Ansible Role icingadb

This role installs and configures IcingaDB.

When running the icingadb:migration tag, it also tries to prepare the configuration file required for the migration from the IDO feature to Icinga DB. Note that the migration requires the following manual steps after running the role:

1. Double check the values in /tmp/icingadb-migration.yml

2. Run the migration: icingadb-migrate --config /tmp/icingadb-migration.yml --cache /tmp/icingadb-migration.cache

3. Clean up: rm -rf /tmp/icingadb-migration.cache /tmp/icingadb-migration.yml

4. If everything works, disable the IcingaWeb2 monitoring module: icingacli module disable monitoring Also have a look at https://icinga.com/docs/icinga-db-web/latest/doc/10-Migration/ for other migration steps.

Notes on high availability / Icinga2 Master clusters:

• Redis: „Each of the master nodes must have the Icinga DB feature enabled and have their own dedicated Redis server set up for it.“

• SQL database: „Icinga DB instances must write to the same database, which of course can be replicated or a cluster.“

• Environment ID: Make sure that /var/lib/icinga2/icingadb.env is the same on all master nodes.

• Have a look at the official documentation.

Runs on

• RHEL 8 (and compatible)

Mandatory Requirements

• A configured Icinga2 Master Setup. This can be done using the linuxfabrik.lfops.setup_icinga2_master playbook.

Tags

Tag	What it does
icingadb	Installs and configures IcingaDB.
icingadb:migration	Not normally run. Prepares the migration of the history from the IDO feature to Icinga DB.

Mandatory Role Variables

Variable	Description
icingadb__api_user_login	The account for accessing the Icinga2 API.
icingadb__database_login	The user account for accessing the IcingaDB SQL database. Currently, only MySQL is supported.

Example:

# mandatory
icingadb__api_user_login:
  username: 'icingadb-api-user'
  password: 'linuxfabrik'
icingadb__database_login:
  username: 'icingadb'
  password: 'linuxfabrik'

Optional Role Variables

Variable	Description	Default Value
icingadb__api_host	The host on which the Icinga2 API is reachable.	'localhost'
icingadb__api_port	The port on which the Icinga2 API is reachable.	5665
icingadb__database_host	The host on which the IcingaDB SQL database is reachable.	127.0.0.1
icingadb__database_login_host	The Host-part of the SQL database user.	127.0.0.1
icingadb__database_name	The name of the IcingaDB SQL database.	'icingadb'
icingadb__redis_host	The host on which Redis instance is reachable.	'127.0.0.1'
icingadb__redis_password	The password for the Redis instance, if authentication is enabled.	unset
icingadb__redis_port	The port on which Redis instance is reachable.	6379
icingadb__retention_history_days	Number of days to retain full historical data. By default, historical data is retained forever.	unset
icingadb__service_enabled	Enables or disables the IcingaDB service, analogous to systemctl enable/disable --now.	true

Example:

# optional
icingadb__api_host: 'localhost'
icingadb__api_port: 5665
icingadb__database_host: '127.0.0.1'
icingadb__database_login_host: 'localhost'
icingadb__database_name: 'icingadb'
icingadb__redis_host: '127.0.0.1'
icingadb__redis_password: 'linuxfabrik'
icingadb__redis_port: 6379
icingadb__retention_history_days: 360
icingadb__service_enabled: true

License

The Unlicense

Author Information

Linuxfabrik GmbH, Zurich