Icinga2 command line - reconfigure zone

Hey folks…

Is there a way to use the command line to “change” the parent zone of an agent OR we need to redo the entire process that will also change the certificate and we will need to redo a icinga2 ca sign on the master?!

You can change the parent zone by editing the zones.conf file. No need to redo the whole certificate process. Edit the zones.conf file on the agent with the new parent zone setting. Restart icinga on the agent and the new zones setting will get applied on restart.

Regards
Alex

@aclark6996

yeah we know that, I mean, right now we are configuring new agent using

cinga2 pki save-cert --trustedcert /tmp/trusted.crt --host MASTER
icinga2 node setup --zone SATELLITE --endpoint SATELLITE --parent_host MASTER,5665 --parent_zone SATELLITE --trustedcert /tmp/trusted.crt --cn HOSTNAME --accept-config --accept-commands --disable-confd
rm /tmp/trusted.crt

and we are using this command remotely to deploy a bunch of new agent… I would need to find a way to do the same thing to change the “zone” without having the pki save-cert that will generate a new certificate for the agent, that will require that we do again a icinga2 ca sign on the master…

So you are just looking for a command to change the zone entry in Icinga 2’s zones.conf? There is no Icinga 2 specific one as there is no need for this, simply use standard Linux commands like sed and then systemctl to restart.

A very basic example:

sed -i 's/OLDZONE/NEWZONE/g;s/OLDPARENTENDPOINT/NEWPARENTENDPOINT/g' /etc/icinga2/zones.conf
systemctl restart icinga2.service
1 Like

that’s what I was having in mind and will need to find the equivalent in Windows! :slight_smile:

But before doing some “sed”, I was checking if I missed something in the icinga2 command line!

For Powershell it should be (but take it as untested from a Linux admin :wink: ):

$filePath = 'C:\ProgramData\ICINGA2\etc\icinga2\zones.conf'
((Get-Content $filePath -raw) -replace 'OLDZONE','NEWZONE') -replace 'OLDPARENTENDPOINT','NEWPARENTENDPOINT'  |  Set-Content $filePath