I was playing around my icinga2 setup I want to fiddle as less as possible with any plain config files so I tried to use icinga node setup to enroll a secondary master node.
here is my command that almost creates the matching zones.conf
sudo -u nagios icinga2 node setup --parent_host "192.168.99.121","5665" \
--trustedcert "/var/lib/icinga2/certs/trusted.crt" \
--ticket 40afbb1b58ac36fd5cc5af3f8d01bad51109d971 \
--cn icinga-node-02 --disable-confd --accept-config --accept-commands \
--listen ,5665 --zone master \
--endpoint icinga-node-02 --endpoint icinga-node-01,192.168.99.121,5665
and here is my zones.conf with a double entry for Endpoint “icinga-node-02”
and master zone that is parent of master zone.
root@icinga-node-02:/etc/icinga2# cat zones.conf
/*
* Generated by Icinga 2 node setup commands
* on 2026-05-04 23:13:23 +0000
*/
object Endpoint "icinga-node-02" {
}
object Endpoint "icinga-node-01" {
host = "192.168.99.121"
port = "5665"
}
object Zone "master" {
endpoints = [ "icinga-node-02", "icinga-node-01" ]
}
object Endpoint "icinga-node-02" {
}
object Zone "master" {
endpoints = [ "icinga-node-02" ]
parent = "master"
}
object Zone "global-templates" {
global = true
}
object Zone "director-global" {
global = true
}
--master the will not work since it ignores endpoint.
I think it would be very nice if there is some logic like:
if (not (endpoints contain cn)){
print additional endpoint
print zone
}
In the big IcingaBook there is something like enroll as agent and edit config.
But I think this can be fixed in node setup too.
Or am I missing something?
Thanks in advance and
Best Regards
Nicolas