server

• root@dachs:~# icinga2 pki ticket --cn client.xinux.org

b000000099f461f451e2aa4848db52ee58962bb7d

client

• installieren von icinga2

add-apt-repository ppa:formorer/icinga
apt-get update
apt-get install icinga2

• client setup wizard

icinga2 node wizard

Starting the Node setup routine...
Please specifiy the common name (CN) [client]: client.xinux.org
Please specifiy the local zone name [client.xinux.org]: 
Please specify the master endpoint(s) this node should connect to:
Master Common Name (CN from your master setup): server.xinux.org
Do you want to establish a connection to the master from this node? [Y/n]: 
Please fill out the master connection information:
Master endpoint host (Your master's IP address or FQDN): 192.168.111.222
Master endpoint port [5665]: 
Add more master endpoints? [y/N]: 
Please specify the master connection for CSR auto-signing (defaults to master endpoint host):
Host [192.168.111.222]: 
Port [5665]: 
information/base: Writing private key to '/etc/icinga2/pki/client.xinux.org.key'.
information/base: Writing X509 certificate to '/etc/icinga2/pki/client.xinux.org.crt'.
information/cli: Generating self-signed certifiate:
information/cli: Fetching public certificate from master (192.168.111.222, 5665):

information/cli: Writing trusted certificate to file '/etc/icinga2/pki/trusted-master.crt'.
information/cli: Stored trusted master certificate in '/etc/icinga2/pki/trusted-master.crt'.

Please specify the request ticket generated on your Icinga 2 master.
 (Hint: # icinga2 pki ticket --cn 'client.xinux.org'):b000001156f681f578e3aa53454b31ee8052bb7d 
information/cli: Processing self-signed certificate request. Ticket 'b0000006546f765f738e8aa0743db85ee5853bb9n'.

information/cli: Created backup file '/etc/icinga2/pki/client.xinux.org.crt.orig'.
information/cli: Writing signed certificate to file '/etc/icinga2/pki/client.xinux.org.crt'.
information/cli: Writing CA certificate to file '/etc/icinga2/pki/ca.crt'.
Please specify the API bind host/port (optional):
Bind Host []: 
Bind Port []: 
Accept config from master? [y/N]: y
Accept commands from master? [y/N]: y
information/cli: Disabling the Notification feature.
Disabling feature notification. Make sure to restart Icinga 2 for these changes to take effect.
information/cli: Enabling the Apilistener feature.
Enabling feature api. Make sure to restart Icinga 2 for these changes to take effect.
information/cli: Created backup file '/etc/icinga2/features-available/api.conf.orig'.
information/cli: Generating local zones.conf.
information/cli: Dumping config items to file '/etc/icinga2/zones.conf'.
information/cli: Created backup file '/etc/icinga2/zones.conf.orig'.
warning/cli: CN 'client.xinux.org' does not match the default FQDN 'gondor'. Requires update for NodeName constant in constants.conf!
information/cli: Updating constants.conf.
information/cli: Created backup file '/etc/icinga2/constants.conf.orig'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
Done.

Now restart your Icinga 2 daemon to finish the installation!

sichrstellen das in /etc/icinga2/features-enabled/api.conf

accept_commands = true

• restart icinga2

root@mordor:~# service icinga2 restart

server

cat /etc/icinga2/zones.conf

object Endpoint "client.xinux.org" {
  host = "192.168.111.202"
}

object Zone "client.xinux.org" {
  endpoints = [ "client.xinux.org" ]
  parent = "master"
}

• restart icinga2

root@Dachs:~# service icinga2 restart

sources

• http://docs.icinga.org/icinga2/latest/doc/module/icinga2/chapter/getting-started#setting-up-icinga2

Windows System überwachen

ICINGA service Downlaod http://packages.icinga.org/windows/

bei Setup Ticket den schlüssel eintragen

per add einen master hinzufügen

bei TCP Listener Listen for connections ...

dann auf next und abschliesen

icinga 2 puppet Remote Client setup

https://serverfault.com/questions/647805/how-to-set-up-icinga2-remote-client-without-using-cli-wizard

icinga2 client verwaltung puppet

mkdir /etc/puppet/modules/icinga2-client

den ordner so strukturiern

die datei trusted-master.crt

sollte nicht wie im beispiel hier sein

• die init.pp

class icinga2-client {
Exec { path => [ "/bin/", "/sbin/" , "/usr/bin/", "/usr/sbin/" ] }
  package { "icinga2":
    ensure => present,
    require => Exec["icinga_repository"],
  }
  exec { "add-apt-repository ppa:formorer/icinga && apt-get update":
    alias => "icinga_repository",
    creates => "/etc/apt/sources.list.d/formorer-icinga-trusty.list",
    require => Package["software-properties-common"]
} 

  package { "software-properties-common":
    ensure => present
  }

1. alles was in dieser classe berücksichticht werden soll mus in den ersten {} stehen

1. also aufpassen das am schlus der datei mit } abgeschlosen ist

1. wir prüfen ob icinga2 installiert ist wenn nicht wird es installier sofern die repository stimmen

1. falls nicht fügen wird die repository hinzu wen software-properties-common installiert ist wen nicht installieren wir dies

1. verlinken der certifcate