Installing Backup Master with ansible

  • Hallo I have a Problem:


    tasks/install-satellite.yml



    He fails at setup Node. What is error on bio X509 AUX?


    Error Code:

    Code
    1. fatal: [192.168.124.119]: FAILED! => {"changed": true, "cmd": "icinga2 node setup --ticket 6cb4da30fed4f51f92cbc13e707ddabf5fdbf15a --cn icinga2-master2.localdomain --endpoint icinga2-master1.localdomain --zone icinga2-master2.localdomain --master_host 192.168.124.175 --trustedcert /usr/local/etc/icinga2/pki/trusted-master.crt --accept-commands --accept-config", "delta": "0:00:00.083747", "end": "2017-10-12 11:09:57.457927", "failed": true, "msg": "non-zero return code", "rc": 134, "start": "2017-10-12 11:09:57.374180", "stderr": "Abort (core dumped)", "stderr_lines": ["Abort (core dumped)"], "stdout": "information/cli: Verifying ticket '6cb4da30fed4f51f92cbc13e707ddabf5fdbf15a'.\ninformation/cli: Verifying master host connection information: host '192.168.124.175', port '5665'.\ncritical/SSL: Error on bio X509 AUX reading pem file '/usr/local/etc/icinga2/pki/trusted-master.crt': 33558530, \"error:02001002:lib(2):func(1):reason(2)\"\ncritical/Application: Error: std::exception\n\n\n\nAdditional information is available in '/var/log/icinga2/crash/report.1507799397.441171'", "stdout_lines": ["information/cli: Verifying ticket '6cb4da30fed4f51f92cbc13e707ddabf5fdbf15a'.", "information/cli: Verifying master host connection information: host '192.168.124.175', port '5665'.", "critical/SSL: Error on bio X509 AUX reading pem file '/usr/local/etc/icinga2/pki/trusted-master.crt': 33558530, \"error:02001002:lib(2):func(1):reason(2)\"", "critical/Application: Error: std::exception", "", "", "", "Additional information is available in '/var/log/icinga2/crash/report.1507799397.441171'"]}
  • I've edited your post to include the configuration details. Pastebin's which expire won't help much later on.


    I'd verify if the file "/usr/local/etc/icinga2/pki/trusted-master.crt" is readable by the Icinga 2 CLI command. This sounds like a crash somewhere.


    Furthermore please include as much version and environment details as possible, such as the Icinga 2 version.


    https://monitoring-portal.org/cms/index.php?faq/

  • icinga2 version 2.7.1_2


    Code
    1. root@icinga2-master2:/var/log # ls -la /usr/local/etc/icinga2/pki/
    2. total 40
    3. drwxr-xr-x 2 icinga icinga 7 Oct 12 10:00 .
    4. drwxr-xr-x 9 root wheel 17 Oct 12 09:15 ..
    5. -rw-r--r-- 1 icinga icinga 1720 Oct 12 09:15 ca.crt
    6. -rw-r--r-- 1 icinga icinga 1818 Oct 12 12:05 icinga2-master2.localdomain.crt
    7. -rw-r--r-- 1 icinga icinga 1687 Oct 12 09:15 icinga2-master2.localdomain.csr
    8. -rw------- 1 icinga icinga 3243 Oct 12 12:05 icinga2-master2.localdomain.key
    9. -rw-r--r-- 1 icinga icinga 1793 Oct 12 12:05 trusted-cert.crt


    # nano /usr/local/etc/icinga2/pki/trusted-cert.crt

  • Oh ok, aber er schafft es nicht sich zu verbinden


    icinga2-master1:

    /usr/local/etc/icinga2/conf.d/api-users.conf

    Code
    1. /**
    2. * The APIUser objects are used for authentication against the API.
    3. */
    4. object ApiUser "root" {
    5. password = "root"
    6. // client_cn = ""
    7. permissions = [ "*" ]
    8. }

    Fehlermeldung auf icinga2-master2:

    Code
    1. information/cli: Requesting a signed certificate from the master.
    2. critical/TcpSocket: Invalid socket: Connection refused
    3. critical/cli: Cannot connect to host '192.168.124.175' on port '5665'
    4. critical/cli: Failed to request certificate from Icinga 2 master.
  • ok works now. Something at bsd startup option so Icinga2 wasn'T started at startup. Now it works fine.