View
732
Download
0
Category
Preview:
Citation preview
www.icinga.org
Icinga Director
IcingaCamp Amsterdam – 28/06/16
Thomas Gelf
Web 2 Product owner
Module prototyping machine
Principal Consultant @netways
AGENDA
Talk structure
while (! $talk->outOfTime()) {
$camp->showSomeSlides() ->doFancyLiveDemo();
}
HISTORY
Motivations for a new config tool
Icinga 2: new config format DSLold config tools do not fit any more
Ever configured a DSL?
Getting started
Installation
provide a database
tell Director...
...and he cares about the rest
Using Puppet?
Idempotency out of the box :-)Try `--help` or the documentation for more information
Same for Kickstart!
Let's try it out!
CONFIGURATION MADE EASY
Icinga Director's target audience
fully automated environments
point & click users
at the very same time (!!)
Show me the click thingy!
DEMO
ARCHITECTURE
Architecture
• How and where to attach• How does it talk to my Icinga nodes• Masters, Satellites, Agents?
Architecture
Protocol
• Uses the Icinga 2 API (TLS, REST)• Ships whole config, not single objects• This is ways faster with lots of objects• Could still ship partial changes
Communication Paths
• Director talks to your master node(s)• Deploys always to the very same node• Knows agents / satellites• Controls them via config distribution
AUTOMATION FIRST
Import & Sync
• Bomb it with your data• Do not really care about sync details
Automate all the tasks
• Import, Sync and Config Deployment• Granular control. Automatic Deployment only at office hours and not more then one deployment every 10 minutes? Sure, why not.
Icinga loves automation
• Director is a perfect fit for Puppet• Collecting resources with Puppet is slow• Faster: sync from PDB• Exporting resources?• Use Director as your collector!
Cloud first
Impossible, show me a demo
IS IT APIFIED?
Director offers a REST API
• Simple and powerful• Easy and intuitive to use• Assists you with the trickiest part of the job: detect and handle changes
Monitoring has to „just work“• No one wants to waste time on it• But not every system is fully automated• e.g. „Add a new MSSQL instance“• Environmental sensors
Deploying every few minutes?• Don't want to wait for next Puppet run? • New hosts or apps need to be actively monitored seconds after being deployed
Demo
HOW CAN YOU USE DIRECTOR?
Lots of datasources?
Director is your single source of truthCMDB has a lot of infomation......but not everything...and somewhat outdatedUse it nonethelessEnrich it with other sources
Using Satellites?
• Use templates with defined Zone• Config flows top-bottom• Commands and templates are usually still deployed to the global zone
• You can override those decisions on any object at any time
Running Icinga 2 Agent?
Do not care about Zones and EndpointsThey are autocreatedProvided certificate signing ticketsGenerated customized icinga2.conf
EXTEND IT!
Director is highly modular
Current Hooks:
DataType, ImportSource,
PropertyModifier, ShipConfigFiles
Even Directors own implementations extend and use them to
provide you nice real-world examples
Demo
USE IT!
Codehttps://www.github.com/Icinga
→ icingaweb2-module-director
https://www.github.com/Thomas-Gelf
→ icingaweb2-module-aws
→ icingaweb2-module-puppetdb
→ icingaweb2-module-fileshipper
Thank You!www.icinga.org
dev.icinga.org
git.icinga.org
@icinga
/icinga
+icinga
QUESTIONS?Thomas Gelf <thomas.gelf@netways.de>
Recommended