telekom-mms / ansible-collection-icinga-director Goto Github PK

Description

It should be possible to clone objects by using the icinga director collection for ansible.

To clone objects is possible in the director gui and with 'icingacli director clone --from [options]' . To have clone, maybe you have to combine getting the object, generating a new one and deleting the old.
We often define new objects by cloning them in the gui, defining a new name and changing only some attributes like ip-address and display name for host objects. Sure, you can read the objects definition by an info-command and then create a new one defining all possible parameters, but it would be very handy to have a clone option. Clone also would make it easier to rename e.g. a host by clone it and remove the original object.

Additional information

...

Question

Hi,

ERROR! couldn't resolve module/action 't_systems_mms.icinga_director.icinga_host'. This often indicates a misspelling, missing collection, or incorrect module path.

I'm getting the above error when I try to run the role through Orcharhino Run ansible roles option.

If I run the ansible-playbook from the console, everything works correctly. The host is added to Icinga.

I understand the error, and I've installed the t_systems_mms module using ansible-galaxy collection install command.

Besides that, I manually copied the folder t_systems_mms.icinga director where ansible is searching for modules

Any help will be appreciated!

Thanks,
David

SUMMARY

Dear maintainers,

This is important for your collections!

• In accordance with the Community decision, we have created the news-for-maintainers repository for announcements of changes impacting collection maintainers (see the examples) instead of Issue 45 that will be closed soon.

  • To keep yourself well-informed and, therefore, things in your collection working, please subscribe to the repository by using the Watch button in the upper right corner on the repository's home page.
  • If you do not want to get notifications about related discussions, please subscribe only to Issues.
  • Please read the brief guidelines on how the repository should be used.
  • Please avoid unnecessary discussions in issues, use the Discussions feature. Every comment posted will notify a lot of folks!

• Also we would like to remind you about the Bullhorn contributor newsletter which has recently started to be released weekly. To learn what it looks like, see the past releases. Please subscribe and talk to the Community via Bullhorn!

• Join us in #ansible-social (for news reporting & chat), #ansible-community (for discussing collection & maintainer topics), and other channels on Matrix/IRC.

• Help the Community and the Steering Committee to make right decisions by taking part in discussing and voting on the Community Topics that impact the whole project and the collections in particular. Your opinion there will be much appreciated!

Thank you!

Issue:

Release 1.33.2 is published to ansible galaxy as version 2.0.0, installed as version 2.0.0 and when used results in the following error: couldn't resolve module/action 't_systems_mms.icinga_director.icinga_host_info'

The website does show version 1.33.2, but the api reports version 2.0.0 as can been seen by visiting this url: https://galaxy.ansible.com/api/v2/collections/t_systems_mms/icinga_director/versions/

Reproduction:

Install collection with:
ansible-galaxy collection install t_systems_mms.icinga_director

Or upgrade collection with:
ansible-galaxy collection install t_systems_mms.icinga_director --force

Work around:

Uninstall (remove) collection and reinstall the previous release with:
ansible-galaxy collection install t_systems_mms.icinga_director:1.33.1

Good Morning again,

Is there any way to prevent the values from always being set in quotation marks in the module? I am trying to reference a host variable in a service template like in this DSL snippet:

template Service "generic-service" {
  icon_image = host.icon_image
  [...]

But the following tasks creates quotation marks automatically:

  t_systems_mms.icinga_director.icinga_service_template:
    icon_image: host.icon_image
    [....]

Results in DSL Snip

template Service "generic-service" {
  icon_image = "host.icon_image"
  [...]

Imho, it would be nice, that we have to use quotation marks in the modules, when we also need them in the config and if we want to reference to other objects ( or e.g. constants) we just can leave them out.

Cheers,
Marcus

I would like to have the possibility to create notification_templates as well.

In our environment the zone is defined in the host template:

imports: 
  - WINDOWS SERVER AGENT
  - {{ icinga.satelliteTemplate }}

This will not work, as zone: defaults to master and the zone will configured for each created host. I would like to leave zone: empty. Is there any way?

