haribo
February 7, 2019, 5:14pm
1
Hello,
I set all endpoints with fqdn even the master.
But when I try to check the configuration I have this error:
information/ApiListener: My API identity: bunny
critical/config: Error: Endpoint object for 'bunny' is missing.
Location: in /etc/icinga2/features-enabled/api.conf: 5:1-5:24
/etc/icinga2/features-enabled/api.conf(3): */
/etc/icinga2/features-enabled/api.conf(4):
/etc/icinga2/features-enabled/api.conf(5): object ApiListener "api" {
^^^^^^^^^^^^^^^^^^^^^^^^
/etc/icinga2/features-enabled/api.conf(6): cert_path = SysconfDir + "/icinga2/pki/" + NodeName + ".crt"
/etc/icinga2/features-enabled/api.conf(7): key_path = SysconfDir + "/icinga2/pki/" + NodeName + ".key"
bunny is the short name of my VM. My endpoint name is bunny.domain
How can I set the API identity to the FQDN ? I tried to force the NodeName to FQDN in constants.conf, but it’s the same.
I’ve the same problem when I setup the API with:
icinga2 api setup
The certificate name is bunny.crt instead of bunny.domain.crt.
If I do:
hostname -f
it returns bunny.domain
If duplicate the endpoint bunny.domain with bunny, it works, but it’s ugly.
I’m missing something. A little help would be appreciate
dnsmichi
(Michael Friedrich)
February 7, 2019, 5:41pm
2
Hi,
the CLI commands read the cached NodeName
constant after a successful configuration validation. So if you’re changing the value in constants.conf, you’ll need to follow it with icinga2 daemon -C
and then icinga2 api setup
. If NodeName
is blank (or commented out), the CLI command attempts to resolve the local hostname which likely is set wrong in /etc/hosts
.
Can you share the content of constants.conf
and likewise the output of icinga2 variable get NodeName
?
And which icinga2 --version
is involved here?
Cheers,
Michael
Hello!
I have the same problem. And I can not find good solution for this. Could you pleas help me with this?
It was my mistake
root@Ansible-Awx:~# icinga2 api setup
information/cli: Generating new CA.
warning/cli: CA files '/var/lib/icinga2/ca//ca.crt' and '/var/lib/icinga2/ca//ca.key' already exist.
warning/cli: Found CA, skipping and using the existing one.
information/cli: Generating new CSR in '/var/lib/icinga2/certs//Ansible-Awx.csr'.
information/base: Writing private key to '/var/lib/icinga2/certs//Ansible-Awx.key'.
information/base: Writing certificate signing request to '/var/lib/icinga2/certs//Ansible-Awx.csr'.
information/cli: Signing CSR with CA and writing certificate to '/var/lib/icinga2/certs//Ansible-Awx.crt'.
information/pki: Writing certificate to file '/var/lib/icinga2/certs//Ansible-Awx.crt'.
information/cli: Copying CA certificate to '/var/lib/icinga2/certs//ca.crt'.
information/cli: Created backup file '/var/lib/icinga2/certs//ca.crt.orig'.
information/cli: API user config file '/etc/icinga2/conf.d/api-users.conf' already exists, not creating config file.
information/cli: Reading '/etc/icinga2/icinga2.conf'.
information/cli: Enabling the 'api' feature.
warning/cli: Feature 'api' already enabled.
information/cli: Updating 'NodeName' constant in '/etc/icinga2/constants.conf'.
information/cli: Backup file '/etc/icinga2/constants.conf.orig' already exists. Skipping backup.
information/cli: Updating 'ZoneName' constant in '/etc/icinga2/constants.conf'.
information/cli: Backup file '/etc/icinga2/constants.conf.orig' already exists. Skipping backup.
Done.
root@Ansible-Awx:~# icinga2 daemon -C
[2021-03-25 16:08:06 +0000] information/cli: Icinga application loader (version: r2.12.3-1)
[2021-03-25 16:08:06 +0000] information/cli: Loading configuration file(s).
[2021-03-25 16:08:06 +0000] information/ConfigItem: Committing config item(s).
[2021-03-25 16:08:06 +0000] information/ApiListener: My API identity: Ansible-Awx
[2021-03-25 16:08:06 +0000] critical/config: Error: Endpoint object for 'Ansible-Awx' is missing.
Location: in /etc/icinga2/features-enabled/api.conf: 5:1-5:24
/etc/icinga2/features-enabled/api.conf(3): */
/etc/icinga2/features-enabled/api.conf(4):
/etc/icinga2/features-enabled/api.conf(5): object ApiListener "api" {
^^^^^^^^^^^^^^^^^^^^^^^^
/etc/icinga2/features-enabled/api.conf(6): bind_host = "0.0.0.0"
/etc/icinga2/features-enabled/api.conf(7):
[2021-03-25 16:08:06 +0000] critical/config: 1 error
[2021-03-25 16:08:06 +0000] critical/cli: Config validation failed. Re-run with 'icinga2 daemon -C' after fixing the config.
root@Ansible-Awx:~# nano /etc/icinga2/features-enabled/api.conf
/**
* The API listener is used for distributed monitoring setups.
*/
object ApiListener "api" {
bind_host = "0.0.0.0"
ticket_salt = TicketSalt
}