Zabbix 是什么?
- zabbix 是一个基于 Web 界面的提供分布式系统监视以及网络监视功能的企业级的开源解决方案。通过 C/S 模式采集数据,通过 B/S 模式在 Web 端展示和配置,能监视各种网络参数,保证服务器系统的安全运营;并提供灵活的通知机制以让系统管理员快速定位/解决存在的各种问题。
- zabbix 由2部分构成,zabbix server 与可选组件 zabbix agent;zabbix server 可以通过 SNMP,zabbix agent,ping,端口监视等方法提供对远程服务器/网络状态的监视,数据收集等功能。zabbix agent 需要安装在被监视的目标服务器上,它主要完成对硬件信息或与操作系统有关的内存,CPU 等信息的收集。
Zabbix监控系统运行大概流程:
Zabbix由zabbix server与可选组件zabbix agent两部分组成。
- Zabbix Server 可以通过 SNMP,Zabbix agent,Ping,端口监视等方法提供对远程服务器/网络状态的监视,数据收集功能,可以在运行 Linux,Solaris,HP-UX,AIX,FreeBSD,OpenBSD,OS X,Windows多平台。
- Zabbix Agent 安装在需要被监控的目标服务器上,主要完成对硬件信息与操作系统有关的内存,CPU 等信息收集。
- Zabbix Server可以单独监视远程服务器的服务状态,同时也可以与Zabbix Agent结合。可以轮询Zabbix Agent主动接收监视数据(trapping传递 方式),同时还可以被动接收Zabbix Agent发送的数据。
- 主动:agent请求server获取主动的监控项列表,并主动将监控项内需要检测的数据提交给server/proxy。
- 被动:server向agent请求获取监控项的数据,agent返回数据。
那实际监控中是用主动的还是被动的呢?这里主要涉及两个地方:
- (1) 新建监控项目时,选择的是zabbix代理还是zabbix端点代理程式(主动式),前者是被动模式,后者是主动模式。
- (2) agentd配置文件中StartAgents参数的设置,如果为0,表示禁止被动模式,否则开启。一般建议不要设置为0,因为监控项目很多时,可以部分使用主动,部分使用被动模式。
Zabbix监控常用架构:
- (1) server-agentd模式:这个是最简单的架构了,常用于监控主机比较少的情况下。
- (2) server-proxy-agentd模式:这个常用于比较多的机器,使用proxy进行分布式监控,有效的减轻server端的压力。
Zabbix官方站点:【文档、源码包、rpm包】下载提供了两种版本:LTS版(Long Term Support)和标准版。
Zabbix YUM安装部署过程如下:
- 第一部分:ZabbixServer-01 上操作。
# 准备环境
[root@ZabbixServer-01 ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
[root@ZabbixServer-01 ~]# uname -r
3.10.0-862.el7.x86_64
[root@ZabbixServer-01 ~]# setenforce 0
[root@ZabbixServer-01 ~]# sed -i '7s#enforcing#disabled#' /etc/selinux/config
[root@ZabbixServer-01 ~]# systemctl stop firewalld && systemctl disable firewalld
[root@ZabbixServer-01 ~]# yum install -y vim net-tools lsof wget curl lrzsz
# 安装zabbix noarch.rpm
[root@ZabbixServer-01 ~]# rpm -Uvh https://repo.zabbix.com/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm
# 修改/etc/yum.repos.d/zabbix.repo,将[zabbix-frontend]下的enabled改为1【注意项】
[root@ZabbixServer-01 ~]# sed -i.bak '11s#enabled=0#enabled=1#' /etc/yum.repos.d/zabbix.repo
[root@ZabbixServer-01 ~]# yum clean all
[root@ZabbixServer-01 ~]# yum repolist | grep zabbix
zabbix/x86_64 Zabbix Official Repository - x86_64 200
zabbix-frontend/x86_64 Zabbix Official Repository frontend - x86_64 183
zabbix-non-supported/x86_64 Zabbix Official Repository non-supported - x8 5
# 安装zabbix server和agent
[root@ZabbixServer-01 ~]# yum install -y zabbix-server-mysql zabbix-agent
# 安装Software Collections便于后续安装高版本的php
[root@ZabbixServer-01 ~]# yum install -y centos-release-scl
# 安装zabbix FE和相关环境
[root@ZabbixServer-01 ~]# yum install -y zabbix-web-mysql-scl zabbix-apache-conf-scl
# 安装centos7默认的mariadb数据库
[root@ZabbixServer-01 ~]# yum install -y mariadb mariadb-server
[root@ZabbixServer-01 ~]# systemctl start mariadb && systemctl enable mariadb
# 安全初始化mariadb并配置root密码
[root@ZabbixServer-01 ~]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): # 空密码,直接回车
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] Y # 是否设置root密码
New password: # root密码
Re-enter new password: # 再次输入root密码
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y # 是否删除匿名账号
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y # 是否禁止root远程登录
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y # 是否删除test库和test库的访问权限
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y # 是否刷新授权表使其立即生效
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
# 测试root登录,并授权
[root@ZabbixServer-01 ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 12
Server version: 5.5.68-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
# 创建zabbix数据库
MariaDB [(none)]> create database zabbix character set utf8 collate utf8_bin;
Query OK, 1 row affected (0.00 sec)
# 创建zabbix用户
MariaDB [(none)]> create user zabbix@localhost identified by 'zabbix@01';
Query OK, 0 rows affected (0.00 sec)
# 授权zabbix权限
MariaDB [(none)]> grant all privileges on zabbix.* to zabbix@localhost;
Query OK, 0 rows affected (0.00 sec)
# 刷新授权,使其立即生效
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> exit
Bye
# 查看用户权限
MariaDB [(none)]> select user,host,password from mysql.user;
+--------+-----------+-------------------------------------------+
| user | host | password |
+--------+-----------+-------------------------------------------+
| root | localhost | *A35F952D7E492A65F4DB82E1ECBFB4BBBC415BFF |
| root | 127.0.0.1 | *A35F952D7E492A65F4DB82E1ECBFB4BBBC415BFF |
| root | ::1 | *A35F952D7E492A65F4DB82E1ECBFB4BBBC415BFF |
| zabbix | localhost | *A35F952D7E492A65F4DB82E1ECBFB4BBBC415BFF |
+--------+-----------+-------------------------------------------+
4 rows in set (0.00 sec)
MariaDB [(none)]> show grants for zabbix@'localhost';
+---------------------------------------------------------------------------------------------------------------+
| Grants for zabbix@localhost |
+---------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'zabbix'@'localhost' IDENTIFIED BY PASSWORD '*A35F952D7E492A65F4DB82E1ECBFB4BBBC415BFF' |
| GRANT ALL PRIVILEGES ON `zabbix`.* TO 'zabbix'@'localhost' |
+---------------------------------------------------------------------------------------------------------------+
2 rows in set (0.01 sec)
# 测试zabbix用户登录
[root@ZabbixServer-01 ~]# mysql -u zabbix -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 13
Server version: 5.5.68-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show grants for current_user();
+---------------------------------------------------------------------------------------------------------------+
| Grants for zabbix@localhost |
+---------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'zabbix'@'localhost' IDENTIFIED BY PASSWORD '*A35F952D7E492A65F4DB82E1ECBFB4BBBC415BFF' |
| GRANT ALL PRIVILEGES ON `zabbix`.* TO 'zabbix'@'localhost' |
+---------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
# 导入zabbix数据库,zabbix数据库用户为zabbix,密码为zabbix@01
[root@ZabbixServer-01 ~]# zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -p zabbix
# 编辑配置文件/etc/zabbix/zabbix_server.conf,设置数据库密码
[root@ZabbixServer-01 ~]# sed -i.bak '/# DBPassword=/a\DBPassword=zabbix@01' /etc/zabbix/zabbix_server.conf
# 编辑配置文件/etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf,修改时区
[root@ZabbixServer-01 ~]# sed -i.bak '$c php_value[date.timezone] = Asia/Shanghai' /etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf
# 重启服务并设置开启自启动
[root@ZabbixServer-01 ~]# systemctl restart zabbix-server zabbix-agent httpd rh-php72-php-fpm
[root@ZabbixServer-01 ~]# systemctl enable zabbix-server zabbix-agent httpd rh-php72-php-fpm
[root@ZabbixServer-01 ~]# netstat -nutpl | grep -E 'zabbix|mysql|php|http'
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 2120/zabbix_agentd
tcp 0 0 0.0.0.0:10051 0.0.0.0:* LISTEN 2127/zabbix_server
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 2118/php-fpm: maste
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1991/mysqld
tcp6 0 0 :::10050 :::* LISTEN 2120/zabbix_agentd
tcp6 0 0 :::10051 :::* LISTEN 2127/zabbix_server
tcp6 0 0 :::80 :::* LISTEN 2117/httpd
[root@ZabbixServer-01 ~]# hostname -I
172.16.70.37
浏览器访问 http://172.16.70.37/zabbix
10-29 13:51