Description

In the README.md section "Troubleshooting" (https://github.com/T-Systems-MMS/ansible-collection-icinga-director#troubleshooting) it is mentioned that using "force_basic_auth: true" fixes the problem with the Icinga Director probably sitting behind a Basic Authentication prompt.
In my opinion, "icinga_force_basic_auth: true" must be used as defined in the ansible_icinga tasks.

Question

Hello :)
First of all, thanks for the great module!

I'd like to ask how to define multiple assign statements so that I end up with something like this:

assign where host.vars.hostgroup == "msd" || host.vars.tags.customer == "msd"

I have tried the following:
assign_filter: "host.vars.hostgroup=%22{{ var_pb_customer_token }}%22%7Chost.vars.tags.customer=%22{{ var_pb_customer_token }}%22" (also tried with a literal |, or and ||)
which leads to
/** Failed to render this object **/ /* Got invalid JSON in filter string: host.vars.hostgroup="q1au2"|host.vars.tags.customer="q1au2" */

I have also tried the part from the config preview
host.vars.hostgroup == "msd" || host.vars.tags.customer == "msd"
this also leads to /** Failed to render this object **/ /* Got invalid JSON in filter string:

A single condition like assign_filter: "host.vars.hostgroup=%22{{ var_pb_customer_token }}%22" works without problems.

If it makes a difference I'm trying to create a host group.

🙋‍♂️

we need an additional module to manage deployments of configuration from Icinga Director to Icinga.

The module should be able to:

• trigger deploys
• report that a deploy is neccessary
• show what changes will be deployed
• roll back Deployments (?)

Hello,
we upgraded director to v1.9.0 and since then the module produces the folllowing error on the second playbook run:

failed: [icinga2-master1.localdomain] (item={'name': 'director-generic-service', 'enable_active_checks': True, 'enable_event_handler': True, 'enable_flapping': True, 'enable_notifications': True, 'eanble_passive_checks': True, 'enable_perfdata': True, 'use_agent': True, 'volatile': False}) => {"ansible_loop_var": "item", "changed": false, "item": {"eanble_passive_checks": true, "enable_active_checks": true, "enable_event_handler": true, "enable_flapping": true, "enable_notifications": true, "enable_perfdata": true, "name": "director-generic-service", "use_agent": true, "volatile": false}, "msg": "bad return code while creating: 422. Error message: Trying to recreate icinga_service (\"{\"object_name\":\"director-generic-service\"}\")"}

we think it is an problem with the new feature:
FEATURE: UUIDs have been implemented for most Icinga objects, more to come

director v1.8.1 still works.

Good morning all,
I have set the module_defaults like described in the docs and it is working for e.g. creating templates. But unfortunately, the deploy and deploy_info module throw the error "url is missing". So it seems the module defaults are not working there.

Cheers,
Marcus

Description

Apparently, director versions later than 1.8.1 introduced a change in the API endpoint "director/serviceapplyrules".

This change broke functionality in module "icinga_service_apply.py"

Broken function:

• Existing service apply rule objects cannot be modified.

Reproduction steps

1. Create a service apply rule object using ansible.
2. Run the same playbook again.
3. Receive an error.

TASK [Add service apply rule to icinga] ********************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "exception when deleting: 'id'"}

Current Behavior

Error displayed when modifying an object.

Expected Behavior

Object is modified, no error required.

Additional information

The module "icinga_service_apply.py" looks for "id" key in the returned JSON object. The key "id" was removed from the API endpoint JSON output in Director 1.10 or even earlier.

Director 1.8.1

./director-curl GET director/serviceapplyrules
{
    "assign_filter": "host.vars.cisco_check_config_nwc=true",
    "check_interval": "600",
    "id": "16",                                                                       ####### !!! #######
    "imports": [
        "__cisco-check-config__"
    ],
    "object_name": "__nwc__cisco_check_config",
    "object_type": "apply",
    "retry_interval": "300"
},
...

Director 1.10.1 / 1.10.2

./director-curl GET director/serviceapplyrules
{
    "assign_filter": "host.vars.cisco_check_config_nwc=true",
    "check_interval": "600",
    "fields": [],
    "imports": [
        "__cisco-check-config__"
    ],
    "object_name": "__nwc__cisco_check_config",
    "object_type": "apply",
    "retry_interval": "300"
}
...

