www.icinga.org

Icinga Director

IcingaCamp Amsterdam – 28/06/16

Thomas Gelf

Web 2 Product owner

Module prototyping machine

Principal Consultant @netways

AGENDA

Talk structure

while (! $talk->outOfTime()) {

$camp->showSomeSlides() ->doFancyLiveDemo();

}

HISTORY

Motivations for a new config tool

Icinga 2: new config format DSLold config tools do not fit any more

Ever configured a DSL?

Getting started

Installation

provide a database

tell Director...

...and he cares about the rest

Using Puppet?

Idempotency out of the box :-)Try `--help` or the documentation for more information

Same for Kickstart!

Let's try it out!

CONFIGURATION MADE EASY

Icinga Director's target audience

fully automated environments

point & click users

at the very same time (!!)

Show me the click thingy!

DEMO

ARCHITECTURE

Architecture

• How and where to attach• How does it talk to my Icinga nodes• Masters, Satellites, Agents?

Architecture

Protocol

• Uses the Icinga 2 API (TLS, REST)• Ships whole config, not single objects• This is ways faster with lots of objects• Could still ship partial changes

Communication Paths

• Director talks to your master node(s)• Deploys always to the very same node• Knows agents / satellites• Controls them via config distribution

AUTOMATION FIRST

Import & Sync

• Bomb it with your data• Do not really care about sync details

Automate all the tasks

• Import, Sync and Config Deployment• Granular control. Automatic Deployment only at office hours and not more then one deployment every 10 minutes? Sure, why not.

Icinga loves automation

• Director is a perfect fit for Puppet• Collecting resources with Puppet is slow• Faster: sync from PDB• Exporting resources?• Use Director as your collector!

Cloud first

Impossible, show me a demo

IS IT APIFIED?

Director offers a REST API

• Simple and powerful• Easy and intuitive to use• Assists you with the trickiest part of the job: detect and handle changes

Monitoring has to „just work“• No one wants to waste time on it• But not every system is fully automated• e.g. „Add a new MSSQL instance“• Environmental sensors

Deploying every few minutes?• Don't want to wait for next Puppet run? • New hosts or apps need to be actively monitored seconds after being deployed

Demo

HOW CAN YOU USE DIRECTOR?

Lots of datasources?

Director is your single source of truthCMDB has a lot of infomation......but not everything...and somewhat outdatedUse it nonethelessEnrich it with other sources

Using Satellites?

• Use templates with defined Zone• Config flows top-bottom• Commands and templates are usually still deployed to the global zone

• You can override those decisions on any object at any time

Running Icinga 2 Agent?

Do not care about Zones and EndpointsThey are autocreatedProvided certificate signing ticketsGenerated customized icinga2.conf

EXTEND IT!

Director is highly modular

Current Hooks:

DataType, ImportSource,

PropertyModifier, ShipConfigFiles

Even Directors own implementations extend and use them to

provide you nice real-world examples

Demo

USE IT!

Codehttps://www.github.com/Icinga

→ icingaweb2-module-director

https://www.github.com/Thomas-Gelf

→ icingaweb2-module-aws

→ icingaweb2-module-puppetdb

→ icingaweb2-module-fileshipper

Thank You!www.icinga.org

dev.icinga.org

git.icinga.org

@icinga

/icinga

+icinga

QUESTIONS?Thomas Gelf <thomas.gelf@netways.de>