Scribd
Upload
213 views73 pages

An Overview of The Icinga Network Monitoring System Architecture

Icinga is an open source monitoring software that is a fork of Nagios. Icinga2 is a rewrite of the software that is multithreaded and modular. It uses objects like hosts, services, and notifications to define the monitoring configuration. Icinga2 can be installed from packages on many operating systems. It uses features like zones for high availability, an API for programmatic access, and integrates with tools like Icinga Web 2 and IDO. The roadmap includes improvements based on user feedback and releasing new modules.

Uploaded by

shu2u
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
213 views73 pages

An Overview of The Icinga Network Monitoring System Architecture

Icinga is an open source monitoring software that is a fork of Nagios. Icinga2 is a rewrite of the software that is multithreaded and modular. It uses objects like hosts, services, and notifications to define the monitoring configuration. Icinga2 can be installed from packages on many operating systems. It uses features like zones for high availability, an API for programmatic access, and integrates with tools like Icinga Web 2 and IDO. The roadmap includes improvements based on user feedback and releasing new modules.

Uploaded by

shu2u
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 73

www.icinga.

org

ICINGA2
OPEN SOURCE MONITORING

backspace
08.12.2015
• Blerim Sheqa
• Systems Engineer
• Open Source
• @bobapple
ICINGA2
INTRODUCTION
• Icinga

Nagios fork
• Icinga2

rewrite

rethink
Server

Network

Windows
• Everything is a feature
Perfdata Graphite Livestatus

• Multithreaded
• Modular Features
Notify Compat
• Zone support
• Secure Agent
Checker Gelf IDO
• Run CheckCommands

basically scripts
• Retreive result
• React
Server

Notify

Checker
Checker

IDO
Network

Graphite

Windows
ICINGA2
INSTALLATION
• packages.icinga.org
• Repositories

SUSE / openSUSE

Debian

Ubuntu

Raspbian

Fedora

Epel
• Windows

Chocolatey

icinga2.exe
ICINGA2
OBJECTS
• Everything is an object

Objects reference other objects
• CheckCommands

Tell Icinga how to use your plugin

Icinga Template Library (ITL)
object CheckCommand "check_http" {

import "plugin-check-command"

command = [ PluginDir + "/check_http" ]

arguments = {
"-H" = "$http_vhost$"
"-S" = {
set_if = "$http_ssl$"
}
"-a" = {
value = "$http_auth_pair$"
description = "Basic auth username and password"
}
}

}
• Hosts

No further explanation
object Host “webserver-1 {
display_name = "Webserver 1"
address = "127.12.3.87"
address6 = "2001:db8:0:1"

groups = [ "all-hosts" ]

check_command = "hostalive"

vars.os = “Linux”
vars.oncall = true
}
• Services

Running your CheckCommands
object Service "http" {

host_name = "webserver-1"
display_name = "HTTP"

check_command = "check_http"
check_interval = 60s

vars.http_vhost = "hackerspace-bamberg.de"

}
check_http
webserver-1
ICINGA2
EXCHANGE
• Notifications

Run a notification script
object Notification "webserver-http-notification" {

host_name = "webserver-1"
service_name = "http"

command = "mail-notification"

users = [ "herp", "derp" ]

types = [ Problem, Recovery ]

}
ICINGA2
IDO
• Icinga Data Output

Export configuration and status
information

Used by webinterfaces

MySQL / PostgreSQL
ICINGA2
APPLY RULES
• Apply Rules

Assign objects based on rule expressions
assign where host.vars.os == “Linux”

assign where service.vars.oncall == true

assign where match("webserver-*", host.name)

ignore where host.vars.test_server == true

ignore where match("*internal", host.name)


apply Service "ssh" {

import "generic-service"

check_command = "ssh"

assign where host.vars.os == "Linux"

}
apply Notification "oncall-sms" to Service {

import "sms-service-notification"

user_groups = [ "noc" ]

assign where service.vars.oncall

}
assign where match("*has gold support 24x7*", service.notes)
&& (host.vars.customer == "customer-xy" ||
host.vars.always_notify == true)

ignore where match("*internal", host.name) ||


(service.vars.priority < 2 && host.vars.is_clustered == true)
ICINGA2
INTERACT
• Downtimes

Set services to maintanance mode

Suppress notifications

Don't show up on webinterface
• Acknowledgement

“I know it's broken, leave me alone”

“Ok ...”

