目前使用较多的运维监控工具------zabbix监控
zabbix监控
一、zabbix介绍
服务器--->健康状态(consul)[CPU、内存、磁盘空间、服务应用]--->监控
cacti仙人掌------>nagios------>zabbix
1、SNMP简单网络管理协议是专门设计用于在IP网络协议网络节点(服务器、工作站、路由器、交换机及HUBS等)的一种标准协议,他是应用层协议。
2、GD库是php处理图形的扩展库,GD库提供了一系列用来处理图片的API,使用GD库可以处理图片,或者生成图片,也可以给图片加水印。
3、Nagios是一款开源的免费网络监视工具,能有效监控Windows、Linux、Unix的主机状态,加偶安吉路由器等网络设备,打印机等。在系统或服务状态异常时发出邮件或短信报警第一时间通知网站运维人员,在状态恢复后,发出正常邮件或短信通知。
4、Zabbix是一个基于WEB界面的提供分布式系统监视及网络监视功能的企业级的开源解决方案。
zabbix能监视各种网络参数,保证服务器系统的安全运营,并提供灵活的通知机制以让系统管理员快速定位/解决存在的各种问题。
zabbix由两部分构成:zabbix server和可选组件zabbix agent
zabbix server可以通过SNMP,zabbix agent,ping,端口监视等方法
二、zabbix功能
● 数据采集
● 灵活的阈值定义
● 高度可配置化的告警
● 实时图形
● web监控功能
● 可视化选项繁多
● 配置简单
三、部署ansible
| 主机 | 操作系统 | IP地址 |
|---|---|---|
| server | CentOS7.6 | 192.168.238.10 |
| client | CentOS7.6 | 192.168.238.20 |
1、安装nginx
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ls
local.repo repos.bak
[root@localhost yum.repos.d]# cp local.repo nginx.repo
[root@localhost yum.repos.d]# mv local.repo repos.bak/
[root@localhost yum.repos.d]# cd repos.bak/
[root@localhost repos.bak]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo
CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo local.repo
[root@localhost repos.bak]# mv CentOS-Base.repo /etc/yum.repos.d/ #配置yum在线源
[root@localhost repos.bak]# cd ../
[root@localhost yum.repos.d]# ls
CentOS-Base.repo nginx.repo repos.bak
[root@localhost yum.repos.d]# vim nginx.repo 配置nginx源,用于下载nginx
[nginx]
name=nginx
baseurl=http://nginx.org/packages/centos/7/$basearch/
enabled=1
gpgcheck=0
[root@localhost yum.repos.d]# yum clean #清除元数据缓存
[root@localhost yum.repos.d]# yum list #加载元数据列表
[root@localhost yum.repos.d]# yum -y install nginx #yum安装nginx
[root@localhost yum.repos.d]# systemctl start nginx
[root@localhost yum.repos.d]# systemctl enable nginx
[root@localhost yum.repos.d]# firewall-cmd --permanent --add-service=http --zone=public
success
[root@localhost yum.repos.d]# firewall-cmd --reload
success
2、安装mariadb
[root@localhost yum.repos.d]# yum -y install mariadb mariadb-server #安装mariadb,该服务是MySQL的分支,端口和MySQL一样
[root@localhost yum.repos.d]# systemctl enable mariadb.service
[root@localhost yum.repos.d]# systemctl start mariadb.service
[root@localhost yum.repos.d]# mysql_secure_installation #mysql安全配置向导
Enter current password for root (enter for none): #回车
OK, successfully used password, moving on...
Set root password? [Y/n] y #是否设置root密码
New password: #输入密码123123
Re-enter new password: #确认密码123123
Password updated successfully!
Reloading privilege tables..
... Success!
Remove anonymous users? [Y/n] n #是否移除匿名用户
... skipping.
Disallow root login remotely? [Y/n] n #是否禁止root远程登录
... skipping.
Remove test database and access to it? [Y/n] n #是否移除test数据库和访问权限
... skipping.
Reload privilege tables now? [Y/n] y #是否重载权限表
... Success!
Thanks for using MariaDB!
