Closed BlackDeath-Pete closed 3 years ago
LordHepipud
commented
3 years ago Thank you for the issue. Would it be possible for you to update the Framework to v1.6.1 and try this again?
With v1.6.1 we added more detailed error messages for the Icinga Director, which should give a better understanding on what exactly went wrong.
My first assumption would be, that the host is not labled as Icinga2 Agent object and therefor is not handled as Agent, which is mandatory for the Self-Service API.
BlackDeath-Pete
commented
3 years ago Thank you for the quick response. I will have a try with the the new version as soon as possible and let you know the results. Unfortunately, I currently lack the time as well as the access to the server environment.
BlackDeath-Pete
commented
3 years ago Sorry for the late response. I had tested this today and got this output:
Use-Icinga;
Start-IcingaAgentInstallWizard `
-DirectorUrl 'http://icinga.example.com/icingaweb2/director/' `
-SelfServiceAPIKey '7a94d8b26447506640ee4c059a64ce8cd483f0b9' `
-UseDirectorSelfService 1 `
-OverrideDirectorVars 0 `
-Reconfigure `
-RunInstaller
[Error]: Failed to fetch configuration for host over Self-Service API with key "21f1d3f11dee8fcd935b0d7de836b604b19ca356". Probably the assigned host/template key is not valid or your Icinga Director Url is invalid "http://icinga.example.com/icingaweb2/director/".
[Error]: Your local stored host key is no longer valid. Using provided template key
[Notice]: Host was successfully registered within Icinga Director
[Error]: Failed to fetch certificate ticket for this host over Self-Service API. Please check that your Icinga CA is running, you have configured a Ticketsalt and that your Icinga Director has enough permissions to communicate with the Icinga 2 API for generating tickets.
Failed to fetch certificate ticket for this host over Self-Service API. Please check that your Icinga CA is running, you have configured a Ticketsalt and that your Icinga Director has enough permissions to communicate with the Icinga 2 API for generating tickets.
In C:\Program Files\WindowsPowerShell\Modules\icinga-powershell-framework\cache\framework_cache.psm1:151 Zeichen:9
+ throw $ErrorMessage;
+ ~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (Failed to fetch...rating tickets.:String) [], RuntimeException
+ FullyQualifiedErrorId : Failed to fetch certificate ticket for this host over Self-Service API. Please check that your Icinga CA is running, you have configured a Ticketsalt and that your Icinga Director has enough permissions to communicate with the Icinga 2 API for generating tickets.With this new output I found that I forgot to run the "icinga2 node wizard" command. After I run that command this error disappeared and the agent was installed at the Windows Server. Now the Agents would not connect to the Icinga Server so I decided to reinstall the whole Icinga Server.
After the completely new installation of the windows Server and the Icinga Server with the installation docs from icinga.com the "Start-IcingaAgentInstallWizard" only asks the following:
Is your public Icinga 2 CA (ca.crt) available on a local, network or web share? (Y/n)
I answered the question with no. The agent will get a certificate and I can monitor the Windows Server with Icinga. For me it looks that everything is fine now.
Is this the correct behavior or did I another mistake at the Installation?
Thank you very much for your help.
LordHepipud
commented
3 years ago The issue with the CA.crt being asked is a bug in the old installation method. I would recommend you use the IMC for future deployments, as this will be the way install Icinga for Windows since v1.6.1.
https://icinga.com/docs/icinga-for-windows/latest/doc/110-Installation/02-Icinga-Management-Console/ https://icinga.com/docs/icinga-for-windows/latest/doc/110-Installation/03-Installation-with-IMC/
The current Start-IcingaAgentInstallWizard will be deprecated soon and no longer receives features, updates or bugfixes.
Expected Behavior
The Icinga2Agent will be installed from the Start-IcingaAgentInstallWizard
Current Behavior
If I copy the the Installation Script with the API Key form the Icinga Director -> Host Template -> Agent Tab and run it on my Windows Server 2019 it will fail with the Error "[Error]: The remote host for address "http://icinga.example.com/icingaweb2/director/self-service/ticket?key=c0bbb432fe6029b494550b8582ea0b490c85643e" could not be resolved". Pings from the Windows Server to the Icinga Server are work without any errors.
