Outils pour utilisateurs

Outils du site


admin:procedures:satellite_icinga2

Ceci est une ancienne révision du document !


En cours d'expérimentation ; ne pas se lancer dedans aujourd'hui. Il y a des morceaux de conf bottom-up alors que icinga2 se dirige vers du top-down.

Installer un client (Satellite) Icinga2

Les satellites Icinga sont des genres d'esclaves qui (dans notre cas) reçoivent leur configuration du maître (icinga2.cluster.chapril.org ; fqdn public icinga2.chapril.org).

On suppose le maître installé, fonctionnel, et écoutant sur le port 5665.

Installation de Icinga2

=(^-^)=root@bling:~# apt install icinga2 monitoring-plugins

Comment ça, c'est tout ? ^^

Configuration du satellite

On génère un jeton sur le master :

[root@icinga2:~# icinga2 pki ticket --cn bling.cluster.chapril.org
deadbeefdeadbeefdeadbeefdeadbeef

On le met de coté pour plus tard et on repasse coté satellite.

=(^-^)=root@bling:~# icinga2 node wizard
Welcome to the Icinga 2 Setup Wizard!

We'll guide you through all required configuration details.



Please specify if this is a satellite setup ('n' installs a master setup) [Y/n]: Y
Starting the Node setup routine...
Please specify the common name (CN) [bling.cluster.chapril.org]: 
Please specify the master endpoint(s) this node should connect to:
Master Common Name (CN from your master setup): icinga2.cluster.chapril.org
Do you want to establish a connection to the master from this node? [Y/n]: Y
Please fill out the master connection information:
Master endpoint host (Your master's IP address or FQDN): icinga2.chapril.org
Master endpoint port [5665]: 
Add more master endpoints? [y/N]: N
Please specify the master connection for CSR auto-signing (defaults to master endpoint host):
Host [icinga2.chapril.org]: 
Port [5665]: 
information/base: Writing private key to '/etc/icinga2/pki/bling.cluster.chapril.org.key'.
information/base: Writing X509 certificate to '/etc/icinga2/pki/bling.cluster.chapril.org.crt'.
information/cli: Fetching public certificate from master (icinga2.chapril.org, 5665):

Certificate information:

 Subject:     CN = icinga2.cluster.chapril.org
 Issuer:      CN = Icinga CA
 Valid From:  Jun  5 13:26:09 2017 GMT
 Valid Until: Jun  1 13:26:09 2032 GMT
 Fingerprint: DE AD BE EF DE AD BE EF DE AD BE EF DE AD BE EF DE AD BE EF 

Is this information correct? [y/N]: y
information/cli: Received trusted master certificate.

Please specify the request ticket generated on your Icinga 2 master.
 (Hint: # icinga2 pki ticket --cn 'bling.cluster.chapril.org'): deadbeefdeadbeefdeadbeefdeadbeef
information/cli: Requesting certificate with ticket 'deadbeefdeadbeefdeadbeefdeadbeef'.

information/cli: Created backup file '/etc/icinga2/pki/bling.cluster.chapril.org.crt.orig'.
information/cli: Writing signed certificate to file '/etc/icinga2/pki/bling.cluster.chapril.org.crt'.
information/cli: Writing CA certificate to file '/etc/icinga2/pki/ca.crt'.
Please specify the API bind host/port (optional):
Bind Host []: 
Bind Port []: 
Accept config from master? [y/N]: y
Accept commands from master? [y/N]: y
information/cli: Disabling the Notification feature.
Disabling feature notification. Make sure to restart Icinga 2 for these changes to take effect.
information/cli: Enabling the Apilistener feature.
Enabling feature api. Make sure to restart Icinga 2 for these changes to take effect.
information/cli: Created backup file '/etc/icinga2/features-available/api.conf.orig'.
information/cli: Generating local zones.conf.
information/cli: Dumping config items to file '/etc/icinga2/zones.conf'.
information/cli: Created backup file '/etc/icinga2/zones.conf.orig'.
information/cli: Updating constants.conf.
information/cli: Created backup file '/etc/icinga2/constants.conf.orig'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
Done.

Now restart your Icinga 2 daemon to finish the installation!

On redémarre le démon :

=(^-^)=root@bling:~# /etc/init.d/icinga2 restart
[ ok ] Restarting icinga2 (via systemctl): icinga2.service.