A fix that seems to do the trick (taken from service_template.py):

# diff icinga_service_apply.py_mod icinga_service_apply.py_orig
325c354
<     icinga_object = Icinga2APIObject(module=module, path="/service", data=data)
---
>     icinga_object = ServiceApplyRule(module=module, data=data)

This also makes Class ServiceApplyRule obsolete, but service template also does not have one...

Hi all,
i am freshly looking at this module which looks very promising. I can do things via the director API, which I cannot do in the director WebUI, e.g. defining a dictionary in a host object. So first of all, thanks a lot to all contributors!
I am currently trying to create a service apply rule, which is written in DSL like this:

apply Service "tcp: " for ( tcp => config in host.vars.tcp ) {
	import "generic-service"
	check_command = "tcp"
	vars += config
	assign where host.vars.tcp
}

But the apply_for parameter does not create the "tcp =>" and the "vars += config" part ( or I am doing it wrong).
The ansible role of icinga supports it in their module ( https://github.com/Icinga/ansible-collection-icinga/blob/main/doc/role-icinga2/objects.md#service-apply-for ). Anyway, there are using the DSL ( I guess) and I want to have everythinbg visible and maybe editable in the director beside of ansible, as I don't want to mix places for configs. Could anybody give me a hand here?

Thanks and cheers,
Marcus

Description

Creating initial test for icinga_director_inventory.yml, yaml file:

plugin: telekom_mms.icinga_director.icinga_director_inventory
url: "https://icinga.abt.com.local"
url_username: abticinga
url_password: "xxxxxxxx"
force_basic_auth: False

Run with:
ansible-playbook -i inventory.icinga_director_inventory.yml t.yml

t.yml:

---
- name: create command template for icinga
  hosts: all
  gather_facts: no

  tasks:

  - name: output the host
    debug:
      msg: "Icinga host {{ inventory_hostname }}"

Reproduction steps

1. Create above files
2. run ansible

Current Behavior

❯ ansible-playbook -i inventory.icinga_director_inventory.yml t.yml
[WARNING]:  * Failed to parse /home/ansible/Ansible/icinga/director/inventory.icinga_director_inventory.yml with auto plugin:
<urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:997)>
[WARNING]:  * Failed to parse /home/ansible/Ansible/icinga/director/inventory.icinga_director_inventory.yml with yaml plugin:
Plugin configuration YAML file, not YAML inventory
[WARNING]:  * Failed to parse /home/ansible/Ansible/icinga/director/inventory.icinga_director_inventory.yml with ini plugin:
Invalid host pattern 'plugin:' supplied, ending in ':' is not allowed, this character is reserved to provide a port.
[WARNING]: Unable to parse /home/ansible/Ansible/icinga/director/inventory.icinga_director_inventory.yml as an inventory source
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [create command template for icinga] ******************************************************************************************
skipping: no hosts matched

PLAY RECAP *************************************************************************************************************************

Expected Behavior

Hosts fed to ansible play

Additional information

It appears that the "extra" parameters like verify_certs, client_cert, and client_key are not implemented, though in the docs

Hi, really nice project over here :).

I was trying to create host_template for my linux-agent object and I needed to use field in Director "Icinga Agent and zone settings -> Icinga2 Agent". I couldn't find it in your Ansible docs whether it is supported - then stumbled upon implementation and saw that it is not implemented.

Is there possibility to define in icinga_host_template somehow has_agent=y parameter right now?

Right now my workaround:

- name: create linux-agent template
  icinga_host_template:
    state: present
    url: "{{ icinga_url }}"
    url_username: "{{ icinga_user }}"
    url_password: "{{ icinga_pass }}"
    object_name: "linux-agent"
    imports:
      - generic-host

- name: enable Icinga2 agent field on linux-agent host template
  uri:
    url: "{{ icinga_url }}/director/host?name=linux-agent"
    headers:
      Accept: application/json
    method: POST
    user: "{{ icinga_user }}"
    password: "{{ icinga_pass }}"
    return_content: true
    body:
      has_agent: y
      master_should_connect: y
      accept_config: y
    body_format: json
    status_code:
      - 200 # OK
      - 304 # Not modified

I really appreciate this collection, thanks for sharing.

