Configuration Sync to Remote Clients

This forum was archived to /woltlab and is now in read-only mode.
  • Hi All,


    I've set up a master icinga2 node that controls checks against other hosts and services that are available externally. In order to get more in depth stats and checks on other remote systems, such as disk space, swap, etc. I've installed icinga2 and have run the wizard so that the remote machine is acting as a client.


    Now what I am seeing is that this remote machine has it's own configurations and variables set for checking disk space usage, etc. If I want to set the following variables:


    Code
    1. vars.ssh_port = "2222"
    2. vars.procs_warning = "300" /* Default is 250 */
    3. vars.procs_critical = "400"


    ...for this host, I have to login to the remote host, edit the configuration files, reload icinga2 and be done with it.


    I guess what I am hoping is that I could change these variables on the master node and have it synchronize these variables (or the config?) to the remote client node. Unfortunately, this does not seem to be working. I have tried running ```icinga2 node update-config``` but this does not seem to make any changes to the checks taking place or add the custom variables I have configured this host/zone/node for.


    How is icinga2 synchronizing configurations or checks? Do I *have* to log into this remote client to make these changes or can this _at all_ be changed from *only* the master node? I searched around the documentation but I cannot seem to locate this information ; examples are not given anywhere, either, so I am at a loss. ?(

  • Hi, read 15.8.4 of the doc.
    You need to log on initially to the client to configure the object in its zones.conf and constants.conf file.
    What is entered here must be copied to the masters zones.conf file as well.
    After the communication to the master is established, all config is done in the zones.d/ZONEOFCLIENT directory of the master.


    node update-config means to synchronize each endpoint up to the master, that is not what you wand and will destroy your configuration. Forget about that.


    Now read the doc regarding top down config, build up your zones.conf and constants.conf files on every machine and come back
    to here after nodes are able to talk to the master.

  • Thanks -- this seems to be helping me get this going a little bit better.


    One issue I seem to be having now (for whatever reason) is that checks seem to be running without issue, except for hostalive. I'm receiving the following in icingaweb2


    Code
    1. /usr/bin/ping6 -n -U -w 30 -c 5 server1.domain.internal
    2. CRITICAL - Could not interpret output from ping command


    Here is the "local.conf" for the zone "server1.domain.internal":



    The disk checks as well as the "procs" check seem to be working fine, variables are working, and disk usage changes are showing if I remove / create test files. I cannot, for the life of me, figure out why hostalive is stating that it is down.


    From the looks of it, it is trying to use IPv6 to check if the host is alive. From what I've read, it only tries this if "address" has not been specified (and I implicitly did not state "address6" anywhere, either) but I *have* listed the "address" variable.


    Of course, fix one thing, break another. :P

  • From what is defined in /usr/share/icinga2/include/command-plugins.conf of icinga2 version 2.4.10 it expects an ipv4 address, not a hostname. However, tests show that giving a hostname here *may* work.

    The post was edited 2 times, last by sru ().

  • Thanks for the help Sru. Unfortunately, it seems even updating the configuration still returns the same hostcheck "down" error as previously referenced. In testing the ping6 command, it seems to fail, no matter what is input. IP address, host name, anything really.




    This is on a CentOS 7.x system, by the way. I feel maybe there is some other misconfiguration (maybe something wrong with ipv6 and ping6 packages?) that is causing the entire issue.


    EDIT: So, I'm some-what of an idiot in the sense that I was trying to ping ipv4 addresses with ping6 ; however, the problem still stands as the hostalive check should not be using IPv6 so I'm at the same point I was.
    EDIT2: Removed non-relevant content.

  • You know that ping6 needs an interface given for local adresses ?




    Please check how the check_ping plugin is called by icinga2:


    Code
    1. icinga2 feature enable debuglog
    2. service icinga2 restart
    3. grep -i 'Running command' /var/log/icinga2/debug.log | grep ping
    4. [2016-07-29 09:55:52 +0200] notice/Process: Running command \
    5. '/usr/lib64/nagios/plugins/check_ping' '-H' '192.168.2.3' \
    6. '-c' '5000,100%' '-w' '3000,80%': PID 6536

    That gives you a feedback about what happens.


    I suggest you do a su - icinga and run that same command from the shell then.
    there seems to be a '-4' option that forces check_ping to interpret the address as IPv4.

    The post was edited 2 times, last by sru ().