How To Add Remote Linux Machines into Icinga 2 Server

4

In our previous article, we have covered the installation of Icinga 2 server and the installation of Icinga Web 2. In this guide, we will look at how to add remote Linux machines into Icinga 2 server.

Article Series

Icinga 2

1: How To Install Icinga 2 on CentOS 7 / RHEL 7

2: How To Install Icinga 2 on Ubuntu 18.04 / 16.04 / Debian 9

Icinga Web 2

1: How To Setup Icinga Web 2 on CentOS 7 / RHEL 7

2: How To Setup Icinga Web 2 on Ubuntu 18.04 / 16.04 / Debian 9

Icinga Client

1: How To Add Remote Linux Machines into Icinga 2 Monitoring Tool

To enhance the security, Icinga2 uses SSL certificates for client and server communication.

Server and Client communications happen on TCP port 5665. So, make sure you have configured the firewall to allow traffics in both ways.

Architecture

The following diagram shows the illustration of distributed Icinga 2 Server-Client architecture.

Add Remote Linux Machines into Icinga 2 Server - Icinga 2 Architecture. Image Credits: Icinga.com
Add Remote Linux Machines into Icinga 2 Server – Icinga 2 Architecture. Image Credit: Icinga.com

Master Node – This is the topmost node in structure, where you usually install Icinga 2 and Icinga Web 2. It combines executed checks from child nodes into notifications.

Satellite Node – This node can receive configurations for hosts or services, etc from the master node. It may execute the checks on its own or delegate the checks to client nodes, and it can run even if the master node is unavailable.

Client Node – This node either receives a remote command execution from the parent node (master or satellite) or run its own configured checks.

Here, we will setup Master and Client node communication and be removing Satellite node.

Our setup diagram will look like below.

Add Remote Linux Machines into Icinga 2 Server - Our Setup. Image Credit: Icinga.com
Add Remote Linux Machines into Icinga 2 Server – Our Setup. Image Credit: Icinga.com

Environment

Host Name IP Address OS Purpose
server.itzgeek.local 192.168.1.10 CentOS 7 / Ubuntu 18.04 / Debian 9 Master Node
centos.itzgeek.local 192.168.1.20 CentOS 7 Client Node 1
ubuntu.itzgeek.local 192.168.1.30 Ubuntu 18.04 Client Node 2

Setup Icinga2 Master

Icinga2 node wizard command will help you to setup Icinga 2 master. The wizard must be run as root.

icinga2 node wizard

Output:

Welcome to the Icinga 2 Setup Wizard!

We will guide you through all required configuration details.

Please specify if this is a satellite/client setup ('n' installs a master setup) [Y/n]: n << Setup Master

Starting the Master setup routine...

Please specify the common name (CN) [server.itzgeek.local]: << Press Enter
Reconfiguring Icinga...
Checking for existing certificates for common name 'server.itzgeek.local'...
Certificate '/var/lib/icinga2/certs//server.itzgeek.local.crt' for CN 'server.itzgeek.local' already existing. Skipping certificate generation.
Generating master configuration for Icinga 2.
'api' feature already enabled.

Master zone name [master]: << Press Enter

Default global zones: global-templates director-global
Do you want to specify additional global zones? [y/N]: N << Press N and Enter
Please specify the API bind host/port (optional):
Bind Host []: << Press Enter
Bind Port []: << Press Enter

Do you want to disable the inclusion of the conf.d directory [Y/n]: Y << Press Y and Enter
Disabling the inclusion of the conf.d directory...
Checking if the api-users.conf file exists...

Done.

Now restart your Icinga 2 daemon to finish the installation!

Icinga2 Node Wizard does the following:

  1. It enables the API feature, if it is not already enabled.
  2. Creates the new certificate authority to sign the signing requests.
  3. Generates the new certificate signing request (CSR), sign it with own CA
  4. Dumping configuration items (zone’s and endpoints) to /etc/icinga2/zones.conf
  5. Updating the /etc/icinga2/constants.conf file with NodeName and TicketSalt.

Verify the configurations files.

cat /etc/icinga2/constants.conf | egrep -i "ZoneName|TicketSalt"

Make sure your master node configurations should be like below.

const ZoneName = "server.itzgeek.local"
const TicketSalt = "16ad49e3cf16628ba1be0f021414805f"

Ensure the /etc/icinga2/zones.conf file has the master node details.

cat /etc/icinga2/zones.conf

Output:

/*
 * Generated by Icinga 2 node setup commands
 * on 2018-09-23 10:47:55 +0530
 */

object Endpoint "server.itzgeek.local" {
}

object Zone "master" {
        endpoints = [ "server.itzgeek.local" ]
}

Restart the Icinga2 service to take an effect of master setup.

### For Systemd Systems ###

systemctl restart icinga2

### For SysVinit Systems ###

service icinga2 restart
You might also like