RT Trouble Ticket Plugin

From OpenNMS
Jump to navigation Jump to search

What

OpenNMS 1.6.2 introduces support for Best Practical's RT (Request Tracker) in the trouble ticketing API. This document explains how to accomplish a basic configuration and circumvent a problem that is likely to crop up in a number of environments.

Note: This functionality comes "built-in" as part of the opennms-core package.

RT's Web Interface via SSL with a self-signed certificate

If your RT instance happens to be accessible only via secure HTTP and is using a self-signed certificate, you will run into these sorts of problems:

2009-01-16 09:57:01,351 ERROR [OpenNMS.TroubleTicketer] RtTicketerPlugin: IO 
exception attempting to logon to RT: sun.security.validator.ValidatorException: 
PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid 
certification path to requested target
2009-01-16 09:57:01,351 ERROR [OpenNMS.TroubleTicketer] RtTicketerPlugin: Failed 
to create or update RT
ticketorg.opennms.api.integration.ticketing.PluginException: Received no ticket 
number from RT
2009-01-16 09:57:01,351 ERROR [OpenNMS.TroubleTicketer] 
DefaultTicketerServiceLayer: Unable to create ticket for alarm: Failed to create 
or update RT ticket

A solution to this is to generate a new keystore that includes the certificate from your RT instance. I did this using code available at this blog https://github.com/escline/InstallCert. Download the code and have a look at it to ensure you don't have security concerns. Then assuming you have the JDK,

Compile:

javac InstallCert.java

Execute:

java -cp . InstallCert your.rthost.com

Verify the details to ensure this is the certificate you want to trust. If so, send a carriage return at the [1] prompt:

Enter certificate to add to trusted keystore or 'q' to quit: [1]

If all goes well, you will end up with a new file called jssecacerts:

ls -al jssecacerts
-rw-r--r-- 1 root root 50571 2009-01-16 14:49 jssecacerts

This should be moved to $JAVA_HOME/jre/lib/security or your local equivalent.

OpenNMS should now accept the certificate.

Create an RT user for OpenNMS

There will need to be a valid user with the appropriate Rights to create and manipulate tickets in the queue you intend to use with OpenNMS. ('OpenNMS' isn't a bad username!). The OpenNMS user should have at least the following Rights for the queue configured (this list may be wrong):

CreateTicket
DeleteTicket (needed only if opennms must be able to set a ticket status to "deleted")
ModifyTicket
ShowTicket
SeeQueue

Depending on how you configure the status options for the RtTicketerPlugin, you may need additional Rights.

Configure $OPENNMS_HOME/etc/rt.properties

Modify $OPENNMS_HOME/etc/rt.properties with the desired parameters. A brief explanation of the options that ship with 1.6.2:

rt.baseURL=

This is the URL of your RT instance's web interface (i.e., http://rt.yoursite.net, https://rt.yoursite.net).

rt.username=

This is a valid username in your RT instance. It seems sensible to create a new user to be used only by OpenNMS.

rt.password=

The password for the above username in your RT instance.

rt.queue=

The queue in RT that OpenNMS will use for ticket creation.

rt.requestor=

This assigns the Requestor E-mail address in RT. It seems sensible to use the E-mail address supplied for the user that OpenNMS will be using.

rt.validopenstatus=

When you view an Alarm in OpenNMS, a ticket will be displayed as 'OPEN' if it has a status listed here. Example: "new,open". The status must match a legitimate status in RT.

rt.validclosedstatus=

When you view an Alarm in OpenNMS, a ticket will be displayed as 'CLOSED' if it has a status listed here. Example "resolved". The status must match a legitimate status in RT.

rt.validcancelledstatus=

When you view an Alarm in OpenNMS, a ticket will be displayed as 'CANCELLED' if it has a status listed here. Example "rejected". The status must match a legitimate status in RT.

rt.openstatus=

The status that OpenNMS will use for tickets it creates. Example: "new". The status must match a legitimate status in RT.

rt.closedstatus=

The status that OpenNMS will set tickets it "closes" to. Example: "resolved". The status must match a legitimate status in RT.

rt.cancelledstatus=

The status that OpenNMS will set tickets it "cancels" to. Example: "rejected". The status must match a legitimate status in RT.

rt.timeout=

How long OpenNMS will wait for RT's web interface to respond.

rt.retry=

How many times OpenNMS should retry if it fails to reach the RT web interface.

