docker部署zabbix监控平台并通知钉钉来报警
docker搭建zabbix系统监控服务器并通知钉钉群报警
一.环境说明
OS:Ubuntu 16.04 x86_64
IP: 172.18.29.120
Docker version :19.03.5
Docker Compose: version 1.24.0
环境变量文件说明
.env_agent zabbix-agent 配置文件
.env_db_mysql zabbix-server连接mysql配置文件
.env_srv zabbix-server配置文件
.env_web zabbix-server web 服务配置文件
zbx_env zabbix-server启动后数据库及配置映射持久化存储目录
simkai.ttf zabbix-web 中文字体文件(解决中文乱码问题)
docker-compose.yml zabbix for docker 容器编排配置文件
二、具体部署过程
1.安装docker、docker-compose
创建工作目录
sudo mkdir -p /server/{tools,backup,scripts}
cd /server/
更换阿里源
sudo cp /etc/apt/sources.list{,.ori}
sudo cat > /etc/apt/sources.list <
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
EOF
sudo apt update
删除旧版本
sudo apt-get remove docker docker-engine docker.io
安装
sudo apt-get install docker-ce docker-compose git lrzsz -y
验证
root@test-master-down:/etc/zabbix# docker --version
Docker version 19.03.5, build 633a0ea838
root@test-master-down:/etc/zabbix# docker-compose --version
docker-compose version 1.24.0, build 0aa59064
2.检查docker-compose配置文件,并启动zabbix-server服务
root@test-master-down:/data/docker/docker-compose/zabbix-docker# vim docker-compose.yaml
# docker-compose.yml文件内容
version: '2'
services:
zabbix-server:
image: zabbix/zabbix-server-mysql:ubuntu-3.4-latest
ports:
- "10051:10051"
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- ./zbx_env/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro
- ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro
- ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro
- ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro
- ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro
- ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro
volumes_from:
- zabbix-snmptraps:ro
links:
- mysql-server:mysql-server
- zabbix-java-gateway:zabbix-java-gateway
ulimits:
nproc: 65535
nofile:
soft: 20000
hard: 40000
mem_limit: 512m
env_file:
- .env_db_mysql
- .env_srv
zabbix-web-nginx-mysql:
image: zabbix/zabbix-web-nginx-mysql:ubuntu-3.4-latest
ports:
- "18081:80"
- "18443:443"
links:
- mysql-server:mysql-server
- zabbix-server:zabbix-server
mem_limit: 512m
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- ./zbx_env/etc/ssl/nginx:/etc/ssl/nginx:ro
- ./simkai.ttf:/usr/share/zabbix/fonts/graphfont.ttf:ro
env_file:
- .env_db_mysql
- .env_web
zabbix-agent:
image: zabbix/zabbix-agent:ubuntu-3.4-latest
ports:
- "10053:10050"
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- ./zbx_env/etc/zabbix/zabbix_agentd.d:/etc/zabbix/zabbix_agentd.d:ro
- ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro
- ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro
- ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro
links:
- zabbix-server:zabbix-server
env_file:
- .env_agent
privileged: true
pid: "host"
zabbix-java-gateway:
image: zabbix/zabbix-java-gateway:ubuntu-3.4-latest
ports:
- "10052:10052"
env_file:
- .env_java
zabbix-snmptraps:
image: zabbix/zabbix-snmptraps:ubuntu-3.4-latest
ports:
- "162:162/udp"
volumes:
- ./zbx_env/var/lib/zabbix/snmptraps:/var/lib/zabbix/snmptraps:rw
