Zabbix是什么
Zabbix 是一款企业级的分布式开源监控方案。能够监控服务器,网络设备,应用程序等对象。所有的报告、统计信息和配置参数都可以通过Web前端页面访问。
Zabbix功能
https://www.zabbix.com/documentation/3.4/zh/manual/introduction/features
• 数据采集
• 灵活的阈值定义
• 高度可配置化告警
• 实时图表展示
• Web监控
• 丰富的可视化配置
• 历史数据存储
• 网络发现
• Web界面
• Zabbix API
• 权限管理系统
• 易于扩展的Agent
• Web
Zabbix监控范畴
• 硬件 :Zabbix IPMI Interface
• 系统:Zabbix Agent Interface
• Java :Zabbix JMX Interface
• 网络设备:Zabbix SNMP Interface
• 应用服务:Zabbix Agent UserParameter
• URL:Zabbix Web监控
要监控什么
Zabbix常用术语
https://www.zabbix.com/documentation/3.4/zh/manual/definitions
• 主机 (host)
• 主机组 (host group)
• 监控项 (item)
• 触发器 (trigger)
• 事件 (event)
• 异常 (problem)
• 动作 (action)
• 升级 (escalation)
• 媒介 (media)
• 通知 (notification)
• 远程命令 (remote command)
• 模版 (template)
• 应用 (application)
• web 场景 (web scenario)
• 前端 (frontend)
• Zabbix API
Zabbix组件
https://www.zabbix.com/documentation/3.4/zh/manual/concepts
Zabbix常用术语
https://www.zabbix.com/documentation/3.4/zh/manual/definitions
• 主机 (host)
• 主机组 (host group)
• 监控项 (item)
• 触发器 (trigger)
• 事件 (event)
• 异常 (problem)
• 动作 (action)
• 升级 (escalation)
• 媒介 (media)
• 通知 (notification)
• 远程命令 (remote command)
• 模版 (template)
• 应用 (application)
• web 场景 (web scenario)
• 前端 (frontend)
• Zabbix API
Zabbix部署
# yum -y install yum-utils
# rpm -ivh https://dev.mysql.com/get/mysql80-community-release-el7-1.noarch.rpm # # # # yum-config-manager --disable mysql80-community
yum-config-manager --enable mysql57-community
# yum install mysql-community-server mysql-community-devel
systemctl start mysqld
systemctl status mysqld
systemctl enable mysqld
重新设置root账号密码:
# grep 'temporary password' /var/log/mysqld.log
# mysql -uroot -p
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'Zabbix@2022';
修改配置文件:
# vi /etc/my.cnf
[mysql]
socket = /tmp/mysql.sock
[mysqld]
user = mysql
port = 3306
datadir = /var/lib/mysql
socket = /tmp/mysql.sock
bind-address = 0.0.0.0
pid-file = /var/run/mysqld/mysqld.pid
character-set-server = utf8
collation-server = utf8_general_ci
log-error = /var/log/mysqld.log
max_connections = 10240
open_files_limit = 65535
innodb_buffer_pool_size = 3G
innodb_flush_log_at_trx_commit = 2
innodb_log_file_size = 256M
# systemctl restart mysqld
源码编译安装:
# wget http://nginx.org/download/nginx-1.15.3.tar.gz
# yum install gcc pcre-devel openssl-devel –y
# useradd -M -s /sbin/nologin nginx
# tar zxvf nginx-1.15.3.tar.gz
# cd nginx-1.15.3
# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module
# make && make install
修改配置文件,修改pid位置:
# vi /usr/local/nginx/conf/nginx.conf
pid /var/run/nginx.pid;
配置systemd管理服务:
# vi /usr/lib/systemd/system/nginx.service
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/var/run/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
启动并加入开机启动:
systemctl daemon-reload
systemctl start nginx
systemctl enable nginx
# yum install epel-release –y
安装依赖包:
# yum install -y gcc gcc-c++ make gd-devel libxml2-devel \
libcurl-devel libjpeg-devel libpng-devel openssl-devel \
libxslt-devel