Steps to Reproduce (for bugs)
I run the following on my Windows Server:
Invoke-WebRequest
-UseBasicParsing-Uri 'https://packages.icinga.com/IcingaForWindows/IcingaForWindows.ps1' ` -OutFile $ScriptFile;& $ScriptFile
-ModuleDirectory 'C:\Program Files\WindowsPowerShell\Modules\'-SkipWizard;Use-Icinga; Start-IcingaAgentInstallWizard
-DirectorUrl 'http://icinga.example.com/icingaweb2/director/'-SelfServiceAPIKey '7a94d8b26447506640ee4c059a64ce8cd483f0b9'-UseDirectorSelfService 1-OverrideDirectorVars 0-Reconfigure-RunInstallerPS C:\Program Files\WindowsPowerShell\Modules> Use-Icinga; Start-IcingaAgentInstallWizard
-DirectorUrl 'http://icinga.example.com/icingaweb2/director/'-SelfServiceAPIKey '7a94d8b26447506640ee4c059a64ce8cd483f0b9'-UseDirectorSelfService 1-OverrideDirectorVars 0-Reconfigure-RunInstaller [Notice]: Host was successfully registered within Icinga Director [Error]: The remote host for address "http://icinga.example.com/icingaweb2/director/self-service/ticket?key=c0bbb432fe6029b494550b8582ea0b490c85643e" could not be resolved ScriptHalted In C:\Program Files\WindowsPowerShell\Modules\icinga-powershell-framework\cache\framework_cache.psm1:109 Zeichen:9Your Environment
Fresh installation of the Icinga and Windows Server icinga2 --version icinga2 - The Icinga 2 network monitoring daemon (version: r2.13.1-1)
Copyright (c) 2012-2021 Icinga GmbH (https://icinga.com/) License GPLv2+: GNU GPL version 2 or later https://gnu.org/licenses/gpl2.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
System information: Platform: Ubuntu Platform version: 20.04.3 LTS (Focal Fossa) Kernel: Linux Kernel version: 5.4.0-84-generic Architecture: x86_64
Build information: Compiler: GNU 9.3.0 Build host: runner-hh8q3bz2-project-508-concurrent-0 OpenSSL version: OpenSSL 1.1.1f 31 Mar 2020
Application information:
General paths: Config directory: /etc/icinga2 Data directory: /var/lib/icinga2 Log directory: /var/log/icinga2 Cache directory: /var/cache/icinga2 Spool directory: /var/spool/icinga2 Run directory: /run/icinga2
Old paths (deprecated): Installation root: /usr Sysconf directory: /etc Run directory (base): /run Local state directory: /var
Internal paths: Package data directory: /usr/share/icinga2 State path: /var/lib/icinga2/icinga2.state Modified attributes path: /var/lib/icinga2/modified-attributes.conf Objects path: /var/cache/icinga2/icinga2.debug Vars path: /var/cache/icinga2/icinga2.vars PID path: /run/icinga2/icinga2.pid
icinga2 feature list Disabled features: compatlog debuglog elasticsearch gelf graphite icingadb influxdb influxdb2 livestatus opentsdb perfdata statusdata syslog Enabled features: api checker command ido-mysql mainlog notification
icngacli version Icinga Web 2 2.9.3 Git Commit c757a17530c326c7d6daebd6171486cb8167a8a1 PHP Version 7.4.3 MODULE VERSION director 1.8.1 doc 2.9.3 incubator 0.6.0 ipl v0.5.0 monitoring 2.9.3 reactbundle 0.9.0
icinga-powershell-framework: 1.6.0
Name : Windows PowerShell ISE Host Version : 5.1.17763.316
Get-IcingaWindowsInformation Win32_OperatingSystem | Select-Object Version, BuildNumber, Caption): Version10.0.17763 BuildNumber 17763
Caption Microsoft Windows Server 2019 Standard