mysql-server:
image: mysql:5.7
command: [mysqld, --character-set-server=utf8, --collation-server=utf8_bin]
volumes_from:
- db_data_mysql
volume_driver: local
env_file:
- .env_db_mysql
db_data_mysql:
image: busybox
volumes:
- ./zbx_env/var/lib/mysql:/var/lib/mysql:rw
启动docker-compose
出现以上都是done的情况代表你docker-compose起来了并且没有问题。
再验证起来的容器,检查一下
用上述命令来验证docker起来了这些zabbix服务的容器没有
3.通过web访问zabbix
web访问地址:<172.18.29.120:18081> (Admin/zabbix)这个是登录的用户名密码
4.通过docker内置zabbix-agent服务监控zabbix-server自身
web管理界面点击: 配置=》主机=》zabbix-server, agent代理程序的接口选项:
DNS名称:zabbix-agent,并选择 DNS
勾选: 已启用
点击:更新
这里要注意的一点是agent容器进去后的/etc/hosts文件是要有对应的zabbix-agent的域名解析的。
如图所示
root@test-master-down:/data/docker/docker-compose/zabbix-docker# docker exec -it cd29 /bin/bash
root@cd2991bea46f:/var/lib/zabbix# vi /etc/hosts
上面就是zabbix-agent容器的/etc/hosts文件
还有一个agent的配置文件也相当重要,/etc/zabbix/zabbix_agentd.conf,里面规定了server允许来拿agent的数据,如下图所示:
上面文件中也是用的域名解析,zabbix-server是代表了zabbix-server端的ip,但是有个前提,zabbix-server要可以解析。于是要进入zabbix-server的容器改一下server的/etc/hosts文件。如图所示:
配置完毕后,检查一下域名解析是否成功,就是agent端和server端相互ping看下是否可以ping通,下面是server端ping一下agent端,是可以ping通的。
root@da92ffd03de5:/etc/zabbix# ping zabbix-agent
PING zabbix-agent (192.168.176.7) 56(84) bytes of data.
64 bytes from zabbix-docker_zabbix-agent_1.zabbix-docker_default (192.168.176.7): icmp_seq=1 ttl=64 time=0.110 ms
64 bytes from zabbix-docker_zabbix-agent_1.zabbix-docker_default (192.168.176.7): icmp_seq=2 ttl=64 time=0.036 ms
64 bytes from zabbix-docker_zabbix-agent_1.zabbix-docker_default (192.168.176.7): icmp_seq=3 ttl=64 time=0.030 ms
64 bytes from zabbix-docker_zabbix-agent_1.zabbix-docker_default (192.168.176.7): icmp_seq=4 ttl=64 time=0.088 ms
^C
--- zabbix-agent ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3057ms
rtt min/avg/max/mdev = 0.030/0.066/0.110/0.033 ms
然后就是agent端ping一下server端,也是可以ping通的。
root@cd2991bea46f:/etc/zabbix# ping zabbix-server
PING zabbix-server (192.168.176.3): 56 data bytes
64 bytes from 192.168.176.3: icmp_seq=0 ttl=64 time=0.040 ms
64 bytes from 192.168.176.3: icmp_seq=1 ttl=64 time=0.040 ms
64 bytes from 192.168.176.3: icmp_seq=2 ttl=64 time=0.112 ms
64 bytes from 192.168.176.3: icmp_seq=3 ttl=64 time=0.109 ms
^C--- zabbix-server ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.040/0.075/0.112/0.035 ms
这些验证完毕后就可以进入zabbix的web界面了。
操作步骤与最终的效果图:
可能大家看到除了zabbix-agent:10050,怎么还有个10.10.10.1:10050,这个后面我会给大家讲解这是怎么配出来的。目前可用性这里是绿色的就代表zabbix-agent已经被监控了。
5.宿主机安装zabbix-agent来让server监控
这里需要注意的是,zabbix-agent的版本要和server的版本一致或者差别不大,否则后面会报错,这个大家需要注意一下。那怎么知道zabbix-server的版本呢?
root@da92ffd03de5:/etc/zabbix# /usr/sbin/zabbix_server -V
zabbix_server (Zabbix) 3.4.15
Revision 86739 12 November 2018, compilation time: Nov 12 2018 15:57:42
Copyright (C) 2018 Zabbix SIA
License GPLv2+: GNU GPL version 2 or later <http://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it according to
the license. There is NO WARRANTY, to the extent permitted by law.
This product includes software developed by the OpenSSL Project
for use in the OpenSSL Toolkit (http://www.openssl.org/).
