Adding a master to active setup

Hi,

Still having problems adding a master to my current setup. Let me first explain what I had , what I wanted and what I tried:

I HAVE:
My setup was running fine with one master (called icinga) and multiple agents/endpoints/satellites.
As explained here it is possible to create a setup and add a master later.
I first installed a new server called icinga2 (=master2) and added it as a satellite/agent just to verify that everything works as expected. icinga2 (=master2) was showing as host and showed my checks in icingaweb2. So far so good.

I WANTED:
I wanted to add a secondary master so I have a backup master that checks my clients in case my primary master fails. I wouldnt care if that means I lose some chart history, but my aNag needs to show whats going on even when primary master is down.

I DID:
I copied some pieces of the manual and will give comments here:

Note : All nodes in the same zone require that you enable the same features for high-availability (HA).

On the primary master I have one extra feature: influxdb. Assuming that I dont need HA for this, I dont need to enable it on the second master ?

icinga2-master2.localdomain is the secondary master master node without config in zones.d .

I also have no config in ‘zones.d’ on the secondary master.

Alternatively, you can disable the HA feature and write to a local database on each node. Both methods require that you configure Icinga Web 2 accordingly (monitoring backend, IDO database, used transports, etc.).

The secondary master has also everything configured like the first master. (except influxdb/grafana)
As adviced I disabled the HA feature like this on both masters in “ido-mysql.conf” as enable_ha = false
Tip: add this to the manual with a reference to the ido-mysql.conf :slight_smile:

You can also start with a single master shown here and later add the second master. This requires an extra step with the initial sync for cloning the runtime state after done. Once done, proceed here.

As stated here, I stopped the icinga2 service on both masters. Copied the following from the primary master to the secondary master:

  • “/var/lib/icinga2/icinga2.state”
  • /var/lib/icinga2/api/packages/_api

I changed the zones.d file like this:
Primary Master:

object Zone “master” {
endpoints = [ “icinga”, “icinga2” ]
}

object Endpoint “icinga” {
//thats us
}

object Endpoint “icinga2” {
}

Secondary master: (connects to my primary)

object Endpoint “icinga” {
host = “xx.xx.xx.xx”
port = “5665”
}

object Zone “master” {
endpoints = [ “icinga”, “icinga2”]
}

object Endpoint “icinga2” {
//thats us
}

Restart both masters and ensure the initial connection and TLS handshake works.

Assuming that TLS works as I see the new master in icingaweb2 as host. Otherwise tell me how to check and ensure the TLS handshake works :wink:

QUESTION
The clients/agents show this when icinga2 daemon -C checking:

When deploying two masters make sure to setup zones.conf correctly on the second master.
The zones.d/ will sync from config master to the sallelites/agents/2nd non config master, but the dont forget to all other endpoints and zones in the zones.conf file.

The manual refers to setting up a master like a satellite, but when changing the satellite to a second master you need to add all other endpoints/zones into the zones.conf file just like on the config master.