IC2 Cluster Sync Problem / Best Practice

Hi,

Hope everyone doing well today. I need some guidance on how the Multi-Master HA cluster works in case of executing checks as hit some problem that I cannot explain - but for sure it’s my fault.

I’ve created myself, 2 x IC2 masters, following guidelines from Distributed setup. One master actively trying to connect to another and this is the config:

MASTER 1

object Endpoint "MASTER1" {
}
object Endpoint "MASTER2" {
host = "MASTER2"
}
object Zone "master" {
  endpoints = [ "MASTER1", "MASTER2" ]
}
/* sync global commands */
object Zone "global-templates" {
  global = true
}
object Zone "director-global" {
  global = true
}
object Zone "custom-config" {
  global = true
}
object Zone "client-config" {
  parent = "master"
}

MASTER 2

object Endpoint "MASTER1" {
}
object Endpoint "MASTER2" {
}
object Zone "master" {
  endpoints = [ "MASTER1", "MASTER2" ]
}
/* sync global commands */
object Zone "global-templates" {
  global = true
}
object Zone "director-global" {
  global = true
}
object Zone "custom-config" {
  global = true
}
object Zone "client-config" {
  parent = "master"
}

The problem that I hit is currently custom-config holds the definition of all of my services, notification rules etc (no Host, Endpoint or Zone Objects) and this bit works great. But if I drop my ex. example Host (object Host, check command dummy) to my zone custom-config my checks are not being executed.

So I can see all checks (and objects using icinga2 object list) on both masters but checks are simply not getting executed. The checker module is of course enabled on both hosts.

What I did now is re-enabled the inclusion of conf.d on both masters and stick my example Host there - and then everything works, however assuming this is not best practice.

Can somebody guide me on what I did wrong here, why these checks are not executed when they are in the zones.d folder? Please note we are operating here on a simple example of a Host that got one HTTP check on it that is expected to be triggered from one of the masters directly. They are no other servers/endpoints included now.

Also not sure is that how it should be set up but API accept_config and accept_commands are only enabled on MASTER2, not MASTER1. Not sure if that should be on both masters if only one actively connects to another one.

IC2 version 2.13.1 running on Centos 7 with ido-mysql backend (both masters report to same Mysql database).

Thanks
Dariusz

Fixed problem myself :slight_smile:

As I want to execute checks on my masters I added my host objects to zone master and it started working.

What I know now is that you cannot have “dummy” zones without valid endpoints otherwise your checks will stuck in Pending

D

1 Like