How to monitor Linux servers in icinga2?

This is third part. Previously, we have installed icinga2 and icingaweb2. Now, we are going to monitor basic services of Linux server.

I assume you have followed how to install icinga2 and how to install icingaweb2 post.

master server ip: 127.0.0.1
master server hostname: master.server.com
client server ip: 0.0.0.0
client server hostname: client.server.com

In master server

Let’s create new folder and include it in icinga2 configuration. Then, we will create directories for each client under it.

# mkdir /etc/icinga2/custom.d

Add following in bottom of /etc/icinga2/icinga2.conf file

include_recursive "custom.d"

Now, run wizard to install master

# icinga2 node wizard
Welcome to the Icinga 2 Setup Wizard!

We'll guide you through all required configuration details.

Please specify if this is a satellite setup ('n' installs a master setup) [Y/n]: n
Starting the Master setup routine...
Please specify the common name (CN) [master.server.com]: master.server.com
Checking for existing certificates for common name 'master.server.com'...
Certificates not yet generated. Running 'api setup' now.
information/cli: Generating new CA.
information/base: Writing private key to '/var/lib/icinga2/ca/ca.key'.
information/base: Writing X509 certificate to '/var/lib/icinga2/ca/ca.crt'.
information/cli: Generating new CSR in '/etc/icinga2/pki/master.server.com.csr'.
information/base: Writing private key to '/etc/icinga2/pki/master.server.com.key'.
information/base: Writing certificate signing request to '/etc/icinga2/pki/master.server.com.csr'.
information/cli: Signing CSR with CA and writing certificate to '/etc/icinga2/pki/master.server.com.crt'.
information/cli: Copying CA certificate to '/etc/icinga2/pki/ca.crt'.
Generating master configuration for Icinga 2.
information/cli: Adding new ApiUser 'root' in '/etc/icinga2/conf.d/api-users.conf'.
information/cli: Enabling the 'api' feature.
Enabling feature api. Make sure to restart Icinga 2 for these changes to take effect.
information/cli: Dumping config items to file '/etc/icinga2/zones.conf'.
information/cli: Created backup file '/etc/icinga2/zones.conf.orig'.
Please specify the API bind host/port (optional):
Bind Host []:
Bind Port []:
information/cli: Created backup file '/etc/icinga2/features-available/api.conf.orig'.
information/cli: Updating constants.conf.
information/cli: Created backup file '/etc/icinga2/constants.conf.orig'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
Done.

Make sure you have include following in /etc/icinga2/zones.conf file. If not, add it

object Zone "global-templates" {
  global = true
}

Now restart your Icinga 2 daemon to finish the installation!

# systemctl restart icinga2

Since, we are going to follow TOP-DOWN approach we will need to define client server zone, endpoint and host in master side. Create a folder and create a file inside it and define our client server.

# mkdir /etc/icinga2/custom.d/client.server.com
# vim /etc/icinga2/custom.d/client.server.com/client.server.com.conf

paste following and save it

object Endpoint "client.server.com" {
  host = "0.0.0.0"
}

object Zone "client.server.com" {
  endpoints = [ "client.server.com" ]
  parent = "master"
}

object Host "client.server.com"{
  import "generic-host"

  address = "0.0.0.0"
  vars.os = "Linux"

  vars.client_endpoint = "client.server.com"

  vars.http_vhosts["http"] = {
    http_uri = "/"
  }

  vars.disks["disk"] = {
  }

  vars.notification["mail"] = {
    groups = [ "icingaadmins" ]
  }
}

Here, we have defined endpoint, zone and host. We have also grouped this host in Linux group. Notification has been configured to send to icingaadmins group.

Check your syntax and reload icinga2

# icinga2 daemon -C
# systemctl restart icinga2

You will see host client.server.com is added in icingaweb2.

In client server

Install icinga2 and all nagios check plugins as in my first post.

Run icinga2 wizard

# icinga2 node wizard
Welcome to the Icinga 2 Setup Wizard!

We'll guide you through all required configuration details.

Please specify if this is a satellite setup ('n' installs a master setup) [Y/n]:
Starting the Node setup routine...
Please specify the common name (CN) [client.server.com]: client.server.com
Please specify the master endpoint(s) this node should connect to:
Master Common Name (CN from your master setup): master.server.com
Do you want to establish a connection to the master from this node? [Y/n]:
Please fill out the master connection information:
Master endpoint host (Your master's IP address or FQDN): 127.0.0.1
Master endpoint port [5665]:
Add more master endpoints? [y/N]:
Please specify the master connection for CSR auto-signing (defaults to master endpoint host):
Host [127.0.0.1]:
Port [5665]:
information/base: Writing private key to '/etc/icinga2/pki/client.server.com.key'.
information/base: Writing X509 certificate to '/etc/icinga2/pki/client.server.com.crt'.
information/cli: Fetching public certificate from master (127.0.0.1, 5665):

Certificate information:

Subject: CN = master.server.com
Issuer: CN = Icinga CA
Valid From: Feb 23 14:45:32 2016 GMT
Valid Until: Feb 19 14:45:32 2031 GMT
Fingerprint: AC 99 8B 2B 3D B0 01 00 E5 21 FA 05 2E EC D5 A9 EF 9E AA E3

Is this information correct? [y/N]: y
information/cli: Received trusted master certificate.

Please specify the request ticket generated on your Icinga 2 master.
(Hint: # icinga2 pki ticket --cn 'client.server.com'): 4f75d2ecd253575fe9180938ebff7cbca262f96e
information/cli: Requesting certificate with ticket '4f75d2ecd253575fe9180938ebff7cbca262f96e'.

information/cli: Created backup file '/etc/icinga2/pki/client.server.com.crt.orig'.
information/cli: Writing signed certificate to file '/etc/icinga2/pki/client.server.com.crt'.
information/cli: Writing CA certificate to file '/etc/icinga2/pki/ca.crt'.
Please specify the API bind host/port (optional):
Bind Host []:
Bind Port []:
Accept config from master? [y/N]: y
Accept commands from master? [y/N]: y
information/cli: Disabling the Notification feature.
Disabling feature notification. Make sure to restart Icinga 2 for these changes to take effect.
information/cli: Enabling the Apilistener feature.
information/cli: Generating local zones.conf.
information/cli: Dumping config items to file '/etc/icinga2/zones.conf'.
information/cli: Updating constants.conf.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
Done.

Now restart your Icinga 2 daemon to finish the installation!

# systemctl restart icinga2

Make sure you have include following in /etc/icinga2/zones.conf file. If not, add it

object Zone "global-templates" {
  global = true
}

Comment out following line in /etc/icinga2/icinga2.conf

//include_recursive "conf.d"

Check your syntax and reload icinga2

# icinga2 daemon -C
# systemctl restart icinga2

I hope this will help out few starters. I personally encourage all readers to refer to official documentation for more detail instructions. https://www.icinga.com/docs/icinga2/latest/doc/06-distributed-monitoring/

Leave a Reply

Your email address will not be published. Required fields are marked *