Conversion of multiple Master-Client setups to a new Master-Sat1/client1-Sat2/client2 setup

This forum was archived to /woltlab and is now in read-only mode.
  • Hey Everyone,

    I was wondering if someone ever ran into having to convert 'roles' of the installed servers? I am in the process of trying to convert many installations.

    I currently have a low nr (<10) disjoint master - client setups. These setups have nothing to do with each other. Think of them as independent sites, even though the gear monitored is the same at each site.

    Local Icinga masters (2.6.3) are installed and have Icingaweb2 running. The masters check some devices via SNMP (routers, switches, A/C's, UPS's, PDU's, etc) and have many clients connected (Win/Linux). These clients perform their own checks via (top down config) and report up to the local master.

    This all works like a charm...

    I am going to put a 'NOC' in place to monitor all these installations and I could of course 'export' the screens to a central location for the NOC to watch it all. For <10 or so this is certainly doable, but there is going to be a ramp up to perhaps ten's, or even hundreds at which point it doesn't scale.

    Therefore I am looking to convert my setup to a classic Master - Satellite - Client config.

    The Master will sit at that central location, and connect to the Satellite. Now, this Satellite is what was a Master before.

    Some questions I have:

    1) Can I just convert the old local Master server to become a satellite to the new master, by running icinga2 node wizard?

    2) Can I leave Icingaweb2 installed at the old master? (I need the local site to be able to ack issues)

    3) Via the zones I think I can pull all config up to sit at the new Master, but could I leave local config in place as well at the now Satellite node)

    4) Can the new Master also acknowledge issues, thereby silencing the (email) alerts at a location?

    5) Can I have the Satellite instance be in charge of alerting via email (some legal issues, can't pull that up to the new Master)

    Thanks guys, any pointers will help.

    I am setting up a test bed to test all this, but was wondering if someone already did this?

  • Adding some notes for in case other people look into this at some point.

    Key concern was to do a role reversal where a master e.g. Boston should now become a satellite to a new master (e.g. New England)

    Short answer: It can be done. The actual Icinga changes needed are minimal. Install another master, create the appropriate zones and endpoints on both the old and new master. Easy.

    However, when you run 'icinga2 node wizard' on the old master to convert it to a satellite you create havoc with it's clients. You see, when you convert the old master to satellite it will get a new ca.crt file form the new master and create the crt from that. (It also messes up your zone file containing the client zones and endpoints, so back that up as well)

    Once you do, the comms between your clients and the old master drops like flies!

    "Remote Icinga instance 'sat1-client.corp.corp' is not connected to 'cent-sat1.corp.corp'"

    And no checks are being executed any longer.

    This means you have to touch every one of your 10, 100, 1000? clients to redo the ssl setup -> MAJOR OPERATIONAL PAIN