Example configuration:

rt.baseURL=https://rt.yoursite.net
rt.username=OpenNMS
rt.password=0p3nnm5
rt.queue=NetworkMonitoring
rt.requestor=opennms@yoursite.net
rt.validopenstatus=new,open
rt.validclosedstatus=resolved
rt.validcancelledstatus=rejected,deleted
rt.openstatus=new
rt.closedstatus=resolved
rt.cancelledstatus=deleted
rt.timeout=6000
rt.retry=0

Configure $OPENNMS_HOME/etc/opennms.properties

Activate the appropriate ticketing plugin with the desired settings in $OPENNMS_HOME/etc/opennms.properties:

opennms.ticketer.plugin=org.opennms.netmgt.ticketer.rt.RtTicketerPlugin
# The above line should replace the NullTicketerPlugin.
opennms.alarmTroubleTicketEnabled = true
opennms.alarmTroubleTicketLinkTemplate = <a href="https://rt.yoursite.net/Ticket/Display.html?id=${id}">${id}</a>

Configure the WebUI to actually show the buttons in $OPENNMS_HOME/etc/opennms.properties:

opennms.alarmTroubleTicketEnabled = true
opennms.alarmTroubleTicketLinkTemplate = <a href="http://your_rt_server/rt/Ticket/Display.html?id=${id}">${id}</a>

Enable changes in vacuumd-configuration.xml

In version 1.8.0 and later, you may wish to enable the automattions in vacuumd-configuration.xml. This will allow automatic creation and closing of tickets.

Change the following:

   <automation name="createTickets" interval="30000" active="false" 
               trigger-name="selectNullTicketStateAlarms" 
               action-name="acknowledgeAlarm" 
               action-event="createTicket" />
   <automation name="createCriticalTicket" interval="30000" active="false" 
               trigger-name="selectCritialOpenAlarms" 
               action-name="acknowledgeAlarm" 
               action-event="createTicket" />
   <automation name="updateTickets" interval="15000" active="false"
               trigger-name="selectNotNullTicketStateAlarms" 
               action-name="updateAutomationTime" 
               action-event="updateTicket" />
   <automation name="closeClearedAlarmTickets" interval="60000" active="false" 
               trigger-name="selectClearedAlarmWithOpenTicketState" 
               action-name="updateAutomationTime" 
               action-event="closeTicket" />
   <automation name="clearAlarmsForClosedTickets" interval="60000" active="false" 
               trigger-name="selectClosedTicketStateForProblemAlarms" 
               action-name="clearClosedTicketAlarms" />
   <automation name="cleanUpRpStatusChanges" interval="600000" active="false" 
               action-name="cleanUpRpStatusChanges" />

To:


   <automation name="createTickets" interval="30000" active="true" 
               trigger-name="selectNullTicketStateAlarms" 
               action-name="acknowledgeAlarm" 
               action-event="createTicket" />
   <automation name="createCriticalTicket" interval="30000" active="true" 
               trigger-name="selectCritialOpenAlarms" 
               action-name="acknowledgeAlarm" 
               action-event="createTicket" />
   <automation name="updateTickets" interval="15000" active="true"
               trigger-name="selectNotNullTicketStateAlarms" 
               action-name="updateAutomationTime" 
               action-event="updateTicket" />
   <automation name="closeClearedAlarmTickets" interval="60000" active="true" 
               trigger-name="selectClearedAlarmWithOpenTicketState" 
               action-name="updateAutomationTime" 
               action-event="closeTicket" />
   <automation name="clearAlarmsForClosedTickets" interval="60000" active="true" 
               trigger-name="selectClosedTicketStateForProblemAlarms" 
               action-name="clearClosedTicketAlarms" />
   <automation name="cleanUpRpStatusChanges" interval="600000" active="true" 
               action-name="cleanUpRpStatusChanges" />


Restart OpenNMS

After you restart OpenNMS, the ticketing plugin should be working.