Hi All,
Sorry for replying my own thread. I tried to play with Icinga 2
configuration. I remove accept_command and accept_config from api.conf
(since the default is false). On master I get this error message :
[2016-02-02 08:29:07 +0000] notice/JsonRpcConnection: Received
'event::Heartbeat' message from 'mongo01.prod01.example.com'
[2016-02-02 08:29:07 +0000] notice/JsonRpcConnection: Received
'log::SetLogPosition' message from 'mongo01.prod01.example.com'
[2016-02-02 08:29:07 +0000] notice/JsonRpcConnection: Received
'event::SetNextCheck' message from 'mongo01.prod01.example.com'
[2016-02-02 08:29:07 +0000] notice/ClusterEvents: Discarding 'next check
changed' message from 'mongo01.prod01.example.com': Unauthorized access.
[2016-02-02 08:29:11 +0000] notice/JsonRpcConnection: Received
'event::CheckResult' message from 'mongo01.prod01.example.com'
[2016-02-02 08:29:11 +0000] notice/ClusterEvents: Discarding 'check result'
message from 'mongo01.prod01.example.com': Unauthorized access.
>From troubleshooting guide I read that Unauthorized Access is due to "The
check result message sent by the client does not belong to the zone the
checkable object is in on the master", but I have no clue which
configuration is missing or incorrect.
My master zones.conf :
object Endpoint NodeName {
}
object Zone ZoneName {
endpoints = [ NodeName ];
}
My client zones.conf
object Endpoint "icinga2a.noc.example.com" {
host = "icinga2a.noc.example.com";
port = "5665";
}
object Zone "master" {
endpoints = [ "icinga2a.noc.example.com" ];
}
object Endpoint NodeName {
}
object Zone ZoneName {
endpoints = [ NodeName ];
parent = "master";
}
On the web the status is always pending but when I click "check now" all
check become ok. Please help which configuration should I change. Thank you.
Regards,
Panji
On Mon, Feb 1, 2016 at 5:18 PM, Muhammad Panji <sumodi...@gmail.com> wrote:
> Hi All,
> I'm trying to understand how passive check works on Icinga2. If I
> understand correctly local configuration only is the same with passive
> check.
>
> What I did :
> 1. On client machine I configure /etc/icinga2/constants.conf and
> /etc/icinga2/zones.conf
> 2. Certificate already on both client and master
> 3. On client, in /etc/icinga2/conf.d/ I add :
> - apt-conf
> - hosts.conf
> - satellite.conf
> - services.conf
> - templates.conf
> 4. on /etc/icinga2/feature-enabled.api.conf, I set :
> accept_config = false
> accept_commands = false
> I believe this is also the default.
> 5. When I run icinga2 node update-config on master, master create files on
> /etc/icinga2/repository.d/hosts,zones, and endpoint. And of course reload
> icinga2 on master.
>
> When I checked on System -> Monitoring Health. All check still go to
> active check and passive check list 0 for both host checks and service
> checks.
>
> Anything I missed for passive check / client only configuration in icinga2?
>
> If I want to change the configuration, should I change the configuration
> on client, do update-config on master and reload icinga2 on both client and
> master?
>
> Thank you in advance.
> Regards,
>
>
> --
> Muhammad Panji
> http://www.panji.web.id
> http://www.kurungsiku.com
>
--
Muhammad Panji
http://www.panji.web.id
http://www.kurungsiku.com
_______________________________________________
icinga-users mailing list
icinga-users@lists.icinga.org
https://lists.icinga.org/mailman/listinfo/icinga-users
