# Get AWS instance profile name.
-INSTANCE_PROFILE=$(curl -Ls http://169.254.169.254/latest/meta-data/iam/security-credentials)
-
-# Determine if we should use staging/stable SQS endpoint.
-SQS_ENDPOINT=staging
-if [[ $INSTANCE_PROFILE =~ stable ]]; then
-  SQS_ENDPOINT=stable
-fi
-
-QUEUE_URL=https://queue.amazonaws.com/933752197999/image-builder-pozorbot-${SQS_ENDPOINT}
-MESSAGE="${MONIT_EVENT} for ${MONIT_SERVICE} on ${MONIT_HOST} at ${MONIT_DATE}"
-RESULT=$(aws sqs send-message --queue-url $QUEUE_URL --message-body "${MESSAGE}")
-echo $RESULT
--- a/templates/packer/ansible/roles/common/files/worker-initialization-scripts/worker_service.sh
+++ b/templates/packer/ansible/roles/common/files/worker-initialization-scripts/worker_service.sh
@ -2,10 +2,7 @@
 set -euo pipefail
 source /tmp/cloud_init_vars

-echo "Starting worker service and monit."
+echo "Starting worker service."

 # Prepare osbuild-composer's remote worker services and sockets.
 systemctl enable --now "osbuild-remote-worker@${COMPOSER_HOST}:${COMPOSER_PORT}"
-
-# Now that everything is configured, ensure monit is monitoring everything.
-systemctl enable --now monit
--- a/templates/packer/ansible/roles/common/tasks/main.yml
+++ b/templates/packer/ansible/roles/common/tasks/main.yml
@ -3,9 +3,6 @@
 # Install various software packages.
 - include_tasks: packages.yml

-# Configure monitoring.
- include_tasks: monitoring.yml
-
 # Configure worker initialization service.
 - include_tasks: worker-initialization-service.yml

--- a/templates/packer/ansible/roles/common/tasks/monitoring.yml
+++ b/templates/packer/ansible/roles/common/tasks/monitoring.yml
@ -1,22 +0,0 @@
---
-
- name: Deploy monit configuration
-  template:
-    src: monitrc.j2
-    dest: /etc/monitrc
-    mode: "0600"
-    owner: root
-    group: root
-
- name: Create directory for monit scripts
-  file:
-    path: /opt/monit
-    state: directory
-
- name: Deploy monit scripts
-  copy:
-    src: monit_scripts/pozorbot_alert
-    dest: /opt/monit/
-    mode: "0755"
-    owner: root
-    group: root
--- a/templates/packer/ansible/roles/common/tasks/packages.yml
+++ b/templates/packer/ansible/roles/common/tasks/packages.yml
@ -24,14 +24,6 @@
  # if osbuild_commit is not defined, osbuild from distribution repositories is installed
  when: osbuild_commit is defined

-# We need EPEL for monit
- name: Add EPEL
-  dnf:
-    name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
-    state: present
-    disable_gpg_check: yes
-  when: ansible_distribution == 'RedHat'
-
 - name: Upgrade all packages
  package:
    name: "*"
@ -50,7 +42,6 @@
    name:
      - jq
      - unzip
-      - monit
      - vector-0.21.2 # vector-0.22 has broken the journald source, see https://github.com/vectordotdev/vector/issues/12966
  register: result
  retries: 5
--- a/templates/packer/ansible/roles/common/templates/monitrc.j2
+++ b/templates/packer/ansible/roles/common/templates/monitrc.j2
@ -1,48 +0,0 @@
-{% set pozorbot_script = "/opt/monit/pozorbot_alert" -%}
-# Monit configuration for Image Builder in AWS.
-# Docs: https://mmonit.com/monit/documentation/monit.html
-
-# Check every 30 seconds and log to syslog.
-set daemon 30
-set log syslog
-
-# Allow access via ssh tunnel to see the monit console.
-set httpd port 2812 and
-    use address localhost
-    allow admin:monit
-
-# Verify that we're not eating all the memory on the instance.
-CHECK SYSTEM $HOST
-  if memory usage > 75%
-    for 5 cycles
-    then exec {{ pozorbot_script }}
-    else if succeeded then exec {{ pozorbot_script }}
-
-# Ensure the root filesystem isn't full.
-CHECK FILESYSTEM root PATH /
-  if space usage > 80%
-    for 5 times
-    within 15 cycles
-    then exec {{ pozorbot_script }}
-    else if succeeded then exec {{ pozorbot_script }}
-
-# Check to see if we can reach cdn.redhat.com.
-# NOTE(mhayden): We will always get a 403 here because of client certs.
-CHECK HOST rhel_cdn WITH ADDRESS cdn.redhat.com
-  if failed
-    ping
-    for 3 cycles
-    then exec {{ pozorbot_script }}
-    else if succeeded
-    for 3 cycles
-    then exec {{ pozorbot_script }}
-  if failed
-    port 443
-    protocol https
-    status = 403
-    with ssl options { CACERTIFICATEFILE: /etc/rhsm/ca/redhat-uep.pem }
-    for 3 cycles
-    then exec {{ pozorbot_script }}
-    else if succeeded
-    for 3 cycles
-    then exec {{ pozorbot_script }}