Icinga Web 2.7.1

Icinga Web 2.7.1

We are happy to announce a new bugfix release for Icinga Web 2. Official packages are available on packages.icinga.com. You can find all issues related to this release on our Roadmap.

 

Sneaky Solution for Sneaky Links

Usually we try to include only bugs in minor-releases. Sorry, bug-fixes, of course. But thanks to @winem_ we have also a little enhancement this time: Links in comments, notes, etc. are now highlighted as such.

  • Highlight links in the notes of an object #3888

 

Nobody’s Perfect, Not Even Developers

We knew it. We saw it coming. And forgot about it. Some views, especially histories, showed an anarchic behavior since v2.7.0. The change responsible for this has been undone and history’s order is reestablished now.

  • Default sort rules no longer work in 2.7.0 #3891

 

Restrictions Gone Wild Cagey

A fix unfortunately caused restrictions using wildcards to show no results anymore. This is now solved and such restrictions are as permissive as ever.

  • Wildcard filters in chains broken #3886

 

Icinga Web 2.7.0

Icinga Web 2.7.0

We are happy to announce a new release for Icinga Web 2, version 2.7.0. Official packages are available on packages.icinga.com. You can find all issues related to this release on our Roadmap.

 

Icinga’s Amazingness Spreads Further

All the Japanese and Ukrainian monitoring enthusiasts can now appreciate our web-frontend in their native tongue. Being so late to the party is also of their advantage, though. Because they can adjust their dashboard without worrying it gets broke with the next update. (All other admins with non-english users, please have a look at our upgrading documentation)

  • Add Japanese language support #3776
  • Add Ukrainian language support #3828
  • Don’t translate pane and dashlet names in configs #3837

 

Modules – Bonus Functionality Unleashed

With this release module developers got additional ways to customize Icinga Web 2. Whether you ever wanted to hook into a configuration form’s handling, to perform your very own Ajax requests or enhance our multi-select views with fancy graphs. All is possible now.

  • Allow to hook into a configuration form’s handling #3862
  • Allow to fully customize click and submit handling #3767
  • Integrate DetailviewExtension into multi-select views #3304

 

UI – Your Daily Routine and Incident Management, Enhanced

Users with color deficiencies now have a built-in theme to ease navigating within Icinga Web 2. Also, our forms got a long overdue re-design and now look less boring. Though, the best of all features is that clicking while holding the Ctrl-key now actually opens a new browser tab! Lost comments? No more. Defining an expiry date again? No more!

  • Add colorblind theme #3743
  • Improve the look of forms #3416
  • Make ctrl-click open new tab #3723

 

Stay Focused – More Room for More Important Stuff

Some of you know that some checks tend to produce walls of text or measure (too) many interfaces. Now, plugin output and performance data will collapse if they exceed a certain height. If necessary they can of course be expanded and keep that way across browser restarts. The same is also true for the sidebar. (Though, this one stays collapsed)

  • Persistent Collapsible Containers #3638
  • Collapsible plugin output #3870
  • Collapsed sidebar should stay collapsed #3682

 

Markdown – Tables, Lists and Emphasized Text The Easy Way

Since we now have the possibility to collapse large content dynamically, we allow you to add entire wiki pages to hosts and services. Though, if you prefer to use a real wiki to maintain those (what we’d strongly suggest) it’s now easier than ever before to link to it. Copy url, paste url, submit comment, Done.

  • Make notes, comments and announcements markdown aware #3814
  • Transform any URL in a Comment to a clickable Link #3441
  • Support relative links in plugin output #2916

 

Things You Have Missed Previously

The tactical overview, our fancy pie charts, is now the very first result when you search something in the sidebar. If you’ll see two entirely green circles there, relax. Also overdue or unreachable checks are now appropriately marked in list views and the service grid now allows you to switch between everything or problems only.

  • Add tactical overview to global search #3845
  • Servicegrid: Add toggle to show problems only #3871
  • Make overdue/unreachable checks better visible #3860

 

Authorization – Knowing and Controlling What’s Going On

Roles can now be even more tailored to users since the introduction of a new placeholder. This placeholder allows to use a user’s name in restrictions. Things like _service_responsible_person=$user:local_name$ are now possible. The audit log now receives failed login-attempts, that’s been made possible since hooks can now run for anonymous users.

  • Allow roles to filter for the currently logged in user #3493
  • Add possibility to disable permission checks for hooks #3849
  • Send failed login-attempts to the audit log #3856

See also the audit module which got an update and is required for #3856 to work.

 

 

Icinga 2.11 Release Candidate

Icinga 2.11 Release Candidate

For months we have been working on one of the biggest and most important releases since the creation of Icinga 2. Icinga 2 version 2.11 includes improvements for performance, stability and scalability. After many changes of lines of code, additions and deletions we believe we’re finally there. But we want to have you on board, so we decided to go with a Release Candidate first. Today we’re happy to announce the general availability of this release!

