I have an icinga2 cluster (with icingaweb2) on one of which the director is still running.
Our service team can work wonderfully through the director. Permission to host groups and the like.
Can I open the director for “external” customers so that the customer’s changes are only rolled out on one zone / satellite and the customer cannot see the entries etc. from the service team?
Though hitting F5 in the browser always switches me to the primary resource. Not sure if my config is correct like this. As it is an undocumented feature im not sure how stable/usable it really is.
Also the webinterface does only update to the “correct” resource, when deploying the config and the checks for the other resource obviously get “stale”, as they are not executed.
So I not really seeing a usecase for this atm.
Thanks for your answer.
I also have the roles and filter for our sub service teams. The colleagues can also roll out changes that are waiting for each other.
I found no way to restrict the deployment.
So Group A create object… Group B create object and for i.e Group C deploy all changes…
I have already found the double DB topic and test it.
But I cannot create a permission for a user / group that they can use the director with this ie. (Costumer_DB) resource.
Hope there is a way to use…
Hopefully for each Customer create own ICINGA (Master, Slave, DB Cluster, Satellite) is not the right answer.
A satellite for each customer is, imo, the best solution.
You even could install a local db and webinterface there and each customer only sees their data.
If you want the customer to additionally manage their own monitored systems, it gets more complex.
Not sure if a multi Director db and interface setup is something one wants to support/maintain.