I'd tried to update an existing host:

- name: "Set server {{ srv_icinga_hostname }} Basic Monitoring Template Debian"
  connection: local
  t_systems_mms.icinga_director.icinga_host:
    state: present
    url: "{{ cco_icinga_url }}"
    url_username: "{{ cco_api_icinga_user }}"
    url_password: "{{ cco_api_icinga_pass }}"
    object_name: "{{ srv_icinga_hostname }}"
    imports:
      - "--- 3 - Addon Template - Debian Basic Monitoring - Customer CU (Endpoint)"
      - "---- 4 - Addon Picture - Debian"
    append: true
  when: srv_icinga_os_family == "debian"

and got this error:
bad return code while creating: 422. Error message: Trying to recreate icinga_host (\"hostname\")
The icinga api user has full credentials. The version of the director is: 1.10.2

Adding a host is no problem. Here i use:

- name: "Add server {{ srv_icinga_hostname }} for CU Management with ICINGA director"
  connection: local
  t_systems_mms.icinga_director.icinga_host:
    state: present
    url: "{{ cco_icinga_url }}"
    url_username: "{{ cco_api_icinga_user }}"
    url_password: "{{ cco_api_icinga_pass }}"
    validate_certs: no
    object_name: "{{ srv_icinga_hostname }}"
    display_name: "{{ srv_icinga_displayname }}"
    address: "{{ srv_icinga_ipaddress }}"
    icon_image_alt: "{{ srv_icinga_displayname }}"
    disabled: false
    vars:
      os: "{{ srv_icinga_var_os }}"
    imports:
      - "- 1 - Master Template - Server (Virtuell)"
      - "-- 2 - Hostgroup Template - CU Management"
      - "-- 2 - Icinga Agent Endpoint"
  when: srv_icinga_hostgroup == "cu-mgmt"

Regards
Sascha

The variable assign_filter in icinga_notification module should be a string, not a dict.
The playbook will run in following error in this case:

"msg": "bad return code while modifying: {\n \"error\": \"Object of class stdClass could not be converted to string\"\n}\n"

When I try to create a command and use imports it throws an error:
bad return code while creating: 404. Error message: Failed to load icinga_command "plugin-notification-command""}
Imports doesn't seem to be necessary because the import is selected automatically depending on the command_type.
Maybe only the example needs to be modified?

Hi there,

I tried to delete a host, but the module states that it require imports. For the deletion we only need the name.

    "msg": "missing required arguments: imports",
    "invocation": {
        "module_args": {
            "url_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "url_username": "sys.ansible-linux",
            "url": "http://***/icingaweb2",
            "force_basic_auth": false,
            "state": "absent",
            "disabled": false,
            "object_name": "****",
            "groups": [],
            "validate_certs": true,
            "use_proxy": true
        }

Maybe we could change that

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

This repository currently has no open or pending branches.

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

As the title already says, errors occur from time to time, which are generated by the collection when too many objects are created.
The code still runs through and creates the remaining objects, but is then evaluated by Ansible itself as failed and so pipelines (with the collection included), for example, will also fail in the end.

I noticed this when creating service apply objects. The code we use for this service contains about 280 apply objects. I haven't noticed this behavior in a smaller codebase.

I would also like to say that for newly created objects we leave the old objects on our Icinga instance and only deploy the new objects to it.

Failing task: t_systems_mms.icinga_director.ansible_icinga : icinga_service_apply

Error: An exception occurred during task execution. To see the full traceback, use -vvv. The error was: AttributeError: 'unicode' object has no attribute 'items'

Please reply if you need more information. Thanks in advance!

Would be nice to have all variables concerning check execution also for the service apply available. At the moment I see them only on service template.

As far as I see at least these should be included:

check_interval: 
check_period: 
check_timeout: 
enable_active_checks: 
enable_event_handler: 
enable_notifications: 
enable_passive_checks: 
enable_perfdata: 
max_check_attempts: 
retry_interval:

My issue at the moment:
The Variables

• check_interval
• retry_interval
• max_check_attempts
  in the task below are ignored.

