Icinga Director

www.icinga.org

Icinga Director

IcingaCamp Berlin – 01/03/15

Thomas Gelf

Web 2 Product owner

Module prototyping machine

Principal Consultant @netways

Talk structure

while (! $talk->outOfTime()) {

$camp->showSomeSlides() ->doFancyLiveDemo();

}

AGENDA

What is this?

Why should I use it?

Where can I get it?

What is this?A powerful config tool for Icinga 2

Why should I use it?

Where can I get it?

What is this?A powerful config tool for Icinga 2

Why should I use it?It is fancy, fast and sexy!

Where can I get it?

What is this?A powerful config tool for Icinga 2

Why should I use it?It is fancy, fast and sexy!

Where can I get it?https://github.com/Icinga/

Sexy?

HISTORY

A little bit of history

Kickof meeting April 17th, 2016

Initial commit: two days later

Getting started

Installation

provide a database

tell Director...

...and he cares about the rest

Using Puppet?

Idempotency out of the box :-)Try `--help` or the documentation for more information

Same for Kickstart!

Let's try it out!

CONFIGURATION MADE EASY

Director target audience

fully automated environments

point & click users

at the very same time (!!)

Show me the click thingy!

AUTOMATION FIRST

Import & Sync

• Distinct operations in Icinga Director• Bomb it with your data• Do not really care about sync details

Icinga loves automation

• Director is a perfect fit for Puppet• Collecting resources with Puppet is slow• Faster: sync from PDB• Exporting resources?• Use Director as your collector!

IS IT APIFIED?

Director offers a REST API

• Simple and powerful• Easy and intuitive to use• Assists you with the trickiest part of the job: detect and handle changes

Monitoring has to „just work“• No one wants to waste time on it• But not every system is fully automated• e.g. „Add a new MSSQL instance“• Environmental sensors

Deploying every few minutes?• Don't want to wait for next Puppet run? • New hosts or apps need to be actively monitored seconds after being deployed

ARCHITECTURE

Architecture

• How and where to attach• How does it talk to my Icinga nodes• Masters, Satellites, Agents?

Protocol

• Uses the Icinga 2 API (TLS, REST)• Ships whole config, not single objects• This is ways faster with lots of objects• Could still ship partial changes

Communication Paths

• Director talks to your master node(s)• Deploys always to the very same node• Knows agents / satellites• Controls them via config distribution

Demo

HOW CAN YOU USE DIRECTOR?

Lots of datasources?

Director is your single source of truthCMDB has a lot of infomation......but not everything...and somewhat outdatedUse it nonethelessEnrich it with other sources

Using Satellites?

• Use templates with defined Zone• Config flows top-bottom• Commands and templates are usually still deployed to the global zone

• You can override those decisions on any object at any time

Running Icinga 2 Agent?

Do not care about Zones and EndpointsThey are autocreatedProvided certificate signing ticketsGenerated customized icinga2.conf

EXTEND IT!

Director is highly modular

Current Hooks:

DataType, ImportSource,

PropertyModifier, ShipConfigFiles

Even Directors own implementations extend and use them to

provide you nice real-world examples

Demo

USE IT!

Codehttps://www.github.com/Icinga

→ icingaweb2-module-director

https://www.github.com/Thomas-Gelf

→ icingaweb2-module-puppetdb

→ icingaweb2-module-fileshipper

Thank You!www.icinga.org

dev.icinga.org

git.icinga.org

@icinga

/icinga

+icinga

QUESTIONS?Thomas Gelf <thomas.gelf@netways.de>