zabbix服务器端由2.2.2升级到3.2.11后,一开始agent端没有升级,因为兼容低版本的客户端。
如果需要新版本客户端的配置,需要升级一下。升级步骤如下:
准备安装包
有俩个方式:如果可以访问公网,则可以使用yum源安装。如果是内网,则下载安装包。
- yum安装
1.下载zabbix官方yum源
]# rpm -Uvh http://repo.zabbix.com/zabbix/3.2/rhel/6/x86_64/zabbix-release-3.2-1.el6.noarch.rpm
2.查看zabbix安装包
]# yum list installed | grep zabbix
zabbix.x86_64 2.2.2-1.el6 @/zabbix-2.2.2-1.el6.x86_64
zabbix-agent.x86_64 2.2.2-1.el6 @/zabbix-agent-2.2.2-1.el6.x86_64
zabbix-release.noarch 3.2-1.el6 installed
zabbix-sender.x86_64 2.2.2-1.el6 @/zabbix-sender-2.2.2-1.el6.x86_64
3.查看zabbix-agent运行情况
]# service zabbix-agent status
4.停止运行zabbix
]# service zabbix-agent stop
5.升级zabbix-agent、zabbix-sender
]# yum update zabbix-agent
]# yum update zabbix-sender
6.再次查看zabbix版本及启动zabbix客户端
]# yum list installed | grep zabbix
zabbix-agent.x86_64 3.2.11-1.el6 @zabbix
zabbix-release.noarch 3.2-1.el6 installed
zabbix-sender.x86_64 3.2.11-1.el6 @zabbix
]# service zabbix-agent start
- rpm安装
1.下载zabbix客户端组件并上传服务器
~]# ls
zabbix-agent-3.2.11-1.el6.x86_64.rpm zabbix-sender-3.2.11-1.el6.x86_64.rpm
2.查看zabbix安装包
]# rpm -qa | grep zabbix
zabbix-release-2.2-1.el6.noarch
zabbix-agent-2.2.2-1.el6.x86_64
zabbix-sender-2.2.2-1.el6.x86_64
3.查看zabbix-agent运行情况
]# service zabbix-agent status
4.停止运行zabbix
]# service zabbix-agent stop
5.升级zabbix-agent、zabbix-sender
~]# rpm -Uvh zabbix-agent-3.2.11-1.el6.x86_64.rpm
~]# rpm -Uvh zabbix-sender-3.2.11-1.el6.x86_64.rpm
6.再次查看zabbix版本及启动zabbix客户端
~]# rpm -qa | grep zabbix
zabbix-release-3.2-1.el6.noarch
zabbix-agent-3.2.11-1.el6.x86_64
zabbix-sender-3.2.11-1.el6.x86_64
]# service zabbix-agent start
修改配置文件
zabbix-agent安装后会在zabbix配置文件夹下生成一个新的配置文件 zabbix_agentd.conf.rpmnew
~]# ls /etc/zabbix/
zabbix_agentd.conf zabbix_agentd.conf.rpmnew
对比新旧配置文件,将zabbix_agentd.conf.rpmnew文件中下面三个配置修改了就行。
Server=
ServerActive=
Hostname=
修改配置文件后重启生效
对比一下之前的配置文件,新的配置文件多了以下几个选项:
| 选项 | 默认参数 |
|---|---|
| ### Option: LogType | file |
| ### Option: DebugLevel | 由4个调整到5个 |
| ### Option: User | zabbix |
新增一块大区域,关于TLS连接的
####### TLS-RELATED PARAMETERS #######
### Option: TLSConnect
# How the agent should connect to server or proxy. Used for active checks.
# Only one value can be specified:
# unencrypted - connect without encryption
# psk - connect using TLS and a pre-shared key
# cert - connect using TLS and a certificate
#
# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
# Default:
# TLSConnect=unencrypted
### Option: TLSAccept
# What incoming connections to accept.
# Multiple values can be specified, separated by comma:
# unencrypted - accept connections without encryption
# psk - accept connections secured with TLS and a pre-shared key
# cert - accept connections secured with TLS and a certificate
#
# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
# Default:
# TLSAccept=unencrypted
### Option: TLSCAFile
# Full pathname of a file containing the top-level CA(s) certificates for
# peer certificate verification.
#
# Mandatory: no
# Default:
# TLSCAFile=
### Option: TLSCRLFile
# Full pathname of a file containing revoked certificates.
#
# Mandatory: no
# Default:
# TLSCRLFile=
### Option: TLSServerCertIssuer
# Allowed server certificate issuer.
#
# Mandatory: no
# Default:
# TLSServerCertIssuer=
### Option: TLSServerCertSubject
# Allowed server certificate subject.
#
# Mandatory: no
# Default:
# TLSServerCertSubject=
### Option: TLSCertFile
# Full pathname of a file containing the agent certificate or certificate chain.
#
# Mandatory: no
# Default:
# TLSCertFile=
### Option: TLSKeyFile
# Full pathname of a file containing the agent private key.
#
# Mandatory: no
# Default:
# TLSKeyFile=
### Option: TLSPSKIdentity
# Unique, case sensitive string used to identify the pre-shared key.
#
# Mandatory: no
# Default:
# TLSPSKIdentity=
### Option: TLSPSKFile
# Full pathname of a file containing the pre-shared key.
#
# Mandatory: no
# Default:
# TLSPSKFile=