nagios to icinga2 - possible migration

  • Hi folks! I may have the opportunity to migrate away from Nagios and of all the other monitoring applications I've sampled I'm inclined to go with Icinga2. I know that the NSClient++ is supported in Icinga2 and that's what we currently use with Nagios. I'd rather not go through the entire process of moving to the Icinga Agent (and yes I'm definitely aware of the security issues that exist with that client) if I can reuse that client and reuse the same port 5666 so that I don't have to bug my network guy to open up ACL's on our firewall. Our setup is not that big (600+ hosts and 4000+ services) but it could be a lengthy process have to set this all up from scratch without config manager tools like Chef and Puppet which we don't currently have. I'm trying to see if there's a way to configure the Icinga2 master server to listen on that port instead of 5665 but I've not been able to come across any documentation or forum post that provides the information. I was hoping someone here might've done something similar and can share the knowledge. Thanks in advance!

  • The clients do listen on port 5666, and the firewall should be opened up already. You don't need that port on the Icinga master then, as there won't be connections to it, right?

  • I think there's some confusion on my side. Is it possible to monitor a Windows client, for example, with only the NSClient++ and not have to install the Icinga Agent?

  • If NSClient++ is running on that machine already, you could go for a 2 step migration. First, re-use the current plugin on the master used to query NSClient++ on the clients. I'd assume that this is check_nrpe or check_nt currently.


    The ITL provides the "nrpe" CheckCommand definition, check_nrpe is available on EPEL for RHEL7 e.g. - the soft migration should be all services and their command parameters which should be translated into Icinga 2 custom attributes. Maybe it also is "check_nt" which is used inside "nscp" too.


    The second long-term step should be a full migration to the Icinga 2 client, used as command bridge.


    Hopefully the NSClient++ versions are at least 0.4.x already, an update request to 0.5.x wouldn't hurt though. It would open up more possibilities and security options.

  • I think the biggest issue I'm having here is the translation between the syntax in Nagios and Icinga. I'm trying to configure a host... something like this:


    But I'm getting errors on the GUI saying that the remote Icinga instance is not connected to the master.

  • Hm, you are already going the route of using the Icinga 2 client here. Did you install Icinga 2 on the Windows client already?

  • No..just strictly using the NSClient++ client. I basically tried to recreate what this member did here. I'm definitely missing something here that I'm not understanding. The host itself shows up on the web GUI and the ping4 service is working and the server knows that this endpoint is up...so it seems the issue is with the way the service is being defined. I'm not really seeing any examples on how to define services and commands for use with NSClient++

  • That URL describes the Icinga 2 client which locally queries NSClient++. You don't want that then.


    If you prefer to use the "old" mode with querying NSClient++ remotely from your master, I'd investigate on how you are doing it in your current setup, and apply the same method. Either check:_nrpe or check_nt, can you share some insights from your "old" configuration?

  • Sure thing...so for example in Nagios we have this command defined:


    Code
    1. define command{
    2. command_name check_nt
    3. command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -v $ARG1$ $ARG2$
    4. }


    and then we assign a service based on that command it to the a host. This one here calculates the uptime:


    Basically I'd like to just be able to translate that and all other similar commands. I have a bunch of other nagios plugins that run python and perl scripts that would need to run in more or less the same fashion. I think the biggest issue that I'm having is just translating the syntax...like...where do I define this command and how do I reference any and all hosts I want to apply this check to.

    The post was edited 1 time, last by lravelo ().

  • Ok then, ensure to have a read on the monitoring basics chapter (even if you say, it must work. it helps to understand the basic concepts. Especially those which differ to the old configuration format).


    https://www.icinga.com/docs/ic…doc/03-monitoring-basics/


    One thing which also helps, is the differences and migration guides in the end of the TOC. Not necessarily to migrate everything 1:1 but to get an idea. https://www.icinga.com/docs/ic…migrating-from-icinga-1x/


    My general advise when asked - do an inventory and start fresh.


    So, your example tells us that you're using check_nt. This is good, as there already is a CheckCommand for that.


    Note for you - if there isn't a CheckCommand, you need to create one for your plugin: https://www.icinga.com/docs/ic…-monitoring/#requirements


    Going further, you really need to understand how command parameters are passed in Icinga 2. The old world used $ARG1$ and so on, with the service check_command attribute like commandname!arg1!arg2 and so on.


    This is different here, the check_command really only is a the name of the CheckCommand object. Command parameters are defined as custom attributes.