- name: check_load
  include_role:
    name: ansible_icinga
    tasks_from: "icinga_service_apply"
  vars:
    icinga_service_applies:
      - service_apply_object:
          - "check_load"
        imports:
          - domon-agent-load
        assign_filter: 'host.vars.StandardMonitoredBy="Agent"&host.vars.HostOS="Linux"'
        check_interval: 5m
        retry_interval: 5m
        max_check_attempts: 4
        vars:
          load_cload1: "$host.vars.load_cload1$"
          load_cload5: "$host.vars.load_cload5$"
          load_cload15: "$host.vars.load_cload15$"

The release tar-ball contains file that do not need to be inside the installed collection. That contains tests, linting, coverage, github action workflows, the test-generation scripts, requirements-files.

I propose that we add the following files to the build-ignore list:

-rw-r----- 1 root root    70 Oct 20 08:08 codecov.yml
drwxr-x--- 1 root root  4096 Sep 30 19:43 .github/
drwxr-x--- 1 root root  4096 Oct 22 09:13 hacking/
-rw-r----- 1 root root     8 Sep 30 19:43 requirements.txt
-rw-r----- 1 root root    62 Sep 30 19:43 test-requirements.txt
drwxr-x--- 1 root root  4096 Oct 22 09:49 tests/
drwxr-x--- 1 root root  4096 Oct 20 10:43 .tox/
-rw-r----- 1 root root   878 Sep 30 19:43 tox.ini
-rw-r----- 1 root root   298 Oct 22 09:13 .yamllint

We currently define the the arguments variable takes a dict as an argument: https://github.com/T-Systems-MMS/ansible-collection-icinga-director/blob/a37201aec640f21d0ae33638b121a83f5fc93848/plugins/modules/icinga_command_template.py#L196

Now the actual arguments variable not only takes a dict as input but a string as well. However Ansible provides no native way to say that this variable can be a string or a dict (for me that's rather a problem with the Icinga-API). So we'd need to set the variable to raw and then check if it is actually a dict or string with our own logic.

And even then we probably could not display this correct in the docs since the docs have to match the implementation.

It would be nice to have some flag, which would allow to append some properties to the object - not exchange the old object with a new one. That would allow changing configurations of a system using both - ansible and icingaweb2.

for example, there is a host, which were added using ansible:

object Host "foo" {
    import "base_host_t"
    import "icinga_agent_t"

    display_name = "foo.domain.com"
    address = "10.10.10.10"
    check_command = "hostalive"
    vars.distribution = "Centos"
    vars.distribution_version = "7"
}

in some time, users have changed the object - added import "http_host_t" and vars.http_ssl = true

now, if the playbook will be played again - the object will be overwritten, and the variables will disappear.

My proposal would be to add a flag, e.g. append, to the object, like this:

- name: make foo host in icinga
  t_systems_mms.icinga_director.icinga_host:
    state: present
    append: True
    url: "http://{{icinga_master}}/icingaweb2/"
    url_username: "{{icinga_api_user}}"
    url_password: "{{icinga_api_password}}"
    disabled: false
    object_name: foo
    address: 10.10.10.10
    display_name: "foo.domain.com"
    imports: "{{templates_include}}"
    vars: "{{icinga_host_vars}}"
    check_command: hostalive

So, I will be sure, that if I will play it again I will not delete any properties - only add if I have new ones.
And, if I would want to overwrite my properties - I will set append to False, and I will be sure, that Icinga2 config will have exactly what I have in my ansible configs.

I've done that once using REST API of the director, I believe that should be doable. I had an issue that time only with apply rules.

Specify min. required ansible version there.

https://docs.ansible.com/ansible/devel/dev_guide/developing_collections.html#meta-directory

If you use the role and write a play with a typo in it, the playbook will not throw an error:

- hosts: localhost
  gather_facts: false
  collections:
  - t_systems_mms.icinga_director
  roles:
    - ansible_icinga
  vars:
    icinga_url: "{{ icinga_host }}"
    icinga_user: "{{ icinga_username }}"
    icinga_pass: "{{ icinga_password }}"
    icinga_force_basic_auth: true

    icinga_hosts:
      - host_object:
          - "customer-live-services"
        address: "127.0.0.1"
        imorts:                                              # typo here, missing "p"
          - "empty-hosts"

This can also happen with other variables like address. This can lead to undefined or wrong behaviour and is not noticeable trough Ansible - you have to check Icinga for this.