As you may know, Icinga’s core and network stack is written from scratch in C++, specifically the REST API and network event handling. They caused problems, and the attempts the past releases couldn’t reliably make them go away. We’ve therefore decided to do something unusual and resource intensive: Rewrite the whole network stack by using modern programming techniques and throw away the old implementation. This is a huge step forward and some may say, this would be Icinga 3.

Coming late to the party, fixes for reload handling and unwanted notifications also turned into a long-awaited feature: Run Icinga 2 in foreground and let the new umbrella process handle restarts and reloads. Additionally to the issues we’re aiming to fix, this comes in very handy for (Docker) containers as well!

Lean back and enjoy more changes, fixes and features – our GitHub milestone counts 280+ issues and PRs. With all the changes in mind, we want to make sure that 2.11 will be a great release. Snapshot packages have been tested in the past, now it is time to provide you with a release candidate. Please put it into your test stages and let us know about fixed problems or things we need to fix prior the final release!

Scroll down for installation instructions from our testing repository.

 

Rewritten Network Stack

The low level network I/O with JSON-RPC and HTTP on top was written from scratch many years ago. Recent times have shown problems with hanging TLS connections, stalled HTTP requests and resource consuming operations with the Icinga network stack. Since our old code did not allow us to fix all these bugs, we decided to create a few PoCs with different libraries and technologies. This resulted in a rewrite based on the well-known and tested Boost library. The price to a stable REST API and cluster environment are updated Boost packages which we provide on packages.icinga.com for your convenience.

 

Improved Cluster Sync & High Availability for Features

The cluster config sync and the possibility to just deploy config files into “zones.d” is a key feature in Icinga. With 2.11, we’re adding a long-wanted feature to it: Staging for received configuration. This avoids deploying broken configuration directly into production.

Another thing tackled is the storage for created objects during runtime. In the past, we received reports that downtimes were missing after restart. The underlaying problems have now been fixed. 2.11 heals itself whenever things don’t turn out well, additionally the troubleshooting docs help you during your debugging sessions.

Last but not least, we added our HA mechanism (you know it from the IDO feature) to other features as well. When enabling features like Graphite or Elasticsearch you can now set the setting enable_ha=true on both sides. The feature will then run only on one node and the other will take over in the case of failure.

 

Enhanced Core

The JSON library has been replaced and modernized for full UTF8 support. This comes in preparation for the IcingaDB backend and also solves possible crashes we’ve seen on GitHub.

Notifications which would be triggered during the reload phase are now properly sent. Furthermore, when a host/service is still NOT-OK after a downtime ends, a problem notification is sent immediately.

There’s a bunch of smaller enhancements too: all_services for the schedule-downtime host action, on-demand CSR signing CLI tools, getenv() as DSL function and much more.

 

Documentation

For this release, we’re making a dedicated documentation available which includes all changes and updates. Please note that all the documentation links point to “v2.11-RC1” and not “latest” in the doc URLs. Icinga 2.11 comes with numerous additions and changes, and for the first time we’ve written an extensive upgrading documentation. Don’t be afraid, you don’t need to migrate things manually. Look around, there are many improvements for service monitoring, distributed monitoring, features, technical concepts, development and the upgrading chapter.

As always, prior to installing things, make sure to check the Changelog for v2.11.0-rc1!

 

Installation

These details follow the instruction for testing daily snapshot packages with the main difference that v2.11.0-rc1 is available in another repository on packages.icinga.com. 2.11 requires newer Boost packages provided in the release repository, therefore this is needed for testing the release candidate as well.

 

Debian

apt-get update
apt-get -y install apt-transport-https wget gnupg

wget -O - https://packages.icinga.com/icinga.key | apt-key add -

DIST=$(awk -F"[)(]+" '/VERSION=/ {print $2}' /etc/os-release); \
 echo "deb https://packages.icinga.com/debian icinga-${DIST} main" > \
 /etc/apt/sources.list.d/${DIST}-icinga.list
 echo "deb-src https://packages.icinga.com/debian icinga-${DIST} main" >> \
 /etc/apt/sources.list.d/${DIST}-icinga.list

DIST=$(awk -F"[)(]+" '/VERSION=/ {print $2}' /etc/os-release); \
 echo "deb http://packages.icinga.com/debian icinga-${DIST}-testing main" > \
 /etc/apt/sources.list.d/${DIST}-icinga-testing.list
 echo "deb-src http://packages.icinga.com/debian icinga-${DIST}-testing main" >> \
 /etc/apt/sources.list.d/${DIST}-icinga-testing.list

apt-get update

DIST=$(awk -F"[)(]+" '/VERSION=/ {print $2}' /etc/os-release); \
apt-get install -t icinga-${DIST}-testing icinga2

