MON-91 - Update inputs and add README

2018-02-19 16:52:13 +01:00 · 2018-02-19 16:52:13 +01:00 · e94ae0dcb7
commit e94ae0dcb7
parent d9605c5d98
4 changed files with 83 additions and 46 deletions
--- a/cloud/aws/vpn/README.md
+++ b/cloud/aws/vpn/README.md
@ -0,0 +1,33 @@
+AWS VPN DataDog monitors
+===============================
+
+How to use this module
+----------------------
+
+```
+module "vpn" {
+  source = "git::ssh://git@bitbucket.org/morea/terraform.feature.datadog.git//cloud/aws/vpn?ref=MON-91-added-aws-vpn-state-check"
+  
+  environment        = "${var.environment}"
+  message            = "${module.datadog-message-alerting.alerting-message}"
+  vpn_tunnel_address = "${var.vpn_to_monitor}"
+}
+```
+
+Purpose
+-------
+Creates a DataDog monitors with the following checks :
+* VPN status
+
+Inputs
+-------
+
+| Name | Description | Type | Default | Required |
+|------|-------------|:----:|:-----:|:-----:|
+| environment | Architecture Environment | string | - | yes |
+| evaluation_delay | Delay in seconds for the metric evaluation | string | `600` | no |
+| message | Message sent when an alert is triggered | string | - | yes |
+| vpn_status_critical | Both tunnels are down | string | `0` | no |
+| vpn_status_ok | Both tunnels are up, everything is ok | string | `2` | no |
+| vpn_status_warning | Only one tunnel is up | string | `1` | no |
+| vpn_tunnel_address | List the VPN tunnels you want to monitor | list | `<list>` | no |
--- a/cloud/aws/vpn/inputs.tf
+++ b/cloud/aws/vpn/inputs.tf
@ -1,19 +1,37 @@
-variable env {}
+# Global Terraform
+variable "environment" {
+  description = "Architecture Environment"
+  type        = "string"
+}

+# Global DataDog
+variable "evaluation_delay" {
+  description = "Delay in seconds for the metric evaluation"
+  default     = 600
+}
+
+variable "message" {
+  description = "Message sent when an alert is triggered"
+}
+
+# AWS VPN Service specific
 variable "vpn_tunnel_address" {
  description = "List the VPN tunnels you want to monitor"
  type        = "list"
  default     = []
 }

-variable "vpn_config" {
-  description = "Ok means that both tunnels are up, warning means only one tunnel is up and critical means that both tunnels are down "
-  type        = "map"
+variable "vpn_status_ok" {
+  description = "Both tunnels are up, everything is ok"
+  default     = 2
+}

-  default = {
-    delay    = 900
-    warning  = 1
-    critical = 0
-    ok       = 2
+variable "vpn_status_warning" {
+  description = "Only one tunnel is up"
+  default     = 1
 }
+
+variable "vpn_status_critical" {
+  description = "Both tunnels are down"
+  default     = 0
 }
--- a/cloud/aws/vpn/monitors-vpn.tf
+++ b/cloud/aws/vpn/monitors-vpn.tf
@ -1,37 +1,30 @@
-module "message" {
-  source = "../../common/alerting-message"
-  oncall_24x7 = "${var.hno_escalation_group}"
-  oncall_office_hours = "${var.ho_escalation_group}"
-}
-
 resource "datadog_monitor" "VPN_status" {
-  name    = "[${var.env}] VPN Down {{ tunnelipaddress }}"
-  message = "${module.message.alerting-message}"
+  name    = "[${var.environment}] VPN Down {{ tunnelipaddress }}"
+  message = "${var.message}"

  query = <<EOF
        avg(last_5m): (
-        avg:aws.vpn.tunnel_state{tunnelipaddress:${var.vpn_tunnel_address[0]}} by {region}
-        + avg:aws.vpn.tunnel_state{tunnelipaddress:${var.vpn_tunnel_address[1]}} by {region}
-      ) == ${var.vpn_config["critical"]}
+        avg:aws.vpn.tunnel_state{tunnelipaddress:${var.vpn_tunnel_address[0]}} by {region,name}
+        + avg:aws.vpn.tunnel_state{tunnelipaddress:${var.vpn_tunnel_address[1]}} by {region,name}
+      ) == ${var.vpn_status_critical}
  EOF

-  type = "query alert"
+  type = "metric alert"

  thresholds {
-    ok       = "${var.vpn_config["ok"]}"
-    critical = "${var.vpn_config["critical"]}"
-    warning  = "${var.vpn_config["warning"]}"
+    ok       = "${var.vpn_status_ok}"
+    warning  = "${var.vpn_status_warning}"
+    critical = "${var.vpn_status_critical}"
  }

  notify_no_data      = true
  renotify_interval   = 0
-  evaluation_delay    = "${var.vpn_config["delay"]}"
+  evaluation_delay    = "${var.evaluation_delay}"
+  new_host_delay      = "${var.evaluation_delay}"
  notify_audit        = false
  timeout_h           = 0
  include_tags        = true
-  locked              = false
-  require_full_window = true
-  new_host_delay      = "${var.vpn_config["delay"]}}"
+  require_full_window = false

-  tags = ["env: ${var.env}", "provider: aws", "resource: vpn"]
+  tags = ["env: ${var.environment}", "resource:vpn", "team:aws", "provider:aws"]
 }
--- a/inputs.tf
+++ b/inputs.tf
@ -60,8 +60,6 @@ variable "rds_cpu_threshold" {
 }

 variable "rds_mem_threshold" {
-  type = "map"
-
  default = {
    warning  = 20
    critical = 10
@ -83,8 +81,6 @@ variable "elb_config" {
 }

 variable "elb_5xx_threshold" {
-  type = "map"
-
  default = {
    warning  = 5
    critical = 10
@ -92,8 +88,6 @@ variable "elb_5xx_threshold" {
 }

 variable "elb_4xx_threshold" {
-  type = "map"
-
  default = {
    warning  = 5
    critical = 10
@ -102,7 +96,6 @@ variable "elb_4xx_threshold" {

 variable "elb_backend_latency" {
  description = "Average time elapsed after the request leaves the load balancer until a response is received. In seconds"
-  
  default = {
    warning  = 1
    critical = 5