Ansible Role: icinga2

Ansible role to setup Icinga2 master or satellite.

---

I am in the process of transferring this role to a collection and will therefore no longer process any issues or merge requests here.
However, I will include them in the collection!
Please be patient until I have completed the work!

---

Requirements & Dependencies

Ansible Collections

• bodsch.core

ansible-galaxy collection install bodsch.core

or

ansible-galaxy collection install --requirements-file collections.yml

Python Module

• dnspython

Operating systems

Tested on

• ArchLinux
• Debian based
  • Debian 10 / 11
  • Ubuntu 20.04
• RedHat based
  • Alma Linux 8
  • Rocky Linux 8
  • OracleLinux 8

Contribution

Please read Contribution

Development, Branches (Git Tags)

The master Branch is my Working Horse includes the "latest, hot shit" and can be complete broken!

If you want to use something stable, please use a Tagged Version!

Credits

• Michael Friedrich
• Nicolai Buchwitz
• Julien Tognazzi
• Carsten Köbke
• Jo. Fiedler
• and many others to make icinga2 what it is

---

Please read the following documention for configuration points.

Documentation

• Features
• API Users
• groups
• apply rules
• downtimes
• check commands
• master
• satellite
• Backup and Restore

---

Examples

A complete test setup can be found in the GitLab under icinga2-infrastructure.

Icinga2 Master

single-master

---
- host: icinga-master
  vars:
    icinga2_ido:
      user: icinga2_ido
      password: icinga2_ido
      host: localhost
      cleanup:
        acknowledgements_age: 72h

    icinga2_api:
      user:
        icinga2:
          password: S0mh1TuFJI
          permissions: '*'

    icinga2_salt: 42T2fYT7bIxj5v291ajAW6kK0njvNMww8eWinBdEO5vh02xwC5qaNMMx77qNkYFE

    icinga2_masters:
      master-1.icinga.local:

    icinga2_host_object:
      master-1.icinga.local:
        endpoint_name: master-1.icinga.local
        zone: master
        display_name: master-1.icinga.local
        import: generic-host
        address: '{{ ansible_default_ipv4.address }}'
        vars: |
          os = "Linux"
          dist = "{{ ansible_distribution }}"
          dist_ver = "{{ ansible_distribution_version }}"
          disks = {
            "disk /" = {
              disk_partitions = "/"
            }
          }
          services = [ "uptime", "memory" ]

  roles:
    - role: icinga2

multi-master

---
- host: icinga-master
  vars:
    icinga2_ido:
      user: icinga2_ido
      password: icinga2_ido
      host: localhost
      cleanup:
        acknowledgements_age: 72h

    icinga2_api:
      user:
        icinga2:
          password: S0mh1TuFJI
          permissions: '*'

    icinga2_salt: 42T2fYT7bIxj5v291ajAW6kK0njvNMww8eWinBdEO5vh02xwC5qaNMMx77qNkYFE

    icinga2_ha: true

    icinga2_masters:
      master-1.icinga.local:
        # type: primary
        ip: 192.168.130.20
        port: 5665
      master-2.icinga.local:
        ip: 192.168.130.21

  roles:
    - role: icinga2

Icinga satellite

simple

---
- host: icinga-master
  vars:
    icinga2_mode: satellite

    icinga2_salt: 42T2fYT7bIxj5v291ajAW6kK0njvNMww8eWinBdEO5vh02xwC5qaNMMx77qNkYFE

    icinga2_masters:
      master-1.icinga.local:

    icinga2_host_object:

      satellite-1.icinga.local:
        endpoint_name: satellite-1.icinga.local
        zone: "{{ icinga2_satellite_zone }}"
        display_name: satellite-1.icinga.local
        import: generic-host
        address: '{{ ansible_default_ipv4.address }}'
        vars: |
          os = "Linux"
          dist = "{{ ansible_distribution }}"
          dist_ver = "{{ ansible_distribution_version }}"
          satellite = true
          disks = {
            "disk /" = {
              disk_partitions = "/"
            }
          }
          services = [ "uptime" ]

  roles:
    - role: icinga2

multi satellite with zones

---
- host: icinga-master
  vars:
    icinga2_mode: satellite

    icinga2_salt: 42T2fYT7bIxj5v291ajAW6kK0njvNMww8eWinBdEO5vh02xwC5qaNMMx77qNkYFE

    icinga2_masters:
      master-1.icinga.local:

    icinga2_satellites:
      zone1:
        satellite-1.icinga.local:
          ip: 192.168.130.30
        satellite-2.icinga.local:
          ip: 192.168.130.31

  roles:
    - role: icinga2

tests

for testing

tox -e py38-ansible29 -- molecule

tox -e py38-ansible29 -- molecule -s icinga2-satellite

Troubleshooting & Known issues

API

export CURL_OPTS="--silent --insecure"
export ICINGA_CREDS="--user icinga2:S0mh1TuFJI"
export ICINGA_API_URL="https://master-1.icinga.local:5665/v1"

$ curl ${ICINGA_CREDS} ${CURL_OPTS} --header 'Accept: application/json' ${ICINGA_API_URL}/status/ApiListener | jq --raw-output ".results[].status.api.zones"

$ curl ${ICINGA_CREDS} ${CURL_OPTS} --header 'Accept: application/json' ${ICINGA_API_URL}/status/CIB | jq --raw-output '.results[].status.uptime'

$ curl ${ICINGA_CREDS} ${CURL_OPTS} --header 'Accept: application/json' ${ICINGA_API_URL}/status/ApiListener | jq --raw-output ".results[].status.api"

$ curl ${ICINGA_CREDS} ${CURL_OPTS} ${ICINGA_API_URL}/objects/hosts | jq

$ curl ${ICINGA_CREDS} ${CURL_OPTS} --header 'Accept: application/json' --header 'X-HTTP-Method-Override: GET' --request POST --data '{ "attrs": [ "name" ], "type": "Host", "filter": "host.name==\"master-1.icinga.local\"" }' ${ICINGA_API_URL}/objects/hosts

License

BSD 2-clause