global-director zone and local checks

This forum was archived to /woltlab and is now in read-only mode.
  • Hi,

    I'm a newbie regarding the Icinga2 Director module and I'd love to solve some of the doubts I had so far.
    I have a single master and a few clients, without any satellite mid-way.

    Quote

    The name of its preferred global zone
    is currently hardcoded to director-global. Please make sure that such
    a zone exists on all involved nodes that should get config from the
    Director in a direct or indirect way

    As far as I understand, I have to define a director-global zone on every node. Do I have to define it even on the Master?

    Currently, whenever I deploy a configuration or Icinga2 happens to restart on the nodes, this error popups:
    Error: Object 'director-global' of type 'Zone' re-defined: in /var/lib/icinga2/api/zones/director-global/director/zones.conf: 1:0-1:28; previous definition: in /etc/icinga2/zones.conf

    However, config files are deployed correctly as ( If understood correctly ) under /var/lib/icinga2/api/zones I can see the related zones and the director-global one.

    The master zones.conf has just its endpoint and its related zone, as every other endpoints/zones are defined under /var/lib/icinga2/api/zones.

    The nodes zones.confs have all the Endpoints/Zones I've configured so far.

    If I remove the director-global on all nodes, the Director won't push the director-global zone even if it is configured as Global.

    I can make them work with the following steps:

    • Cleanup /var/lib/icinga2/api/zones.
    • Define director-global zone on every node.
    • Start Icinga2.
    • Delete director-global zone. ( in local /etc/icinga2/zones.conf )
    • Restart Icinga2.

    How can I solve this in a proper way? What am I misunderstanding?

    The other question is about local checks.

    I wasn't able to configure checks that should run on the Master node against the Clients.
    The command_endpoint seems forced to host_name on host checks.
    I'd like services as Pings, Curl requests and so on to not be deployed under the director-zone, but to set them locally instead.
    I've tried without success:

    • "Run on Agent" set to No, on the Service
    • "Cluster Zone" set to the Master Zone instead of director-global

    Hopefully I didn't miss crucial parts of the documentation or google results.

    Version output: icinga2 - The Icinga 2 network monitoring daemon (version: v2.6.3)

    Thanks in advance.

  • Your quote from the docs:


    Quote


    ... in a direct or indirect way

    Indirectly means syncing your config down to your satellites from the master. Directly means locally defining on every node.

    Quote

    Define director-global zone on every node.

    Why do this if you already have it defined in /var/lib/icinga2/api/zones/director-global/director/zones.conf? This is the root of your problem. Since you already have the zone defined in the director-global zone, you are duplicating your configs locally which is where that error comes from. You're basically mixing the "direct" and "indirect" ways as mentioned above.


    As for your other question, which mode of top-down configuration would you like to use? You seem to be a little confused about this, I suggest fixing your first problem and then reading up on the distributed monitoring section in the docs for more information.

  • Quote

    Why do this if you already have it defined in /var/lib/icinga2/api/zones/director-global/director/zones.conf? This is the root of your problem. Since you already have the zone defined in the director-global zone, you are duplicating your configs locally which is where that error comes from. You're basically mixing the "direct" and "indirect" ways as mentioned above.



    I got your point, but the problem still stand.
    If I remove the global-zone definition in the zones.conf of a client node, under /var/lib/icinga2/api/zones I can just find the client node's related zone.

    If I got it right ( changed server names and ip addresses )Client01 zones.conf:


    Master has the global-zone defined under /var/lib/icinga2/api/zones/director-global/director/zones.conf


    I can find every template, command definition and such objects under /var/lib/icinga2/api/zones/director-global/director on the master node, but they won't get pushed through the other clients. This results in having missing templates or commands definitions when I start icinga2 on the clients. Why does it happen?


    warning/ApiListener: Ignoring config update for unknown zone 'director-global'.critical/config: Error: Import references unknown template


    As for the other question, I may have wrote it down uncorrectly.
    When I define a custom ping check as an host command check, I want it to be executed from the master node to the client node.
    Instead, this check is being executed on the client side as the check "source" field is filled with the client hostname.

  • you are looking in the wrong directory.


    Are you using the Director Kickstart script?

    if so, the director-global zone is set in /etc/icinga2/zones.conf

    I had the same problem until I saw it. Nowadays I tend to use the kickstart script via ansible and wait for the zones from Director to sync, then remove if from /etc/icinga2/zones.conf and reload Icinga2. Everything should work after that.

    Linux is dead, long live Linux


    Remember to NEVER EVER use git repositories in a productive environment if you CAN NOT control them

  • Alright I re-runned the kickstart script, made them sync and then delete the director-global zone as you suggested and it seems it works fine.

    About the other question, I misunderstood what the "Cluster Zone" field is.
    Working as intended, I'm marking this resolved.

    Thank you for the support!