In our previous article, we have covered the installation of Icinga 2 server and the installation of Icinga Web 2. In this guide, we will look at how to add remote Linux machines into Icinga 2 server.
Article Series
Icinga 2
1: How To Install Icinga 2 on CentOS 7 / RHEL 7
2: How To Install Icinga 2 on Ubuntu 18.04 / 16.04 / Debian 9
Icinga Web 2
1: How To Setup Icinga Web 2 on CentOS 7 / RHEL 7
2: How To Setup Icinga Web 2 on Ubuntu 18.04 / 16.04 / Debian 9
Icinga Client
1: How To Add Remote Linux Machines into Icinga 2 Monitoring Tool
To enhance the security, Icinga2 uses SSL certificates for client and server communication.
Server and Client communications happen on TCP port 5665. So, make sure you have configured the firewall to allow traffics in both ways.
Architecture
The following diagram shows the illustration of distributed Icinga 2 Server-Client architecture.
Master Node – This is the topmost node in structure, where you usually install Icinga 2 and Icinga Web 2. It combines executed checks from child nodes into notifications.
Satellite Node – This node can receive configurations for hosts or services, etc from the master node. It may execute the checks on its own or delegate the checks to client nodes, and it can run even if the master node is unavailable.
Client Node – This node either receives a remote command execution from the parent node (master or satellite) or run its own configured checks.
Here, we will setup Master and Client node communication and be removing Satellite node.
Our setup diagram will look like below.
Environment
| Host Name | IP Address | OS | Purpose |
|---|---|---|---|
| server.itzgeek.local | 192.168.1.10 | CentOS 7 / Ubuntu 18.04 / Debian 9 | Master Node |
| centos.itzgeek.local | 192.168.1.20 | CentOS 7 | Client Node 1 |
| ubuntu.itzgeek.local | 192.168.1.30 | Ubuntu 18.04 | Client Node 2 |
Setup Icinga2 Master
Icinga2 node wizard command will help you to setup Icinga 2 master. The wizard must be run as root.
icinga2 node wizard
Output:
Welcome to the Icinga 2 Setup Wizard!
We will guide you through all required configuration details.
Please specify if this is a satellite/client setup ('n' installs a master setup) [Y/n]: n << Setup Master
Starting the Master setup routine...
Please specify the common name (CN) [server.itzgeek.local]: << Press Enter
Reconfiguring Icinga...
Checking for existing certificates for common name 'server.itzgeek.local'...
Certificate '/var/lib/icinga2/certs//server.itzgeek.local.crt' for CN 'server.itzgeek.local' already existing. Skipping certificate generation.
Generating master configuration for Icinga 2.
'api' feature already enabled.
Master zone name [master]: << Press Enter
Default global zones: global-templates director-global
Do you want to specify additional global zones? [y/N]: N << Press N and Enter
Please specify the API bind host/port (optional):
Bind Host []: << Press Enter
Bind Port []: << Press Enter
Do you want to disable the inclusion of the conf.d directory [Y/n]: Y << Press Y and Enter
Disabling the inclusion of the conf.d directory...
Checking if the api-users.conf file exists...
Done.
Now restart your Icinga 2 daemon to finish the installation!
Icinga2 Node Wizard does the following:
- It enables the API feature, if it is not already enabled.
- Creates the new certificate authority to sign the signing requests.
- Generates the new certificate signing request (CSR), sign it with own CA
- Dumping configuration items (zone’s and endpoints) to /etc/icinga2/zones.conf
- Updating the /etc/icinga2/constants.conf file with NodeName and TicketSalt.
Verify the configurations files.
cat /etc/icinga2/constants.conf | egrep -i "ZoneName|TicketSalt"
Make sure your master node configurations should be like below.
const ZoneName = "server.itzgeek.local" const TicketSalt = "16ad49e3cf16628ba1be0f021414805f"
Ensure the /etc/icinga2/zones.conf file has the master node details.
cat /etc/icinga2/zones.conf
Output:
/*
* Generated by Icinga 2 node setup commands
* on 2018-09-23 10:47:55 +0530
*/
object Endpoint "server.itzgeek.local" {
}
object Zone "master" {
endpoints = [ "server.itzgeek.local" ]
}
Restart the Icinga2 service to take an effect of master setup.
### For Systemd Systems ### systemctl restart icinga2 ### For SysVinit Systems ### service icinga2 restart
Hello
Do you have any idea why I can not list:
[root@antlet60 ~]# icinga2 node list
icinga2 – The Icinga 2 network monitoring daemon (version: r2.8.0-1)
Usage:
icinga2 []
Supported commands:
* node setup (set up node)
* node wizard (wizard for node setup)
Global options:
-h [ –help ] show this help message
-V [ –version ] show version information
–color use VT100 color codes even when stdout is not a
terminal
-D [ –define ] arg define a constant
-a [ –app ] arg application library name (default: icinga)
-l [ –library ] arg load a library
-I [ –include ] arg add include search directory
-x [ –log-level ] arg specify the log level for the console log.
The valid value is either debug, notice,
information (default), warning, or critical
-X [ –script-debugger ] whether to enable the script debugger
Report bugs at
Icinga home page:
[root@antlet60 ~]#
Hello Fidel,
Both “node list” and “node update-config” have been depreciated. We will update the tutorial.
Thanks
I’m having the same issues here using version 2.8.1-1. hope you update this post soon. Thank you in advance.
The updated document is almost ready, will be released in a week