源码编译安装PHP:
# wget http://docs.php.net/distributions/php-5.6.36.tar.gz
# tar zxf php-5.6.36.tar.gz
# cd php-5.6.36
# ./configure --prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--enable-fpm --enable-opcache \
--with-mysql --with-mysqli \
--enable-session --with-zlib --with-curl --with-gd \
--with-jpeg-dir --with-png-dir --with-freetype-dir \
--enable-mbstring --enable-xmlwriter --enable-xmlreader \
--enable-xml --enable-sockets --enable-bcmath --with-gettext
# make -j 8 && make install
拷贝配置文件:
cp php.ini-production /usr/local/php/etc/php.ini
cp sapi/fpm/php-fpm.conf /usr/local/php/etc/php-fpm.conf
cp sapi/fpm/php-fpm.service /usr/lib/systemd/system/
配置systemd管理服务:
# vi /usr/lib/systemd/system/php-fpm.service
[Unit]
Description=The PHP FastCGI Process Manager
After=syslog.target network.target
[Service]
Type=simple
PIDFile=/usr/local/php/var/run/php-fpm.pid
ExecStart=/usr/local/php/sbin/php-fpm --nodaemonize --fpm-config /usr/local/php/etc/php-fpm.conf
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
启动并加入开机启动:
systemctl daemon-reload
systemctl start php-fpm
systemctl enable php-fpm
导入表结构:
mysql> create database zabbix;
mysql> grant all on zabbix.* to zabbix@'%' identified by 'Zabbix@2022';
tar zxvf zabbix-4.0.0.tar.gz
cd zabbix-4.0.0/database/mysql
mysql -uzabbix -p'Zabbix@2022' zabbix < schema.sql
mysql -uzabbix -p'Zabbix@2022' zabbix < images.sql
mysql -uzabbix -p'Zabbix@2022' zabbix < data.sql
# yum install libxml2-devel libcurl-devel libevent-devel net-snmp-devel mysql-community-devel -y
源码编译安装zabbix:
# tar -zxf zabbix-4.0.0.tar.gz
# groupadd zabbix
# useradd -g zabbix zabbix -s /sbin/nologin
# cd zabbix-4.0.0
# ./configure --prefix=/usr/local/zabbix --enable-server --enable-agent --enable-java --with-mysql --enable-ipv6 --with-net-snmp --with-libcurl --with-libxml2
# make install
修改配置文件:
# vi /usr/local/zabbix/etc/zabbix_server.conf
DBHost=localhost
DBName=zabbix
DBUser=zabbix
DBPassword=Zabbix@2022
DBSocket=/tmp/mysql.sock
配置systemd管理服务:
# vi /usr/lib/systemd/system/zabbix_server.service
[Unit]
Description=Zabbix Server
After=syslog.target
After=network.target
[Service]
Environment="CONFFILE=/usr/local/zabbix/etc/zabbix_server.conf"
EnvironmentFile=-/etc/sysconfig/zabbix-server
Type=forking
Restart=on-failure
PIDFile=/tmp/zabbix_server.pid
KillMode=control-group
ExecStart=/usr/local/zabbix/sbin/zabbix_server -c $CONFFILE
ExecStop=/bin/kill -SIGTERM $MAINPID
RestartSec=10s
TimeoutSec=0
[Install]
WantedBy=multi-user.target
导入表结构:
# cd zabbix-4.0.0/database/mysql
# mysql -uroot –pZabbix@2019
mysql> create database zabbix;
mysql> use mysql;
mysql> source schema.sql;
mysql> source images.sql;
mysql> source data.sql;
启动并加入开机启动:
# systemctl daemon-reload
# systemctl start zabbix-server
# systemctl enable zabbix-server
启动Agent,也监控本机:
# /usr/local/zabbix/sbin/zabbix_agentd
# rpm -ivh http://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-agent-4.0.0-2.el7.x86_64.rpm
添加配置文件:
