Open robin-checkmk opened 1 year ago
Remote registration is now possible in 0.16.0. Remote download is pending on upstream.
I think the remote registration does not work in combination with checkmk_agent_add_host:true
and checkmk_agent_auto_activate:true
.
In this case the new hosts are created on the central site and only activated on the central site, but not on the remote site where the registration takes place. This leads to an error in checkmk.general.agent : Linux: Register Agent for TLS
.
A fix would be to introduce a second handler wich only runs when checkmk_agent_site != checkmk_agent_registration_site
I have not tested this, only refreshed my memory on how we designed this.
Your solution is to provide checkmk_agent_host_attributes
or a checkmk_agent_folder
, that has the host monitored on the remote site. The handler activates changes globally. Your issue sounds like the host is created on the central site (which will happen, if you stick with the defaults) and then registration fails against the remote site.
I am of course happy to update/improve documentation or even be proven wrong with my diagnosis. :)
Hi,
yes. in my case i set the checkmk_agent_registration_server
and checkmk_agent_registration_site
site explicitly, but the issue should be the same as with setting it via checkmk_agent_folder
This is config dump:
checkmk_agent_protocol: https
checkmk_agent_server: cmk_server1
checkmk_agent_server_protocol: https
checkmk_agent_site: cmk_site_central
checkmk_agent_add_host: "true"
checkmk_agent_discover: "true"
checkmk_agent_update: "true"
checkmk_agent_tls: "true"
checkmk_agent_auto_activate: true
checkmk_agent_force_foreign_changes: true
checkmk_agent_folder: "emea"
checkmk_agent_registration_server: cmk_server2
checkmk_agent_registration_site: cmk_site2
When now using checkmk_agent_add_host: "true"
there are changes to two sites: checkmk_agent_site
and checkmk_agent_registration_site
, but only the checkmk_agent_site
will be activated.
My initial idea would be to compare checkmk_agent_site
and checkmk_agent_registration_site
. If they are not the same => Activate both.
But i think that's not the best solution since it would not find implicit registration sites, as part of the folder or agent package.
Now i think the best solution would be to query /objects/host_config/{host_name}
and compare the checkmk_agent_site
to this.
I can create a pull request for this over the weekend.
Are you using the latest version of the collection?
Please verify first that your feedback is not already reported here. If possible and useful provide additional information below. This is optional however.
Provide your feedback
Currently, the agent role can only talk to one site, which has to be the central site for most things to work. This works in a lot of environments and makes sense, but it brings along limitations, which we need to address.
The goal of this issue is to:
Component Name
agent role
Ansible Version
Collection Version
Environment
Screenshots
Additional context
Internal reference: CMK-11992