Open FreeSoftwareServers opened 2 years ago
Thanks for this.
Everything looks good, except I get the error msg: "Can't connect to Icinga Redis: Cannot assign requested address [tcp://localhost:6380]" in the web interface.
Why is he trying to connect to localhost when the redis host "icinga2-redis" is set in: /opt/icinga/conf/api/etc/icinga2/features-available/icingadb.conf ?
cat conf/api/etc/icinga2/features-available/icingadb.conf
object IcingaDB "icingadb" {
host = "icinga2-redis"
port = 6380
//password = "xxx"
}
icinga2-redis | 1:M 05 Dec 2022 09:01:06.313 * Ready to accept connections
icinga2-icingadb | 2022-12-05T09:01:07.932Z INFO icingadb Starting Icinga DB
icinga2-icingadb | 2022-12-05T09:01:07.932Z INFO icingadb Connecting to database at 'icinga2-db:3306'
icinga2-icingadb | 2022-12-05T09:01:07.935Z INFO icingadb Connecting to Redis at 'icinga2-redis:6380'
icinga2-icingadb | 2022-12-05T09:01:10.936Z INFO icingadb Waiting for Icinga 2 to write into Redis, please make sure you have started Icinga 2 and the Icinga DB feature is enabled
Edit: I am going to write down the things i stumble on for future readers: I needed to change the config here:
Next problem:
So i did the api thing
docker exec -it icinga2-api /bin/bash -c 'icinga2 node setup --master --zone master --cn icinga2-api --listen icinga2-api,5665 --disable-confd'
information/cli: Checking in existing certificates for common name 'icinga2-api'...
warning/cli: Certificate '/var/lib/icinga2/certs//icinga2-api.crt' for CN 'icinga2-api' already exists. Not generating new certificate.
information/cli: Generating master configuration for Icinga 2.
information/cli: API user config file '/etc/icinga2/conf.d/api-users.conf' already exists, not creating config file.
information/cli: Reading '/etc/icinga2/icinga2.conf'.
information/cli: Updating '"conf.d/api-users.conf"' include in '/etc/icinga2/icinga2.conf'.
information/cli: Created backup file '/etc/icinga2/icinga2.conf.orig'.
information/cli: Include statement 'include "conf.d/api-users.conf"' already set.
information/cli: Enabling the 'api' feature.
Enabling feature api. Make sure to restart Icinga 2 for these changes to take effect.
information/cli: Generating zone and object configuration.
information/cli: Dumping config items to file '/etc/icinga2/zones.conf'.
information/cli: Created backup file '/etc/icinga2/zones.conf.orig'.
information/cli: Updating the APIListener feature.
information/cli: Created backup file '/etc/icinga2/features-available/api.conf.orig'.
information/cli: Updating 'NodeName' constant in '/etc/icinga2/constants.conf'.
information/cli: Backup file '/etc/icinga2/constants.conf.orig' already exists. Skipping backup.
information/cli: Updating 'ZoneName' constant in '/etc/icinga2/constants.conf'.
information/cli: Backup file '/etc/icinga2/constants.conf.orig' already exists. Skipping backup.
information/cli: Updating 'TicketSalt' constant in '/etc/icinga2/constants.conf'.
information/cli: Backup file '/etc/icinga2/constants.conf.orig' already exists. Skipping backup.
information/cli: Edit the api feature config file '/etc/icinga2/features-available/api.conf' and set a secure 'ticket_salt' attribute.
information/cli: Updating '"conf.d"' include in '/etc/icinga2/icinga2.conf'.
information/cli: Backup file '/etc/icinga2/icinga2.conf.orig' already exists. Skipping backup.
warning/cli: Tried to disable conf.d inclusion but failed, possibly it's already disabled.
information/cli: Updating '"conf.d/api-users.conf"' include in '/etc/icinga2/icinga2.conf'.
information/cli: Backup file '/etc/icinga2/icinga2.conf.orig' already exists. Skipping backup.
information/cli: Include statement 'include "conf.d/api-users.conf"' already set.
information/cli: Make sure to restart Icinga 2.
But there is no active API port API config:
cat conf.d/api-users.conf
/**
* The ApiUser objects are used for authentication against the API.
*/
object ApiUser "root" {
password = "icinga2022"
client_cn = "icinga2-api"
permissions = [ "*" ]
}
Tests from the web container to API:
root@icinga2-web:/# nmap icinga2-api -p 5665
Starting Nmap 7.80 ( https://nmap.org ) at 2022-12-05 10:26 UTC
Nmap scan report for icinga2-api (192.168.96.3)
Host is up (0.000070s latency).
rDNS record for 192.168.96.3: icinga2-api.icinga2_icinga-net
PORT STATE SERVICE
5665/tcp closed unknown
MAC Address: 02:42:C0:A8:60:03 (Unknown)
root@icinga2-web:/# curl -k -u root:icinga2022 https://icinga2-api:5665/v1/objects/hosts
curl: (7) Failed to connect to icinga2-api port 5665: Connection refused
So, i guess the API thing is not working in my setup.. @FreeSoftwareServers any idea?
@a1ad did you get the setup working? I see all the "freesoftwareservers" links to any notes don't work anymore.
Greetings!
I'm mostly just here to give some feedback as a completely new user to icinga2 and my experience during setup/testing so far. At this point I have the stack running in compose the way I want and have configured e-mails, my next steps are too add a remote host and test using a custom bash script to return a check/notification, but I expect that part to be easier and less docker related so this post is mainly focused on getting the stack running in docker-compose.
I'm coming from xymon history but I'm unimpressed that xymon is hosted on sourcefourge, doesn't have a docker image and looks dated, but I do love my xymon! I saw a little comment on sourceforge/interwebs that somebody whom previously used xymon rec icinga and I gave it a go. It certainly has a beautiful UI and code on Git and a proper docker-image which checked those boxes I wanted!
As far as feedback goes:
msmtprc
andaliases
but this should be documented. I then noticed that the conf.d/ dir was full of configs that the director didn't seem to know about and the system was trying to e-mailicinga@localhost
which I adjusted via CLI to be my e-mail, but this seems like should be perhaps I should clear out this directory and setup 100% via director? I'm new and haven't wiped dir yet, just something I'm thinking to try.env
GET
url:port/v1/objects/hosts
Anyway, thought I'd share my configs where I ended at, let me know if I can help more/clarify any of my points etc.
Steps:
docker exec -it icinga2-web /bin/bash -c '/usr/share/icingaweb2/bin/icingacli setup token create'
docker exec -it icinga2-api /bin/bash -c 'cat /etc/icinga2/conf.d/api-users.conf'
docker-compose.yaml:
env:
email:
testing:
Here is where I keep my updated notes:
https://www.freesoftwareservers.com/display/FREES/ICINGA https://www.freesoftwareservers.com/display/FREES/ICINGA-+Docker-Compose+-+Prod https://www.freesoftwareservers.com/display/FREES/ICINGA+-+Docker+-+E-Mail+Setup