CentOS7.9基于ansible部署zabbix3.4

这里写目录标题

• • ansible部署zabbix集群
  • 基础环境配置
  • 配置ansible

ansible部署zabbix集群

创建2台系统为centos7.9的虚拟机，其中一台作为Ansible的母机并命名为ansible，另一台云主机命名为node，用于安装zabbix，zabbix的所有服务都安装在一台节点上

主机名	IP
ansible	192.168.200.75
node	192.168.200.76

基础环境配置

主机名

[root@localhost ~]# hostnamectl set-hostname ansible
[root@localhost ~]# bash
[root@ansible ~]#

[root@localhost ~]# hostnamectl set-hostname node
[root@localhost ~]# bash
[root@node ~]#

主机映射

[root@ansible ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.200.75 ansible
192.168.200.76 node
[root@ansible ~]#
[root@ansible ~]# scp /etc/hosts node:/etc/hosts

关闭防火墙

[root@ansible ~]# systemctl stop firewalld
[root@ansible ~]# setenforce 0
[root@ansible ~]# getenforce
Permissive

[root@node ~]# systemctl stop firewalld
[root@node ~]# setenforce 0
[root@node ~]# getenforce
Permissive

免密登录

[root@ansible ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:yUf32cXSIJTrGCFOOpg/ZexA+8v4UtH4r9Blgzw5ocU root@ansible
The key's randomart image is:
+---[RSA 2048]----+
|           .o..  |
|      . o.. .. + |
|     + * +E.... +|
|    o =.B*o=.. +.|
|     . BSoB++ o .|
|      o +oo=..   |
|       =....     |
|      o o.  .    |
|       o. ..     |
+----[SHA256]-----+
[root@ansible ~]# ssh-copy-id root@node
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@node'"
and check to make sure that only the key(s) you wanted were added.




[root@node ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:V6DyQRw71ky5h7c5oFURaa3SRT/Me24HykBFudmx2SM root@node
The key's randomart image is:
+---[RSA 2048]----+
|       .o.oo=B.  |
|       ..*.o= *. |
|      . * +*.* O.|
|       + +*.BE+.+|
|        Soo= oo.o|
|        .. o+. o.|
|            o.  +|
|               ..|
|                 |
+----[SHA256]-----+
[root@node ~]# ssh-copy-id root@ansible
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'ansible (192.168.200.75)' can't be established.
ECDSA key fingerprint is SHA256:3SbQcWdJboTSOBsTo/eFMAy/XyoLPLL+7DENjdZtGOc.
ECDSA key fingerprint is MD5:db:e3:da:2d:98:b5:2a:f4:a7:75:f2:ba:f4:a2:62:28.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@ansible's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@ansible'"
and check to make sure that only the key(s) you wanted were added.

[root@node ~]#

上传软件包并解压

[root@ansible ~]# ls
anaconda-ks.cfg  ansible  ansible.tar.gz  install_zabbix  install_zabbix.tar.gz

配置安装ansible、ftp

[root@ansible ~]# mv /etc/yum.repos.d/* /home/
[root@ansible ~]# vi /etc/yum.repos.d/local.repo
[root@ansible ~]# mount /dev/sr0 /mnt/
mount: /dev/sr0 is write-protected, mounting read-only
[root@ansible ~]# mkdir /opt/centos
[root@ansible ~]# cp -rf /mnt/* /opt/centos/
[root@ansible ~]# cat  /etc/yum.repos.d/local.repo
[an]
name=an
baseurl=file:///root/ansible
gpgcheck=0
enabled=1
[centos]
name=centos
baseurl=file:///opt/centos
gpgcheck=0
enabled=1
[root@ansible ~]# yum clean all;yum repolist
Loaded plugins: fastestmirror
Cleaning repos: an centos
Cleaning up list of fastest mirrors
Other repos take up 171 M of disk space (use --verbose for details)
Loaded plugins: fastestmirror
Determining fastest mirrors
an                                                                                               | 2.9 kB  00:00:00
centos                                                                                           | 3.6 kB  00:00:00
(1/3): centos/group_gz                                                                           | 153 kB  00:00:00
(2/3): an/primary_db                                                                             |  13 kB  00:00:00
(3/3): centos/primary_db                                                                         | 3.3 MB  00:00:00
repo id                                                  repo name                                                status
an                                                       an                                                          22
centos                                                   centos                                                   4,070
repolist: 4,092
[root@ansible ~]# yum install -y vsftpd
[root@ansible ~]# echo "anon_root=/opt" >> /etc/vsftpd/vsftpd.conf
[root@ansible ~]# systemctl restart vsftpd
[root@ansible ~]# yum install -y ansible

配置ansible主机文件

[root@ansible ~]# cat /etc/ansible/hosts
...........
[node]
192.168.200.76

#测试查看
[root@ansible ~]# ansible node -m ping
192.168.200.76 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "ping": "pong"
}
[root@ansible ~]#

配置ansible

查看文件，相关目录文件压缩包内已经创建提供，自己修改即可

[root@ansible install_zabbix]# ls -R ./
./:
group_vars  install_zabbix.yaml  roles