Compiled with OpenSSL 1.1.0g 2 Nov 2017
Running with OpenSSL 1.1.1 11 Sep 2018
可以看到,server的版本是3.4.15,所以我的宿主机上面要安装3.4版本的zabbix-agent是最佳的。
现在就来安装zabbix-agent。步骤如下:
第一步:
sudo wget http://repo.zabbix.com/zabbix/3.4/ubuntu/pool/main/z/zabbix-release/zabbix-release_3.4-1+xenial_all.deb
第二步:
root@test-master-down:/tmp# dpkg -i zabbix-release_3.4-1+xenial_all.deb
(Reading database ... 280243 files and directories currently installed.)
Preparing to unpack zabbix-release_3.4-1+xenial_all.deb ...
Unpacking zabbix-release (3.4-1+xenial) over (3.2-1+xenial) ...
Setting up zabbix-release (3.4-1+xenial) ...
Installing new version of config file /etc/apt/sources.list.d/zabbix.list ...
第三步:
root@test-master-down:/tmp# apt update
这三步操作就是添加zabbix 3.4-1的源
然后就是安装zabbix-agent
root@test-master-down:/tmp# apt-get install zabbix-agent
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libiksemel3 libjs-jquery-ui libjs-prototype
Use 'apt autoremove' to remove them.
The following NEW packages will be installed:
zabbix-agent
0 upgraded, 1 newly installed, 0 to remove and 70 not upgraded.
Need to get 165 kB of archives.
After this operation, 638 kB of additional disk space will be used.
Get:1 http://repo.zabbix.com/zabbix/3.4/ubuntu xenial/main amd64 zabbix-agent amd64 1:3.4.15-1+xenial [165 kB]
Fetched 165 kB in 2min 1s (1,360 B/s)
Selecting previously unselected package zabbix-agent.
(Reading database ... 280243 files and directories currently installed.)
Preparing to unpack .../zabbix-agent_1%3a3.4.15-1+xenial_amd64.deb ...
Unpacking zabbix-agent (1:3.4.15-1+xenial) ...
Processing triggers for man-db (2.7.5-1) ...
Processing triggers for systemd (229-4ubuntu21.27) ...
Processing triggers for ureadahead (0.100.0-19.1) ...
Setting up zabbix-agent (1:3.4.15-1+xenial) ...
Configuration file '/etc/zabbix/zabbix_agentd.conf'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** zabbix_agentd.conf (Y/I/N/O/D/Z) [default=N] ? Y
Installing new version of config file /etc/zabbix/zabbix_agentd.conf ...
然后在启动zabbix-agent服务
root@test-master-down:/etc/zabbix# systemctl start zabbix-agent
root@test-master-down:/etc/zabbix# netstat -anplut|grep 10050
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 24831/zabbix_agentd
tcp6 0 0 :::10050 :::* LISTEN 24831/zabbix_agentd
这就代表zabbix-agent服务已经起来了。
最后就是修改宿主机上的agent的配置文件
root@test-master-down:/etc/zabbix# vim zabbix_agentd.conf
我用红色圈起来的就是zabbix-server的ip,表示允许server过来监控我的数据。
改完配置文件后要记得刷新服务
root@test-master-down:/etc/zabbix# systemctl restart zabbix-agent
这些操作都完成了后,在进入zabbix的web端配置这一台主机。如图:
点击更新之后就会出现上图的效果。
6.写脚本通知钉钉报警
不知道大家有没有注意到我上面的docker-compose.yaml文件的配置
zabbix-server:
