I want to ask you a design question because me and my colleague do not have the same opinion about this scenario.
We do have a headquarters with 2 master servers
there are around 10 bigger branch offices with around 50-75 servers and 20 branch offices with 5-15 servers.
95% of the servers are windows servers and they are being checked with the icinga2 agent.
I would prefer to directly connect every agent with the master without any satellite between it.
Advantages:
no single point of failure on a satellite host
no unreachable state when the satellite host is down
faster configuration and rollout (it will grow fast in the future)
less hardware requirements on the branch offices site
control over server infrastructure is complete in the headquarter (no other access is needed)
Disadvantages:
more load on the master servers
But is that really true? Because the data will also be transferred using satellites. Its only less tcp sessions I think? Do you think that would matter?
What do you think might be other disadvantages or why should it be better to use satellites?
The master servers will be VMs, its no problem to make them really powerful if that would be a point.
I currently would go with 8 Cores, 16 GB Ram per master server.
the most important point for me to use satellites for branch offices is when the network connection goes down.
With no satellites no check will be executed anymore or you will get a lot of criticals that arent a real one. With satellites the checks are still running in the branch office and the results will be send to the masters as soon the connection is up again.
My opinion is that if you are running the Icinga Agent on nearly all the
machines being monitored, and you have good, reliable bandwidth between
those Agents and the Master/s, then Satellites give you no real advantage.
I install Satellites when any of the following is true:
A reasonable proportion of “things to be monitored” can’t run the Agent,
and need to use SNMP, SSH or similar. The Satellites can then do this on
behalf of the Master/s.
Connectivity between the machines being monitored and the Master/s is
unreliable, because you can then have the local Satellite buffer the check
results and relay them back to the Master/s when possible.
Local management at the Satellite locations want to see monitoring for just
their group of machines, so you can install Icingaweb2 on the Satellite and
provide a local view, whilst maintaining an over all view at the Master/s.
(2 and 3 can also go together; if connectivity is poor, and you have a local
view of the network monitoring, you’re not dependent on getting the results
back to the Master/s before anyone knows what’s going on.)
And don’t forget network segmentation, From a security perspective it’s better to put satellites in special zones and you have to give to the permission them to communicate between network segments. If you don’t have satellites, you have to give the master the permission to “talk” with every server in every network segment!
So it’s really depending how your infrastructure looks like.
And because you’re writing you will install icinga on a VM. Think about what happens, if your VM is not working: You’re blind. Maybe you install icinga on its own hardware
The security point is good, but I’d just like to emphasise that Icinga is
happy with being able to communicate in either direction.
You do not need your Master/s to be able to get through firewalls etc and
reach your Satellites or Agents, so long as the opposite is possible - the
Satellites or Agents are able to connect to the Master/s.
Similarly, the Satellites / Agents don’t have to be able to connect to the
Master/s, so long as the Master/s can connect to them.
Basically, it’s your choice as to how to arrange your network security /
routing / permissions.
So long as at least one direction works, Icinga works.