./group_vars:
all

./roles:
zabbix

./roles/zabbix:
files  handlers  meta  tasks  templates  vars

./roles/zabbix/files:
yum.repo  zabbix.tar.gz

./roles/zabbix/handlers:

./roles/zabbix/meta:

./roles/zabbix/tasks:
main.yaml

./roles/zabbix/templates:
zabbix_server.conf.j2

./roles/zabbix/vars:
[root@ansible install_zabbix]#

配置全局环境变量

[root@ansible ~]# cat install_zabbix/group_vars/all
DB_PASS: '000000'
DB_HOST: localhost

编辑 yum源

[root@ansible ~]# cat install_zabbix/roles/zabbix/files/yum.repo
[zabbix]
name=zabbix
baseurl=file:///opt/zabbix
gpgcheck=0
enabled=1
[centos]
name=centos
baseurl=ftp://ansible/centos
gpgcheck=0
enabled=1

编辑install_zabbix.yaml

[root@ansible ~]# cat install_zabbix/install_zabbix.yaml
---

- hosts: node
  remote_user: root

  roles:
    - zabbix
[root@ansible ~]#

编辑任务模板

[root@ansible ~]# cat install_zabbix/roles/zabbix/tasks/main.yaml
---
  - name: selinux config
    shell: "{{item}}"
    with_items:
      - sed -i "s/^SELINUX=.*/SELINUX=disabled/g" /etc/selinux/config

  - name: Selinux Config Setenforce
    shell: getenforce
    register: info

  - name: when_Selinux
    shell: setenforce 0
    when: info['stdout'] == 'Enforcing'

  - name: firewalld
    shell: systemctl stop firewalld && systemctl disable firewalld
    ignore_errors: yes

  - name: mv yum config
    shell: mv /etc/yum.repos.d/* /media/

  - name: copy repo
    copy: src=yum.repo dest=/etc/yum.repos.d/yum.repo

  - name: Copy Repo Tar
    copy: src=zabbix.tar.gz dest=/opt/

  - name: Decompression Package
    shell: tar -zxvf /opt/zabbix.tar.gz -C /opt

  - name: Yum Install httpd
    yum:
      name:
        - httpd
      state: present
  - name: Start Service
    systemd:
      name: httpd
      state: restarted
      enabled: yes

  - name: Install Mariadb
    yum:
      name:
        - mariadb-server
        - mariadb
      state: present
  - name: Start Service
    systemd:
      name: mariadb
      state: restarted
      enabled: yes

  - name: Config Mariadb User
    shell: mysqladmin -uroot password {{ DB_PASS }}
    ignore_errors: yes

  - name: Mariadb Create zabbix
    shell: mysql -uroot -p{{ DB_PASS }} -e "create database zabbix character set utf8 collate utf8_bin;"
    ignore_errors: yes

  - name: privileages mariadb
    shell: "{{ item }}"
    with_items:
      - mysql -uroot -p{{ DB_PASS }} -e "grant all privileges on zabbix.* to zabbix@localhost identified by '000000';"
      - mysql -uroot -p{{ DB_PASS }} -e "grant all privileges on zabbix.* to zabbix@localhost identified by '000000';"

  - name: Install zabbix
    yum:
      name:
        - zabbix-agent
        - zabbix-server
        - zabbix-server-mysql
        - zabbix-web-mysql
      state: present
  - name: sql config mariadb
    shell: chdir=/usr/share/doc/zabbix-server-mysql-3.4.15/ zcat create.sql.gz |mysql -uroot -p{{ DB_PASS }} zabbix
    ignore_errors: yes

  - name: Php Timezone
    shell: "{{item}}"
    with_items:
      - sed -i "s/^;date.timezone.*/;date.timezone=RPC/g" /etc/php.ini
      - sed -i "s/#\ php_value/php_value/g" /etc/httpd/conf.d/zabbix.conf
      - sed -i "s/date.timezone.*/date.timezone Asia\/Shanghai/g" /etc/httpd/conf.d/zabbix.conf

  - name: Config zabbix_server.conf
    template: src=zabbix_server.conf.j2 dest=/etc/zabbix/zabbix_server.conf

  - name: Restart Httpd And zabbix-server
    systemd:
      name: "{{item}}"
      state: restarted
      enabled: yes
    with_items:
      - httpd
      - zabbix-server

编辑zabbix_server.conf.j2，注意找到变量后修改

[root@ansible ~]# cat install_zabbix/roles/zabbix/templates/zabbix_server.conf.j2
DBName=zabbix
DBHost={{ DB_HOST }}
DBPassword={{ DB_PASS }}
DBSocket=/var/lib/mysql/mysql.sock

检查playbook脚本并执行

[root@ansible ~]# ansible-playbook --syntax-check install_zabbix/install_zabbix.yaml
[WARNING]: Could not match supplied host pattern, ignoring: zabbix

playbook: install_zabbix/install_zabbix.yaml
[root@ansible ~]#
[root@ansible ~]# ansible-playbook install_zabbix/install_zabbix.yaml

在浏览器中输入http://IP/zabbix 访问

数据库密码；000000

Admin；zabbix