Did you know that you can navigate the posts by swiping left and right?
Part 01 — Setting up our Icinga2 Lab
Part 02 — Installing Icinga2
Part 03 — Installing IcingaWeb2
Part 04 — Establishing the Master Satellite Relationship
Part 05 — Addressing Design Flaws
Part 06 — Installing Icinga2 Director
Part 07 — Adding Client Endpoints
Part 23 — Summary
Now that we have Icinga2 installed on our Master and Satellites we setup IcingaWeb2 on Master. Since the Satellites exist so as to do remote checks on our client endpoints, they will not need the web server installed on them.
Since this guide will be just as much a journey, I will be showing any mistakes I made and how I troubleshooted them.
The first thing that we are going to want to do is to take a snapshot of our IcingaMaster VM, as per tradition. In case anything goes wrong we are going to want a fallback.
IcingaWeb2 uses MySQL database for its backend. You can install the database on a separate host, or if you are using AWS, in an RDS. However, for the scope of this guide, we will be installing the MySQL database on the IcingaMaster VM along side Icinga2.
apt install mysql-server mysql-client -y systemctl enable --now mysql
Now we go through the secure installation and configuration with
MySQLRoot123! for MySQL root password here. Make sure that your passwords are much more secure than this and stored in a safe place. I am noting the password here so that you know which passwords end up getting used where.
Now that MySQL has been given a secure baseline we can move on to setting up Icinga2 to use the MySQL database. To do this we need to install the ‘IDO Module’ for Icinga2.
apt install icinga2-ido-mysql -y
We will be using
Icinga2IDODB! for the password here. Make sure that your passwords are much more secure than this and stored in a safe place. I am noting the password here so that you know which passwords end up getting used where.
Now we enable the feature and restart Icinga2
icinga2 feature enable ido-mysql systemctl restart icinga2
Installing the web interface is straight forward. First thing we will do is install Icinga CLI, IcingaWeb2, and PHP GD packages
apt install icingaweb2 icingacli php-gd -y
Next we set the time zone in
root@IcingaMaster:/etc/php/7.2/apache2# sed 's/;date.timezone =/date.timezone = America\/New_York/g' php.ini | grep "date.timezone =" date.timezone = America/New_York sed -i 's/;date.timezone =/date.timezone = America\/New_York/g' php.ini systemctl restart apache2 systemctl status apache2
You can find a list of PHP’s supported Timezones here
Next we will configure a new database for IcingaWeb2 called
icingaweb2 and give the user
icingaweb2 with password
IcingaWeb2DB! permissions for the database
mysql -u root -p create database icingaweb2; grant all privileges on icingaweb2.* to icingaweb2@localhost identified by 'IcingaWeb2DB!'; flush privileges; quit;
Next we generate a setup token
icingacli setup token create The newly generated setup token is: f4f51f23c8d3777b
Now it is time to open a browser and configure the WebUI.
Paste in the setup token you generated moments ago
Make sure everything except the PostgreSQL is green before continuing. If anything is not green then make sure to go back over the previous steps and ensure you did not skip anything
We will be using the database for authentication here. Later on down the road we can set it up so that we use Active Directory (or LDAP) for authentication. However, since I am not a cool kid with AD in his homelab, database authentication will have to do.
We will be using the
IcingaWeb2DB! credentials here. After validating our configuration we can go on to the next step