Icinga2 Version: r2.15.2-1
Ubuntu Pro
Hi all, I gonna try to explain, what I want to archive:
I have a firewall cluster (FW1, FW2). Behind this cluster we have serveral switches, accesspoints and other stuff.
If no one of the firewalls is reachable, i dont wanna have notifications for all hosts and services behind.
So I have this configured:
object Host “FW-CLUSTER-HOST” {
import “generic-host-swo”
address = “127.0.0.1”
}
This host has a service e.g: fw-cluster-stans. This service turns critical, when both firewalls are down.
fw-cluster-stans on FW-CLUSTER-HOST is critical : CRITICAL: all firewalls down
I have configured dependencies:
object Service “fw-cluster-stans” {
host_name = “FW-CLUSTER-HOST”
check_command = “check_fw_cluster”
vars.firewalls = [ “FW1”, “FW2” ]
}
apply Dependency “fw-cluster-stans-host” to Host {
parent_host_name = “FW-CLUSTER-HOST”
parent_service_name = “fw-cluster-stans”
states = [ Critical ]
disable_notifications = true
assign where host.vars.location == “stans” && host.name != “FW-CLUSTER-HOST”
}
apply Dependency “fw-cluster-stans-service” to Service {
parent_host_name = “FW-CLUSTER-HOST”
parent_service_name = “fw-cluster-stans”
states = [ Critical ]
disable_notifications = true
assign where host.vars.location == “stans” && host.name != “FW-CLUSTER-HOST”
}
Group stans is configured and all the hosts are attached to it.
The config for the hosts like this:
object Host “BLBABLA” {
..
vars.location = “stans”
..
}
Group definition:
object HostGroup “stans” {
assign where host.vars.location == “stans”
}
Whats the issue: If the firewall cluster is down (service critical) it will not stop notifications for all the hosts, services behind (in this case, for the group stans).
So i tested this in this way:
waited till fw-cluster-stans-service hardstate = Critical
forded the 2 hosts behind as down (just gave an unreachable IP and reloaded Icinga2)
For both hosts I got still notifications.
What did I wrong or is it at all not possible?
Regards
Peer-Mario