3、安装php
[root@localhost yum.repos.d]# yum -y install epel-release.noarch #安装epel扩展源
[root@localhost yum.repos.d]# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm #创建yum仓库源
获取https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
警告:/var/tmp/rpm-tmp.Jfeeu2: 头V4 RSA/SHA1 Signature, 密钥 ID 62e74ca5: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:webtatic-release-7-3 ################################# [100%]
[root@localhost yum.repos.d]# yum -y install php72w php72w-devel php72w-fpm php72w-gd php72w-mbstring php72w-mysql
=======================================================================================
php72w #安装php
php72w-devel #语言和语言开发包
php72w-fpm #处理动态请求包
php72w-gd #支持图像化处理
php72w-mbstring #可以处理多文本字符串
php72w-mysql #数据库中支持php语言的驱动
=======================================================================================
[root@localhost yum.repos.d]# rpm -qa | grep php72w
php72w-gd-7.2.34-1.w7.x86_64
php72w-fpm-7.2.34-1.w7.x86_64
mod_php72w-7.2.34-1.w7.x86_64
php72w-cli-7.2.34-1.w7.x86_64
php72w-devel-7.2.34-1.w7.x86_64
php72w-mbstring-7.2.34-1.w7.x86_64
php72w-pdo-7.2.34-1.w7.x86_64
php72w-mysql-7.2.34-1.w7.x86_64
php72w-common-7.2.34-1.w7.x86_64
[root@localhost yum.repos.d]# php -v #查看php版本
PHP 7.2.34 (cli) (built: Oct 1 2020 13:37:37) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
[root@localhost yum.repos.d]# vim /etc/php-fpm.d/www.conf #修改php-fpm配置文件
8 user = nginx
10 group = nginx
[root@localhost yum.repos.d]# vim /etc/nginx/conf.d/default.conf #修改nginx主配置文件
8 location / {
9 root /usr/share/nginx/html;
10 index index.php index.html index.htm; #增加首页文件index.php
11 }
30 location ~ \.php$ {
31 root /usr/share/nginx/html;
32 fastcgi_pass 127.0.0.1:9000;
33 fastcgi_index index.php;
34 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; #$document_root 站点变量,表示站点根目录
35 include fastcgi_params;
36 }
[root@localhost yum.repos.d]# vim /etc/php.ini
202 short_open_tag = On #支持php短标签
359 expose_php = Off #隐藏PHP版本号
368 max_execution_time = 300 #修改执行时间为300s
378 max_input_time = 300 #修改接收数据等待时间为300s
389 memory_limit = 128M #每个脚本占用内存
656 post_max_size = 16M #post数据大小
799 upload_max_filesize = 2M #上传文件大小为2M
800 always_populate_raw_post_data = -1 #使原始数据可以直接被处理
877 date.timezone = Asia/Shanghai #修改时区
[root@localhost yum.repos.d]# systemctl start php-fpm.service #开启php服务
[root@localhost yum.repos.d]# systemctl enable php-fpm.service
[root@localhost yum.repos.d]# systemctl restart nginx #重启nginx
[root@localhost yum.repos.d]# vim /usr/share/nginx/html/info.php #在首页根目录下写一个首页文件
<?php
phpinfo();
?>
[root@localhost yum.repos.d]# vim /usr/share/nginx/html/info.php
<?php
$link=mysqli_connect('127.0.0.1','root','123123'); #测试连接数据库
if($link) echo "连接成功";
else echo "连接失败";
?>
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost yum.repos.d]# mysql -u root -p123123
MariaDB [(none)]> create database zabbix character set utf8 collate utf8_bin; #创建一个zabbix库,设置字符集为utf8
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all privileges on *.* to 'zabbix'@'%' identified by 'admin123'; #授权给zabbix用户在所有的终端,所有库的所有表的所有权限,密码为admin123
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> flush privileges; #刷新授权表
Query OK, 0 rows affected (0.00 sec)
[root@localhost yum.repos.d]# vim /usr/share/nginx/html/info.php
<?php
$link=mysqli_connect('127.0.0.1','zabbix','admin123'); #测试能否使用zabbix用户连接数据库