Our existing modules are focused on creating, modifying and deleting objects in Icinga Director. The configuration of these objects has to be specified in Ansible. We want to extend the functionality to gather information about objects and configurations from Icinga Director into Ansible.

The behaviour should be similar to the existing Ansible *_info modules.

These should be our first targets

• Hosts
• Hostgroups
• Services
• Servicegroups
• Service Apply Rules
• Users
• Notifications
• Commands
• * Templates

Hi,
the Service creation works pretty well. Thanks for that.

But if I run the role for a second time the role execution failed. I would expect "OK, all is fine, no changes":

[ansible@bvltool01:/etc/ansible] $ ap  pb_host.yaml 
PLAY [playbook for hostnamex] **************************************************************************************

TASK [Gathering Facts] *********************************************************************************************
ok: [hostnamex.office.dir]

TASK [icinga2/director/service_new : create a service Linux Systemd httpd for host hostnamex  in icinga director] ***
fatal: [hostnamex.office.dir -> hostnamex]: FAILED! => changed=false 
  msg: 'bad return code while creating: 422. Error message: Trying to recreate icinga_service ("{"host_id":"4180","object_name":"Linux Systemd httpd"}")'

PLAY RECAP *********************************************************************************************************
hostnamex.office.dir       : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0 

The verbose run:

fatal: [hostnamex.office.dir -> hostnamex]: FAILED! => changed=false 
  invocation:
    module_args:
      check_command: null
      check_interval: null
      check_period: null
      check_timeout: null
      client_cert: null
      client_key: null
      disabled: false
      enable_active_checks: null
      enable_event_handler: null
      enable_notifications: null
      enable_passive_checks: null
      enable_perfdata: null
      force_basic_auth: false
      groups: []
      host: hostnamex
      imports:
      - servicetmpl_linux_systemd
      max_check_attempts: null
      notes: null
      object_name: Linux Systemd httpd
      retry_interval: null
      state: present
      url: https://monitor.example.com/icingaweb2/
      url_password: VALUE_SPECIFIED_IN_NO_LOG_PARAMETER
      url_username: director_user
      use_agent: null
      use_proxy: true
      validate_certs: true
      vars:
        systemd_unit: httpd
      volatile: null
  msg: 'bad return code while creating: 422. Error message: Trying to recreate icinga_service ("{"host_id":"4180","object_name":"Linux Systemd httpd"}")

Let me know if you need more log files etc.

Thank you! 👍

Based on the community decision to use true/false for boolean values in documentation and examples, we ask that you evaluate booleans in this collection and consider changing any that do not use true/false (lowercase).

See documentation block format for more info (specifically, option defaults).

If you have already implemented this or decide not to, feel free to close this issue.

P.S. This is auto-generated issue, please raise any concerns here

Background: I want to save check X as a service to host A. However, the check source of this check X should be host B.

An example of how you could use this can be found here: https://icinga.com/docs/icinga-2/latest/doc/06-distributed-monitoring/#top-down-command-endpoint

doing a
ansible-inventory -v --list -i icinga_director_inventory.yml
I see

{
"_meta": {
"hostvars": {
"host1.tld": {
"accept_config": true,
"address": "host1.tld",
"has_agent": true,
"imports": [
"generic_host_tpl"
],
"master_should_connect": true,
"object_name": "host1.tld",
"object_type": "object",
"vars": {
"ssh_port": "2222"
}
},
...

My question is how to map the "vars.ssh_port" to "ansible_port" ?

