Icinga2 mit Master/Satelite-Setup: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Zeile 183: | Zeile 183: | ||
*icinga2 daemon -C | *icinga2 daemon -C | ||
− | ==Icinga2 neustarten== | + | ==Icinga2 neustarten (auf Master und Satelite)== |
*systemctl restart icinga2.service | *systemctl restart icinga2.service | ||
Aktuelle Version vom 18. Oktober 2017, 08:40 Uhr
Master
Vorrausetzungen
- Installation Icinga2
- Installation Icingaweb2
Zertifikate erstellen und ins richtige Verzeichnis kopieren
Auf einer Certifikate Authority
- openssl genrsa -out saitama.xinux.int.key 2048
- openssl req -new -config /etc/ssl/openssl.cnf -key saitama.xinux.int.key -out saitama.xinux.int.csr
- openssl ca -config /etc/ssl/openssl.cnf -cert ca.crt -days 3650 -keyfile ca.key -in saitama.xinux.int.csr -out saitama.xinux.int.crt
- scp ca.crt saitama.xinux.int.key saitama.xinux.int.crt root@saitama.xinux.int:/etc/icinga2/pki
Hosts und Hostname anpassen
- hostname saitama.xinux.int
- vi /etc/hosts
127.0.0.1 localhost 10.82.50.25 saitama.xinux.int
do not include conf.d
- vi /etc/icinga2/icinga2.conf
... /** * Although in theory you could define all your objects in this file * the preferred way is to create separate directories and files in the conf.d * directory. Each of these files must have the file extension ".conf". */ #/include_recursive "conf.d"
zones.conf anpassen
- vi /etc/icinga2/zones.conf
object Endpoint "saitama.xinux.int" { host = "saitama.xinux.int" } object Endpoint "xenos.xinux.int" { host = "xenos.xinux.int" } object Zone "master" { endpoints = [ "saitama.xinux.int" ] } object Zone "xinux-int" { endpoints = [ "xenos.xinux.int" ] parent = "master" } object Zone "global-templates" { global = true }
Directorys für Zonen anlegen
- mkdir /etc/icinga2/zones.d/master
- mkdir /etc/icinga2/zones.d/xinux-int
- mkdir /etc/icinga2/zones.d/global-templates
Globale Konfigurationen nach global-templates kopieren
- cd /etc/icinga2/conf.d
- cp app.conf commands.conf downtimes.conf services.conf templates.conf timeperiods.conf users.conf /etc/icinga2/zones.d/global-templates
api-users.conf anlegen
- vi /etc/icinga2/zones.d/global-templates/api-users.conf
/** * The APIUser objects are used for authentication against the API. */ object ApiUser "root" { password = "ec895ac129fghdfb2" // client_cn = "" permissions = [ "*" ] }
api-Feature aktivieren
- icinga2 feature enable api
Konfiguration für Host anlegen
- vi /etc/icinga2/zones.d/master/saitama.xinux.int.conf
object Host "saitama.xinux.int" { import "generic-host" display_name = "saitama.xinux.int" address = "10.82.50.25" vars.ssh_port = "xxxx" vars.os = "Linux" }
Konfiguration testen
- icinga2 daemon -C
Icinga2 neustarten
- systemctl restart icinga2.service
Satelite
Vorrausetzungen
- Installation Icinga2
- Installation Icingaweb2
Zertifikate erstellen und ins richtige Verzeichnis kopieren
Auf einer Certifikate Authority
- openssl genrsa -out xenos.xinux.int.key 2048
- openssl req -new -config /etc/ssl/openssl.cnf -key xenos.xinux.int.key -out xenos.xinux.int.csr
- openssl ca -config /etc/ssl/openssl.cnf -cert ca.crt -days 3650 -keyfile ca.key -in xenos.xinux.int.csr -out xenos.xinux.int.crt
- scp ca.crt xenos.xinux.int.key xenos.xinux.int.crt root@xenos.xinux.int:/etc/icinga2/pki
Hosts und Hostname anpassen
- hostname xenos.xinux.int
- vi /etc/hosts
127.0.0.1 localhost 10.82.50.26 xenos.xinux.int
zones.conf anpassen
- vi /etc/icinga2/zones.conf
object Endpoint "saitama.xinux.int" { host = "saitama.xinux.int" } object Endpoint "xenos.xinux.int" { host = "xenos.xinux.int" } object Zone "master" { endpoints = [ "saitama.xinux.int" ] } object Zone "xinux-int" { endpoints = [ "xenos.xinux.int" ] parent = "master" } object Zone "global-templates" { global = true }
api-Feature aktivieren
- icinga2 feature enable api
Accept config from Master
- vi /etc/icinga2/features-available/api.conf
/** * The API listener is used for distributed monitoring setups. */ object ApiListener "api" { cert_path = SysconfDir + "/icinga2/pki/" + NodeName + ".crt" key_path = SysconfDir + "/icinga2/pki/" + NodeName + ".key" ca_path = SysconfDir + "/icinga2/pki/ca.crt" ticket_salt = TicketSalt accept_config = true accept_commands = true }
Konfiguration für Host auf Master anlegen
- vi /etc/icinga2/zones.d/xinux-int/xenos.xinux.int.conf
object Host "xenos.xinux.int" { import "generic-host" display_name = "xenos.xinux.int" address = "10.82.50.26" vars.ssh_port = "xxxx" vars.client_endpoint = name vars.os = "Linux" }
Konfiguration testen (auf Master und Satelite)
- icinga2 daemon -C
Icinga2 neustarten (auf Master und Satelite)
- systemctl restart icinga2.service
Client
Vorrausetzungen
- Installation Icinga2
Zertifikate erstellen und ins richtige Verzeichnis kopieren
Auf einer Certifikate Authority
- openssl genrsa -out boros.xinux.int.key 2048
- openssl req -new -config /etc/ssl/openssl.cnf -key boros.xinux.int.key -out boros.xinux.int.csr
- openssl ca -config /etc/ssl/openssl.cnf -cert ca.crt -days 3650 -keyfile ca.key -in boros.xinux.int.csr -out boros.xinux.int.crt
- scp ca.crt boros.xinux.int.key boros.xinux.int.crt root@boros.xinux.int:/etc/icinga2/pki
Hosts und Hostname anpassen
- hostname boros.xinux.int
- vi /etc/hosts
127.0.0.1 localhost 10.82.50.27 boros.xinux.int
zones.conf anpassen
- vi /etc/icinga2/zones.conf
object Endpoint "xenos.xinux.int" { } object Endpoint "boros.xinux.int" { } object Zone "xinux-int" { endpoints = [ "xenos.xinux.int" ] } object Zone "boros.xinux.int" { endpoints = [ "boros.xinux.int" ] parent = "xinux-int" } object Zone "global-templates" { global = true }
api-Feature aktivieren
- icinga2 feature enable api
Konfiguration für Host auf Master anlegen
- vi /etc/icinga2/zones.d/xinux-int/boros.xinux.int.conf
object Host "boros.xinux.int" { import "generic-host" vars.os = "Linux" display_name = "boros.xinux.int" address = "10.82.50.27" vars.ssh_port = "xxxx" vars.client_endpoint = name }
Konfiguration testen (auf Master und Client)
- icinga2 daemon -C
Icinga2 neustarten (auf Master und Client)
- systemctl restart icinga2.service