if ($link) echo "zabbix数据库连接成功";
else echo "zabbix数据库连接失败";
?>
连接失败的原因及解决方法
原因是用户冲突,有一个为空的用户
[root@localhost yum.repos.d]# mysql -u root -p123123
MariaDB [(none)]> select user,host from mysql.user;
+--------+-----------------------+
| user | host |
+--------+-----------------------+
| zabbix | % |
| root | 127.0.0.1 |
| root | ::1 |
| | localhost |
| root | localhost |
| | localhost.localdomain |
| root | localhost.localdomain |
+--------+-----------------------+
7 rows in set (0.00 sec)
MariaDB [(none)]> drop user ''@localhost;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> drop user ''@localhost.localdomain;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> select user,host from mysql.user;
+--------+-----------------------+
| user | host |
+--------+-----------------------+
| zabbix | % |
| root | 127.0.0.1 |
| root | ::1 |
| root | localhost |
| root | localhost.localdomain |
+--------+-----------------------+
5 rows in set (0.00 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
4、部署zabbix server
[root@localhost yum.repos.d]# rpm -i https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-release-4.0-1.el7.noarch.rpm #安装zabbix源
警告:/var/tmp/rpm-tmp.nXDDWY: 头V4 RSA/SHA512 Signature, 密钥 ID a14fe591: NOKEY
[root@localhost yum.repos.d]# yum -y install zabbix-server-mysql zabbix-web-mysql zabbix-agent #安装server端和代理端当中的web界面,并且兼容MySQL数据组件
[root@localhost yum.repos.d]# zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -p zabbix #create.sql.gz包含zabbix必要的一些数据表,将该压缩包注入到zabbix数据库中
Enter password: #输入密码
#编辑zabbix服务端配置文件
[root@localhost yum.repos.d]# grep -n '^'[a-Z] /etc/zabbix/zabbix_server.conf
38:LogFile=/var/log/zabbix/zabbix_server.log #定义日志文件位置和名称
49:LogFileSize=0 #定义日志文件大小,0表示不限制大小
72:PidFile=/var/run/zabbix/zabbix_server.pid #进程文件位置
82:SocketDir=/var/run/zabbix #通信sock文件
91:DBHost=localhost #数据库所在服务区,本地
100:DBName=zabbix #数据库名称
116:DBUser=zabbix #数据库用户
124:DBPassword=admin123 #数据库密码
356:SNMPTrapperFile=/var/log/snmptrap/snmptrap.log #snmp协议日志位置
473:Timeout=4 #定义超时时间
516:AlertScriptsPath=/usr/lib/zabbix/alertscripts #警告的脚本存放位置
527:ExternalScripts=/usr/lib/zabbix/externalscripts #扩展性脚本存放位置
563:LogSlowQueries=3000 #定义慢查询时间
========================================================================
[root@localhost yum.repos.d]# vim /usr/share/zabbix/include/defines.inc.php
:%s /graphfont/kaiti/g
define('ZBX_FONT_NAME', 'kaiti');
========================================================================
[root@localhost yum.repos.d]# setenforce 0
[root@localhost yum.repos.d]# cp -r /usr/share/zabbix/ /usr/share/nginx/html/
[root@localhost yum.repos.d]# chown -R zabbix:zabbix /etc/zabbix/ #将zabbix相关目录用户和组进行修改
[root@localhost yum.repos.d]# chown -R zabbix:zabbix /usr/share/nginx/
[root@localhost yum.repos.d]# chown -R zabbix:zabbix /usr/lib/zabbix/
[root@localhost yum.repos.d]# chmod -R 755 /etc/zabbix/web/ #为zabbix web页面目录和php动态会话目录授权
[root@localhost yum.repos.d]# chmod -R 777 /var/lib/php/session/
[root@localhost yum.repos.d]# systemctl start zabbix-server.service
[root@localhost yum.repos.d]# systemctl enable zabbix-server.service
[root@localhost yum.repos.d]# systemctl start zabbix-agent.service
[root@localhost yum.repos.d]# systemctl enable zabbix-agent.service
Created symlink from /etc/systemd/system/multi-user.target.wants/zabbix-agent.service to /usr/lib/systemd/system/zabbix-agent.service.
