Cluster Monitoring on HA-IP

icinga2

#1

Hi all!

I would like to monitor a cluster of two nodes. The cluster is a failover master-slave cluster with an HA-IP-address (VRRP/keepalive). So I would like to monitor three systems:

  • server (main application, 192.168.1.1)
  • server-node1 (system monitoring, 192.168.1.100)
  • server-node2 (system monitoring, 192.168.1.101)

Since the main application is running only on the active node I would like to monitor the application only on the HA-IP.

I try to use the following configuration on the master (server-node 2 omitted)

server-node1

object Endpoint “server-node1” {
host = “192.168.1.100”
}

object Zone “server-node1” {
endpoints = [“server-node1”]
parent = “master”
}

object Host “server-node1” {
import “generic-host”
address = “192.168.1.100”
}

# HA-IP:

object Endpoint “server” {
host = “192.168.1.1”
}

object Zone “server” {
endpoints = [ “server” ]
parent = “master”
}

object Host “server” {
import “server-host”
address = “192.168.1.1”
}

While establishing the API-Connection from the master to the server:

[2018-10-12 09:10:36 +0200] warning/ApiListener: Unexpected certificate common name while connecting to endpoint ‘server’: got ‘server-node1’
Context:
(0) Handling new API client connection

Any hints on how to solve this?


Checking a cluster with icinga2 agents
(Carsten Köbke) #2

You could run a second instance of icinga-agent (not easy to solve) or use nsclient++/nrpe that is listening only on the HA-IP.
Think they already working on making the icinga agent useable for clusters, but it will take some time.


#3

We do check_by_ssh for these cases. For me that seems to be safer than NRPE.


(Matthias) #4

Take a look at the Business Process module.

Create your cluster as a a business process and create a service checking the state of this business process.
Only create notifications for this service so you only get notified when the cluster goes down and not if only one side does.