“But tell me if it breaks again”
• Eventhandler

Run a command when the state of a
service changes
ICINGA2
ZONES
• Zones

High availability

Distributed setups

Load distribution

Remote clients
Zone

Server

Network

Windows
object Endpoint "icinga2a" {
host = "icinga2a.icinga.org"
}

object Endpoint "icinga2b" {


host = "icinga2b.icinga.org"
}

object Zone "config-ha-master" {


endpoints = [ "icinga2a", "icinga2b" ]
}
• Zones communication

SSL

CLI tools for simplification

Config distribution

Accept config

Accept commands
/etc/icinga2
|- icinga2.conf
|- pki/
|- zones.d/
|–- master/
|-- services.conf
|-- hosts.conf
ICINGA2
CLUSTER SCENARIOS
Zone

Server

Network

Windows
Master Zone Frankfurt

Server
Server Server
Server Server
Server

Berlin

Server
Server Server
Server Server
Server

München

Server
Server Server
Server Server
Server
object Zone "satellite-frankfurt" {

endpoints = [ "icinga2c" ]
parent = "config-ha-master"

}
Zone

Server

Network

Windows
Master Zone Frankfurt

Server
Server Server
Server Server
Server

Berlin

Server
Server Server
Server Server
Server

München

Server
Server Server
Server Server
Server
Global Zone

Master Zone Frankfurt

Server
Server Server
Server Server
Server

Berlin

Server
Server Server
Server Server
Server

München

Server
Server Server
Server Server
Server
/etc/icinga2
|- icinga2.conf
|- pki/
|- zones.d/
|-- global/
|-- commands.conf
|–- master/
|-- services.conf
|-- hosts.conf
|-- frankfurt/
|-- services.conf
|-- hosts.conf
|-- berlin/
|-- services.conf
|-- hosts.conf
|-- muenchen/
|-- services.conf
|-- hosts.conf
ICINGA2
API
• HTTP with RESTful Url Schema
• ApiUser config object
• X.509 and/or Basic Auth
object ApiUser "root" {

password = "icinga”
permissions = [ "*" ]

}
permissions = [
{
permission = "objects/query/Host"
filter = {{ regex("^Linux", host.vars.os) }}
},
{
permission = "objects/query/Service"
filter = {{ regex("^Linux", service.vars.os) }}
}
]
• create, modify and delete objects
• retrieve information and run actions
• subscribe to events
• manage configuration packages
• Configuration management
• New standard config API
• Support for Packages and Stages
• Support for Zones
• Event Streams
• Based on Types and Filters
CheckResult, StateChange, Notification,
AcknowledgementSet, AcknowledgementCleared,
CommentAdded, CommentRemoved, DowntimeAdded,
DowntimeRemoved, DowntimeTriggered
• Example
/v1/events?queue=backspace&types=CheckResult
• Status, Objects, Actions and Events
• Simple filter
• services?service=localhost!ping6
• Advanced filter
• type=Service&filter=service.name==%22ping6%22
ICINGA WEB 2
• Developed in PHP 5.3
• Multiple authentication methods
• Active Directory, LDAP and DB
• Via Webserver, e.g. Kerberos
• May be chained
• Easy to extend and embed
• JSON and CSV export
• Support for MySQL and PostgreSQL
• Responsive layout
BP NagVis PNP

Monitoring Docs

Web 2
ICINGA ROADMAP – WHAT’S NEXT?
Improving the product based on your
feedback
We are thinking about a new historical
datastore for Icinga 2 (not in 2.5)
We plan to release more modules for
Icinga Web 2 in the next months
We’ll release a web based configuration
module for Icinga Web 2
• Icinga 2.5 is planned for Q1 2016
• Icinga Web 2.2 is planned for Q1 2016
OUR VISION
CONCLUSION
• Download Icinga 2 and Icinga Web 2
• Or play with the Vagrant boxes
• Rethink your configuration
• Give us feedback
THANK YOU!
www.icinga.org
@icinga
dev.icinga.org
/icinga
git.icinga.org
+icinga

You might also like