Well I try distributed setup from docs
master - on raspberrypi
satellite - LXD host
agents - LXC containers on LXD host
Problem is agents IPs are not visible to master so all agents services are pending.
I put all agents in master zone config with parent set as satellite
I also created in master’s zone.d folders agent1 agent2 etc. with agent hosts.conf definition on them
What am I doing wrong?
regards
Well I try distributed setup from docs
master - on raspberrypi
satellite - LXD host
agents - LXC containers on LXD hostProblem is agents IPs are not visible to master
Agents do not need to be visible to the Master - they need to be visible to
the Satellite. That’s one of the purposes for using a Satellite.
so all agents services are pending. I put all agents in master zone config
Please show us - an example of one of your agent host definitions should be
enough.
with parent set as satellite I also created in master’s zone.d folders
agent1 agent2 etc. with agent hosts.conf definition on them
Please show us your zone and host definitions for the master and for the
satellite.
What am I doing wrong?
Have you read and followed
Distributed Monitoring - Icinga 2 ?
Antony.
Yes I followed docs
I set Parent zone name for agents as satellite
request ticket generated on Icinga 2 master - accepted
No errors
regards
Please show us your zone and host definitions for the Master, the Satellite and
one Agent.
Antony.
I think zone.conf files are standard, agent is LXD container on satellite, raspberrypi as master icinga2
/* master */
object Zone "global-templates" {
global = true
}
object Zone "director-global" {
global = true
}
object Zone "master" {
endpoints = [ "raspberrypi" ]
}
object Endpoint "raspberrypi" {
}
object Zone "satellite" {
endpoints = [ "satellite" ]
parent = "master" //establish zone hierarchy
}
object Endpoint "satellite" {
host = "192.168.0.130"
}
object Zone "agent" {
endpoints = [ "agent" ]
parent = "satellite"
}
object Endpoint "agent" {
}
/*
* satellite
*/
object Endpoint "raspberrypi" {
host = "raspberrypi"
port = "5665"
}
object Zone "master" {
endpoints = [ "raspberrypi" ]
}
object Endpoint "satellite" {
}
object Zone "satellite" {
endpoints = [ "satellite" ]
parent = "master"
}
object Zone "global-templates" {
global = true
}
object Zone "director-global" {
global = true
}
/*
* agent
*/
object Endpoint "satellite" {
host = "satellite"
port = "5665"
}
object Zone "satellite" {
endpoints = [ "satellite" ]
}
object Endpoint "agent" {
}
object Zone "agent" {
endpoints = [ "agent" ]
parent = "satellite"
}
object Zone "global-templates" {
global = true
}
object Zone "director-global" {
global = true
}
hosts files on master - raspberrypi
/etc/icinga2/zones.d/master/hosts.conf
object Host "raspberrypi" {
/* Import the default host template defined in `templates.conf`. */
import "generic-host"
/* Specify the address attributes for checks e.g. `ssh` or `http`. */
address = "127.0.0.1"
address6 = "::1"
}
/etc/icinga2/zones.d/satellite/hosts.conf
object Host "satellite" {
check_command = "hostalive"
address = "192.168.0.130"
zone = "master" //optional trick: sync the required host object to the satellite, but enforce the "master" zone to execute the check
}
/etc/icinga2/zones.d/agent/hosts.conf
object Host "agent" {
check_command = "hostalive"
}
Your agents don’t need to communicate with your master, hence, that is not the reason why services are pending. Pending services are usually caused by certificate errors or mistakes in zones. More dateils can be found in icinga2.log.
Zone and endpoint object for your agent is missing in your satellite`s zones.conf. You have the global zone director-global which indicates you are using the director. If so, you don’t need both objects manually be defined in satellite`s zones.conf as this is done by the director. And you need to remove zone and endpoint object form your master`s zones.conf due to the same reason.
Satellite`s host object need to be in /etc/icinga2/zones.d/master/ and agent`s host object needs to be in /etc/icinga2/zones.d/satellite/.
Finally it’s best practice to have cluster and/or cluster-zone checks defined to keep an eye on these connections.
I thought that certificates must be created on master for agent? Is that true?
or I must create certificate for agent on satellite?
I configured director on master but dont use it for now.
Why ??
Satellite`s host object need to be in /etc/icinga2/zones.d/master/ and agent`s host object needs to be in /etc/icinga2/zones.d/satellite/.
Finally there is no simple explanation for cluster checks
I am very dissapointed with Icinga docs vs nagios