I would be fine to do this by adding

compose:
ansible_port: vars.ssh_port`

to the "icinga_director_inventory.yml" file.

when updating an object (e.g. Icinga Host), is there a way to specify only the fields that should change?

for example:

• name: icinga host sync

  hosts: test.host.tld
  tasks:

  • name: icinga - host update
    t_systems_mms.icinga_director.icinga_host:
    state: present
    url: "{{ lookup('env', 'ICINGA_URL') }}"
    url_username: "{{ lookup('env', 'ICINGA_USERNAMEURL') }}"
    url_password: "{{ lookup('env', 'ICINGA_PASSWORD') }}"
    object_name: "{{ inventory_hostname }}"
    display_name: "to be changed`

reports the error that the "imports" section is missing, but I only want to change the "display_name":

TASK [icinga - host update] ********************************************************************************************************************************************************************************************************************************************************************************************************************************************** fatal: [test.host.tld]: FAILED! => {"changed": false, "msg": "state is present but all of the following are missing: imports"}

While deploy servicegroups with icinga_servicegroup module, the first run of any servicegroup will finish with an error.

The example playbook:

- hosts: localhost
  collections:
    - t_systems_mms.icinga_director
  tasks:
    - name: create servicegroup
      icinga_servicegroup:
        state: present
        url: "{{ icinga_director_url }}"
        url_username: "{{ icinga_user }}"
        url_password: "{{ icinga_pass }}"
        object_name: foo-test-prx
        assign_filter: 'host.name="foo-test-prx*"'

Any play will abort with following error:

fatal: [localhost]: FAILED! => {
    "changed": false, 
    "invocation": {
        "module_args": {
            "assign_filter": "host.name=\"foo-test-prx*\"", 
            "client_cert": null, 
            "client_key": null, 
            "display_name": null, 
            "force_basic_auth": false, 
            "object_name": "foo-test-prx", 
            "state": "present", 
            "url": "https://7008.domon-web.internal.mms-support.de", 
            "url_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", 
            "url_username": "fnu-domon-7008", 
            "use_proxy": true, 
            "validate_certs": true
        }
    }, 
    "msg": "bad return code while creating: "

As a woraroud, you can set ignore_errors=true in any play, nevertheless the object was created successfully.

There is no way to create a Director object "Service" (Individual Service object) for a single Host or can you give a example how to create this via the ansible role:

object Service "Webserver SSL" {
    host_name = "LINUXHOST10"
    import "servicetmpl_checkperiod_6-21x5"
    import "service_http-ssl-cert"
    vars.http_port = "443"
}

Thank you very much. Great work. :)

I want to have the ability to create user_groups

(Feature needed for #111 / #112)

Background:
I want to specify user groups to add users into group and not adjusting notification rules
We have more flexibility to (add/remove/update) users.

Actual:

• Only Users could be add into the Notification.

requirements:

• user groups need to be created first

I'm using the latest release and retrieve an error, when I run icinga_service_template twice with the same data. I tried to use "append", but that has the same result.

- name: "Configure Service Templates"
  t_systems_mms.icinga_director.icinga_service_template:
    url: "{{ inventory.monitoring.endpoint }}"
    url_username: "{{ inventory.monitoring.username }}"
    url_password: "{{ inventory.monitoring.password }}"
    state: "present"
    object_name: "standard-service"
    check_interval: 60
    check_timeout: 60
    enable_active_checks: true
    enable_event_handler: true
    enable_notifications: true
    enable_passive_checks: true
    enable_perfdata: true
    max_check_attempts: 5
    retry_interval: 30

throws

bad return code while creating: 422. Error message: Trying to recreate icinga_service ("{"object_name":"standard-service"}")

The template doesnt exist in the normal icinga configuration. It was once added via your module. The second run creates that error. So this isnt idempotent at all. I also tried to deploy the module and rerun the playbook, but again.

Question

Hello,
Can you provide an example of removing a host from Icinga?

Thank you.

As specified in the Icinga docs.

object CheckCommand "mysql" {
  command = [ PluginDir + "/check_mysql" ]

  arguments = {
    "-H" = "$mysql_address$"
    "-d" = "$mysql_database$"
  }

  vars.mysql_address = "$address$"
  vars.mysql_database = "icinga"
  vars.mysql_user = "icinga_check"
  vars.mysql_pass = "password"

  env.MYSQLUSER = "$mysql_user$"
  env.MYSQLPASS = "$mysql_pass$"
}

See here for required documentation:
https://github.com/ansible-collections/overview/blob/main/collection_requirements.rst#documentation

The following field is not configurable in the current version of the ansible role:

I've got the following error code:

FAILED! => {"changed": false, "msg": "Unsupported parameters for (t_systems_mms.icinga_director.icinga_host) module: notes Supported parameters include: address, address6, check_command, client_cert, client_key, disabled, display_name, force_basic_auth, groups, imports, object_name, state, url, url_password, url_username, use_proxy, validate_certs, vars, zone"}

Thx for the great job on this project! 👍

Description

We're using this module to automate some server deployment steps and we noticed that if we use "{{machine_name}}" for names and "{{ip_address}}" type variables in the code it's adding a space in front of the name and ip address. if we just "actual_name" and "actual_ip_address" it's fine and doesn't add any spaces.

Reproduction steps

Reference variables in code to add a host to director instead of using any static entires

Current Behavior

Adds a space to the front only of entries in director

Expected Behavior

No spaces in hostname and address fields in director

Additional information

No response

There are configurations one can do with the director that are currently not possible to do with our collection:

• Service Sets
• External Commands info-module (external commands aren't supposed to be edited with the director)
• Dependency Apply Rules
• User Groups
• Time Period Templates
• Import Sources
• Sync Rules
• Jobs
• ApiUsers info-module (external objects aren't supposed to be edited with the director)
• Data Fields
• Data lists

I don't know wether all of these can (or should) be made possible via Ansible so we have to find out!

Create an Inventory Plugin, that can use Hosts and Hostgroups from Icinga Director as inventory source in Ansible

Not possible to set a IPv6 Address for a Host:

Error message:

fatal: [localhost]: FAILED! => changed=false 
  msg: 'Unsupported parameters for (icinga_host) module: address6 Supported parameters include: address, check_command, client_cert, client_key, disabled, display_name, force_basic_auth, groups, imports, object_name, state, url, url_password, url_username, use_proxy, validate_certs, vars, zone'

Is it possible to implement this variable for a host. Thank you for this nice project! 💯

When trying to add a service with the t_systems_mms.icinga_director.ansible_icinga role I get the message:

failed: [icinga-agent] (item=[{'service_object': ['Disk'], 'host': 'icinga-agent', 'imports': ['Check Disk Template', 'Icinga Agent Check']}, 'Disk']) => {"ansible_loop_var": "service", "changed": false, "msg": "bad return code while creating: 404. Error message: Unable to load parent referenced from service \"Disk\", failed to load icinga_service for host_id IS NULL AND service_set_id IS NULL AND object_name = 'Check Disk Template' AND object_type = 'template'", "service": [{"host": "icinga-agent", "imports": ["Check Disk Template", "Icinga Agent Check"], "service_object": ["Disk"]}, "Disk"]}

It tries to add the service at a moment while the Service Templates aren't added yet.
The order in the role is not correct. Service are the last to be added, now they are the first.

Config:

icinga_service_templates:
  - service_template_object:
    - 'Generic Service Template'
    check_interval: '30'
    retry_interval: '10'
    max_check_attempts: "2"
  - service_template_object:
    - 'Check Disk Template'
    check_command: "disk"
    imports:
      - 'Generic Service Template'
  - service_template_object:
    - 'Icinga Agent Check'
    use_agent: true
  - service_template_object:
    - 'Check Apt Template'
    check_command: "apt"
    imports:
      - 'Generic Service Template'
icinga_hosts:
  - host_object:
    - "{{ inventory_hostname }}"
    address: "{{ ansible_host }}"
    display_name: "{{ inventory_hostname }}"
    groups: []
    imports:
      - "Generic Host Template"
      - "Icinga Agent"
    vars: {}
icinga_services:
  - service_object:
    - 'Disk'
    host: "{{ inventory_hostname }}"
    imports:
      - 'Check Disk Template'
      - 'Icinga Agent Check'
  - service_object:
    - 'Apt'
    host: "{{ inventory_hostname }}"
    imports:
      - 'Check Apt Template'
      - 'Icinga Agent Check'

Event commands can already be created with the command-module, however they cannot be used by service, service apply rules and so on, because the arguments are not implemented there.

@xFuture603 wants to implement this.

I want to have the ability to specify the time period in notifications / notification_templates