    Note for you - read about custom attributes, and command parameters here:

    https://www.icinga.com/docs/ic…basics/#custom-attributes

    https://www.icinga.com/docs/ic…ters-from-host-or-service



    Code
    1. check_command = "nscp"


    (I am repeating what the official Icinga training does)


    Now, how about some parameters to check_nt, there's documentation for that: https://www.icinga.com/docs/ic…ga-template-library/#nscp


    Docs tell me, that I don't need to specify an address, that's automatically resolved from the host's address attribute. Good. The port in your example is hardcoded, the "nscp" CheckCommand has set a default value for it. I could override it (didn't you say you are using 5666 as port?) - that's a major difference to the old world, Commands also have custom attributes and allow for default values.


    The general idea is to have only one CheckCommand for different purposes. Optional and conditional arguments, and not 10 CheckCommand definitions like check_n1_1arg, check_nt_3_args, etc.


    What else would I need ... oh yes, there's two arguments defined in your example, but only one is used. Let's just forget about $ARG2$, seems to be a leftover.


    Code
    1. -v $ARG1$

    seems to be the query (or "variable" with check_nt --help). This applies to the "nscp" CheckCommand docs with "nscp_variable".


    Easy going, the whole service looks like this


    Code
    1. apply Service "uptime" {
    2. check_command = "nscp"
    3. vars.nscp_variable = "UPTIME"
    4. assign where host.vars.os == "Windows" //this requires that all hosts which get this service object generate, have this custom attribute set
    5. }


    Last but not least, get familar with apply rules and their assign where expressions. They'll save you a lot of time, if you only need a service defined once but applied to *all* Windows hosts.


    https://www.icinga.com/docs/ic…oring-basics/#apply-rules


    The other service object attributes from your example:


    • max_check_attempts -> the same
    • normal_check_interval -> that's Nagios 2 syntax, deprecated in 3.x. The Icinga 2 one is called "check_interval".
    • retry_check_interval -> also deprecated in old versions. Icinga 2 just uses "retry_interval"
    • check_period -> the same


    host_name is not needed, that's automatically set via apply rule. service_description is the string identifier after "... Service".


    contacts and notification settings are handled differently in Icinga 2.


    Notifications are real objects, and they relate to Host/Service Objects. Read on here: https://www.icinga.com/docs/ic…ing-basics/#notifications


    Notification objects also specify the notified users or user_groups (previously the contacts). The notification_options are readable states and types as setting.


    The differences are explained here: https://www.icinga.com/docs/ic…n-hints-for-notifications (better to read there than I repeat them here)


    Please note that notification objects also require a NotificationCommand. The one you previously had in your contact definition.


    Your example could translate into this. Again, read about Apply rules beforehand.



    More to read: Value types.


    https://www.icinga.com/docs/ic…cs/#attribute-value-types


    One thing to note: Don't copy paste my examples. There may be typos or errors, I did not test them. Try to find your own way through it, and iteratively test them. Start with a simple Host object, then create the Service Apply. Once everything works and is live in your Icinga Web 2, dig deeper into the new Notification sphere.


    Your homework: Find out how to assign users to user groups. That's documented and got examples too.


    Second to that, tell me your best pattern for applying services to your hosts with check_nt by posting your final solution here :)

  • Thanks for the guidance. This is starting to make sense and I'm starting to like just how much more powerful this tool is than what I'm used to. I've only added two hosts for now but I've been able to define the services that I most commonly monitor on Windows servers...below are those services:


    One thing I've been trying to figure out is to make the services a little more generic and then use certain attributes to trigger a check...take for example these two:

    These both only differ in name and parameter but it's really the same check. Would I be able to combine these two into jus one check and then perhaps just assign attributes for each drive letter? This would also help for certain Windows Services that I need to monitor...would like to know if I can avoid having to write up a Service for every single Windows Service.


    EDIT #1:


    So in hopes to actually find a way to do this, I've modified the following (probably not the best thing to do but just tinkering around to see if I can get it to work):

    and then I added the following to one of the hosts to test:

    Code
    1. vars.disks["c"] = {
    2. }
    3. vars.disks["d"] = {
    4. }

    but now I'm getting a message saying that I'm missing the "-l" parameter which this command doesn't need...it seems like this is doable but definitely missing something.


    EDIT #2:


    After a little bit more of trial and error, I got it :-)

    Going to try to do the same thing for the Windows Services/processes

    The post was edited 3 times, last by lravelo ().