Remote Icinga instance 'Client' is not connected to 'Master'

Hello, I want to monitor a linux server, like I do with with all my other linux servers.
Only difference is, that this linux server is in a dmz.
Inbound to dmz everything is allowed, but outbound I only allow port 5665.
The first configuration works with no errors, but all the director shows “Remote Icinga instance ‘Client’ is not connected to ‘Master’”.

I tested telnet to the master port 5665 and it works, I also testet telnet port 5665 to the client, also works.
Is there a second port I need to allow in order to get this working?

Log looks like this:

[2022-09-06 15:21:58 +0200] information/FileLogger: 'main-log' started.
[2022-09-06 15:21:58 +0200] information/ApiListener: 'api' started.
[2022-09-06 15:21:58 +0200] information/ApiListener: Started new listener on '[::]:5665'
[2022-09-06 15:21:58 +0200] information/CheckerComponent: 'checker' started.
[2022-09-06 15:21:58 +0200] information/ApiListener: Reconnecting to endpoint 'Master' via host 'Client' and port '5665'
[2022-09-06 15:21:58 +0200] information/ConfigItem: Activated all objects.
[2022-09-06 15:21:58 +0200] information/ApiListener: New client connection for identity 'Master' to [Client]:5665
[2022-09-06 15:21:58 +0200] information/JsonRpcConnection: Requesting new certificate for this Icinga instance from endpoint 'Master'.
[2022-09-06 15:21:58 +0200] information/ApiListener: Sending config updates for endpoint 'Master' in zone 'master'.
[2022-09-06 15:21:58 +0200] information/ApiListener: Finished sending config file updates for endpoint 'Master' in zone 'master'.
[2022-09-06 15:21:58 +0200] information/ApiListener: Syncing runtime objects to endpoint 'Master'.
[2022-09-06 15:21:58 +0200] information/ApiListener: Finished syncing runtime objects to endpoint 'Master'.
[2022-09-06 15:21:58 +0200] information/ApiListener: Finished sending runtime config updates for endpoint 'Master' in zone 'master'.
[2022-09-06 15:21:58 +0200] information/ApiListener: Sending replay log for endpoint 'Master' in zone 'master'.
[2022-09-06 15:21:58 +0200] information/ApiListener: Finished sending replay log for endpoint 'Master' in zone 'master'.
[2022-09-06 15:21:58 +0200] information/ApiListener: Finished syncing endpoint 'Master' in zone 'master'.
[2022-09-06 15:21:58 +0200] information/ApiListener: Finished reconnecting to endpoint 'Master' via host 'Client' and port '5665'
[2022-09-06 15:22:08 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:38712
[2022-09-06 15:22:08 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:38712 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:22:08 +0200] information/WorkQueue: #6 (ApiListener, RelayQueue) items: 0, rate:  0/s (0/min 0/5min 0/15min);
[2022-09-06 15:22:08 +0200] information/WorkQueue: #7 (ApiListener, SyncQueue) items: 0, rate:  0/s (0/min 0/5min 0/15min);
[2022-09-06 15:22:18 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:36794
[2022-09-06 15:22:18 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:36794 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:22:28 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:57772
[2022-09-06 15:22:28 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:57772 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:22:38 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:58684
[2022-09-06 15:22:38 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:58684 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:22:48 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:53570
[2022-09-06 15:22:48 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:53570 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:22:58 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:46574
[2022-09-06 15:22:58 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:46574 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:23:08 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:45946
[2022-09-06 15:23:08 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:45946 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:23:18 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:53078
[2022-09-06 15:23:18 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:53078 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:23:28 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:55664
[2022-09-06 15:23:28 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:55664 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:23:38 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:51160
[2022-09-06 15:23:38 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:51160 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:23:48 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:44122
[2022-09-06 15:23:48 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:44122 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:23:58 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:48634
[2022-09-06 15:23:58 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:48634 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:24:08 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:55252
[2022-09-06 15:24:08 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:55252 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:24:18 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:53544
[2022-09-06 15:24:18 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:53544 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:24:28 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:44232
[2022-09-06 15:24:28 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:44232 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:24:38 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:57004
[2022-09-06 15:24:38 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:57004 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:24:48 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:52538
[2022-09-06 15:24:48 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:52538 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:24:58 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:50176
[2022-09-06 15:24:58 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:50176 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:25:08 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:52768
[2022-09-06 15:25:08 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:52768 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:25:18 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:46832
[2022-09-06 15:25:18 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:46832 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:25:28 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:38456
[2022-09-06 15:25:28 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:38456 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:25:38 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:56592
[2022-09-06 15:25:38 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:56592 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:25:48 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:51186
[2022-09-06 15:25:48 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:51186 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:25:58 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:53398
[2022-09-06 15:25:58 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:53398 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:26:08 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:43292
[2022-09-06 15:26:08 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:43292 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:26:18 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:47652
[2022-09-06 15:26:18 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:47652 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:26:28 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:55438
[2022-09-06 15:26:28 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:55438 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:26:38 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:49046
[2022-09-06 15:26:38 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:49046 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:26:48 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:54858
[2022-09-06 15:26:48 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:54858 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:26:58 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:60876
[2022-09-06 15:26:58 +0200] warning/ApiListener: No data received on new API connection from [::ffff:Client]:60876 for identity 'Master'. Ensure that the remote endpoints are properly configured in a cluster setup.
[2022-09-06 15:26:58 +0200] information/ConfigObject: Dumping program state to file '/var/lib/icinga2/icinga2.state'
[2022-09-06 15:27:08 +0200] information/ApiListener: New client connection for identity 'Master' from [::ffff:Client]:37920

I already reinstalled the icinga agent on the client, this exact configuration works on all other clients, only difference is the dmz.
Thanks for advice.

please post you icinga zones.conf of the agent, and the director icinga agent and zone settings for this agent

I don’t open any port for the “Icinga2 Agent” from the DMZ so the masters needs to initiate the connection. This breakes my automatic setup routine, so I need to configure by hand and do the PKI part and copy the resulting certificate manually.

Hey, if anybody wonders - I had the ufw ubuntu firewall active.
I disabled the firewall temporarily and reconfigured the icinga agent.

Now it works!

1 Like