On Debian Stretch, you also need to add the Backports repository before installation:

DIST=$(awk -F"[)(]+" '/VERSION=/ {print $2}' /etc/os-release); \
 echo "deb https://deb.debian.org/debian ${DIST}-backports main" > \
 /etc/apt/sources.list.d/${DIST}-backports.list

apt-get update

 

Ubuntu

apt-get update
apt-get -y install apt-transport-https wget gnupg

wget -O - https://packages.icinga.com/icinga.key | apt-key add -

. /etc/os-release; if [ ! -z ${UBUNTU_CODENAME+x} ]; then DIST="${UBUNTU_CODENAME}"; else DIST="$(lsb_release -c| awk '{print $2}')"; fi; \
 echo "deb https://packages.icinga.com/ubuntu icinga-${DIST} main" > \
 /etc/apt/sources.list.d/${DIST}-icinga.list
 echo "deb-src https://packages.icinga.com/ubuntu icinga-${DIST} main" >> \
 /etc/apt/sources.list.d/${DIST}-icinga.list

. /etc/os-release; if [ ! -z ${UBUNTU_CODENAME+x} ]; then DIST="${UBUNTU_CODENAME}"; else DIST="$(lsb_release -c| awk '{print $2}')"; fi; \
 echo "deb https://packages.icinga.com/ubuntu icinga-${DIST}-testing main" > \
 /etc/apt/sources.list.d/${DIST}-icinga-testing.list
 echo "deb-src https://packages.icinga.com/ubuntu icinga-${DIST}-testing main" >> \
 /etc/apt/sources.list.d/${DIST}-icinga-testing.list

. /etc/os-release; if [ ! -z ${UBUNTU_CODENAME+x} ]; then DIST="${UBUNTU_CODENAME}"; else DIST="$(lsb_release -c| awk '{print $2}')"; fi; \
apt-get install -t icinga-${DIST}-testing icinga2

 

RHEL/CentOS 7

yum -y install https://packages.icinga.com/epel/icinga-rpm-release-7-latest.noarch.rpm
yum -y install epel-release
yum makecache

cat >/etc/yum.repos.d/icinga-testing.repo <<EOF

[icinga-testing-builds]
name=ICINGA (testing builds for epel)
baseurl=http://packages.icinga.com/epel/\$releasever/testing/
enabled=1
gpgcheck=1
gpgkey=https://packages.icinga.com/icinga.key
metadata_expire=1d

EOF

yum makecache

yum install -t icinga-testing-builds icinga2

 

SLES

rpm --import https://packages.icinga.com/icinga.key

zypper ar https://packages.icinga.com/SUSE/ICINGA-release.repo
zypper ref -fs

cat >/etc/zypp/repos.d/icinga-testing.repo <<EOF

[icinga-testing-builds]
name=ICINGA (testing builds for SUSE \$releasever)
baseurl=https://packages.icinga.com/SUSE/\$releasever/testing/
enabled=1
gpgcheck=1
gpgkey=https://packages.icinga.com/icinga.key
metadata_expire=1d

EOF

zypper ref -fs

zypper in icinga2

 

Windows

x64 and x86.

If you need help with testing the release candidate, or want to discuss new things, hop onto our community forums.

Update 2019-08-01: In case you’re encountering “no shared cipher” errors with 2.10.x agents on RHEL7 or Windows connecting to parent 2.11 RC1 instances, please adjust the “cipher_list” configuration as shown in this issue. More troubleshooting hints can be found here.

Update 2019-08-06: Added backports repo for Debian Stretch. All RC feedback is collected and smaller fixes are applied, nothing which harms testing the RC. Thanks for your ongoing feedback!

 

 

Icinga Cube 1.1.0 is out!

Icinga Cube 1.1.0 is out!

As a little introduction for everyone who has not heard about the cube yet:

The cube module is there to show statistics grouped by the custom variables that have been set for the hosts and services. They are then displayed in up to three dimensions for a quick overview to show the relations.

cube module preview

 

The services are going cubin’!

The most prominent change is the addition of services:
While it used to be only possible to have the hosts in a cube, the module has now been extended to provide full functionality with services as well.

You can easily switch between hosts and services, while we keep the filters of your cube in place!

  • Support Services #37

 

No more SQL dump crashes! (or at least fewer)

PostgreSQL rollup syntax errors are now smoothed out and will work as intended – also including the documentation for the requirements.
Having custom variables names like SQL keywords also no longer break the cube!

