--- - name: "{{ ansible_system }}: Get installed packages using native commands (RedHat)." become: true ansible.builtin.shell: rpm -qa --qf '%{NAME}\n' register: __checkmk_agent_rpm_packages changed_when: false when: ansible_os_family == "RedHat" no_log: true tags: - get-package-facts - name: "{{ ansible_system }}: Get installed packages using native commands (Debian)." become: true ansible.builtin.shell: dpkg-query -W -f='${Package}\n' register: __checkmk_agent_deb_packages changed_when: false when: ansible_os_family == "Debian" no_log: true tags: - get-package-facts - name: "{{ ansible_system }}: Create simple package list from RPM output." ansible.builtin.set_fact: __checkmk_agent_installed_packages: "{{ __checkmk_agent_rpm_packages.stdout_lines }}" when: ansible_os_family == "RedHat" and __checkmk_agent_rpm_packages is defined tags: - get-package-facts - name: "{{ ansible_system }}: Create simple package list from DEB output." ansible.builtin.set_fact: __checkmk_agent_installed_packages: "{{ __checkmk_agent_deb_packages.stdout_lines }}" when: ansible_os_family == "Debian" and __checkmk_agent_deb_packages is defined tags: - get-package-facts - name: "{{ ansible_system }}: Populate service facts." ansible.builtin.service_facts: - name: "{{ ansible_system }}: Check if systemd version requires xinetd." become: true ansible.builtin.shell: | if command -v rpm >/dev/null 2>&1; then rpm -q systemd --qf '%{VERSION}\n' | head -n1 elif command -v dpkg-query >/dev/null 2>&1; then dpkg-query -W -f='${Version}\n' systemd | cut -d- -f1 else systemctl --version | head -n1 | awk '{print $2}' fi register: __checkmk_agent_systemd_version changed_when: false failed_when: false when: checkmk_agent_prep_legacy | bool tags: - check-systemd - name: "{{ ansible_system }}: Run Legacy agent tasks." block: - name: "{{ ansible_system }}: Install xinetd" become: true ansible.builtin.package: name: xinetd state: present tags: - install-package - install-prerequisites - name: "{{ ansible_system }}: Enable xinetd" become: true ansible.builtin.service: name: xinetd state: started enabled: true tags: - enable-xinetd when: | checkmk_agent_prep_legacy | bool and __checkmk_agent_systemd_version is defined and __checkmk_agent_systemd_version.stdout is defined and __checkmk_agent_systemd_version.stdout | int < 220 - name: "{{ ansible_system }}: Download Vanilla agent." ansible.builtin.get_url: url: "{{ __checkmk_agent_agent.url.cre }}" validate_certs: "{{ checkmk_agent_server_validate_certs | bool }}" dest: "{{ __checkmk_agent_agent.file.cre }}" mode: '0640' timeout: "{{ checkmk_agent_download_timeout | default(omit) }}" when: checkmk_agent_edition | lower == "cre" register: __checkmk_agent_download_state retries: 3 delay: 10 until: "not __checkmk_agent_download_state.failed | bool" delegate_to: "{{ checkmk_agent_delegate_download }}" tags: - download-package - name: "{{ ansible_os_family }}: Run OS Family specific tasks." ansible.builtin.include_tasks: "{{ ansible_os_family }}.yml" tags: - include-os-family-tasks - name: "{{ ansible_system }}: Create host on server." checkmk.general.host: server_url: "{{ checkmk_agent_server_protocol }}://{{ checkmk_agent_server }}:{{ checkmk_agent_server_port }}/" site: "{{ checkmk_agent_site }}" validate_certs: "{{ checkmk_agent_server_validate_certs | bool }}" automation_user: "{{ checkmk_agent_user }}" automation_secret: "{{ __checkmk_agent_auth }}" folder: "{{ checkmk_agent_folder | default(omit) }}" name: "{{ checkmk_agent_host_name }}" attributes: "{{ checkmk_agent_host_attributes }}" state: "present" become: false register: __checkmk_agent_create_result failed_when: | (__checkmk_agent_create_result.failed == true) and ("The host is already part of the specified target folder" not in __checkmk_agent_create_result.msg) delegate_to: "{{ checkmk_agent_delegate_api_calls }}" when: checkmk_agent_add_host | bool notify: "Activate changes" # ============================================================ # HIER IST DIE ÄNDERUNG! Diese Zeile wurde geändert: # VORHER: when: __checkmk_agent_create_result.changed | bool # JETZT: when: checkmk_agent_add_host | bool # ============================================================ - name: "Ensure registration readyness." # noqa no-handler when: checkmk_agent_add_host | bool block: - name: "Trigger activation of changes." ansible.builtin.meta: flush_handlers - name: "{{ ansible_system }}: Check for Agent Updater Binary." ansible.builtin.stat: path: /usr/bin/cmk-update-agent register: __checkmk_agent_updater_binary - name: "{{ ansible_system }}: Check for Agent Controller Binary." ansible.builtin.stat: path: /usr/bin/cmk-agent-ctl register: __checkmk_agent_controller_binary - name: "{{ ansible_system }}: Override binary checks for unsupported architectures." ansible.builtin.set_fact: __checkmk_agent_updater_binary: stat: exists: false __checkmk_agent_controller_binary: stat: exists: false when: ansible_architecture not in ['x86_64', 'aarch64'] - name: "{{ ansible_system }}: Read Updater State." become: true ansible.builtin.command: cat /var/lib/check_mk_agent/cache/plugins_cmk-update-agent.cache register: __checkmk_agent_updater_state changed_when: false failed_when: | not __checkmk_agent_updater_state.rc == 0 and not __checkmk_agent_updater_state.rc == 1 - name: "{{ ansible_system }}: Read Agent Controller State." become: true ansible.builtin.command: cat /var/lib/cmk-agent/registered_connections.json register: __checkmk_agent_registered_connections changed_when: false failed_when: | not __checkmk_agent_registered_connections.rc == 0 and not __checkmk_agent_registered_connections.rc == 1 - name: "{{ ansible_system }}: Register Agent for automatic Updates using User Password." become: true ansible.builtin.shell: | cmk-update-agent register -H {{ checkmk_agent_host_name }} \ -s {{ checkmk_agent_registration_server }} -i {{ checkmk_agent_registration_site }} -p {{ checkmk_agent_registration_server_protocol }} \ -U {{ checkmk_agent_user }} -P {{ __checkmk_agent_auth | ansible.builtin.quote }} no_log: "{{ checkmk_agent_no_log | bool }}" register: __checkmk_agent_update_state when: | checkmk_agent_edition | lower != "cre" and __checkmk_agent_updater_binary.stat.exists | bool and checkmk_agent_update | bool and (checkmk_agent_pass is defined and checkmk_agent_pass | length) and (checkmk_agent_secret is not defined) and not ( (checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_updater_state.stdout) and ('"error": null' in __checkmk_agent_updater_state.stdout) ) changed_when: "'Successfully registered agent of host' in __checkmk_agent_update_state.stderr" - name: "{{ ansible_system }}: Register Agent for automatic Updates using Automation Secret." become: true ansible.builtin.shell: | cmk-update-agent register -H {{ checkmk_agent_host_name }} \ -s {{ checkmk_agent_registration_server }} -i {{ checkmk_agent_registration_site }} -p {{ checkmk_agent_registration_server_protocol }} \ -U {{ checkmk_agent_user }} -S {{ __checkmk_agent_auth | ansible.builtin.quote }} no_log: "{{ checkmk_agent_no_log | bool }}" register: __checkmk_agent_update_state when: | checkmk_agent_edition | lower != "cre" and __checkmk_agent_updater_binary.stat.exists | bool and checkmk_agent_update | bool and (checkmk_agent_secret is defined and checkmk_agent_secret | length) and not ( (checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_updater_state.stdout) and ('"error": null' in __checkmk_agent_updater_state.stdout) ) changed_when: "'Successfully registered agent of host' in __checkmk_agent_update_state.stderr" - name: "{{ ansible_system }}: Register Agent for TLS directly." become: true ansible.builtin.shell: | cmk-agent-ctl register -H {{ checkmk_agent_host_name }} \ -s {{ checkmk_agent_registration_server }} -i {{ checkmk_agent_registration_site }} \ -U {{ checkmk_agent_user }} -P {{ __checkmk_agent_auth }} --trust-cert no_log: "{{ checkmk_agent_no_log | bool }}" register: __checkmk_agent_tls_state retries: 3 delay: 5 until: __checkmk_agent_tls_state.rc == 0 failed_when: false when: | __checkmk_agent_controller_binary.stat.exists | bool and checkmk_agent_tls | bool changed_when: "'Registration complete' in __checkmk_agent_tls_state.stdout" - name: "{{ ansible_system }}: Log registration failure details." ansible.builtin.debug: msg: | ======================================== REGISTRATION FAILED AFTER 3 RETRIES ======================================== Host: {{ checkmk_agent_host_name }} Server: {{ checkmk_agent_registration_server }} Site: {{ checkmk_agent_registration_site }} Return Code: {{ __checkmk_agent_tls_state.rc | default('N/A') }} STDOUT: {{ __checkmk_agent_tls_state.stdout | default('No output') }} STDERR: {{ __checkmk_agent_tls_state.stderr | default('No errors') }} Possible causes: - Agent receiver service not running on monitoring server - Network connectivity issues (firewall, routing) - Authentication failed (check username/password) - Host not created in CheckMK yet - TLS certificate issues - Timing issue (agent controller not fully started) Troubleshooting steps: 1. Check agent receiver logs on monitoring server 2. Verify host exists in CheckMK: Setup -> Hosts 3. Test connection: curl -k https://{{ checkmk_agent_registration_server }}:8000/{{ checkmk_agent_registration_site }}/agent-receiver/register_existing 4. Check cmk-agent-ctl status on this host ======================================== when: | __checkmk_agent_tls_state is defined and __checkmk_agent_tls_state.rc is defined and __checkmk_agent_tls_state.rc != 0 - name: "{{ ansible_system }}: Create temporary proxy-register file." become: true ansible.builtin.copy: dest: "{{ __checkmk_agent_host_tmp_dir }}/checkmk-import" mode: u=r,g=,o= owner: cmk-agent group: cmk-agent content: "{{ __checkmk_agent_proxy_registration_state.stdout }}" no_log: "{{ checkmk_agent_no_log | bool }}" when: | __checkmk_agent_controller_binary.stat.exists | bool and checkmk_agent_tls | bool and checkmk_agent_delegate_registration | bool and (__checkmk_agent_auth is defined and __checkmk_agent_auth | length) and not checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_registered_connections.stdout and __checkmk_agent_proxy_registration_state is defined - name: "{{ ansible_system }}: Import proxy-register file." become: true ansible.builtin.command: "cmk-agent-ctl import {{ __checkmk_agent_host_tmp_dir }}/checkmk-import" no_log: "{{ checkmk_agent_no_log | bool }}" register: __checkmk_agent_import_result when: | __checkmk_agent_controller_binary.stat.exists | bool and checkmk_agent_tls | bool and checkmk_agent_delegate_registration | bool and (__checkmk_agent_auth is defined and __checkmk_agent_auth | length) and not checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_registered_connections.stdout and __checkmk_agent_proxy_registration_state is defined changed_when: __checkmk_agent_import_result.rc == 0 - name: "{{ ansible_system }}: Clean-up proxy-register temporary file." become: true ansible.builtin.file: path: "{{ __checkmk_agent_host_tmp_dir }}/checkmk-import" state: absent no_log: "{{ checkmk_agent_no_log | bool }}" when: | __checkmk_agent_controller_binary.stat.exists | bool and checkmk_agent_tls | bool and checkmk_agent_delegate_registration | bool and (__checkmk_agent_auth is defined and __checkmk_agent_auth | length) and not checkmk_agent_registration_server + '/' + checkmk_agent_registration_site in __checkmk_agent_registered_connections.stdout and __checkmk_agent_proxy_registration_state is defined - name: "{{ ansible_system }}: Verify Checkmk Agent Port is open." ansible.builtin.wait_for: port: "{{ checkmk_agent_port }}" timeout: 60 when: checkmk_agent_mode == 'pull' - name: "{{ ansible_system }}: Initial push of data for push agent" # noqa no-changed-when become: true ansible.builtin.command: cmk-agent-ctl push when: checkmk_agent_mode == 'push'