用途 | ip | 账户 |
---|---|---|
zabbix服务端 | 192.168.1.1 | 账户:Admin 密码:zabbix |
zabbix-mysql数据库 | 192.168.1.2 | 数据库:zabbix,用户:zabbix 密码:123456 |
docker镜像文件默认存储路径:/var/lib/docker
为避免系统磁盘空间不足影响docker服务正常运行,需要调整docker默认存储路径。
/data
:用于存储数据文件;/app
:用于存储应用文件;综上,对应zabbix服务安装,建议:
1、目录/data/docker
用于存储docker文件;
1、目录/data/zabbix
用于存储zabbix相关配置文件;
[root@s01 ~]# fdisk -l
Disk /dev/vda: 64.4 GB, 64424509440 bytes, 125829120 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x0001598a
Device Boot Start End Blocks Id System
/dev/vda1 2048 8390655 4194304 82 Linux swap / Solaris
/dev/vda2 * 8390656 125829086 58719215+ 83 Linux
Disk /dev/vdb: 107.4 GB, 107374182400 bytes, 209715200 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
[root@s01 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
vda 253:0 0 60G 0 disk
├─vda1 253:1 0 4G 0 part [SWAP]
└─vda2 253:2 0 56G 0 part /
vdb 253:16 0 100G 0 disk
[root@s01 ~]# fdisk /dev/vdb
Welcome to fdisk (util-linux 2.23.2).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table
Building a new DOS disklabel with disk identifier 0x4dee972c.
Command (m for help): n
Partition type:
p primary (0 primary, 0 extended, 4 free)
e extended
Select (default p):
Using default response p
Partition number (1-4, default 1):
First sector (2048-209715199, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-209715199, default 209715199):
Using default value 209715199
Partition 1 of type Linux and of size 100 GiB is set
Command (m for help): p
Disk /dev/vdb: 107.4 GB, 107374182400 bytes, 209715200 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x4dee972c
Device Boot Start End Blocks Id System
/dev/vdb1 2048 209715199 104856576 83 Linux
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
[root@s01 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
vda 253:0 0 60G 0 disk
├─vda1 253:1 0 4G 0 part [SWAP]
└─vda2 253:2 0 56G 0 part /
vdb 253:16 0 100G 0 disk
└─vdb1 253:17 0 100G 0 part
[root@s01 ~]# pvcreate /dev/vdb1
Physical volume "/dev/vdb1" successfully created.
[root@s01 ~]# pvs
PV VG Fmt Attr PSize PFree
/dev/vdb1 lvm2 --- <100.00g <100.00g
[root@s01 ~]# vgcreate vg0 /dev/vdb1
Volume group "vg0" successfully created
[root@s01 ~]# vgs
VG #PV #LV #SN Attr VSize VFree
vg0 1 0 0 wz--n- <100.00g <100.00g
[root@s01 ~]# lvcreate -l 100%VG -n lv_1 vg0
Logical volume "lv_1" created.