[root@localhost yum.repos.d]# netstat -anpt | grep 10050
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 45910/zabbix_agentd
tcp6 0 0 :::10050 :::* LISTEN 45910/zabbix_agentd
[root@localhost yum.repos.d]# netstat -anpl | grep 10051
tcp 0 0 0.0.0.0:10051 0.0.0.0:* LISTEN 45598/zabbix_server
tcp6 0 0 :::10051 :::* LISTEN 45598/zabbix_server
[root@localhost yum.repos.d]# systemctl restart php-fpm.service
[root@localhost yum.repos.d]# systemctl restart nginx
[root@localhost yum.repos.d]# cd /etc/zabbix/
[root@localhost zabbix]# ls
web zabbix_agentd.conf zabbix_agentd.d zabbix_server.conf
[root@localhost zabbix]# cd web/
[root@localhost web]# ls
maintenance.inc.php
[root@localhost web]# rz -E
rz waiting to receive.
[root@localhost web]# ls
maintenance.inc.php zabbix.conf.php
[root@localhost web]# chmod +x zabbix.conf.php #赋予可执行权限
[root@localhost web]# systemctl restart zabbix-server.service
被监控端:192.168.238.20
[root@localhost ~]#rpm -i https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-release-4.0-1.el7.noarch.rpm
警告:/var/tmp/rpm-tmp.bbUg0T: 头V4 RSA/SHA512 Signature, 密钥 ID a14fe591: NOKEY
[root@localhost ~]#yum -y install zabbix-agent #安装zabbix代理服务
[root@localhost ~]#vim /etc/zabbix/zabbix_agentd.conf #修改zabbix代理服务配置文件
[root@localhost ~]#grep -n '^'[a-Z] /etc/zabbix/zabbix_agentd.conf
13:PidFile=/var/run/zabbix/zabbix_agentd.pid
32:LogFile=/var/log/zabbix/zabbix_agentd.log
43:LogFileSize=0
98:Server=192.168.238.10
139:ServerActive=192.168.238.10 #指向监控服务器
150:Hostname=Zabbix server #修改名称
268:Include=/etc/zabbix/zabbix_agentd.d/*.conf
[root@localhost ~]#service firewalld stop
Redirecting to /bin/systemctl stop firewalld.service
[root@localhost ~]#setenforce 0
[root@localhost ~]#systemctl enable zabbix-agent.service
Created symlink from /etc/systemd/system/multi-user.target.wants/zabbix-agent.service to /usr/lib/systemd/system/zabbix-agent.service.
[root@localhost ~]#systemctl restart zabbix-agent.service
[root@localhost ~]#netstat -natp | grep zabbix
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 42034/zabbix_agentd
tcp6 0 0 :::10050 :::* LISTEN 42034/zabbix_agentd
5、配置告警自动发布邮件
[root@localhost .ssh]# yum install -y mailx #安装收发邮件工具箱
[root@localhost ~]# vim /etc/mail.rc #编辑配置文件
set from=xxxxxxxx@126.com
set smtp=smtp.126.com
set smtp-auth-user=xxxxxxxx@126.com
set smtp-auth-password=HCOJNIFNxxxxxxxx #这是邮箱的授权码,POP3/SMTP/IMAP获取
set smtp-auth=login
[root@localhost ~]# echo "hello xyw" | mail -s "testmail" xxxxxxxxx@126.com #测试是否能正常发送
[root@localhost ~]# cd /usr/lib/zabbix/alertscripts/ 编写发送邮件的shell脚本你一定要在此目录下
[root@localhost alertscripts]# vim mailx.sh
#!/bin/bash
#send mail
messages=`echo $3 | tr '\r\n' '\n'`
subject=`echo $2 | tr '\r\n' '\n'`
echo "${messages}" | mail -s "${subject}" $1 >> /tmp/mailx.log 2>&1
[root@localhost alertscripts]# touch /tmp/mailx.log #创建日志文件
[root@localhost alertscripts]# chown -R zabbix.zabbix /tmp/mailx.log #赋权
[root@localhost alertscripts]# chmod +x /usr/lib/zabbix/alertscripts/mailx.sh
[root@localhost alertscripts]# chown -R zabbix.zabbix /usr/lib/zabbix/
[root@localhost alertscripts]# ./mailx.sh xxxxxxxx@126.com "Friday" "hey xyw"
[root@localhost alertscripts]# systemctl restart zabbix-server.service
[root@localhost alertscripts]# systemctl restart zabbix-agent.service
6、关闭http服务
systemctl stop httpd.service
systemctl start httpd.service
7、关闭http和agent服务
[root@localhost yum.repos.d]#systemctl stop httpd.service
[root@localhost yum.repos.d]#systemctl stop zabbix-agent.service
