zabbix-3.0TLS部署
1.1 环境
os版本:centos6.8
版本:zabbix-3.0.15
PHP 5.6.34
Nginx-1.8.1
1.2安装Nginx
tar -zxf nginx-1.8.1.tar.gz && cd nginx-1.8.1 && ./configure --prefix=/usr/local/nginx-1.8.1 --user=www --group=www --with-http_stub_status_module --with-http_ssl_module && make && make install && ln -s /usr/local/nginx-1.8.1/ /usr/local/nginx && chown -R www:www /usr/local/nginx/ |
1.3安装php
php tar -zxf php-5.6.34.tar.gz && cd php-5.6.34 && ./configure --prefix=/usr/local/php5.6.34 --with-mysql=mysqlnd --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-iconv-dir=/usr/local/libiconv --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --enable-mbregex --enable-fpm --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-sockets --with-xmlrpc --enable-zip --enable-soap --enable-short-tags --enable-static --with-xsl --with-fpm-user=www --with-fpm-group=www --enable-ftp && make && make install && ln -s /usr/local/php5.6.34/ /usr/local/php |
1.4安装zabbix
yum install net-snmp-devel mysql-devel 编译安装 tar -zxf zabbix-3.0.15.tar.gz make && make install ./configure --prefix=/usr/local/zabbix-3.0.15/ --enable-server --enable-agent --with-mysql --with-net-snmp --with-libcurl --with-libxml2 make && make install ln -s /usr/local/zabbix-3.0.15/ /usr/local/zabbix-server |
1.5创建数据库
create database zabbix default character set utf8;
导入sql
mysql -uzabbix -pcentos -h 192.168.100.3 zabbix < /opt/zabbix-3.0.15/database/mysql/schema.sql #代理只要导入此sql mysql -uzabbix -pcentos -h 192.168.100.3 zabbix < /opt/zabbix-3.0.15/database/mysql/images.sql mysql -uzabbix -pcentos -h 192.168.100.3 zabbix < /opt/zabbix-3.0.15/database/mysql/data.sql |
1.6修改各类配置文件参数
修改配置文件zabbix_server.conf中关于数据库的参数
LogFile=/var/log/zabbix_server.log LogFile=/usr/local/zabbix-server/log/zabbix_server.log DBHost=192.168.100.3 DBName=zabbix DBUser=zabbix DBPassword=centos Timeout=4 LogSlowQueries=3000 |
配置nginx虚拟主机
mkdir /usr/local/zabbix-server/data mkdir /usr/local/zabbix-server/data cp -rp frontends/php/* /usr/local/zabbix-server/data/ chown -R www:www /usr/local/zabbix-server/data/ |
nginx主配置文件nginx.conf worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; sendfile on; keepalive_timeout 65; include extra_conf/*; } 虚拟主机配置文件 cat extra_conf/zabbix.conf server { listen 80; server_name monitor.ttlsa.com; access_log /var/log/zabbix.access.log main; index index.html index.php index.html; root /usr/local/zabbix-server/data/; location / { try_files $uri $uri/ /index.php?$args; } location ~ ^(.+.php)(.*)$ { fastcgi_split_path_info ^(.+.php)(.*)$; include fastcgi.conf; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param PATH_INFO $fastcg } } |
修改php参数,这是zabbix对php的硬性参数
373 max_execution_time = 300 383 max_input_time = 300 661 post_max_size = 16M 808 date.timezone = "Asia/Shanghai" |
1.7web界面配置
1.8错误案例集
※php参数修改未生效
修改/usr/local/php/etc/php.ini参数,重启php没有生效
php.ini存放位置错误
根据phpinfo查到configure配置文件目录
※动态安装php模块 gettext ldap
web安装时报错
解决办法
cd /opt/php-5.6.34 cd ext/gettext/ /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php5.6.34/bin/php-config make -j 6 && make install ls /usr/local/php5.6.34/lib/php/extensions/no-debug-non-zts-20131226/ |
yum install –y openldap openldap-devel ls /usr/lib64/libldap* cp -rp /usr/lib64/libldap* /usr/lib /usr/local/php/bin/phpize ./configure --with-php-config=/usr/local/php5.6.34/bin/php-config make -j 6 && make install ls /usr/local/php5.6.34/lib/php/extensions/no-debug-non-zts-20131226/ |
在配置文件php.ini添加如下
extension=gettext.so extension=ldap.so |
※数据库验证错误
现象
The frontend does not match Zabbix database. Current database version (mandatory/optional): 2050061/2050061. Required mandatory version: 3000000. Contact your system administrator. |
解决方案
删除原有用户及库名,重新创建数据库及用户名,重新导入数据
二、zabbix实战
2.1 zabbix监控nginx性能
首先开启nginx stub_status模块,server虚拟主机标签中 location标签中添加
location status{ stub_status on; access_log off; allow 192.168.100.0/24; deny all; } |
编写数据采集脚本
实现方法主要是通过访问nginx status来获取相关数据。
