Adding a new node to an Icinga2 setup

The documentation for setting up a distributed monitoring setup using Icinga2 is all very well, but it's not as clear as I would like, so here's a simple step-by-step guide to adding a new node to your existing distributed Icinga2 setup.

It's assumed that:

• you are using top-down command endpoint mode
• you have already created a Master node for your Icinga2 network
• you have installed Icinga2 on the new node (here's a local summary)

These instructions work no matter whether you're setting up a simple "monitored endpoint" node, or an intermediate "satellite" node.

1. Create a PKI ticket on the Master machine

   # icinga2 pki ticket --cn FQDN.of.new.node

   Copy the ticket number this command generates, for use later

2. Run the Node Wizard on the new node, using answers as shown below:

   # icinga2 node wizard

   1. Satellite setup
   2. CN = FQDN of the new node
   3. Master Common Name = "parent" node for the new node (this might be the overall Master, might be an intermediate machine, depending on your setup)
   4. Establish a connection to the master? "Yes" if the parent is reachable from this node.
   5. Master endpoint host - FQDN or IP address of this machine's parent
   6. Master connection for CSR auto-signing - FQDN or IP address of the Master (the one with the CA on it, where you created the ticket above)
   7. enter the ticket number generated by the Master machine when requested
   8. Accept config from master? "Yes"
   9. Accept commands from master? "Yes"
3. Comment out the conf.d directory on the new node so that it won't be used:
   • Edit /etc/icinga2/icinga2.conf and comment-out include_recursive "conf.d" by adding a # at the start of the line
4. Edit the /etc/icinga2/zones.conf file on the new node
   1. Add the "global-templates" zone:

      object Zone "global-templates" { global = true }

   2. Set the correct Host, Endpoint and Parent names for this node and its parent node
      • you do not need to define any nodes higher than this node's direct parent
      • you should define the Host of an Endpoint if that Host is reachable from this node
      • you should not define the Host of an Endpoint if that Host is not reachable from this node
      • you can define one Host, or both, but zero will not work
      • the Endpoint names should match the CNs used in the PKI ticket creation
      • the Zone definitions must match exactly on this node and this node's master
5. Create a new Zone for the node on the Master machine

   # mkdir /etc/icinga2/zones.d/NEWZONE

   • add a Host definition for this machine inside the new zone directory
6. Restart Icinga2 on the new node

   # /etc/init.d/icinga2 restart

7. Reload Icinga2 on the Master

   # /etc/init.d/icinga2 reload

Go up
Return to main index.