How to Add Remote Linux Host into Icinga
2 Server
RAJ SEPTEMBER 13, 2016 0 COMMENTS CENTOS 6, CENTOS 7, DEBIAN 8, HOW TO UPDATE UBUNTU 13.04 TO
UBUNTU 14.04, ICINGA, MONITORING-TOOLS
Add Remote Linux Host into Icinga 2 Server
In our previous article we have covered installing Icinga2 server on Ubuntu, Debian, and
Mint; also we have the installation Icinga Web 2 in Linux. In this guide, we will look at how to
add remote Linux host into the Icinga2 instance.
To enhance the security, Icinga2 uses SSL certificates for client and server communication.
Server and Client communications happen on TCP port 5665, make sure you have
configured the firewall to allow traffics in both ways.
Architecture:
The following diagram shows the illustration of distributed Icinga2 Server-Client
architecture.
Add Remote Linux
Host into Icinga2 Server  Icinga2 Server-Client Architecture
Master Node  This is the top most node in structure, where you usually install Icinga Web
2. It combines executed checks from child nodes into notifications.
Satellite Node  This node can receive configurations for hosts or services, etc. from the
master node. It may execute the checks on its own or delegate the checks to client nodes,
and it can run even if the master node is unavailable.
Client Node  This node either receives a remote command execution from the parent
node (master or satellite) or run its own configured checks.
Here, we will setup Master and Client node communication and be removing Satellite node.
Architecture diagram will look like below.
Add Remote Linux Host into
Icinga2 Server  Our Setup
Environment:
Master Node:
Hostname: server.itzgeek.local
IP Address: 192.168.12.6
OS: Ubuntu 16.04
Client Node 1:
Hostname: client.itzgeek.local
IP Address: 192.168.12.7
OS: Debian 8
Client Node 2:
Hostname: centos.itzgeek.local
IP Address: 192.168.12.8
OS: CentOS 7
Setup Icinga2 Master:
icinga2 node wizard command lets you to setup Icinga2 master/client depends on your
requirements. Wizard must be run as root, and to make the node as master; you should
answer the first question with n and then simply hit Enter until it finishes asking you the
questions.
# icinga2 node wizard
Welcome to the Icinga 2 Setup Wizard!
We'll guide you through all required configuration details.
Please specify if this is a satellite setup ('n' installs a master setup)
[Y/n]: n
Starting the Master setup routine...
Please specifiy the common name (CN) [server.itzgeek.local]: Enter
Checking for existing certificates for common name 'server.itzgeek.local'...
Certificates not yet generated. Running 'api setup' now.
information/cli: Generating new CA.
information/base: Writing private key to '/var/lib/icinga2/ca/ca.key'.
information/base: Writing X509 certificate to '/var/lib/icinga2/ca/ca.crt'.
information/cli: Generating new CSR in
'/etc/icinga2/pki/server.itzgeek.local.csr'.
information/base: Writing private key to
'/etc/icinga2/pki/server.itzgeek.local.key'.
information/base: Writing certificate signing request to
'/etc/icinga2/pki/server.itzgeek.local.csr'.
information/cli: Signing CSR with CA and writing certificate to
'/etc/icinga2/pki/server.itzgeek.local.crt'.
information/pki: Writing certificate to file
'/etc/icinga2/pki/server.itzgeek.local.crt'.
information/cli: Copying CA certificate to '/etc/icinga2/pki/ca.crt'.
Generating master configuration for Icinga 2.
information/cli: Adding new ApiUser 'root' in '/etc/icinga2/conf.d/apiusers.conf'.
information/cli: Enabling the 'api' feature.
Enabling feature api. Make sure to restart Icinga 2 for these changes to take
effect.
information/cli: Dumping config items to file '/etc/icinga2/zones.conf'.
information/cli: Created backup file '/etc/icinga2/zones.conf.orig'.
Please specify the API bind host/port (optional): Enter
Bind Host []: Enter
Bind Port []: Enter
information/cli: Created backup file '/etc/icinga2/featuresavailable/api.conf.orig'.
information/cli: Updating constants.conf.
information/cli: Created backup file '/etc/icinga2/constants.conf.orig'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
Done.
Icinga2 Node Wizard does the following:
1.
It enables API feature.
2.
Creates the new certificate authority to sign the signing requests.
3.
Generates the new certificate signing request (CSR), sign it with own CA and then
copy it into /etc/icinga2/pki/.
4.
Dumping configuration items (zones and endpoints) to /etc/icinga2/zones.conf
5.
Updating the /etc/icinga2/constants.conf file with NodeName and TicketSalt.
Verify the configurations files. Make sure your master node configurations should be like
below.
# cat /etc/icinga2/constants.conf | egrep -i "ZoneName|TicketSalt"
const ZoneName = "server.itzgeek.local"
const TicketSalt = "cbb245e46abb4761983de83a9acd7ecd"
Update the /etc/icinga2/zones.conf file with master node details.
# vi /etc/icinga2/zones.conf
Replace server.itzgeek.local with your master node name.
/*
* Generated by Icinga 2 node setup commands
* on 2016-08-31 17:54:45 -0400
*/
object Endpoint "server.itzgeek.local" {
}
object Zone "server.itzgeek.local" {
endpoints = [ "server.itzgeek.local" ]
}
Restart the Icinga2 service to take an effect of master setup.
For SysVinit Systems:
# service icinga2 restart
# service icinga2 status
For Systemd Systems:
# systemctl restart icinga2.service
# systemctl status icinga2.service
PAGES: 1 2 3 4