It’s been a while since we started developing the new Puppet module. After many hours of development it’s finally here: Icinga 2 Puppet Module v1.0
Multi platform
Supporting multiple platforms is important for us, since Icinga can be installed in different environments. The module can be used on multiple Linux operating systems and on Windows 2012. Other operating systems may follow in the future, here’s a list of what’s currently supported.
- Debian 7, 8
- Ubuntu 14.04, 16.04
- CentOS / RHEL 6, 7
- SLES 12
- Windows Server 2012
Supporting multiple operating systems is not enough for us, the module works with Puppet 3 as well as with Puppet 4.
class { '::icinga2': manage_repo => true, }
Icinga 2 Features
Every Icinga 2 feature can be enabled and configured. This includes each and every option of the features. Some of the feature classes support some advanced functionality, such as the MySQL and PostgreSQL IDO feature. They can not only change configurations but also import the database schema.
class { '::icinga2::feature::graphite': host => '10.10.0.15', port => 2003, enable_send_thresholds => true, enable_send_metadata => true, }
Config Objects and Apply Rules
One of the common use cases for the Icinga 2 Puppet module is exporting Icinga configuration from your clients into the PuppetDB and import it on your Icinga master. By the way, the Director can also run imports directly from the PuppetDB. This module supports all Icinga 2 objects that are available and all of their parameters. If you rather like to use apply rules, you can do so. The module can configure either “normal” apply rules that target an object type or loops that iterate over certain custom variables.
icinga2::object::service { 'SSH': target => '/etc/icinga2/conf.d/ssh.conf', apply => true, assign => [ 'host.vars.os == Linux' ], display_name => 'SSH', check_command => 'ssh', }
Clustering
The well implemented API feature can configure everything needed for a clustered Icinga 2 environments. This includes Icinga masters, satellites or clients. Depending on the machine where the module is running it can define zones and endpoints.
class { '::icinga2::feature::api': accept_commands => true, endpoints => { 'master.example.org' => {}, 'satellite.example.org' => { 'host' => '172.16.2.11' } }, zones => { 'master' => { 'endpoints' => ['master.example.org'], }, 'dmz' => { 'endpoints' => ['satellite.example.org'], 'parent' => 'master', }, } }
Certification Authority
Since you’re already using Puppet, you may want to use its CA for your Icinga configuration. This is pretty comfortable and this module can configure it for you. Alternatively you can generate a fresh CA that will only be used for Icinga or you could just transfer the files of your existing CA to the Icinga master, both is supported by the module. We have implemented a special functionality where you can use your Puppetmaster to sign the certificates of your clients. So it’s up to you, how you want to handle SSL with Icinga.
class { '::icinga2::feature::api': pki => 'puppet', }
Custom Config Snippets
We are aware that, whatever the circumstances, there will always be that one special case that cannot be handled by this module. Every Puppet module has this. We built in something that can help you to solve these special cases. If you want to transfer plain configuration files to your Icinga master and reload the daemon, you can set a special tag on your file resource. The module will collect all files with that tag and notify the daemon on changes. If you just want add some small snippets to configuration files already created by this module, you can create fragments and define an order where in a file you want to place them.
file { '/etc/icinga2/conf.d/for-loop.conf': ensure => file, source => '...', tag => 'icinga2::config::file', }