I have a question regarding the hosts.conf file. Every host has a “address = IPAddress here” line. Is there a possibility to use the hosname (dns) instead and define it in the /etc/hosts file of the system Icinga is running on?
Yes, for sure you can use DNS here, but it has two disadvantages why I recommend using ip addresses. First is your monitoring gets an additional dependency to DNS, second in a multi homed or dual stack network you can lose the tight control over which address is used. Both of this would not effect you when using a local caching DNS or host entries like you suggested.
So I would be curious how managing host entries is better for you than managing it in the configuration of Icinga 2 as for me it simply looks like an additional step?
I see, that’s a good insight to have, sadly it’s a requirement I got from my boss. So it would be beneficial for me to know how to do this. I will also discuss those points with him, but for the moment can you please provide me an example of what I have to do/configure so that it works the way I described?
Edit: Also, I’m not the only one that is working on that host, so people who aren’t familiar with Icinga would rather make a change in the /etc/hosts file (when needed) instead of going into the hosts.conf and not knowing what to do.
It is really as simple as in your example, use for the attribute address the fqdn of the system (or any alias) instead of the ip address. By this Icinga 2 will set the fqdn instead of the ip address for the parameter of the check plugin and the plugin will then use the system’s dns handling to get the address. So with nsswitch configured in the default way, it will use files before dns, so an entry in /etc/hosts will be used if existing.
Ok good to know, but in that case for now it doesn’t work. The host is in a DOWN state, even though I configured it like that. You were mentioning something about nsswitch, is that something I have to configure too, so that it can work? If so, how do I do that for my example?
Maybe as clarification, these are my config Files: hosts.conf
As a side note for the picture: The check source has a completely other name then the hostname itself, is that normal? And also, that green host that is already there, is the 127.0.0.1 localhost address that has the same name as the check source of my host I’m trying to configure here.
Edit: I just tried this with a different host, because I thought, maybe doing this with the same host one time with the localhost address and another time with it’s actual IP isn’t that smart, but the result is the same, it shows a DOWN state even though it’s reachable / pingable.
Ok, this makes me wonder, because I would not expect it to run into a timeout here.
Nsswitch should not be the problem here, but to ensure it you could look for the line starting with hosts in /etc/nsswitch.conf. It should at least contain hosts files dns which would configure the order.
Your example looks good to me as you tell Icinga 2 to use the alias and you defined the alias as host entry. So it could only be a problem with the plugin.
The hostalive command uses check_ping so running it manually like sudo -u icinga /usr/lib64/nagios/plugins/check_ping -w 3000,80% -c 5000,100% -H testhost-01 could give some hints. In my case it throws an error if the alias is not defined and it takes about 4 seconds for the 5 ping packages with the alias defined like it does also with the ip address.
The check source is the system where the check is executed in the case of a ping check it totally makes sense that the check source is your master or satellite as an agent pinging itself is not helpful. So if this confused you probably your added the alias on the wring system? It should be on your master and satellites as they will execute these checks.
So, the nsswitch is there and works normally by default (didn’t change anything as you mentioned).
I tried to use that command you sent me in the shell and the hosts give back an OK state, no problems there. Same thing is reflected on the Icinga side of things, the Ping check is green giving an OK state (with the exception that the “reachable” label is on “no”[red]), but the Hosts themselves are all red with the DOWN state (Timeout Error). I tested this with windows and linux hosts and it’s the same result.
I’m starting to think, if it might be a problem on the other side of things and not an icinga problem as it seems, but then again, if I just input the IP address instead of the hostname it works fine as it should, without any of that.
Unfortunately I can not reproduce it as on my system it works fine with both values. Could it be a problem based on the size of the hosts file as it has to always read it completely?
I wouldn’t think so no. The hosts file isn’t that big at all. For the moment there are just 3 hosts and at the beginning I just tested it with only 1 host and the default 127.0.0.1 localhost route is there and nothing else.
And what is its result? If RTA > 4000ms everything works as expected. Means 5 packages with more than 4000 ms response time each is more than 20s total, hence, exceeds timeout.
The other 2 are in a similar range, with 0.36 & 0.32 RTA
So am I understanding this correctly: Does this mean, that there is no possibility for me to use hostnames as Icinga takes too long to translate those names into IPs and sees those hosts as DOWN even though they aren’t?
Ok, so, I tried to do this, but it didn’t work. @dgoetz thanks for the help, maybe it’s just a Network Problem and I don’t know how to handle it right now.
As a workaround, I put some const in the constants.conf file of icinga. It’s not the same thing, but it does the trick for now.
I’ll just mark this one as Solution and end it here.