[root@s01 ~]# lvs
LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert
lv_1 vg0 -wi-a----- <100.00g
[root@s01 ~]# mkfs.xfs /dev/vg0/lv_1
meta-data=/dev/vg0/lv_1 isize=512 agcount=4, agsize=6553344 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=0, sparse=0
data = bsize=4096 blocks=26213376, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=12799, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
[root@s01 ~]# mkdir /data
[root@s01 ~]# mount /dev/vg0/lv_1 /data
[root@s01 ~]# df -Th
Filesystem Type Size Used Avail Use% Mounted on
devtmpfs devtmpfs 7.8G 0 7.8G 0% /dev
tmpfs tmpfs 7.8G 0 7.8G 0% /dev/shm
tmpfs tmpfs 7.8G 8.7M 7.8G 1% /run
tmpfs tmpfs 7.8G 0 7.8G 0% /sys/fs/cgroup
/dev/vda2 ext3 55G 2.7G 50G 6% /
/dev/mapper/vg0-lv_1 xfs 100G 33M 100G 1% /data
tmpfs tmpfs 1.6G 0 1.6G 0% /run/user/0
# vi /etc/fstab
# 新增内容:
/dev/vg0/lv_1 /data xfs defaults 1 2
# 查看操作系统版本
$ cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
# 安装docker
$ yum install -y docker
# 查看docker版本
$ docker -v
Docker version 1.13.1, build 7d71120/1.13.1
docker默认存储路径:/var/lib/docker
新存储路径:/data/docker
$ docker -v
Docker version 1.13.1, build 7d71120/1.13.1
# 停止docker
$ systemctl stop docker
# 设置docker新存储路径
$ mv /var/lib/docker /data/docker
# 修改docker路径
$ vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"],
"graph": "/data/docker"
}
# 启动docker
$ systemctl start docker
# 查看docker进程信息
$ docker info
# 1.bridge模式
docker默认网络模式。此模式将容器连接到一个docker0虚拟网桥,通过docker0网桥以及Iptables nat表配置与宿主机通信。开启的容器会自动分配和IP在一个网段的ip地址,并且开启的容器的ip以IP为基础递增关闭容器之后,ip会自动释放。bridge模式只有宿主机才能与运行在其上面的容器进行通信。
# 2.host模式
容器将不会虚拟出自己的网卡,配置自己的IP等,而是直接与宿主机的共享P和端口。
如果启动容器的时候使用host模式,那么这个容器将不会获得一个独立的Network Namespace,而是和宿主机共用一个Network Namespace。容器将不会虚拟出自己的网卡,配置自己的IP等,而是使用宿主机的IP和端口。但是,容器的其他方面,如文件系统、进程列表等还是和宿主机隔离的。
使用host模式的容器可以直接使用宿主机的IP地址与外界通信,容器内部的服务端口也可以使用宿主机的端口,不需要进行NAT,host最大的优势就是网络性能比较好,但是docker host上已经使用的端口就不能再用了,网络的隔离性不好,网络的安全性变差。
# 3.none模式
该模式关闭了容器的网络功能。
使用none模式,Docker容器拥有自己的Network Namespace,但是,并不为Docker容器进行任何网络配置。也就是说,这个Docker容器没有网卡、IP、路由等信息。需要我们自己为Docker容器添加网卡、配置IP等。
这种网络模式下容器只有lo回环网络,没有其他网卡。none模式可以在容器创建时通过–network=none来指定。这种类型的网络没有办法联网,封闭的网络能很好的保证容器的安全性。
# 创建专用于 Zabbix 组件容器的网络
$ docker network create --subnet 172.20.0.0/16 --ip-range 172.20.240.0/20 zabbix-net
# 查看的docker network
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
14c25119dd06 bridge bridge local
4e2782140647 host host local
b25888b8c26a none null local
cfc3bf2124af zabbix-net bridge local
# 查看新增的网络
$ ip a
5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:31:ce:6a:ce brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
6: br-cfc3bf2124af: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:cd:35:b7:4c brd ff:ff:ff:ff:ff:ff
inet 172.20.240.0/16 scope global br-cfc3bf2124af
valid_lft forever preferred_lft forever
如果生产环境已有mysql实例,仅需创建数据库。
$ mysql -uroot -p -h 192.168.1.2
password root_pwd
mysql> create database zabbix character set utf8 collate utf8_bin;