image: zabbix/zabbix-server-mysql:ubuntu-3.4-latest
ports:
- "10051:10051"
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- ./zbx_env/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro
- ./zbx_env/usr/lib/zabbix/externalscripts:/usr/lib/zabbix/externalscripts:ro
- ./zbx_env/var/lib/zabbix/modules:/var/lib/zabbix/modules:ro
- ./zbx_env/var/lib/zabbix/enc:/var/lib/zabbix/enc:ro
- ./zbx_env/var/lib/zabbix/ssh_keys:/var/lib/zabbix/ssh_keys:ro
- ./zbx_env/var/lib/zabbix/mibs:/var/lib/zabbix/mibs:ro
volumes_from:
- zabbix-snmptraps:ro
links:
- mysql-server:mysql-server
- zabbix-java-gateway:zabbix-java-gateway
ulimits:
nproc: 65535
nofile:
soft: 20000
hard: 40000
mem_limit: 512m
env_file:
- .env_db_mysql
- .env_srv
在volumes这项中,
有一行./zbx_env/usr/lib/zabbix/alertscripts:/usr/lib/zabbix/alertscripts:ro,这行意思是当前docker-compose.yaml所在的目录下面的zbx_env目录下面的/usr/lib/zabbix/alertscripts和zabbix-server容器的/usr/lib/zabbix/alertscripts是共享数据的,ro代表只读。这个目录是zabbix默认的脚本存放的目录。
root@test-master-down:/data/docker/docker-compose/zabbix-docker/zbx_env/usr/lib/zabbix/alertscripts# cat dingding.sh
#/bin/bash
sendkey=f3113c81e25a08e23dfd1aae0c23e02fff813c66badc1f9f934dd3e0d1c83cf1
curl 'https://oapi.dingtalk.com/robot/send?access_token='$sendkey \
-H 'Content-Type: application/json' \
-d "
{
\"actionCard\": {
\"title\": \"$2\",
\"text\": \"$3\",
\"hideAvatar\": \"0\",
\"btnOrientation\": \"0\",
\"btns\": [
{
\"title\": \" please deal with it\"
}
]
},
\"msgtype\": \"actionCard\"
}"
注意这个脚本要加上可执行权限:chmod +x dingding.sh 就可以了。
新建完这个脚本后,zabbix-server容器的/usr/lib/zabbix/alertscripts目录下也会有这个脚本,sendkey后面的一串值是你的钉钉群机器人的token,这个要依据你的机器人的值是多少。这里还需要注意一个问题,就是zabbix-server容器里的系统是没有curl命令的,所以还要安装curl命令,这就是我的docker-compose.yaml文件用的是ubuntu镜像而不是alpine镜像的理由。安装curl之前还要更新一下源。
我建议是先备份一下/etc/apt/sources.list,然后清空这个文件,再写入新内容。
sudo cp /etc/apt/sources.list /etc/apt/sources.list_bak
sudo >/etc/apt/sources.list
sudo cat > /etc/apt/sources.list <
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
EOF
sudo apt update
更新完源之后,再执行apt-get install curl 这个命令,安装完后就可以了。
7.zabbix的web界面加入钉钉报警的动作,以便执行脚本通知钉钉。
接下来就是一大波的具体操作图:
先是点击管理的报警媒介类型,按下图输入这些参数,然后点击更新。
然后点击管理里的用户按钮,有个创建用户,点击后就是下图所示的内容,按照图创建一个用户即可。
点击报警媒介,加入刚刚建立的报警媒介类型钉钉报警,如上图一样就可以了。
再点击权限,如下图一样设置就可以了。
用户创建完成后,就是创建动作了。点击配置里有个动作选项,按下图配置。
再点击操作选项,我红圈圈起来的配置都是很重要的,要和下图的配置一样。点击更新按钮就可以了。
然后验证一下报警媒介类型是否添加成功。有下图红线处的内容就代表成功了。
再验证动作是否创建成功。点击动作选项,有钉钉报警的名称,操作是发送给用户,状态是已启用就代表动作创建完成了。
以上的操作都完成了后,触发器一旦触发,就会触发动作,就会执行dingding.sh这个脚本通知钉钉,内容就是我的动作里的操作定义的格式内容。下图就是服务器的一个触发器触发了,钉钉报警动作也完成了。
这个是钉钉群的报警内容:
现在,整个zabbix的搭建和钉钉报警也就完成了。
三、总结
这是我第一次用docker搭建zabbix平台并通知钉钉,整个流程步骤还是很多的,也踩了蛮多坑,因为可能监控的服务器配置环境不一样,所以我也没有一一列举我的坑,重要的一些地方我是提出来了,希望大家看了这篇文章也可以学到东西吧。如有错误,请多多指正!