Skip to content
This repository has been archived by the owner on Feb 5, 2024. It is now read-only.

Super-Visions/icinga2-formula

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

icinga2

Icinga2 Formula

Features

This formula can install, configure and run Icinga2. Can implement a single server or a cluster.

In cluster mode it is tested for Local Configuration scenario. So in this case Saltstack manage the changes of the configurations for each Icinga2 Client

Compatibility

Saltstack: 2015.8.8

Icinga2: 2.8.0

Available states

  • Configure icinga2 repo
  • Install icinga2 package
  • Run icinga service

Configure almost all the options for icinga2 reading information from default values and/or pillar. It uses a wrapper to generate each configuration file programmaticaly reading the data from yaml. The defaults.yaml file has all the values for the default configuration of the basic installation for icinga2

  • Install python-m2crypto dependency
  • Create base directory for pki

Setup an CA for icinga2 to use. It uses the features of saltstack and the x509 state module. It exports the CA certificate to the saltstack mine for other nodes to use it

Create the master certificate, send it to the CA server to sign it and retrieve the signed certificate to store it. Then it exports the certificate to the mine for other nodes to use it

Create the node certificate, send it to the CA server to sign it and retrieve the signed certificate to store it. It also retrieves the master certificate.

Configure and enable features. For now it only manage the api feature

  • Run pki node
  • Run config
  • Run features
  • Run pki master
  • Run config
  • Run features

Running

Standalone

If you want to only install and run icinga with default configs

salt '*' state.sls icinga2

If you want to only install and run icinga with default configs

salt '*' state.sls icinga2.config

Cluster

You must first create an orchestration state to run the steps in the proper way. The formula provides an example on test/salt/orch/icinga2.sls and then run

salt-run state.orch orch.icinga2

The formula make use of saltstack mine functionality to store the certificates of the CA and master servers so you need to configure a couple of mine_functions to use this functionality.

Is also necessary to allow peer communication to allow communication between the minions that will become icinga2 nodes and the CA.

peer:
  .*:
    - x509.sign_remote_certificate

Example pillar files to have the settings necessary for a cluster deployment can be found on the test/cluster folder

Ideas and future development

  • Implement a proper salt module to communicate with Icinga2. Via CLI and/or API
  • Support other modes of Icinga2 clustering manager
  • Add configuration for all the features

Template

This formula was created from a cookiecutter template.

See https://github.com/richerve/saltstack-formula-cookiecutter.

Releases

No releases published

Packages

No packages published

Languages

  • SaltStack 54.9%
  • HTML 25.3%
  • Ruby 19.3%
  • Python 0.5%