To the introduction:
It’s been on my chest for a long time.
And I was afraid to talk about it because I don’t give up hope.
But if I’m just stewing in my own juice, the overall situation won’t get any better.
So, sit down and hold on, there’s a rant…
I am using icinga2 on a few customers.
Surely there are other users, who support larger and broader setups than I do.
But I still want to get rid of a few points.
Since icinga1 there is a simple, effective in my eyes a reasonable separation between services that execute checks (the core / satellites) and the presentation of the results (icingaweb2).
For reasons that I cannot understand and cannot see, more and more things are now migrating to icingaweb2 where they have no place from an architectural point of view.
Let me take x509 and vhspheredb as an example.
All of a sudden icingaweb2 gets its own daemons and executes its own checks, thus competing directly with the core that was designed for it.
For me as an OPs, this means that I have to kick the classic separation (icingaweb2 on a dedicated, smaller VM) if I want to use these additional modules or if the customer wants them at all costs.
Suddenly I have to plan more resources for this VM (more and more separate daemons). It needs much more rights (communication with other APIs, access to external resources) and I may suddenly have to secure the VM with HA.
And to complete the chaos, there is no standard for saving configurations.
x509 puts everything into an ini file, vhspheredb into a (new) database.
(and if you don’t have a systemd at hand, you have to do a lot of bad things to get these modules running.
And some customers actually come up with the idea to run “the piece of PHP software in a docker container”. Then completely different problems come up).
It looks to me like 2 competing (developer) teams are trying to take the water from each other.
The focus on OPs / operations is getting more and more out of focus.
Maybe it makes sense to write modules in another programming language.
But then these modules AFAIK should still be processed by the core.
That’s what it is for.
It can be set up redundantly for load balancing.
I have been working with (even very large) system architectures for ~15 years and I don’t like the development of the last 2 years at all.
(I have rather strong expressions ready, but I’ll spare you that)
I am increasingly faced with the question, with whom do I dump my frustration?
The core team?
The icingaweb team?
Unfortunately I have the feeling that criticism is not accepted or perceived at all.
I lack a valid roadmap with planned developments that I can point out to customers.
On which I can align my own solutions (ansible roles, docker containers, tools).
Many things come quietly and secretly, completely surprisingly and then suddenly many things simply burst away.
For example: When updating to icinga 2.11.2 the handling of the configuration has changed.
For me, without any visible announcement.
I still haven’t managed to adapt my docker container to it and now I plan to leave it behind.
There were times when community contributions (modules, themes, plugins) were highlighted on the Icinga website.
Now you have to search to find something like that.
It’s okay if you bundle them under exchange, but “our” visibility is dwindling.
You feel pushed away.
(Too) many daemons to maintain separately, which are also rather single instances, so not HA capable.
Here a functioning infrastructure is fragmented and turned into an unmaintainable heap.
What I wish for is a more open communication with us, the community.
That people listen to us again and work together with us.
Greetings from Hamburg,