How To Add Remote Linux Machines into Icinga 2 Server

Setup Icinga 2 Client

Setup Icinga 2 repository on the client machines.

### CentOS 7 ###
yum install epel-release
rpm --import https://packages.icinga.com/icinga.key
yum install https://packages.icinga.com/epel/icinga-rpm-release-7-latest.noarch.rpm
### RHEL 7 ###
subscription-manager repos --enable rhel-7-server-optional-rpms
subscription-manager repos --enable rhel-7-server-extras-rpms
rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm --import https://packages.icinga.com/icinga.key
yum install https://packages.icinga.com/epel/icinga-rpm-release-7-latest.noarch.rpm
### CentOS 6 ###
yum install epel-release
yum install https://packages.icinga.com/epel/icinga-rpm-release-6-latest.noarch.rpm

### RHEL 6 ###
subscription-manager repos --enable rhel-6-server-optional-rpms
subscription-manager repos --enable rhel-server-rhscl-6-rpms
rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
yum install https://packages.icinga.com/epel/icinga-rpm-release-6-latest.noarch.rpm

### Ubuntu 18.04 / Ubuntu 16.04 ###
sudo su -
wget -O - https://packages.icinga.com/icinga.key | apt-key add -
echo "deb https://packages.icinga.com/ubuntu icinga-$(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/icinga2.list
echo "deb-src https://packages.icinga.com/ubuntu icinga-$(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/icinga2.list
### Debian 9 / Debian 8 ###
sudo su -
wget -O - https://packages.icinga.com/icinga.key | apt-key add -
echo "deb https://packages.icinga.com/debian icinga-$(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/icinga2.list
echo "deb-src https://packages.icinga.com/debian icinga-$(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/icinga2.list
### Fedora 28 ###
dnf install https://packages.icinga.com/fedora/icinga-rpm-release-28-latest.noarch.rpm
### Fedora 27 ###
dnf install https://packages.icinga.com/fedora/icinga-rpm-release-27-latest.noarch.rpm
### openSUSE ###
rpm --import https://packages.icinga.com/icinga.key
zypper ar https://packages.icinga.com/SUSE/ICINGA-release.repo
zypper ref

Install the Icinga 2 package and monitoring (Nagios) plugins on your client machines.

### CentOS 7 / RHEL 7 ###
yum install icinga2
systemctl enable icinga2
systemctl start icinga2
yum install -y nagios-plugins-all
### CentOS 6 / RHEL 6 ###

yum install icinga2
chkconfig icinga2 on
service icinga2 start
yum install -y nagios-plugins-all
### Ubuntu / Debian ###
apt-get update
apt-get install -y icinga2
apt-get install -y monitoring-plugins

### Fedora 28 / Fedora 27 ###
dnf install -y icinga2
systemctl enable icinga2
systemctl start icinga2
dnf install -y nagios-plugins-all
### openSUSE ###
zypper install icinga2
zypper install monitoring-plugins

Generate a Ticket (on Master node)

When you run an Icinga 2 node wizard on client machines, the wizard sends a certificate signing request to master node. To auto sign a request, the master node requires a valid ticket from clients.

You must generate the ticket beforehand. Run the following command to generate the ticket for the client “centos.itzgeek.local“.

icinga2 pki ticket --cn 'centos.itzgeek.local'

Output:

1a355c8e1afd6c2e7c6beb6ed803680a03aef7a7

Icinga Node Setup (On Client Node)

Run the Icinga Node Wizard on the client machine.

icinga2 node wizard

Output:

Welcome to the Icinga 2 Setup Wizard!
We will guide you through all required configuration details.
Please specify if this is a satellite/client setup ('n' installs a master setup) [Y/n]: Y << Setup Client
Starting the Client/Satellite setup routine...
Please specify the common name (CN) [centos.itzgeek.local]: << Press Enter
Please specify the parent endpoint(s) (master or satellite) where this node should connect to:
Master/Satellite Common Name (CN from your master/satellite node): server.itzgeek.local << Enter Master Node Name
Do you want to establish a connection to the parent node from this node? [Y/n]: Y << Press Y to accept connections
Please specify the master/satellite connection information:
Master/Satellite endpoint host (IP address or FQDN): 192.168.1.10 << Enter Master Node IP or Hostname
Master/Satellite endpoint port [5665]: << Press Enter

Add more master/satellite endpoints? [y/N]: N << Press N as we have only one master
Parent certificate information:
 Subject:     CN = server.itzgeek.local
 Issuer:      CN = Icinga CA
 Valid From:  Sep  23 15:21:27 2018 GMT
 Valid Until: Aug 30 15:21:27 2033 GMT
 Fingerprint: D7 DC 2D 3A 0C A0 B5 01 FD FC 43 C4 00 B5 ED D0 32 01 E1 AC
Is this information correct? [y/N]: Y << Press Y if the above certificacte details are correct
Please specify the request ticket generated on your Icinga 2 master (optional).
 (Hint: # icinga2 pki ticket --cn 'centos.itzgeek.local'): 1a355c8e1afd6c2e7c6beb6ed803680a03aef7a7 << Copy/Paste the ticket from Master node
Please specify the API bind host/port (optional): << Press Enter
Bind Host []: << Press Enter
Bind Port []: << Press Enter
Accept config from parent node? [y/N]: Y << Press Y to accept configuration
Accept commands from parent node? [y/N]: Y << Press Y to accept commands
Reconfiguring Icinga...
Disabling feature notification. Make sure to restart Icinga 2 for these changes to take effect.
Enabling feature api. Make sure to restart Icinga 2 for these changes to take effect.
Local zone name [centos.itzgeek.local]: << Press Enter
Parent zone name [master]: << Press Enter
Default global zones: global-templates director-global
Do you want to specify additional global zones? [y/N]: N << Press N
Do you want to disable the inclusion of the conf.d directory [Y/n]: Y << Press Y to disable conf.d directory
Disabling the inclusion of the conf.d directory...
Done.
Now restart your Icinga 2 daemon to finish the installation!

Wizard does the following,

1. Fetches the public certificate from the master
2. Client requests for a certificate from the master with the valid ticket.

Verify the configurations files.

cat /etc/icinga2/zones.conf

Make sure your client node configurations should be like below. Update the zones.conf, if required.

/*
 * Generated by Icinga 2 node setup commands
 * on 2018-09-23 11:25:39 +0530
 */
object Endpoint "server.itzgeek.local" {
        host = "192.168.1.10"
        port = "5665"
}
object Zone "master" {
        endpoints = [ "server.itzgeek.local" ]
}
object Endpoint "centos.itzgeek.local" {
}
object Zone "centos.itzgeek.local" {
        endpoints = [ "centos.itzgeek.local" ]
        parent = "master"
}

Restart the Icinga 2 on the client machine.

### For Systemd Systems ###
systemctl restart icinga2

### For SysVinit Systems ###
service icinga2 restart