cat scripts/nginx_status.sh #!/bin/bash #author: hudaohong # nginx_status check host=192.168.100.250 function ping { /sbin/pidof nginx | wc -l } # check status function active { curl "http://$host/status" 2>/dev/null | grep "Active" | awk '{print $NF}' } function reading { curl "http://$host/status" 2>/dev/null | grep "Reading" | awk '{print $2}' } function writing { curl "http://$host/status" 2>/dev/null | grep "Writing" | awk '{print $4}' } function waiting { curl "http://$host/status" 2>/dev/null | grep "Waiting" | awk '{print $6}' } function accepts { curl "http://$host/status" 2>/dev/null | awk NR==3'{print $1}' } function handled { curl "http://$host/status" 2>/dev/null | awk NR==3'{print $2}' } function requests { curl "http://$host/status" 2>/dev/null | awk NR==3'{print $3}' } $1 |
修改zabbix agent端配置文件conf/zabbix_agentd.conf
Include=/usr/local/zabbix_agent/conf/zabbix_agentd/*.conf |
增加配置文件userparameter_nginx.conf
cat conf/zabbix_agentd/userparameter_nginx.conf # nginx status check #在zabbix_agent端定义key UserParameter=nginx.status[*],/usr/local/zabbix_agent/scripts/nginx_status.sh $1 |
重启agentd程序使配置生效
在web上导入配置好的模版
nginx_status
让主机关联模版
三、zabbix自定义钉钉机器人报警
3.1注册钉钉,为群会话添加机器人
通过pc版注册钉钉
创建钉钉群会话
群设置-机器人
结果图如下
3.2 zabbix添加-自定义的报警媒介
配置 AlertScriptsPath
grep --color AlertScriptsPath /usr/local/zabbix-server/etc/zabbix_server.conf ### Option: AlertScriptsPath AlertScriptsPath=/usr/local/zabbix-server/share/zabbix/alertscripts |
zabbix web添加自定义的报警媒介
※ 管理-创建媒体类型
※ 编写消息发送脚本
#!/usr/bin/python # -*- coding:utf-8 -*- #author: hudahong #mail: [email protected] #descriptions: ding Talk robot send messaged! #python version:2.7 # import json import urllib2 import sys def ding_robot_send_msg(msg): robot_api_url = 'https://oapi.dingtalk.com/robot/send?access_token=3e539964d3cd2445628758dfa4eb4863e382948dd91f7b32d188c2032bba5b' headers_info = { "Content-Type": "application/json ;charset=utf-8 " } String_textMsg = { "msgtype": "text", "text": {"content": msg} } String_textMsg = json.dumps(String_textMsg) req = urllib2.Request(robot_api_url, data=String_textMsg, headers=headers_info) urllib2.urlopen(req) if __name__ == "__main__": msg=sys.argv[1] ding_robot_send_msg(msg) |
此脚本需要优化:增加异常处理;增加日志功能
修改版本:
cat dingTalkRobot.py #!/usr/bin/python # -*- coding:utf-8 -*- #author: hudahong #mail: [email protected] #descriptions: ding Talk robot send messaged! #python version:2.7 # import json import urllib2 import sys import logging def ding_robot_send_msg(msg): # 定义日志模块 logging.basicConfig(filename="/usr/local/zabbix-server/log/dingrobot.log", format='%(asctime)s - %(name)s - %(levelname)s - %(module)s - %(message)s', datefmt='%Y-%m-%d %H:%M:%S', level=10, filemode='a', ) robot_api_url = 'https://oapi.dingtalk.com/robot/send?access_token=3e539964d3cd2445628758dfa4eb4863e382948dd91f7b32d188c2032bba5b' headers_info = { "Content-Type": "application/json ;charset=utf-8 " } String_textMsg = { "msgtype": "text", "text": {"content": msg} } String_textMsg = json.dumps(String_textMsg) try: req = urllib2.Request(robot_api_url, data=String_textMsg, headers=headers_info) logging.info(urllib2.urlopen(req).read().decode()) except (urllib2.URLError) as E: print("Error:",E) logging.error(E) if __name__ == "__main__": msg=sys.argv[1] ding_robot_send_msg(msg) |
※ 给zabbix用户指定媒介
管理-用户-Amin-报警媒介-添加
3.3 配置zabbix报警之action
※ 创建action
创建动作有四个事件来源,它们分别是触发器 自动发现 自动注册 事件源
配置-动作-创建创建动作
默认信息
{ 服务器:{HOST.NAME}发生故障: {TRIGGER.NAME}! 告警主机:{HOST.NAME} 告警地址:{HOST.IP} 监控项目:{ITEM.NAME} 监控取值:{ITEM.LASTVALUE} 告警等级:{TRIGGER.SEVERITY} 当前状态:{TRIGGER.STATUS} 告警信息:{TRIGGER.NAME} 告警时间:{EVENT.DATE} {EVENT.TIME} 事件ID:{EVENT.ID} } |
恢复信息
{ 服务器:{HOST.NAME}: {TRIGGER.NAME}故障已恢复! 告警主机:{HOST.NAME} 告警地址:{HOST.IP} 监控项目:{ITEM.NAME} 监控取值:{ITEM.LASTVALUE} 告警等级:{TRIGGER.SEVERITY} 当前状态:{TRIGGER.STATUS} 告警信息:{TRIGGER.NAME} 告警时间:{EVENT.DATE} {EVENT.TIME} 恢复时间:{EVENT.RECOVERY.DATE} {EVENT.RECOVERY.TIME} 持续时间:{EVENT.AGE} 事件ID:{EVENT.ID} } |
配置条件
在配置条件时选择主机来指定给特定主机发送报警消息
配置动作
模拟故障
将server3.example.com的nginx服务关闭
结果信息如下