mysql> create user [email protected] identified by '123456';
mysql> grant all privileges on zabbix.* to [email protected];
mysql> quit;
建议使用平台提供mysql实例。
$ docker pull mysql
# -----------------------------------------------
# 创建mysql服务器实例
# 注意:此命令用于创建mysql容器实例后提取配置文件,如果已有配置文件,可直接进入下一步:
$ docker run --name mysql-server -t \
-e MYSQL_DATABASE="zabbix" \
-e MYSQL_USER="zabbix" \
-e MYSQL_PASSWORD="123456" \
-e MYSQL_ROOT_PASSWORD="root_pwd" \
-e TZ=Asia/Shanghai \
--network=zabbix-net \
--ip=172.20.240.1 \
-p 3306:3306 \
-d mysql:latest \
--character-set-server=utf8 --collation-server=utf8_bin \
--default-authentication-plugin=mysql_native_password
# -----------------------------------------------
# 创建mysql配置与数据存储路径
$ mkdir -p /app/mysql/conf
$ mkdir -p /app/mysql/data
# 拷贝已有mysql配置文件到宿主机目录
$ docker cp mysql-server:/etc/mysql/ /app/mysql/conf/
# 使用新路径创建mysql-server
$ docker run --name mysql-server -t \
-e MYSQL_DATABASE="zabbix" \
-e MYSQL_USER="zabbix" \
-e MYSQL_PASSWORD="123456" \
-e MYSQL_ROOT_PASSWORD="root_pwd" \
-e TZ=Asia/Shanghai \
-v /app/mysql/conf:/etc/mysql \
-v /app/mysql/data:/var/lib/mysql \
--network=zabbix-net \
--ip=172.20.240.1 \
-p 3306:3306 \
-d mysql:latest \
--character-set-server=utf8 --collation-server=utf8_bin \
--default-authentication-plugin=mysql_native_password
# 关于mysql容器重启策略
问题描述:
如果创建mysql容器时指定--restart参数,则无法启动容器
--restart unless-stopped \
解决办法:
需要创建后,手工更新容器重启策略:
$ docker update --restart=unless-stopped mysql-server
# 查看启动日志
$ docker logs mysql-server
2022-04-15 05:43:59+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.0.28-1debian10 started.
2022-04-15 05:43:59+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
2022-04-15 05:43:59+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.0.28-1debian10 started.
2022-04-15T05:44:00.942337Z 0 [System] [MY-010116] [Server] /usr/sbin/mysqld (mysqld 8.0.28) starting as process 1
# 查看进程
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
28c91f44958a mysql:latest "docker-entrypoint..." 22 hours ago Up 5 minutes 0.0.0.0:3306->3306/tcp, 33060/tcp mysql-server
# 连接mysql
$ docker exec -it mysql-server /bin/bash
root@28c91f44958a:/# whereis mysql
mysql: /usr/bin/mysql /usr/lib/mysql /etc/mysql
root@28c91f44958a:/# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 8.0.28 MySQL Community Server - GPL
Copyright (c) 2000, 2022, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.01 sec)
firewall-cmd --zone=public --add-port=3306/tcp --permanent
firewall-cmd --reload
firewall-cmd --zone=public --list-ports
Zabbix Java gateway 的守护进程是用 Java 编写。为了在特定主机上找到 JMX 计数器的值,Zabbix server 向 Zabbix Java gateway 发送请求,后者使用 JMX 管理 API 来远程查询相关的应用。该应用不需要安装额外的软件。只需要在启动时,命令行添加-Dcom.sun.management.jmxremote
选项即可。
# 运行zabbix-java-gateway
$ docker run --name zabbix-java-gateway -t \
-e TZ=Asia/Shanghai \
--network=zabbix-net \
--ip=172.20.240.2 \
--restart unless-stopped \
