Active checks fail on a remote debian webserver

Hello monitoring masters,

Icinga2 server: Debian Buster, version is r2.10.3-1
icingaweb2 server: Also Debian Buster, version is 2.6.2

When I attempt to send an active check from icingaweb it doesn’t raise any errors, but nothing happens. The countdown for the next check stands as it is. Does anybody know where the problem might be?

That’s how my …/…/modules/monitoring/commandtransports.ini looks like:

 [icinga]
 host = 10.8.10.10
 path = /var/run/icinga2/cmd/icinga2.cmd
 transport = remote
 user = nagios

and …/…/resources.ini:

[icingaweb]
type = db
username = icingaweb
dbname = icingaweb
host = localhost
port = 5432
password = "***"
db = pgsql
[icinga]
password = "****"
dbname = icinga
username = icinga
port = 5432
host = 10.8.10.10
db = pgsql
type = db

Any help would be much appreciated!

You need to have a public-key ssh connection, details are described here.

However, recommend is using the API instead.

Thanks @rsx for the quick reply.

So I have the following configuration in resources.ini:

[icinga-ssh]
type = ssh
user = nagios
private_key = /etc/icingaweb2/ssh/icinga # copied from /home/nagios/.ssh/id_rsa, ownership has been applied to nagios

commandtransports.ini:

[icinga]
host = 10.8.10.10
path = /var/run/icinga2/cmd/icinga2.cmd
transport = remote
resource = icinga-ssh

Nagios’ public key has been copied to /var/lib/nagios/.ssh/authorized_keys on the server. Still not working. What am I missing?

Did you try to login via cli as user nagios?

Again, I’d recommend not to spent any time on this approach but switch to the mentioned API.

yes, it works without problem.

Again, I’d recommend not to spent any time on this approach but switch to the mentioned API.

The problem with this approach is that I will not be able (at least based on this documentation) to translate the configuration into an ansible code (the goal is to provision both server and web with ansible).

I wasn’t 100% sure (that’s why I haven’t been mentioning it) but now I found this information.

Thanks! I believe we can close the issue then :slight_smile: