目录
IP地址规划
| 名字 | 地址 | 主要安装软件 |
|---|---|---|
| ansible-server | 192.168.40.137 | zabbix-server、ansible、zabbix-mysql |
| zabbix-agent1 | 192.168.40.138 | zabbix-agent |
| zabbix-agent2 | 192.168.40.139 | zabbix-agent |
| zabbix-grafana | 192.168.40.140 | grafana |
ansible安装
服务端建立免密连接
bash
# 生成密钥对
[root@ansible-server ~]# ssh-keygen
# 分发公钥,建立免密通道
[root@ansible-server ~]# ssh-copy-id root@192.168.40.138
[root@ansible-server ~]# ssh-copy-id root@192.168.40.139
[root@ansible-server ~]# ssh-copy-id root@192.168.40.140分开部署
安装zabbix-mysql
在管理节点上(server端)安装epel源,ansible
bash
[root@ansible-server ~]# yum install epel-release -y
[root@ansible-server ~]# yum install ansible -y查看版本
bash
[root@ansible-server ~]# ansible --version
ansible 2.9.27
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Oct 14 2020, 14:45:30) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]创建角色
shell
[root@ansible-server roles]# ansible-galaxy init zabbix-server
- Role zabbix-server was created successfully
[root@ansible-server roles]# ansible-galaxy init zabbix-mysql
- Role zabbix-mysql was created successfully
[root@ansible-server roles]# ansible-galaxy init zabbix-agent
- Role zabbix-agent was created successfully
[root@ansible-server roles]# ansible-galaxy init zabbix-grafana
- Role zabbix-grafana was created successfully配置数据库
安装数据库软件包
shell
[root@ansible-server files]# wget https://dev.mysql.com/get/mysql80-community-release-el7-3.noarch.rpm安装zabbix-mysql数据库
yaml
[root@ansible-server tasks]# cat main.yml
---
# tasks file for zabbix-mysql
- name: install mysql 5.7 and config for zabbix
hosts: localhost
tasks:
- name: copy mysql repo rpm
copy:
src: mysql80-community-release-el7-3.noarch.rpm
dest: /root/
- name: install repo
command: rpm -ivh /root/mysql80-community-release-el7-3.noarch.rpm
ignore_errors: yes
- name: install yum-utils
yum:
name: yum-utils
state: present
- name: install mysql 5.7
command: yum-config-manager --enable mysql57-community
- name: check repo
lineinfile:
path: /etc/yum.repos.d/mysql-community.repo
regexp: '^gpgcheck=1'
line: 'gpgcheck=0'
- name: install mysql
yum:
name: mysql,mysql-server
state: present
- name: start mysql
service:
name: mysqld
state: started
enabled: yes
- name: get mysql temp password
shell: cat /var/log/mysqld.log| grep 'temporary password'|awk '{print $NF}'
# 使用register保存结果
register: temp_password
changed_when: false
- name: set old password
mysql_user:
name: root
host: localhost
password: "{{ temp_password.stdout }}"
ignore_errors: yes
- name: set new password
shell: mysql -uroot -p123456
- name: create zabbix user
shell: mysql -uroot -p123456 -e "alter user 'zabbix'@'localhost' identified by 'Zabbix@123';"
- name: create zabbix database
shell: mysql -uroot -p123456 -e "create database zabbix character set utf8 collate utf8_bin;"
ignore_errors: yes
- name: grant mysql user privileges
shell: mysql -uroot -p123456 -e "grant all privileges on zabbix.* to zabbix@localhost;"安装zabbix-server
安装zabbix-server存储库
shell
[root@ansible-server zabbix-server]# cd files/
[root@ansible-server files]# wget https://repo.zabbix.com/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm设置zabbix.repo
shell
[zabbix]
name=zabbix
baseurl=https://repo.zabbix.com/zabbix/5.0/rhel/7/x86_64/
gpgcheck=0
enabled=1坑 需要设置zabbix-frontend源,否则后面执行找不到前端软件包
shell
[zabbix-frontend]
name=Zabbix Official Repository frontend - $basearch
baseurl=http://repo.zabbix.com/zabbix/5.0/rhel/7/$basearch/frontend
enabled=1
gpgcheck=0安装zabbix-server
yaml
[root@ansible-server tasks]# ls
files zabbix-server.yml
[root@ansible-server tasks]# cat main.yml
---
# tasks file for zabbix-server
- name: install zabbix 5.0
hosts: localhost
tasks:
- name: copy zabbix.repo
copy:
src: zabbix.repo
dest: /etc/yum.repos.d/
- name: install zabbix service
yum:
name: zabbix-server-mysql,zabbix-agent,centos-release-scl,yum-utils
state: present
- name: update zabbix-frontend
shell: yum-config-manager --enable zabbix-frontend
- name: install web service
yum:
name: zabbix-web-mysql-scl,zabbix-nginx-conf-scl
state: present
- name: install rpm
yum:
name: mysql
state: present
- name: inputdata
shell: "zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -pZabbix@123 zabbix"
ignore_errors: yes
- name: edit zabbix host
lineinfile:
dest: /etc/zabbix/zabbix_server.conf
regexp: '# DBHost=localhost'
line: 'DBHost=localhost'
- name: edit zabbix password
lineinfile:
dest: /etc/zabbix/zabbix_server.conf
regexp: '# DBPassword='
line: 'DBPassword=Zabbix@123'
- name: edit nginx zabbix
lineinfile:
dest: /etc/opt/rh/rh-nginx116/nginx/conf.d/zabbix.conf
regexp: '# listen 80;'
line: ' listen 80;'
- name: edit php zabbix
lineinfile:
dest: /etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf
regexp: 'listen.acl_users'
line: 'listen.acl_users=apache,nginx'
- name: edit php timezone
lineinfile:
dest: /etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf
regexp: '; php_value[date.timezone]'
line: 'php_value[date.timezone]=Asia/Shanghai'
- name: start service
shell: systemctl restart zabbix-server zabbix-agent rh-php72-php-fpm rh-nginx116-nginx 
安装zabbix-agent
在agent主机上配置域名解析
bash
[root@zabbix-agent1 ~]# vim /etc/hosts
192.168.40.139 zabbix-agent1
bash
[root@zabbix-agent2 ~]# vim /etc/hosts
192.168.40.139 zabbix-agent2
yaml
[root@ansible-server tasks]# cat main.yaml
---
# tasks file for zabbix-agent
- name: install zabbix agent
hosts: zabbix-agent
tasks:
- name: cp zabbix.repo
copy:
src: zabbix.repo
dest: /etc/yum.repos.d/
- name: install agent
yum:
name: zabbix-agent
state: present
- name: edit zabbix_agented.conf
lineinfile:
dest: /etc/zabbix/zabbix_agentd.conf
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
loop:
- { regexp: "Server=127.0.0.1", line: "Server=192.168.40.137" }
- { regexp: "ServerActive=127.0.0.1", line: "ServerActive=192.168.40.137" }
- name: edit zabbix_agent.conf hostname
lineinfile:
dest: /etc/zabbix/zabbix_agentd.conf
regexp: "^Hostname=.*"
line: "Hostname={{ ansible_hostname }}" # 使用系统变量获取主机
- name: start agent service
shell: systemctl restart zabbix-agent
安装zabbix-grafana
下载grafana
shell
[root@ansible-server files]# wget https://dl.grafana.com/enterprise/release/grafana-enterprise-9.5.1-1.x86_64.rpm下载zabbix插件
bash
https://grafana.com/grafana/plugins/alexanderzobnin-zabbix-app/?tab=installation
yaml
[root@ansible-server tasks]# cat main.yml
---
# tasks file for zabbix-grafana
- name: install zabbix grafana
hosts: zabbix-grafana
tasks:
- name: copy file
copy:
src: /etc/ansible/roles/zabbix-grafana/files/grafana/
dest: /root
- name: install grafana
yum:
name: /root/grafana-enterprise-9.4.7-1.x86_64.rpm
state: present
- name: install zabbix plugin
copy:
src: /etc/ansible/roles/zabbix-grafana/files/alexanderzobnin-zabbix-app
dest: /var/lib/grafana/plugins/
- name: start grafana-server service
shell: systemctl restart grafana-server用户名和密码都是admin
出现插件不可用
修改/etc/grafana/grafana.ini
bash
allow_loading_unsigned_plugins = alexanderzobnin-zabbix-app设置插件权限
bash
chmod 777 /var/lib/grafana/plugins/alexanderzobnin-zabbix-app/gpx_zabbix-plugin_linux_amd64 填写zabbix的用户名和密码后,数据源连接成功(用户名Admin 密码zabbix)
在Zabbix - Full Server Status | Grafana Labs找到id为5363的zabbix监控模板
导入数据源
一键部署
调用role,一键部署zabbix+agent+grafana(ansible的roles中task的playbook是不需要写tasks的)
zabbix-mysql
yaml
[root@ansible-server ansible]# cat /etc/ansible/roles/zabbix-mysql/tasks/main.yml
---
# tasks file for zabbix-mysql
- name: copy mysql repo rpm
copy:
src: mysql80-community-release-el7-3.noarch.rpm
dest: /root/
- name: install repo
command: rpm -ivh /root/mysql80-community-release-el7-3.noarch.rpm
ignore_errors: yes
- name: install yum-utils
yum:
name: yum-utils
state: present
- name: install mysql 5.7
command: yum-config-manager --enable mysql57-community
- name: check repo
lineinfile:
path: /etc/yum.repos.d/mysql-community.repo
regexp: '^gpgcheck=1'
line: 'gpgcheck=0'
- name: install mysql
yum:
name: mysql,mysql-server
state: present
- name: start mysql
service:
name: mysqld
state: started
enabled: yes
- name: get mysql temp password
shell: cat /var/log/mysqld.log| grep 'temporary password'|awk '{print $NF}'
# 使用register保存结果
register: temp_password
changed_when: false
- name: set old password
mysql_user:
name: root
host: localhost
password: "{{ temp_password.stdout }}"
ignore_errors: yes
- name: set new password
shell: mysql -uroot -p123456
- name: create zabbix user
shell: mysql -uroot -p123456 -e "alter user 'zabbix'@'localhost' identified by 'Zabbix@123';"
- name: create zabbix database
shell: mysql -uroot -p123456 -e "create database zabbix character set utf8 collate utf8_bin;"
ignore_errors: yes
- name: grant mysql user privileges
shell: mysql -uroot -p123456 -e "grant all privileges on zabbix.* to zabbix@localhost;"zabbix-server
yaml
[root@ansible-server ansible]# cat /etc/ansible/roles/zabbix-server/tasks/main.yml
---
# tasks file for zabbix-server
- name: copy zabbix.repo
copy:
src: zabbix.repo
dest: /etc/yum.repos.d/
- name: install zabbix service
yum:
name: zabbix-server-mysql,zabbix-agent,centos-release-scl,yum-utils
state: present
- name: update zabbix-frontend
shell: yum-config-manager --enable zabbix-frontend
- name: install web service
yum:
name: zabbix-web-mysql-scl,zabbix-nginx-conf-scl
state: present
- name: install rpm
yum:
name: mysql
state: present
- name: inputdata
shell: "zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -pZabbix@123 zabbix"
ignore_errors: yes
- name: edit zabbix host
lineinfile:
dest: /etc/zabbix/zabbix_server.conf
regexp: '# DBHost=localhost'
line: 'DBHost=localhost'
- name: edit zabbix password
lineinfile:
dest: /etc/zabbix/zabbix_server.conf
regexp: '# DBPassword='
line: 'DBPassword=Zabbix@123'
- name: edit nginx zabbix
lineinfile:
dest: /etc/opt/rh/rh-nginx116/nginx/conf.d/zabbix.conf
regexp: '# listen 80;'
line: ' listen 80;'
- name: edit php zabbix
lineinfile:
dest: /etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf
regexp: 'listen.acl_users'
line: 'listen.acl_users=apache,nginx'
- name: edit php timezone
lineinfile:
dest: /etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf
regexp: '; php_value[date.timezone]'
line: 'php_value[date.timezone]=Asia/Shanghai'
- name: start service
shell: systemctl restart zabbix-server zabbix-agent rh-php72-php-fpm rh-nginx116-nginx zabbix-agent
yaml
[root@ansible-server ansible]# cat /etc/ansible/roles/zabbix-agent/tasks/main.yml
---
# tasks file for zabbix-agent
- name: cp zabbix.repo
copy:
src: zabbix.repo
dest: /etc/yum.repos.d/
- name: install agent
yum:
name: zabbix-agent
state: present
- name: edit zabbix_agented.conf
lineinfile:
dest: /etc/zabbix/zabbix_agentd.conf
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
loop:
- { regexp: "Server=127.0.0.1", line: "Server=192.168.40.137" }
- { regexp: "ServerActive=127.0.0.1", line: "ServerActive=192.168.40.137" }
- name: edit zabbix_agent.conf hostname
lineinfile:
dest: /etc/zabbix/zabbix_agentd.conf
regexp: "^Hostname=.*"
line: "Hostname={{ ansible_hostname }}" # 使用系统变量获取主机
- name: start agent service
shell: systemctl restart zabbix-agentzabbix-grafana
yaml
[root@ansible-server ansible]# cat /etc/ansible/roles/zabbix-grafana/tasks/main.yml
---
# tasks file for zabbix-grafana
- name: copy file
copy:
src: /etc/ansible/roles/zabbix-grafana/files/grafana/
dest: /root
- name: install grafana
yum:
name: /root/grafana-enterprise-9.4.7-1.x86_64.rpm
state: present
- name: install zabbix plugin
copy:
src: /etc/ansible/roles/zabbix-grafana/files/alexanderzobnin-zabbix-app
dest: /var/lib/grafana/plugins/
- name: start grafana-server service
shell: systemctl restart grafana-server主playbook,通过执行主playbook实现一键部署
yaml
[root@ansible-server ansible]# cat zabbix-auto.yml
---
- hosts: localhost
remote_user: root
roles:
- role: zabbix-mysql
- role: zabbix-server
- hosts: zabbix-agent
remote_user: root
roles:
- role: zabbix-agent
- hosts: zabbix-grafana
remote_user: root
roles:
- role: zabbix-grafanazabbix的自动发现功能,监控特定域名的http延迟,其中特定域名以一行一个格式存储在
自动发现
以安装nginx为例
shell
C:\Windows\System32\drivers\etc
修改windows的hosts文件,配置域名解析
192.168.40.145 shengxia.discovery.com
修改linux的hosts文件,配置域名解析
[root@discovery yum.repos.d]# vim /etc/hosts
192.168.40.145 shengxia.discovery.com
自动发现机器安装zabbix-agent和zabbix-sender
shell
[root@ansible-server ~]# scp /etc/yum.repos.d/zabbix.repo root@192.168.40.145:/etc/yum.repos.d/
shell
[root@discovery yum.repos.d]# yum install -y zabbix-agent zabbix-sender修改配置文件
shell
[root@discovery yum.repos.d]# vim /etc/zabbix/zabbix_agentd.conf
Server=192.168.40.137
ServerActive=192.168.40.137
Hostname=discovery
[root@discovery yum.repos.d]# service zabbix-agent restart需要创建一个自动发现规则,然后创建一个动作,当发现新的设备时,会根据我们的配置进行响应。
自动发现设备
创建动作
在 Zabbix 中,转到"配置" -> "动作" -> "创建动作"。
在"常规"选项卡中,填写动作名称,并选择"自动发现"作为触发条件。
在"操作"选项卡中,添加一个"发送消息"操作,这样当发现新设备时,就会发送消息。
可以在zabbix-server服务器上修改hosts文件,配置域名解析
bash
[root@ansible-server ~]# vim /etc/hosts
192.168.40.145 discovery
创建模板
先修改图形字体乱码
上传windows字体文件,在 C:\Windows\Fonts 找到字体文件,上传 到 /usr/share/zabbix/assets/fonts
shell
[root@ansible-server ~]# mv simkai.ttf /usr/share/zabbix/assets/fonts/
[root@ansible-server ~]# cd /usr/share/zabbix/assets/fonts/
[root@ansible-server fonts]# ls
graphfont.ttf simkai.ttf
[root@ansible-server fonts]# mv graphfont.ttf graphfont.ttf.bak
[root@ansible-server fonts]# mv simkai.ttf graphfont.ttf在zabbix-agent配置文件中自定义监控项
shell
UserParameter=domain.delay.shengxia,/http_delay/http_delay.sh|grep shengxia|awk '{print $2}'
UserParameter=domain.delay.example1,/http_delay/http_delay.sh|grep example1|awk '{print $2}'
UserParameter=domain.delay.example2,/http_delay/http_delay.sh|grep example2|awk '{print $2}'脚本文件如下
shell
[root@discovery ~]# ll /http_delay/
总用量 8
-rw-r--r-- 1 root root 49 4月 25 15:13 domain.txt
-rwxr-xr-x 1 root root 260 4月 25 15:14 http_delay.sh
[root@discovery ~]# cat domain.txt
shengxia.discovery.com
example1.com
example2.com
[root@discovery ~]# cat http_delay.sh
#!/bin/bash
# 读取域名列表
domains=$(cat /root/domain.txt)
# 遍历域名
for dm in $domains;do
delay_time=$(curl -s -o /dev/null -w "%{time_total}" $dm)
if [ $? -eq 0 ];then
echo "${dm} $delay_time"
else
echo "${dm} 0"
fi
done创建监控项
创建图形
修改自动发现动作,与自定义模板关联
查看图形
创建一个"触发器",当延迟超过某个阈值时触发。
({discovery:domain.delay.example1.last()}>0.003) or ({discovery:domain.delay.example2.last()}=0.003) or ({discovery:domain.delay.shengxia.last()}>0.003)