-d zabbix/zabbix-java-gateway:latest
# 查看进程
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
85a594ad32d9 zabbix/zabbix-java-gateway:latest "docker-entrypoint..." 9 seconds ago Up 9 seconds 10052/tcp zabbix-java-gateway
# 查看日志
$ docker logs zabbix-java-gateway
** Preparing Zabbix Java Gateway
** Preparing Zabbix Java Gateway log configuration file
Updating /etc/zabbix/zabbix_java_gateway_logback.xml 'DebugLevel' parameter: 'info'... updated
2022-04-15 06:43:36.232 [main] INFO com.zabbix.gateway.JavaGateway - Zabbix Java Gateway 6.0.3 (revision 506e2b5) has started
2022-04-15 06:43:36.247 [main] INFO com.zabbix.gateway.JavaGateway - listening on 0.0.0.0/0.0.0.0:10052
# ------------------------------------------------
# 安装zabbix-server(latest版本基于Alphine Linux)
$ docker run --name zabbix-server-mysql -t \
-e DB_SERVER_HOST="192.168.1.2" \
-e MYSQL_DATABASE="zabbix" \
-e MYSQL_USER="zabbix" \
-e MYSQL_PASSWORD="123456" \
-e MYSQL_ROOT_PASSWORD="root_pwd" \
-e ZBX_JAVAGATEWAY="zabbix-java-gateway" \
-e TZ=Asia/Shanghai \
--network=zabbix-net \
--ip=172.20.240.3 \
-p 10051:10051 \
--restart unless-stopped \
-d zabbix/zabbix-server-mysql:latest
# 不需要的参数
# --link mysql-server:mysql \
# --link zabbix-java-gateway \
# ------------------------------------------------
# 使用外部存储目录
# 创建zabbix-server配置目录
$ mkdir -p /data/zabbix/conf
$ mkdir -p /data/zabbix/alertscripts
# 拷贝zabbix配置文件
$ docker cp zabbix-server-mysql:/etc/zabbix/zabbix_server.conf /data/zabbix/conf
$ ll /data/zabbix/conf
total 28
-rw-rw-r-- 1 root root 24804 May 30 15:14 zabbix_server.conf
# 移除容器
$ docker stop zabbix-server-mysql
$ docker rm zabbix-server-mysql
# 重新创建容器
$ docker run --name zabbix-server-mysql -t \
-e DB_SERVER_HOST="192.168.1.2" \
-e MYSQL_DATABASE="zabbix" \
-e MYSQL_USER="zabbix" \
-e MYSQL_PASSWORD="123456" \
-e MYSQL_ROOT_PASSWORD="root_pwd" \
-e ZBX_JAVAGATEWAY="zabbix-java-gateway" \
-e TZ=Asia/Shanghai \
-v /data/zabbix/conf/zabbix_server.conf:/etc/zabbix/zabbix_server.conf \
-v /data/zabbix/alertscripts:/usr/lib/zabbix/alertscripts \
--network=zabbix-net \
--ip=172.20.240.3 \
-p 10051:10051 \
--restart unless-stopped \
-d zabbix/zabbix-server-mysql:latest
# 查看日志,此版本是:5.4.9
$ docker logs zabbix-server-mysql
Starting Zabbix Server. Zabbix 5.4.9 (revision d81e506).
# 将企业微信发送脚本:pyweixin.py,存储到目录:alertscripts
$ cd /data/zabbix/alertscripts
$ vim pyweixin.py
$ chmod +x pyweixin.py
# 修改python3地址
# 微信脚本默认的python3地址为与实际不符:
#!/usr/local/python3/bin/python3.5
# 需要修改为以下地址:
#!/usr/bin/python3
发送企业微信需要python环境支持。
# 使用root用户进入容器安装python
$ docker exec --privileged -u root -it zabbix-server-mysql /bin/bash
$ cat /etc/issue
Welcome to Alpine Linux 3.14
Kernel \r on an \m (\l)
# 修改Alpine镜像源
$ sed -i s/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g /etc/apk/repositories
# 安装python
$ apk add --update --no-cache curl jq py3-configobj py3-pip py3-setuptools python3 python3-dev
