From fa9a5c3b3d913ce6016a51e1d71d54cffc551b37 Mon Sep 17 00:00:00 2001 From: Ahmed Fourti Date: Thu, 30 Nov 2017 11:00:58 +0100 Subject: [PATCH 1/8] MON-91 Added VPN state check --- cloud/aws/vpn/inputs.tf | 1 + cloud/aws/vpn/monitors-vpn.tf | 36 +++++++++++++++++++++++++++++++++++ inputs.tf | 27 +++++++++++++++++++++++++- 3 files changed, 63 insertions(+), 1 deletion(-) create mode 120000 cloud/aws/vpn/inputs.tf create mode 100644 cloud/aws/vpn/monitors-vpn.tf diff --git a/cloud/aws/vpn/inputs.tf b/cloud/aws/vpn/inputs.tf new file mode 120000 index 0000000..a68ace3 --- /dev/null +++ b/cloud/aws/vpn/inputs.tf @@ -0,0 +1 @@ +../../../inputs.tf \ No newline at end of file diff --git a/cloud/aws/vpn/monitors-vpn.tf b/cloud/aws/vpn/monitors-vpn.tf new file mode 100644 index 0000000..bfa6a8f --- /dev/null +++ b/cloud/aws/vpn/monitors-vpn.tf @@ -0,0 +1,36 @@ +module "message" { + source = "../../common/alerting-message" + oncall_24x7 = "${var.hno_escalation_group}" + oncall_office_hours = "${var.ho_escalation_group}" +} + +resource "datadog_monitor" "VPN_status" { + name = "[${var.env}] VPN Down {{ tunnelipaddress }}" + message = "${module.message.alerting-message}" + + query = < Date: Mon, 19 Feb 2018 15:37:11 +0100 Subject: [PATCH 2/8] MON-91 - Update PR to follow recommandations --- cloud/aws/vpn/inputs.tf | 20 +++++++++++++++++++- cloud/aws/vpn/monitors-vpn.tf | 2 +- inputs.tf | 19 ------------------- 3 files changed, 20 insertions(+), 21 deletions(-) mode change 120000 => 100644 cloud/aws/vpn/inputs.tf diff --git a/cloud/aws/vpn/inputs.tf b/cloud/aws/vpn/inputs.tf deleted file mode 120000 index a68ace3..0000000 --- a/cloud/aws/vpn/inputs.tf +++ /dev/null @@ -1 +0,0 @@ -../../../inputs.tf \ No newline at end of file diff --git a/cloud/aws/vpn/inputs.tf b/cloud/aws/vpn/inputs.tf new file mode 100644 index 0000000..ebcbed7 --- /dev/null +++ b/cloud/aws/vpn/inputs.tf @@ -0,0 +1,19 @@ +variable env {} + +variable "vpn_tunnel_address" { + description = "List the VPN tunnels you want to monitor" + type = "list" + default = [] +} + +variable "vpn_config" { + description = "Ok means that both tunnels are up, warning means only one tunnel is up and critical means that both tunnels are down " + type = "map" + + default = { + delay = 900 + warning = 1 + critical = 0 + ok = 2 + } +} diff --git a/cloud/aws/vpn/monitors-vpn.tf b/cloud/aws/vpn/monitors-vpn.tf index bfa6a8f..e2a5492 100644 --- a/cloud/aws/vpn/monitors-vpn.tf +++ b/cloud/aws/vpn/monitors-vpn.tf @@ -24,7 +24,7 @@ resource "datadog_monitor" "VPN_status" { } notify_no_data = true - renotify_interval = 15 + renotify_interval = 0 evaluation_delay = "${var.vpn_config["delay"]}" notify_audit = false timeout_h = 0 diff --git a/inputs.tf b/inputs.tf index ac95ce7..c0e504e 100644 --- a/inputs.tf +++ b/inputs.tf @@ -109,25 +109,6 @@ variable "elb_backend_latency" { } } -## VPN -variable "vpn_tunnel_address" { - description = "List the VPN tunnels you want to monitor" - type = "list" - default = [] -} - -variable "vpn_config" { - description = "Ok means that both tunnels are up, warning means only one tunnel is up and critical means that both tunnels are down " - type = "map" - - default = { - delay = 900 - warning = 1 - critical = 0 - ok = 2 - } -} - ##apache nginx php variable "dd_nginx" { default = "disabled" From d9605c5d9849241490cfc8022e6cdcf651141f9d Mon Sep 17 00:00:00 2001 From: Alexandre Gaillet Date: Mon, 19 Feb 2018 15:40:45 +0100 Subject: [PATCH 3/8] MON-91 - Missing new_host_delay --- cloud/aws/vpn/monitors-vpn.