Ansible Role icinga2_agent
This role installs Icinga2, configures it to act as an agent, and tries to registers the host in the Icinga Director.
Currently, this role only works if the host can reach the Icinga2 master API.
Mandatory Requirements
Enable the Icinga Package Repository. This can be done using the linuxfabrik.lfops.repo_icinga role.
A configured Icinga2 Master. This can be done using the linuxfabrik.lfops.icinga2_master role.
Tag |
What it does |
|---|---|
|
Installs and configures icinga2 as an agent |
|
Runs the |
|
Manages the state of the Icinga2 service |
|
Linux only. Updates the Icinga2 package and restarts the service |
Mandatory Role Variables
Variable |
Description |
|---|---|
|
The account for generating a ticket for this agent using the Icinga2 API (API of Icinga Core). The account needs to have the |
|
The common name of the Icinga2 Master. |
|
Mandatory for Windows. The version of the Icinga2 Agent to install. Possible options: https://packages.icinga.com/windows/. |
Example:
icinga2_agent__icinga2_api_user_login:
password: 'password'
username: 'enrolment-user'
icinga2_agent__icinga2_master_cn: 'master.example.com'
icinga2_agent__windows_version: 'v2.12.8'
Optional Role Variables
Variable |
Description |
Default Value |
|---|---|---|
|
A list of dictionaries with additional Icinga2 master endpoints. Subkeys: |
|
|
The bind host. This allows restricting on which IP addresses the Agent is listening. |
unset |
|
The common name of the Icinga2 Agent. Tries to default to the FQDN of the server. |
|
|
The host address of the Icinga Director host object. Tries to default to the IPv4 address of the server. |
|
|
The host display name of the Icinga Director host object. Tries to default to the hostname. |
|
|
A list of Icinga Director host templates which should be imported for this server. |
|
|
The URL to the Icinga2 API. Will be used to generate the ticket for the agent certificate. |
|
|
The host where the Icinga2 Master is running. Has to be reachable from the Agent. |
|
|
The port on which the Icinga2 master is reachable. |
|
|
The URL where the IcingaWeb2 (the API) is reachable. This will be used to register the host in the Icinga Director (otherwise the host is registered in Icinga Core, but not visible in Icinga Director). |
|
|
A IcingaWeb2 user with |
unset |
|
The Icinga2 parent zone of the host. |
|
|
Enables or disables the Icinga2 service, analogous to |
|
|
If false, TLS certificates offered by the Icinga Master will not be validated. This should only set to false used on personally controlled sites using self-signed certificates. |
|
|
The path where the Icinga2.exe will be downloaded to. Certain Windows versions disallow the creation of files in |
|
|
The Windows user account under which the Icinga2 service will be run. |
|
|
The zone of the agent (endpoint). Change this if you are installing a satellite. |
|
Example:
# optional
icinga2_agent__additional_icinga2_master_endpoints:
- host: 'master2.example.com'
port: 5665
- host: 'master3.example.com'
icinga2_agent__bind_host: '0.0.0.0'
icinga2_agent__cn: '{{ ansible_facts["nodename"] }}'
icinga2_agent__director_host_object_address: '{{ ansible_facts["default_ipv4"]["address"] }}'
icinga2_agent__director_host_object_display_name: '{{ ansible_facts["hostname"] }}'
icinga2_agent__director_host_object_import:
- 'tpl-host-linux'
icinga2_agent__icinga2_api_url: 'https://master3.example.com:{{ icinga2_agent__icinga2_master_port }}'
icinga2_agent__icinga2_master_host: '192.0.2.10'
icinga2_agent__icinga2_master_port: 5665
icinga2_agent__icingaweb2_url: 'https://monitoring.example.com/icingaweb2'
icinga2_agent__icingaweb2_user_login:
password: 'password'
username: 'enrolment-user'
icinga2_agent__parent_zone: 'satellite01'
icinga2_agent__service_enabled: true
icinga2_agent__validate_certs: true
icinga2_agent__windows_download_path: 'D:\Downloads'
icinga2_agent__windows_service_user: 'Icinga Service User'
icinga2_agent__zone: 'satellite'