====== Adding a new node to an Icinga2 setup ======

The [[https://docs.icinga.com/icinga2/latest/doc/module/icinga2/chapter/distributed-monitoring|documentation]] for setting up a distributed monitoring setup using [[https://docs.icinga.com/icinga2/latest/doc/module/icinga2/toc|Icinga2]] is all very well, but it's not as clear as I would like, so here's a simple step-by-step guide to adding a new node to your existing distributed Icinga2 setup.

It's assumed that:

  * you are using [[https://docs.icinga.com/icinga2/latest/doc/module/icinga2/chapter/distributed-monitoring#distributed-monitoring-top-down-command-endpoint|top-down command endpoint]] mode
  * you have already [[https://docs.icinga.com/icinga2/latest/doc/module/icinga2/chapter/distributed-monitoring#distributed-monitoring-setup-master|created a Master node]] for your Icinga2 network
  * you have [[https://docs.icinga.com/icinga2/latest/doc/module/icinga2/chapter/getting-started|installed Icinga2]] on the new node (here's a [[.installation|local summary]])

These instructions work no matter whether you're setting up a simple "monitored endpoint" node, or an intermediate "satellite" node.

  - Create a PKI ticket __on the Master__ machine<code># icinga2 pki ticket --cn FQDN.of.new.node</code>Copy the ticket number this command generates, for use later
  - Run the Node Wizard __on the new node__, using answers as shown below:<code># icinga2 node wizard</code>
    - Satellite setup
    - CN = FQDN of the new node
    - Master Common Name = "parent" node for the new node (this might be the overall Master, might be an intermediate machine, depending on your setup)
    - Establish a connection to the master?  "Yes" if the parent is reachable from this node.
    - Master endpoint host - FQDN or IP address of this machine's parent
    - Master connection for CSR auto-signing - FQDN or IP address of **the** Master (the one with the CA on it, where you created the ticket above)
    - enter the ticket number generated by the Master machine when requested
    - Accept config from master?  "Yes"
    - Accept commands from master?  "Yes"
  - Comment out the conf.d directory __on the new node__ so that it won't be used:
    * Edit **/etc/icinga2/icinga2.conf** and comment-out **include_recursive "conf.d"** by adding a **#** at the start of the line
  - Edit the **/etc/icinga2/zones.conf** file __on the new node__
    - Add the "global-templates" zone:<code>object Zone "global-templates" { global = true }</code>
    - Set the correct Host, Endpoint and Parent names for this node and its parent node
      * you do not need to define any nodes higher than this node's direct parent
      * you __should__ define the Host of an Endpoint if that Host is reachable from this node
      * you __should not__ define the Host of an Endpoint if that Host is not reachable from this node
      * you can define one Host, or both, but zero will not work
      * the Endpoint names should match the CNs used in the PKI ticket creation
      * the Zone definitions must match exactly on this node and this node's master
  - Create a new Zone for the node __on the Master__ machine<code># mkdir /etc/icinga2/zones.d/NEWZONE</code>
    * add a Host definition for this machine inside the new zone directory
  - Restart Icinga2 on the new node<code># /etc/init.d/icinga2 restart</code>
  - Reload Icinga2 on the Master<code># /etc/init.d/icinga2 reload</code>



----
[[.:|Go up]]\\
Return to [[:|main index]].