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/cloud/aws/vpn/monitors-vpn.tf b/cloud/aws/vpn/monitors-vpn.tf index e2a5492..01b2678 100644 --- a/cloud/aws/vpn/monitors-vpn.tf +++ b/cloud/aws/vpn/monitors-vpn.tf @@ -31,6 +31,7 @@ resource "datadog_monitor" "VPN_status" { include_tags = true locked = false require_full_window = true + new_host_delay = "${var.vpn_config["delay"]}}" tags = ["env: ${var.env}", "provider: aws", "resource: vpn"] } From e94ae0dcb71e6d642ad4e23ab6cf77517e0f69d7 Mon Sep 17 00:00:00 2001 From: Alexandre Gaillet Date: Mon, 19 Feb 2018 16:52:13 +0100 Subject: [PATCH 4/8] MON-91 - Update inputs and add README --- cloud/aws/vpn/README.md | 33 +++++++++++++++++++++ cloud/aws/vpn/inputs.tf | 56 +++++++++++++++++++++++------------ cloud/aws/vpn/monitors-vpn.tf | 33 ++++++++------------- inputs.tf | 7 ----- 4 files changed, 83 insertions(+), 46 deletions(-) create mode 100644 cloud/aws/vpn/README.md diff --git a/cloud/aws/vpn/README.md b/cloud/aws/vpn/README.md new file mode 100644 index 0000000..21a545d --- /dev/null +++ b/cloud/aws/vpn/README.md @@ -0,0 +1,33 @@ +AWS VPN DataDog monitors +=============================== + +How to use this module +---------------------- + +``` +module "vpn" { + source = "git::ssh://git@bitbucket.org/morea/terraform.feature.datadog.git//cloud/aws/vpn?ref=MON-91-added-aws-vpn-state-check" + + environment = "${var.environment}" + message = "${module.datadog-message-alerting.alerting-message}" + vpn_tunnel_address = "${var.vpn_to_monitor}" +} +``` + +Purpose +------- +Creates a DataDog monitors with the following checks : +* VPN status + +Inputs +------- + +| Name | Description | Type | Default | Required | +|------|-------------|:----:|:-----:|:-----:| +| environment | Architecture Environment | string | - | yes | +| evaluation_delay | Delay in seconds for the metric evaluation | string | `600` | no | +| message | Message sent when an alert is triggered | string | - | yes | +| vpn_status_critical | Both tunnels are down | string | `0` | no | +| vpn_status_ok | Both tunnels are up, everything is ok | string | `2` | no | +| vpn_status_warning | Only one tunnel is up | string | `1` | no | +| vpn_tunnel_address | List the VPN tunnels you want to monitor | list | `` | no | diff --git a/cloud/aws/vpn/inputs.tf b/cloud/aws/vpn/inputs.tf index ebcbed7..e1e3ade 100644 --- a/cloud/aws/vpn/inputs.tf +++ b/cloud/aws/vpn/inputs.tf @@ -1,19 +1,37 @@ -variable env {} - -variable "vpn_tunnel_address" { - description = "List the VPN tunnels you want to monitor" - type = "list" - default = [] -} - -variable "vpn_config" { - description = "Ok means that both tunnels are up, warning means only one tunnel is up and critical means that both tunnels are down " - type = "map" - - default = { - delay = 900 - warning = 1 - critical = 0 - ok = 2 - } -} +# Global Terraform +variable "environment" { + description = "Architecture Environment" + type = "string" +} + +# Global DataDog +variable "evaluation_delay" { + description = "Delay in seconds for the metric evaluation" + default = 600 +} + +variable "message" { + description = "Message sent when an alert is triggered" +} + +# AWS VPN Service specific +variable "vpn_tunnel_address" { + description = "List the VPN tunnels you want to monitor" + type = "list" + default = [] +} + +variable "vpn_status_ok" { + description = "Both tunnels are up, everything is ok" + default = 2 +} + +variable "vpn_status_warning" { + description = "Only one tunnel is up" + default = 1 +} + +variable "vpn_status_critical" { + description = "Both tunnels are down" + default = 0 +} diff --git a/cloud/aws/vpn/monitors-vpn.tf b/cloud/aws/vpn/monitors-vpn.tf index 01b2678..25501be 100644 --- a/cloud/aws/vpn/monitors-vpn.tf +++ b/cloud/aws/vpn/monitors-vpn.tf @@ -1,37 +1,30 @@ -module "message" { - source = "../../common/alerting-message" - oncall_24x7 = "${var.hno_escalation_group}" - oncall_office_hours = "${var.ho_escalation_group}" -} - resource "datadog_monitor" "VPN_status" { - name = "[${var.env}] VPN Down {{ tunnelipaddress }}" - message = "${module.message.alerting-message}" + name = "[${var.environment}] VPN Down {{ tunnelipaddress }}" + message = "${var.message}" query = < Date: Tue, 20 Feb 2018 11:30:58 +0100 Subject: [PATCH 5/8] MON-91 - Update query monitor --- cloud/aws/vpn/README.md | 6 ++---- cloud/aws/vpn/inputs.tf | 24 ++++++------------------ cloud/aws/vpn/monitors-vpn.tf | 19 ++++++++++--------- 3 files changed, 18 insertions(+), 31 deletions(-) diff --git a/cloud/aws/vpn/README.md b/cloud/aws/vpn/README.md index 21a545d..4876c79 100644 --- a/cloud/aws/vpn/README.md +++ b/cloud/aws/vpn/README.md @@ -26,8 +26,6 @@ Inputs |------|-------------|:----:|:-----:|:-----:| | environment | Architecture Environment | string | - | yes | | evaluation_delay | Delay in seconds for the metric evaluation | string | `600` | no | +| filter_tags_custom | Tags used for custom filtering when filter_tags_use_defaults is false | string | `*` | no | +| filter_tags_use_defaults | Use default filter tags convention | string | `true` | no | | message | Message sent when an alert is triggered | string | - | yes | -| vpn_status_critical | Both tunnels are down | string | `0` | no | -| vpn_status_ok | Both tunnels are up, everything is ok | string | `2` | no | -| vpn_status_warning | Only one tunnel is up | string | `1` | no | -| vpn_tunnel_address | List the VPN tunnels you want to monitor | list | `` | no | diff --git a/cloud/aws/vpn/inputs.tf b/cloud/aws/vpn/inputs.tf index e1e3ade..ff336dc 100644 --- a/cloud/aws/vpn/inputs.tf +++ b/cloud/aws/vpn/inputs.tf @@ -14,24 +14,12 @@ variable "message" { description = "Message sent when an alert is triggered" } -# AWS VPN Service specific -variable "vpn_tunnel_address" { - description = "List the VPN tunnels you want to monitor" - type = "list" - default = [] +variable "filter_tags_use_defaults" { + description = "Use default filter tags convention" + default = "true" } -variable "vpn_status_ok" { - description = "Both tunnels are up, everything is ok" - default = 2 -} - -variable "vpn_status_warning" { - description = "Only one tunnel is up" - default = 1 -} - -variable "vpn_status_critical" { - description = "Both tunnels are down" - default = 0 +variable "filter_tags_custom" { + description = "Tags used for custom filtering when filter_tags_use_defaults is false" + default = "*" } diff --git a/cloud/aws/vpn/monitors-vpn.tf b/cloud/aws/vpn/monitors-vpn.tf index 25501be..cef0ef1 100644 --- a/cloud/aws/vpn/monitors-vpn.tf +++ b/cloud/aws/vpn/monitors-vpn.tf @@ -1,22 +1,23 @@ +data "template_file" "filter" { + template = "$${filter}" + + vars { + filter = "${var.filter_tags_use_defaults == "true" ? format("dd_monitoring:enabled,dd_aws_elb:enabled,env:%s", var.environment) : "${var.filter_tags_custom}"}" + } +} + resource "datadog_monitor" "VPN_status" { name = "[${var.environment}] VPN Down {{ tunnelipaddress }}" message = "${var.message}" query = < Date: Tue, 20 Feb 2018 18:10:16 +0100 Subject: [PATCH 6/8] MON-91 - Terraform fmt --- inputs.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/inputs.tf b/inputs.tf index 3571c39..7fd4b4b 100644 --- a/inputs.tf +++ b/inputs.tf @@ -96,6 +96,7 @@ variable "elb_4xx_threshold" { variable "elb_backend_latency" { description = "Average time elapsed after the request leaves the load balancer until a response is received. In seconds" + default = { warning = 1 critical = 5 From d951219c7377397c4288c895ff9d47a0f686f005 Mon Sep 17 00:00:00 2001 From: Alexandre Gaillet Date: Wed, 21 Feb 2018 15:28:20 +0100 Subject: [PATCH 7/8] MON-91 - Update monitor's name --- cloud/aws/vpn/monitors-vpn.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cloud/aws/vpn/monitors-vpn.tf b/cloud/aws/vpn/monitors-vpn.tf index cef0ef1..3a65f4d 100644 --- a/cloud/aws/vpn/monitors-vpn.tf +++ b/cloud/aws/vpn/monitors-vpn.tf @@ -7,7 +7,7 @@ data "template_file" "filter" { } resource "datadog_monitor" "VPN_status" { - name = "[${var.environment}] VPN Down {{ tunnelipaddress }}" + name = "[${var.environment}] VPN Down" message = "${var.message}" query = < Date: Thu, 22 Feb 2018 11:02:46 +0100 Subject: [PATCH 8/8] MON-91 - Fix filter tags --- cloud/aws/vpn/monitors-vpn.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cloud/aws/vpn/monitors-vpn.tf b/cloud/aws/vpn/monitors-vpn.tf index 3a65f4d..c86e01c 100644 --- a/cloud/aws/vpn/monitors-vpn.tf +++ b/cloud/aws/vpn/monitors-vpn.tf @@ -2,7 +2,7 @@ data "template_file" "filter" { template = "$${filter}" vars { - filter = "${var.filter_tags_use_defaults == "true" ? format("dd_monitoring:enabled,dd_aws_elb:enabled,env:%s", var.environment) : "${var.filter_tags_custom}"}" + filter = "${var.filter_tags_use_defaults == "true" ? format("dd_monitoring:enabled,dd_aws_vpn:enabled,env:%s", var.environment) : "${var.filter_tags_custom}"}" } }