# vi /etc/zabbix/zabbix_agentd.conf
PidFile=/var/run/zabbix/zabbix_agentd.pid
LogFile=/var/log/zabbix/zabbix_agentd.log
DebugLevel=3
Server=<Zabbix服务器IP>
ListenPort=10050
ListenIP=<当前服务器IP>
ServerActive=<Zabbix服务器IP>
Hostname=<当前服务器IP>
HostMetadata=Linux
启动并加入开机启动:
# systemctl start zabbix-agent
# systemctl enable zabbix-agent
/usr/local/zabbix/bin/zabbix_get -s 192.168.80.2 -p 10050 -k "system.uptime"
774564
返回数字说明连通正常。否则可能是被监控机防火墙阻断,无法连通,可以尝试在被监控机添加放行规则:
iptables -I INPUT -s 192.168.80.1 -p tcp --dport 10050 -j ACCEPT
模板
导入模板
监控项
https://www.zabbix.com/documentation/3.4/zh/manual/config/items/itemtypes
• 监控项格式
• 监控项类型
• Zabbix agent
• SNMP agent
• Simple check
• 用户参数(user parameter) )
UserParameter=<key>,<command>
UserParameter=key[*],command
触发器
https://www.zabbix.com/documentation/3.4/zh/manual/config/triggers/expression
表达式格式:
{<server>:<key>.<function>(<parameter>)}<operator><constant>
示例1:来自www.zabbix.com主机的最后一次负载值大于5时进入PROBLEM状态
{www.zabbix.com:system.cpu.load[all,avg1].last()}>5
示例2:在5分钟内CPU iowait平均负载大于20时进入PROBLEM状态
{www.zabbix.com:system.cpu.util[,iowait].avg(5m)}>20
示例3:当负载大于5或者最近10分钟内负载大于2时进入PROBLEM状态
{www.zabbix.com:system.cpu.load[all,avg1].last()}>5 or {www.zabbix.com:system.cpu.load[all,avg1].min(10m)}>2
示例4:当文件/etc/passwd检查的checksum值与最近的值不同时进入PROBLEM状态
{www.zabbix.com:vfs.file.cksum[/etc/passwd].diff()}=1
示例5:当网卡“eth0”在5分钟内接收的字节大于100KB时进入PROBLEM状态
{www.zabbix.com:net.if.in[eth0,bytes].min(5m)}>100K
示例6:在30分钟内超过5次不可达时进入PROBLEM状态
{zabbix.zabbix.com:icmpping.count(30m,0)}>5
示例7:在5分钟内未收到数据进入PROBLEM状态
{zabbix.zabbix.com:agent.ping.nodata(5m)}=1
告警
动作(Action)
根据支持的事件源定义操作:
触发事件 - 当trigger的状态从OK 转到 PROBLEM 或者转回时
发现事件 - 发生网络发现时
自动注册事件 - 当新的活动代理自动注册
内部事件 - 当项目不受支持或触发器进入未知状态
告警主机:{HOSTNAME1}
告警时间:{EVENT.DATE} {EVENT.TIME}
告警等级:{TRIGGER.SEVERITY}
告警信息:{TRIGGER.NAME}
告警项目:{TRIGGER.KEY1}
问题详情:{ITEM.NAME}:{ITEM.VALUE}
当前状态:{TRIGGER.STATUS}:{ITEM.VALUE1}
事件ID:{EVENT.ID
设置报警媒介
更改触发器,触发条件
测试邮件已经发送
自定义脚本告警
# yum install mailx
# vi /etc/mail.rc #添加邮件信息
set from=xxxxxx@163.com smtp=smtp.163.com
set smtp-auth-user=baojingtongzhi@163.com smtp-auth-password=xxxxx #授权码
set smtp-auth=login
# echo "this is test mail." |mail -s "test mail" xxx@163.com
告警脚本:
# cat /usr/local/zabbix/share/zabbix/alertscripts/sendmail.sh
#!/bin/bash
to=$1
subject=$2
body=$3
FILE=/tmp/mail.tmp
echo "$body" > $FILE
dos2unix -k $FILE # 解决正文变成附件.bin
mail -s "$subject" "$to" < $FILE
chown zabbix.zabbix /usr/local/zabbix/share/zabbix/alertscripts/sendmail.sh
cat dingding.py
#!/usr/bin/python
# -*- coding: utf-8 -*-
import requests
import json
import sys
import os
headers = {'Content-Type': 'application/json;charset=utf-8'}
api_url = "https://oapi.dingtalk.com/roboXXXXXXXXXXXXXXXXX" #钉钉机器人Webhook地址
def msg(text):
json_text= {
"msgtype": "text",
"text": {
"content": text
},
"at": {
"atMobiles": [
"186..."
],
"isAtAll": False
}
}
print requests.post(api_url,json.dumps(json_text),headers=headers).content
if __name__ == '__main__':
text = sys.argv[1]
msg(text)