Ansible is a commonly known tool to easily automate deployments in infrastructures, its configuration is based on YAML and is able to scale in big environments.
Icinga 2 provides its own secure agent to monitor hosts, high available satellite zones and monitoring configuration. To manage this monitoring environment we introduce you to the ansible-collection-icinga, this collection can install Icinga 2 server, configure monitoring and deploy Icinga 2 agents in your infrastructure.
The main features are:
- Manage repositories for Icinga Agents and Server.
- Manage and configure Agent and Server connections by providing or creating certificates.
- Manage all configuration files for Icinga instances.
- Provide monitoring objects in YAML syntax and distribute them over Icinga config-sync.
- Manage Icinga 2 Features (Current version includes: API, Graphite, InfluxDB, mainlog, notification, ido-mysql and ido-pgsql)
The collection includes two roles in the current version.
- icinga.repos: Role to manage repositories
- icinga.icinga2: Role to install and manage Icinga 2 instances.
Installation
To start with the collection, we need to install it first. This can be easily done with the ansible-galaxy command installing the latest version from galaxy.
ansible-galaxy collection install icinga.icinga
To use the collection just add the collection in the playbook with the key collections.
- hosts: icinga-server collections: - icinga.icinga roles: - repos - icinga2
Features
Features can be enabled, disabled and configured. Every option of the feature is supported, features like ido-mysql and ido-pgsql have additional parameters to trigger database schema imports.
icinga2_features: - name: checker - name: mainlog - name: graphite host: localhost port: 3000
In future every Icinga 2 feature will be available, but for the first release the basic features are available.
- api
- command
- graphite
- ido-mysql
- ido-pgsql
- influxdb
- mainlog
- notification
- checker
Icinga Objects and Rules
The collection also provides the mechanism to create monitoring configuration. This includes the following Icinga 2 objects.:
- ApiUser
- CheckCommand
- Dependency
- Endpoint
- EventCommand
- Host
- HostGroup
- Notification
- NotificationCommand
- ScheduledDowntime
- Service
- ServiceGroup
- TimePeriod
- User
- UserGroup
- Zone
In future releases all Objects will be of course supported, please refer to our milestones
icinga2_objects: [...] - name: ping type: Service order: 11 file: zones.d/main/services.conf apply: true imports: - generic-service check_command: ping4 assign: - host.address
Certificates
As Icinga 2 uses certificates for communication between all instances, this collection provides the possibility to create or use existing certificates. Furthermore if you intend to install a Icinga server instance the Icinga 2 role will generate a Certificate Authority for you on the server.
icinga2_features: - name: api ca_host: icinga-server.corp.com cert_name: icinga-agent.corp.com endpoints: - name: NodeName zones: - name: ZoneName endpoints: - NodeName
High-Availability
To extend the usage of the collection its possible to create Icinga 2 clusters. Clusters can be easily defined by the zones configuration. Add the two main servers into zones definition and deploy, the Icinga 2 servers will automatically connect to each other and start syncing the configuration.
icinga2_features: - name: api ca_host: icinga-server1.corp.com cert_name: icinga-server1.corp.com endpoints: - name: NodeName - name: icinga-server2.corp.com host: 172.164.10.10 zones: - name: main endpoints: - NodeName - icinga-server2.corp.com
If you want to have a closer look at the collection, give or have feedback, or want to participate in the development, check out the GitHub Repository of the project.