admin:procedures:satellite_icinga2
Ceci est une ancienne révision du document !
Table des matières
En cours d'expérimentation ; ne pas se lancer dedans aujourd'hui. Il y a des morceaux de conf bottom-up alors que icinga2 se dirige vers du top-down.
Installer un client (Satellite) Icinga2
Les satellites Icinga sont des genres d'esclaves qui (dans notre cas) reçoivent leur configuration du maître (icinga2.cluster.chapril.org ; fqdn public icinga2.chapril.org).
On suppose le maître installé, fonctionnel, et écoutant sur le port 5665.
Installation de Icinga2
=(^-^)=root@bling:~# apt install icinga2 monitoring-plugins
Comment ça, c'est tout ? ^^
Configuration du satellite
On génère un jeton sur le master :
[root@icinga2:~# icinga2 pki ticket --cn bling.cluster.chapril.org deadbeefdeadbeefdeadbeefdeadbeef
On le met de coté pour plus tard et on repasse coté satellite.
=(^-^)=root@bling:~# icinga2 node wizard Welcome to the Icinga 2 Setup Wizard! We'll guide you through all required configuration details. Please specify if this is a satellite setup ('n' installs a master setup) [Y/n]: Y Starting the Node setup routine... Please specify the common name (CN) [bling.cluster.chapril.org]: Please specify the master endpoint(s) this node should connect to: Master Common Name (CN from your master setup): icinga2.cluster.chapril.org Do you want to establish a connection to the master from this node? [Y/n]: Y Please fill out the master connection information: Master endpoint host (Your master's IP address or FQDN): icinga2.chapril.org Master endpoint port [5665]: Add more master endpoints? [y/N]: N Please specify the master connection for CSR auto-signing (defaults to master endpoint host): Host [icinga2.chapril.org]: Port [5665]: information/base: Writing private key to '/etc/icinga2/pki/bling.cluster.chapril.org.key'. information/base: Writing X509 certificate to '/etc/icinga2/pki/bling.cluster.chapril.org.crt'. information/cli: Fetching public certificate from master (icinga2.chapril.org, 5665): Certificate information: Subject: CN = icinga2.cluster.chapril.org Issuer: CN = Icinga CA Valid From: Jun 5 13:26:09 2017 GMT Valid Until: Jun 1 13:26:09 2032 GMT Fingerprint: DE AD BE EF DE AD BE EF DE AD BE EF DE AD BE EF DE AD BE EF Is this information correct? [y/N]: y information/cli: Received trusted master certificate. Please specify the request ticket generated on your Icinga 2 master. (Hint: # icinga2 pki ticket --cn 'bling.cluster.chapril.org'): deadbeefdeadbeefdeadbeefdeadbeef information/cli: Requesting certificate with ticket 'deadbeefdeadbeefdeadbeefdeadbeef'. information/cli: Created backup file '/etc/icinga2/pki/bling.cluster.chapril.org.crt.orig'. information/cli: Writing signed certificate to file '/etc/icinga2/pki/bling.cluster.chapril.org.crt'. information/cli: Writing CA certificate to file '/etc/icinga2/pki/ca.crt'. Please specify the API bind host/port (optional): Bind Host []: Bind Port []: Accept config from master? [y/N]: y Accept commands from master? [y/N]: y information/cli: Disabling the Notification feature. Disabling feature notification. Make sure to restart Icinga 2 for these changes to take effect. information/cli: Enabling the Apilistener feature. Enabling feature api. Make sure to restart Icinga 2 for these changes to take effect. information/cli: Created backup file '/etc/icinga2/features-available/api.conf.orig'. information/cli: Generating local zones.conf. information/cli: Dumping config items to file '/etc/icinga2/zones.conf'. information/cli: Created backup file '/etc/icinga2/zones.conf.orig'. information/cli: Updating constants.conf. information/cli: Created backup file '/etc/icinga2/constants.conf.orig'. information/cli: Updating constants file '/etc/icinga2/constants.conf'. information/cli: Updating constants file '/etc/icinga2/constants.conf'. Done. Now restart your Icinga 2 daemon to finish the installation!
On redémarre le démon :
=(^-^)=root@bling:~# /etc/init.d/icinga2 restart [ ok ] Restarting icinga2 (via systemctl): icinga2.service.