On peut contrôler que tout va bien cotés logs :

=(^-^)=root@bling:~# tail /var/log/icinga2/icinga2.log 
[2017-06-05 19:28:42 +0200] information/ConfigItem: Activated all objects.
[2017-06-05 19:28:42 +0200] information/JsonRpcConnection: Reconnecting to API endpoint 'icinga2.cluster.chapril.org' via host 'icinga2.chapril.org' and port '5665'
[2017-06-05 19:28:43 +0200] information/ApiListener: New client connection for identity 'icinga2.cluster.chapril.org' to [88.191.250.11]:5665
[2017-06-05 19:28:43 +0200] information/ApiListener: Sending config updates for endpoint 'icinga2.cluster.chapril.org'.
[2017-06-05 19:28:43 +0200] information/ApiListener: Syncing runtime objects to endpoint 'icinga2.cluster.chapril.org'.
[2017-06-05 19:28:43 +0200] information/ApiListener: Finished syncing runtime objects to endpoint 'icinga2.cluster.chapril.org'.
[2017-06-05 19:28:43 +0200] information/ApiListener: Finished sending config updates for endpoint 'icinga2.cluster.chapril.org'.
[2017-06-05 19:28:43 +0200] information/ApiListener: Sending replay log for endpoint 'icinga2.cluster.chapril.org'.
[2017-06-05 19:28:43 +0200] information/ApiListener: Replayed 425 messages.
[2017-06-05 19:28:43 +0200] information/ApiListener: Finished sending replay log for endpoint 'icinga2.cluster.chapril.org'.

Mis à jour de la config coté Master

=(^-^)=root@icinga2:~# icinga2 node update-config
Warning: CLI command 'node update-config' is DEPRECATED! Please read the Changelog.

information/cli: Updating node configuration for 
Node 'bling.cluster.chapril.org' (last seen: Mon Jun  5 19:33:29 2017)
    * Host 'bling.cluster.chapril.org'
        * Service 'apt'
        * Service 'disk'
        * Service 'disk /'
        * Service 'http'
        * Service 'icinga'
        * Service 'load'
        * Service 'ping4'
        * Service 'ping6'
        * Service 'procs'
        * Service 'ssh'
        * Service 'swap'
        * Service 'users'
information/cli: Adding host 'bling.cluster.chapril.org' to the repository.
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.443011-Host-d23f829f3e95b46fd21e1f44dcefa48319942945fee7e72e47978dc31a7f0b10.change'
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.443892-Service-5009a047a11fbd680bb40d2f23cd3fcd626ac2d672c38e16f53bd622c3961534.change'
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.445834-Service-1044dec7206e8d7c9fbb4ae8f766668406d2567fc7fc1a160a9d4700fcf8f8e9.change'
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.446400-Service-6a29594f8e9a9bd6e6c13fdd4a19c333b3f5cf35377811c8671a1a271d7364ae.change'
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.446974-Service-e0603c499aae47eb89343ad0ef3178e044c62e70ae2309b35591d1d49a3211ec.change'
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.447511-Service-2eb9c534258d20f7c437141670d7c09d7afbab65b2ac9cd2034be27b122cbb41.change'
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.448242-Service-0cf67fc72b3c86c7a454f6d86b43ed245a8e491d0e5288d4da8c7ff43a7bcdb0.change'
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.448789-Service-571605952ba28ee6740b5a9b50f1e76393f1e4cdaf3115438bcdeddf8e473065.change'
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.449340-Service-d7535967c0481dbeb28afe542a40e2f0687f4fc5b5fc5abafacbd4c24ff0d9cf.change'
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.449938-Service-277d2f898036fa83a8f790fd6680e3c89e2cceaa4921a17b6ccb6c8f464ebb97.change'
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.450493-Service-7f5a55cf3f88be936fb9440249cb449f3067ccee4b525d0027dc9278a29c32c1.change'
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.451046-Service-da47c2f450a4f9d538d86d600d55149afd39d6672fdd1f30c68ad5be21cadad8.change'
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.451592-Service-7dfb4cf67742cb0660305e56ef816c53fcec892cae7f6ee39b75f34e659d672c.change'
information/cli: Adding endpoint 'bling.cluster.chapril.org' to the repository.
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.452515-Endpoint-d23f829f3e95b46fd21e1f44dcefa48319942945fee7e72e47978dc31a7f0b10.change'
information/cli: Adding zone 'bling.cluster.chapril.org' to the repository.
information/cli: Dumping changelog items to file '/var/lib/icinga2/repository/changes/1496684076.453947-Zone-d23f829f3e95b46fd21e1f44dcefa48319942945fee7e72e47978dc31a7f0b10.change'
information/cli: Committing node configuration.
Changes to be committed:

