No Endpoing object found for identity

Icinga 2
1

Hello,

I have two master servers (prod, dev) and one client server (client).

All servers are running:

icinga2 - The Icinga 2 network monitoring daemon (version: 2.12.3)

At present, I am able to connect dev to client, but I am unable to connect prod to client.

prod is successfully connected to many other client server.

I am able to ping client from prod. I am able to telnet to client port 5665 from prod.

On prod, /var/log/icinga2/icinga2.log has the following:

  • information/ApiListener: New client connection for identity ‘client.tld’ from [xx.xx.xx.xx4]:51540 (no Endpoint object found for identity)

  • information/JsonRpcConnection: Received certificate request for CN ‘client.tld’ signed by our CA.

  • information/JsonRpcConnection: The certificate for CN ‘client.tld’ is valid and uptodate. Skipping automated renewal.

I have tried to deploy this server many times in Icinga Director on prod.

Please advise,

Mark

2

Hi,

are the two master servers in a ha setup or stand alone? could you share the zones.conf pls?

3

Hello,

I had already made zones.conf for prod master server identical to the dev master server. They were initially not identical.

PROD*************************************************
/*

  • Endpoint and Zone configuration for a cluster setup
  • This local example requires NodeName defined in
  • constants.conf.
    */

object Endpoint NodeName {
host = NodeName
}

object Zone ZoneName {
endpoints = [ NodeName ]
}

/*

  • Defines a global zone containing templates,
  • etc. synced to all nodes, if they accept
  • configuration. All remote nodes need
  • this zone configured too.
    */

object Zone “global-templates” {
global = true
}

/*

  • Defines a global zone for the Icinga Director.
  • This is required to sync configuration commands,
  • templates, apply rules, etc. to satellite and clients.
  • All nodes require the same configuration and must
  • have accept_config enabled in the api feature.
    */

object Zone “director-global” {
global = true
}

/*

  • Read the documentation on how to configure
  • a cluster setup with multiple zones.
    */

/*
object Endpoint “master.example.org” {
host = “master.example.org
}

object Endpoint “satellite.example.org” {
host = “satellite.example.org
}

object Zone “master” {
endpoints = [ “master.example.org” ]
}

DEV*************************************************
/*

  • Endpoint and Zone configuration for a cluster setup
  • This local example requires NodeName defined in
  • constants.conf.
    */

object Endpoint NodeName {
host = NodeName
}

object Zone ZoneName {
endpoints = [ NodeName ]
}

/*

  • Defines a global zone for distributed setups with masters,
  • satellites and clients.
  • This is required to sync configuration commands,
  • templates, apply rules, etc. to satellite and clients.
  • All nodes require the same configuration and must
  • have accept_config enabled in the api feature.
    */

object Zone “global-templates” {
global = true
}

/*

  • Defines a global zone for the Icinga Director.
  • This is required to sync configuration commands,
  • templates, apply rules, etc. to satellite and clients.
  • All nodes require the same configuration and must
  • have accept_config enabled in the api feature.
    */

object Zone “director-global” {
global = true
}

/*

  • Read the documentation on how to configure
  • a cluster setup with multiple zones.
    */

/*
object Endpoint “master.example.org” {
host = “master.example.org
}

object Endpoint “satellite.example.org” {
host = “satellite.example.org
}

object Zone “master” {
endpoints = [ “master.example.org” ]
}

4

Hi,

first of all it would be create you format code with markdown: Create topics and master Markdown formatting :wink: . This makes your text better readable for everybody.

Just to be sure I may ask you if you post the correct zones.conf? This looks like an example file.

5

Hello,

Yes, these are example files. I don’t think the problem is with the zones.conf file as the dev master server can connect to the client server but prod master server cannot connect to the client server. Furthermore, prod master server can connect to many other client server without a problem.

6

Hello,

This is an ongoing problem. The production server connects to many client servers successfully but for some reason fails to connect to the latest server I am trying to configure. What other information can I provide you so that I can resolve this issue?

Thanks

7

Please close this ticket. The problem has been resolved.