# 验证python3版本
$ python3 -V
Python 3.9.5
# 开启防火墙
$ systemctl enable firewalld
$ systemctl start firewalld
# 添加防火墙端口
firewall-cmd --zone=public --add-port=10051/tcp --permanent
firewall-cmd --reload
firewall-cmd --zone=public --list-ports
# 创建容器
$ docker run --name zabbix-web-nginx-mysql -t \
-e ZBX_SERVER_HOST="zabbix-server-mysql" \
-e DB_SERVER_HOST="192.168.1.2" \
-e MYSQL_DATABASE="zabbix" \
-e MYSQL_USER="zabbix" \
-e MYSQL_PASSWORD="123456" \
-e MYSQL_ROOT_PASSWORD="root_pwd" \
-e PHP_TZ=Asia/Shanghai \
-e TZ=Asia/Shanghai \
--network=zabbix-net \
--ip=172.20.240.4 \
-p 80:8080 \
--restart unless-stopped \
-d zabbix/zabbix-web-nginx-mysql:latest
# 取消以下参数
# --link mysql-server:mysql \
# --link zabbix-server-mysql:zabbix-server \
# 查看日志
$ docker logs zabbix-web-nginx-mysql
** Deploying Zabbix web-interface (Nginx) with MySQL database
** Using MYSQL_USER variable from ENV
** Using MYSQL_PASSWORD variable from ENV
********************
* DB_SERVER_HOST: mysql-server
* DB_SERVER_PORT: 3306
* DB_SERVER_DBNAME: zabbix
********************
** Adding Zabbix virtual host (HTTP)
**** Impossible to enable SSL support for Nginx. Certificates are missed.
** Preparing Zabbix frontend configuration file
# 进程列表
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a707c1ff30c9 zabbix/zabbix-web-nginx-mysql:latest "docker-entrypoint.sh" 6 minutes ago Up 6 minutes 8443/tcp, 0.0.0.0:80->8080/tcp zabbix-web-nginx-mysql
27f3c4948691 zabbix/zabbix-server-mysql:latest "/sbin/tini -- /us..." 24 hours ago Up About an hour 0.0.0.0:10051->10051/tcp zabbix-server-mysql
fa0a386f2459 zabbix/zabbix-java-gateway:latest "docker-entrypoint..." 25 hours ago Up About an hour 10052/tcp zabbix-java-gateway
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload
firewall-cmd --zone=public --list-ports
# 经过上述配置后,Zabbix 前端已准备就绪! 默认用户名是Admin,密码zabbix。
http://192.168.1.1
# 访问zabbix-web服务时,发现监控首页提示错误:
Zabbix agent is not available (for 3m)
需要安装zabbix-agent,并配置zabbix-agent的ip,详见下面小结:
由于zabbix-agent用于监控服务器状态,建议直接安装在服务器上,不要使用docker安装。
产品手册
$ rpm -Uvh https://repo.zabbix.com/zabbix/5.4/rhel/7/x86_64/zabbix-release-5.4-1.el7.noarch.rpm
$ yum clean all
$ yum install -y zabbix-agent
# 配置agent,设置服务端地址
$ vim /etc/zabbix/zabbix_agentd.conf
# 如果在zabbix-server上安装agent,需要配置zabbix-server的docker地址:
Server=172.20.240.3
ServerActive=172.20.240.3
# 如果在被监控服务器上安装agent,需要配置zabbix-server的宿主机地址:
Server=192.168.1.1
ServerActive=192.168.1.1
# 注释掉Hostname配置,让agent自动解析
# Hostname=****
# 如果操作系统不允许创建zabbix用户,需要使用root运行agent,修改配置:
AllowRoot=1
设置开机zabbix-agent开机启动
$ systemctl enable zabbix-agent
$ systemctl restart zabbix-agent
$ systemctl status zabbix-agent
启动agent服务时,提示以下错误:
# 问题描述:
Failed at step USER spawning /usr/sbin/zabbix_agentd: No such process
zabbix-agent.service: control process exited, code=exited status=217
Failed to start Zabbix Agent.
Unit zabbix-agent.service entered failed state.
# 问题分析
此问题主要是因为操作系统限制不允许创建用户导致的,需要使用root账户启动服务。
# 解决办法
修改启动用户:
vim /usr/lib/systemd/system/zabbix-agent.service
修改默认用户zabbix为root,
修改前:
User=zabbix
Group=zabbix
修改后:
User=root
Group=root
# 然后重载服务配置,并启动服务
systemctl daemon-reload
systemctl start zabbix-agent.service
firewall-cmd --zone=public --add-port=10050/tcp --permanent
firewall-cmd --reload
firewall-cmd --zone=public --list-ports