Adding host 'bling.cluster.chapril.org'
    check_command = "cluster-zone"
    import = [ "satellite-host" ]
Adding service 'apt'
    check_command = "dummy"
    host_name = "bling.cluster.chapril.org"
    import = [ "satellite-service" ]
    zone = "bling.cluster.chapril.org"
Adding service 'disk'
    check_command = "dummy"
    host_name = "bling.cluster.chapril.org"
    import = [ "satellite-service" ]
    zone = "bling.cluster.chapril.org"
Adding service 'disk /'
    check_command = "dummy"
    host_name = "bling.cluster.chapril.org"
    import = [ "satellite-service" ]
    zone = "bling.cluster.chapril.org"
Adding service 'http'
    check_command = "dummy"
    host_name = "bling.cluster.chapril.org"
    import = [ "satellite-service" ]
    zone = "bling.cluster.chapril.org"
Adding service 'icinga'
    check_command = "dummy"
    host_name = "bling.cluster.chapril.org"
    import = [ "satellite-service" ]
    zone = "bling.cluster.chapril.org"
Adding service 'load'
    check_command = "dummy"
    host_name = "bling.cluster.chapril.org"
    import = [ "satellite-service" ]
    zone = "bling.cluster.chapril.org"
Adding service 'ping4'
    check_command = "dummy"
    host_name = "bling.cluster.chapril.org"
    import = [ "satellite-service" ]
    zone = "bling.cluster.chapril.org"
Adding service 'ping6'
    check_command = "dummy"
    host_name = "bling.cluster.chapril.org"
    import = [ "satellite-service" ]
    zone = "bling.cluster.chapril.org"
Adding service 'procs'
    check_command = "dummy"
    host_name = "bling.cluster.chapril.org"
    import = [ "satellite-service" ]
    zone = "bling.cluster.chapril.org"
Adding service 'ssh'
    check_command = "dummy"
    host_name = "bling.cluster.chapril.org"
    import = [ "satellite-service" ]
    zone = "bling.cluster.chapril.org"
Adding service 'swap'
    check_command = "dummy"
    host_name = "bling.cluster.chapril.org"
    import = [ "satellite-service" ]
    zone = "bling.cluster.chapril.org"
Adding service 'users'
    check_command = "dummy"
    host_name = "bling.cluster.chapril.org"
    import = [ "satellite-service" ]
    zone = "bling.cluster.chapril.org"
Adding endpoint 'bling.cluster.chapril.org'
Adding zone 'bling.cluster.chapril.org'
    endpoints = [ "bling.cluster.chapril.org" ]
    parent = "icinga2.cluster.chapril.org"

information/cli: Writing config object 'bling.cluster.chapril.org' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org.conf'
information/cli: Writing config object 'apt' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/apt.conf'
information/cli: Writing config object 'disk' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/disk.conf'
information/cli: Writing config object 'disk /' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/disk %2F.conf'
information/cli: Writing config object 'http' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/http.conf'
information/cli: Writing config object 'icinga' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/icinga.conf'
information/cli: Writing config object 'load' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/load.conf'
information/cli: Writing config object 'ping4' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/ping4.conf'
information/cli: Writing config object 'ping6' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/ping6.conf'
information/cli: Writing config object 'procs' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/procs.conf'
information/cli: Writing config object 'ssh' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/ssh.conf'
information/cli: Writing config object 'swap' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/swap.conf'
information/cli: Writing config object 'users' to file '/etc/icinga2/repository.d/hosts/bling.cluster.chapril.org/users.conf'
information/cli: Writing config object 'bling.cluster.chapril.org' to file '/etc/icinga2/repository.d/endpoints/bling.cluster.chapril.org.conf'
information/cli: Writing config object 'bling.cluster.chapril.org' to file '/etc/icinga2/repository.d/zones/bling.cluster.chapril.org.conf'
Make sure to reload Icinga 2 for these changes to take effect.

On redémarre le démon :

=(^-^)=root@icinga2:~# /etc/init.d/icinga2 restart
[ ok ] Restarting icinga2 (via systemctl): icinga2.service.

On peut contrôler que tout va bien cotés logs :

=(^-^)=root@icinga2:~# tail /var/log/icinga2/icinga2.log
[2017-06-05 19:35:30 +0200] information/Notification: Sending 'Recovery' notification 'bling.cluster.chapril.org!ping6!mail-icingaadmin for user 'icingaadmin'
[2017-06-05 19:35:30 +0200] information/Notification: Completed sending 'Recovery' notification 'bling.cluster.chapril.org!ping6!mail-icingaadmin' for checkable 'bling.cluster.chapril.org!ping6' and user 'icingaadmin'.
[2017-06-05 19:35:30 +0200] information/Checkable: Checking for configured notifications for object 'bling.cluster.chapril.org!swap'
[2017-06-05 19:35:30 +0200] information/Notification: Sending 'Recovery' notification 'bling.cluster.chapril.org!swap!mail-icingaadmin for user 'icingaadmin'
[2017-06-05 19:35:30 +0200] information/Notification: Completed sending 'Recovery' notification 'bling.cluster.chapril.org!swap!mail-icingaadmin' for checkable 'bling.cluster.chapril.org!swap' and user 'icingaadmin'.
[2017-06-05 19:35:44 +0200] information/IdoMysqlConnection: Query queue items: 5, query rate: 9.25/s (555/min 767/5min 767/15min);
[2017-06-05 19:35:59 +0200] information/IdoMysqlConnection: Query queue items: 0, query rate: 7.75/s (465/min 815/5min 815/15min);
[2017-06-05 19:36:14 +0200] information/IdoMysqlConnection: Query queue items: 1, query rate: 7.7/s (462/min 857/5min 857/15min);
[2017-06-05 19:36:29 +0200] information/IdoMysqlConnection: Query queue items: 0, query rate: 7.88333/s (473/min 911/5min 911/15min);
[2017-06-05 19:36:44 +0200] information/IdoMysqlConnection: Query queue items: 1, query rate: 3.23333/s (194/min 961/5min 961/15min);
admin/procedures/satellite_icinga2.1496756546.txt.gz · Dernière modification : 2017/06/06 13:42 de fpoulain