The Agent’s distribution is probably one of those more time-consuming tasks. This can be for various reasons: different operating systems, network segregation, administrative credentials that are difficult to obtain, or even more simply, a large number of Agents to install.
We know that the Agent installation on Windows servers is made easier by this PowerShell script made available by the community: https://github.com/Icinga/icinga2-powershell-module.
In addition, it’s possible to generate an authentication token at the Host Templates level. This clearly facilitates the deployment methods.
For Linux Operating Systems, the situation is more complicated: it is not possible to generate a token at the host template level, so each host type object will have a different authentication token. This will increase significantly the installation times.
Fortunately, the APIs that Icinga makes available will help us.
When creating a Linux host, it becomes possible to download a bash script by accessing the “Agent” tab on the host screen. There is a dedicated script for every single host.
The two parameters to be customized are the following:
ICINGA2_NODENAME=’linux_agent.domain’ (FQDN of the remote server)
ICINGA2_CA_TICKET=’aq1sw2de3fr4gt5hy6ju7ki8lo9′ (the ticket released by NetEye master)
The curl command will return a JSON response like this:
"status": "Generated PKI ticket 'aq1sw2de3fr4gt5hy6ju7ki8lo9aq1sw2de3fr4' for common name 'linux_agent.domain'.",
We only have to parse the content in order to get just the authentication token.
It isn’t necessary for the host object to already be present on Director, we can create it later. If you have a large number of hosts to set up, I recommend that you use a configuration management tool (puppet, rundeck, etc…) that can execute commands on all remote servers.