  • Fix SQL keywords breaking the queries #38
  • Fix rollup syntax for PostgreSQL databases #29 + #24

 

Restrictions are in place

Adds a filter that considers protected custom variables.
The cube now polls the restrictions set in the monitoring module and only shows the hosts that the user has permission to view.

  • Apply monitoring restrictions #33
  • Respect protected custom vars #25

 

And just a pinch of UX

Removed the possibility to add more than three dimensions to the cube – we live in a three dimensional world after all.
When the name of a cube tile is too long to fit, it will no longer push everything else downwards but be shortened with an ellipsis instead!

  • Limit to 3 dimensions #36
  • Truncate long headers #35

 

Fixed pröblems with ümlauts

The URL encoding has been adapted so that both white spaces and umlauts are now supported!
Name your vars however you like!

  • Fix Slices with whitespace or umlaut in data field #17

 

 

Icinga 2.10.5

Icinga 2.10.5

This release fixes a regression introduced with namespaces in 2.10 where advanced permission filters could result in a crash with many concurrent requests. It also fixes the problem that permission filters are sometimes not applied correctly. Thanks VSHN for sponsoring the development time!

Another problem hidden in the dark was introduced in 2.9 with changed reload signals. This caused the reload shutdown handler to deactivate host and hostgroup objects in the IDO database backend, with later activating them on startup reconnect. Large scale environments would suffer from seconds to minutes not seeing objects in Icinga Web 2 then.

Last but not least, our road to better code quality unveiled that certain compilers don’t treat us well with shared pointers references and resulting crashes. This release fixes crashes with logrotate signals and other timer related problems, e.g. state file handling.

We’ve also added some documentation improvements for the REST API, object types, feature overview and technical concepts with JSON-RPC cluster messages – inspired by the feedback from our Icinga Discourse 🙂

Checkout the full changelog for 2.10.5 here. Please note that SLES11 and Ubuntu14 packages are not available anymore. 

Special thanks goes out to Elias Ohm from novomind AG 🙂 He’s been debugging and fixing the many issues with us together, magnificent team work!

Note: API and cluster/agent related problems will be fixed in 2.11, requiring us to rewrite large parts of the code base. You can help test the snapshot packages and provide feedback. Thanks in advance!

Icinga Web 2.6.3

Icinga Web 2.6.3

We are happy to announce a new bugfix release for Icinga Web 2. Official packages are available on packages.icinga.com. Community repositories might need a while to catch up.

You can find issues related to this release on our Roadmap.

 

PHP 7.3

Now supported.

 

LDAP – Community contributions, that’s the spirit

With the help of our users we’ve finally fixed the issue that defining multiple hostnames and enabling STARTTLS has never properly worked. Also, they’ve identified that defining multiple hostnames caused a customized port not being utilized and fixed it themselves.

There has also a rare case been fixed that caused no group members being found in case object classes had a different casing than what we expected. (Good news for all the non-OpenLdap and non-MSActiveDirectory users)

  • LDAP connection fails with multiple servers using STARTTLS #3639
  • LDAPS authentication ignores custom port setting #3713
  • LDAP group members not found #3650

 

We take care about your data even better now

With this are newlines and HTML entities (such as &nbsp;) in plugin output and custom variables meant. Sorry if I’ve teased some data security folks now.

  • Newlines in plugin output disappear #3662
  • Windows path separators are converted to newlines in custom variables #3636
  • HTML entities in plugin output are not resolved if no other HTML is there #3707

 

You’ve wondered how you got into a famous blue police box?

Don’t worry, not only you and the european union are sometimes unsure what’s the correct time.

  • Set client timezone on DB connection #3525
  • Ensure a valid default timezone is set in any case #3747
  • Fix that the event detail view is not showing times in correct timezone #3660

 

UI – The portal to your monitoring environment, improved

The collapsible sidebar introduced with v2.5 has been plagued by some issues since then. They’re now fixed. Also, the UI should now flicker less and properly preserve the scroll position when interacting with action links. (This also allows the business process module to behave more stable when using drag and drop in large configurations.)

  • Collapsible Sidebar Issues #3187
  • Fix title when closing right column #3654
  • Preserve scroll position upon form submits #3661

 

Corrected things we’ve broke recently

That’s due to preemptive changes to protect you from bad individuals. Unfortunately this meant that some unforeseen side-effects appeared after the release of v2.6.2. These are now fixed.

  • Multiline values in ini files broken #3705
  • PHP ini parser doesn’t strip trailing whitespace #3733
  • Escaped characters in INI values are not unescaped #3648

Though, if you’ve faced issue #3705 you still need to take manual action (if not already done) as the provided fix does only prevent further occurrences of the resulting error. The required changes involve the transformation of all real newlines in Icinga Web 2’s INI files to literal \n or \r\n sequences. (Files likely having such are the roles.ini and announcements.ini)