Puppet Class: profile::pmacct

Defined in:
modules/profile/manifests/pmacct.pp

Overview

Class profile::pmacct

Sets up a pmacct passive monitoring deployment (www.pmacct.net/). It can also produce statistics/data to kafka if configured.

kafka_cluster

Kafka cluster configuration to use. FIXME: The default version uses an indirect hiera call via kafka_config(), so eventually this parameter would need to be replaced with an explicit hiera call. It seems good though to explicitly isolate hiera calls in the parameters as the current Puppet coding standards suggest.

librdkafka_config

List of librdkafka configs settings specified in the format indicated by upstream: topic, settingX, valueX global, settingY, valueY

The special value [] (empty list) can be used to avoid the creation of a librdkafka configuration file and use its defaults instead.

Parameters:

  • kafka_cluster (Any) (defaults to: hiera('profile::pmacct::kafka_cluster'))
  • librdkafka_config (Any) (defaults to: hiera('profile::pmacct::librdkafka_config'))


21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# File 'modules/profile/manifests/pmacct.pp', line 21

class profile::pmacct (
    $kafka_cluster     = hiera('profile::pmacct::kafka_cluster'),
    $librdkafka_config = hiera('profile::pmacct::librdkafka_config'),
) {
    $kafka_config = kafka_config($kafka_cluster)
    $pmacct_librdkafka_conf = $librdkafka_config ? {
        []      => undef,
        default => $librdkafka_config,
    }

    ensure_resource('class', 'geoip')

    if 'global,security.protocol,SSL' in $librdkafka_config {
        $kafka_brokers = $kafka_config['brokers']['ssl_string']
    } else {
        $kafka_brokers = $kafka_config['brokers']['string']
    }

    class { '::pmacct':
        kafka_brokers     => $kafka_brokers,
        librdkafka_config => $pmacct_librdkafka_conf,
        networks          => $::network::constants::external_networks,
    }

    include ::profile::standard

    ferm::service { 'bgp':
        proto  => 'tcp',
        port   => '179',
        desc   => 'BGP',
        srange => '($NETWORK_INFRA $MGMT_NETWORKS)',
    }

    ferm::service { 'netflow':
        proto  => 'udp',
        port   => '2100',
        desc   => 'NetFlow',
        srange => '($NETWORK_INFRA $MGMT_NETWORKS)',
    }
}