xdr-terraform-modules/base/sensu

Sensu Setup Steps

NOTE: If you are recreating the Sensu server, don't forget to destroy the sensu-configuration first THEN destroy the instance-sensu! This will clear out the terraform state. If you forget you can use these terragrunt commands to remove the configurations from the state and then reapply them.

terragrunt state list
terragrunt state list > deleteme
for line in `cat deleteme`; do terragrunt state rm $line; done

• Run terraform in 095-instance-sensu to spin up the server and other resources
• Ensure the RPMs are located on the reposerver
• Run prep Salt states
  • salt sensu*com saltutil.sync_all
  • salt sensu*com saltutil.pillar_refresh
  • salt sensu*com state.sls os_modifications
  • salt sensu*com state.highstate
• Run Salt state sensu_master to install sensu from reposerver
  • salt sensu*com state.sls sensu_master
• Run post-installation commands as root user on Sensu server to setup the backend
  • Get the password from Vault to input
  • Init the backend sensu-backend init --interactive
  • prep to login vim sensu-password
  • Log in via sensuctl sensuctl configure -n --username 'admin' --password $( cat sensu-password ) --namespace default --url 'https://127.0.0.1:8080' --insecure-skip-tls-verify
  • Setup OIDC auth ( no TF support for this call ) sensuctl create -f /etc/sensu/conf.d/oidc-okta.yml
  • Opt-out of stats sensuctl tessen opt-out --skip-confirm
  • Apply License file ( see Sensu Notes.md )
  • Clean up password echo "" > sensu-password
  • Log out of sensuctl sensuctl logout
• Run Terraform in 096-sensu-configuration to configure the software
  • On your laptop, put the sensu password in the SENSU_PASSWORD environment var
  • export SENSU_PASSWORD='password'