On peut contrôler que tout va bien cotés logs :
=(^-^)=root@bling:~# tail /var/log/icinga2/icinga2.log [2017-06-05 19:28:42 +0200] information/ConfigItem: Activated all objects. [2017-06-05 19:28:42 +0200] information/JsonRpcConnection: Reconnecting to API endpoint 'icinga2.cluster.chapril.org' via host 'icinga2.chapril.org' and port '5665' [2017-06-05 19:28:43 +0200] information/ApiListener: New client connection for identity 'icinga2.cluster.chapril.org' to [88.191.250.11]:5665 [2017-06-05 19:28:43 +0200] information/ApiListener: Sending config updates for endpoint 'icinga2.cluster.chapril.org'. [2017-06-05 19:28:43 +0200] information/ApiListener: Syncing runtime objects to endpoint 'icinga2.cluster.chapril.org'. [2017-06-05 19:28:43 +0200] information/ApiListener: Finished syncing runtime objects to endpoint 'icinga2.cluster.chapril.org'. [2017-06-05 19:28:43 +0200] information/ApiListener: Finished sending config updates for endpoint 'icinga2.cluster.chapril.org'. [2017-06-05 19:28:43 +0200] information/ApiListener: Sending replay log for endpoint 'icinga2.cluster.chapril.org'. [2017-06-05 19:28:43 +0200] information/ApiListener: Replayed 425 messages. [2017-06-05 19:28:43 +0200] information/ApiListener: Finished sending replay log for endpoint 'icinga2.cluster.chapril.org'.
Mis à jour de la config coté Master
=(^-^)=root@icinga2:~# icinga2 node update-config Warning: CLI command 'node update-config' is DEPRECATED! Please read the Changelog. information/cli: Updating node configuration for Node 'bling.cluster.chapril.org' (last seen: Mon Jun 5 19:33:29 2017) * Host 'bling.cluster.chapril.org' * Service 'apt' * Service 'disk' * Service 'disk /' * Service 'http' * Service 'icinga' * Service 'load' * Service 'ping4' * Service 'ping6' * Service 'procs' * Service 'ssh' * Service 'swap' * Service 'users' information/cli: Adding host 'bling.cluster.chapril.org' to the repository. information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.443011-Host-d23f829f3e95b46fd21e1f44dcefa48319942945fee7e72e47978dc31a7f0b10.change' information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.443892-Service-5009a047a11fbd680bb40d2f23cd3fcd626ac2d672c38e16f53bd622c3961534.change' information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.445834-Service-1044dec7206e8d7c9fbb4ae8f766668406d2567fc7fc1a160a9d4700fcf8f8e9.change' information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.446400-Service-6a29594f8e9a9bd6e6c13fdd4a19c333b3f5cf35377811c8671a1a271d7364ae.change' information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.446974-Service-e0603c499aae47eb89343ad0ef3178e044c62e70ae2309b35591d1d49a3211ec.change' information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.447511-Service-2eb9c534258d20f7c437141670d7c09d7afbab65b2ac9cd2034be27b122cbb41.change' information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.448242-Service-0cf67fc72b3c86c7a454f6d86b43ed245a8e491d0e5288d4da8c7ff43a7bcdb0.change' information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.448789-Service-571605952ba28ee6740b5a9b50f1e76393f1e4cdaf3115438bcdeddf8e473065.change' information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.449340-Service-d7535967c0481dbeb28afe542a40e2f0687f4fc5b5fc5abafacbd4c24ff0d9cf.change' information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.449938-Service-277d2f898036fa83a8f790fd6680e3c89e2cceaa4921a17b6ccb6c8f464ebb97.change' information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.450493-Service-7f5a55cf3f88be936fb9440249cb449f3067ccee4b525d0027dc9278a29c32c1.change' information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.451046-Service-da47c2f450a4f9d538d86d600d55149afd39d6672fdd1f30c68ad5be21cadad8.change' information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.451592-Service-7dfb4cf67742cb0660305e56ef816c53fcec892cae7f6ee39b75f34e659d672c.change' information/cli: Adding endpoint 'bling.cluster.chapril.org' to the repository. information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.452515-Endpoint-d23f829f3e95b46fd21e1f44dcefa48319942945fee7e72e47978dc31a7f0b10.change' information/cli: Adding zone 'bling.cluster.chapril.org' to the repository. information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.453947-Zone-d23f829f3e95b46fd21e1f44dcefa48319942945fee7e72e47978dc31a7f0b10.change' information/cli: Committing node configuration. Changes to be committed: Adding host 'bling.cluster.chapril.org' check_command = "cluster-zone" import = [ "satellite-host" ] Adding service 'apt' check_command = "dummy" host_name = "bling.cluster.chapril.org" import = [ "satellite-service" ] zone = "bling.cluster.chapril.org" Adding service 'disk' check_command = "dummy" host_name = "bling.cluster.chapril.org" import = [ "satellite-service" ] zone = "bling.cluster.chapril.org" Adding service 'disk /' check_command = "dummy" host_name = "bling.cluster.chapril.org" import = [ "satellite-service" ] zone = "bling.cluster.chapril.org" Adding service 'http' check_command = "dummy" host_name = "bling.cluster.chapril.org" import = [ "satellite-service" ] zone = "bling.cluster.chapril.org" Adding service 'icinga' check_command = "dummy" host_name = "bling.cluster.chapril.org" import = [ "satellite-service" ] zone = "bling.cluster.chapril.org" Adding service 'load' check_command = "dummy" host_name = "bling.cluster.chapril.org" import = [ "satellite-service" ] zone = "bling.cluster.chapril.org" Adding service 'ping4' check_command = "dummy" host_name = "bling.cluster.chapril.org" import = [ "satellite-service" ] zone = "bling.cluster.chapril.org" Adding service 'ping6' check_command = "dummy" host_name = "bling.cluster.chapril.org" import = [ "satellite-service" ] zone = "bling.cluster.chapril.org" Adding service 'procs' check_command = "dummy" host_name = "bling.cluster.chapril.org" import = [ "satellite-service" ] zone = "bling.cluster.chapril.org" Adding service 'ssh' check_command = "dummy" host_name = "bling.cluster.chapril.org" import = [ "satellite-service" ] zone = "bling.cluster.chapril.org" Adding service 'swap' check_command = "dummy" host_name = "bling.cluster.chapril.org" import = [ "satellite-service" ] zone = "bling.cluster.chapril.org" Adding service 'users' check_command = "dummy" host_name = "bling.cluster.chapril.org" import = [ "satellite-service" ] zone = "bling.cluster.chapril.org" Adding endpoint 'bling.cluster.chapril.org' Adding zone 'bling.cluster.chapril.org' endpoints = [ "bling.cluster.chapril.org" ] parent = "icinga2.cluster.chapril.org" information/cli: Writing config object 'bling.cluster.chapril.org' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org.conf' information/cli: Writing config object 'apt' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/apt.conf' information/cli: Writing config object 'disk' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/disk.conf' information/cli: Writing config object 'disk /' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/disk %2F.conf' information/cli: Writing config object 'http' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/http.conf' information/cli: Writing config object 'icinga' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/icinga.conf' information/cli: Writing config object 'load' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/load.conf' information/cli: Writing config object 'ping4' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/ping4.conf' information/cli: Writing config object 'ping6' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/ping6.conf' information/cli: Writing config object 'procs' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/procs.conf' information/cli: Writing config object 'ssh' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/ssh.conf' information/cli: Writing config object 'swap' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/swap.conf' information/cli: Writing config object 'users' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/users.conf' information/cli: Writing config object 'bling.cluster.chapril.org' to file '/etc/icinga2/repository.d/endpoints/bling.cluster.chapril.org.conf' information/cli: Writing config object 'bling.cluster.chapril.org' to file '/etc/icinga2/repository.d/zones/bling.cluster.chapril.org.conf' Make sure to reload Icinga 2 for these changes to take effect.
On redémarre le démon :
=(^-^)=root@icinga2:~# /etc/init.d/icinga2 restart [ ok ] Restarting icinga2 (via systemctl): icinga2.service.
On peut contrôler que tout va bien cotés logs :
=(^-^)=root@icinga2:~# tail /var/log/icinga2/icinga2.log [2017-06-05 19:35:30 +0200] information/Notification: Sending 'Recovery' notification 'bling.cluster.chapril.org!ping6!mail-icingaadmin for user 'icingaadmin' [2017-06-05 19:35:30 +0200] information/Notification: Completed sending 'Recovery' notification 'bling.cluster.chapril.org!ping6!mail-icingaadmin' for checkable 'bling.cluster.chapril.org!ping6' and user 'icingaadmin'. [2017-06-05 19:35:30 +0200] information/Checkable: Checking for configured notifications for object 'bling.cluster.chapril.org!swap' [2017-06-05 19:35:30 +0200] information/Notification: Sending 'Recovery' notification 'bling.cluster.chapril.org!swap!mail-icingaadmin for user 'icingaadmin' [2017-06-05 19:35:30 +0200] information/Notification: Completed sending 'Recovery' notification 'bling.cluster.chapril.org!swap!mail-icingaadmin' for checkable 'bling.cluster.chapril.org!swap' and user 'icingaadmin'. [2017-06-05 19:35:44 +0200] information/IdoMysqlConnection: Query queue items: 5, query rate: 9.25/s (555/min 767/5min 767/15min); [2017-06-05 19:35:59 +0200] information/IdoMysqlConnection: Query queue items: 0, query rate: 7.75/s (465/min 815/5min 815/15min); [2017-06-05 19:36:14 +0200] information/IdoMysqlConnection: Query queue items: 1, query rate: 7.7/s (462/min 857/5min 857/15min); [2017-06-05 19:36:29 +0200] information/IdoMysqlConnection: Query queue items: 0, query rate: 7.88333/s (473/min 911/5min 911/15min); [2017-06-05 19:36:44 +0200] information/IdoMysqlConnection: Query queue items: 1, query rate: 3.23333/s (194/min 961/5min 961/15min);
admin/procedures/satellite_icinga2.1496756546.txt.gz · Dernière modification : 2017/06/06 13:42 de fpoulain