部署Zabbix集中監控系統

Zabbix概述

Zabbix是一個基於Web界面的分佈式系統監控與網絡設備監控系統，它
可以監控各類網絡參數，並提供靈活的通知機制，以使管理員能快速定位故障並解決
由zabbix server 端與zabbix agent組成,可經過SNMP、zabbix、agent 、ping、端口監視等方法實現對遠程主機與網絡設備的監控。

zabbix特色

• 支持自動發現網絡設備和服務器
• 支持分佈式監控
• 可設置報警閾值
• 能夠經過多種方式進行數據收集
• 可定製報警方式
• 實時的繪圖功能
• 經過Web監控系統與設置

zabbix官網: https://www.zabbix.com

系統環境

主機	IP	服務
監控端	192.168.26.161	lamp、zabbix-server
被監控端	192.168.26.163	zabbix-agent

實驗步驟

關閉全部主機的防火牆和安全性策略

systemctl stop firewalld.service
setenforce 0

1、Server端安裝配置LAMP環境，以知足zabbix的代碼部署要求

1.安裝lamp相關軟件包

yum install -y \
httpd \
mariadb-server mariadb \
php \
php-mysql \
php-gd \
libjpeg* \
php-ldap \
php-odbc \
php-pear \
php-xml \
php-xmlrpc \
php-mhash

2.編輯修改httpd、php配置文件

vi /etc/httpd/conf/httpd.conf
ServerName www.benet.com
DirectoryIndex index.html index.php

vi /etc/php.ini
date.timezone = PRC    //設置中國時區

3.啓動http服務與mariadb服務

systemctl start httpd.service
systemctl start mariadb.service

netstat -ntap | egrep '(80|3306)'  //查看端口

4.MySQL初始化安裝

mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): // 回車鍵
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:    //設置新密碼
Re-enter new password:      //確認密碼
Password updated successfully!
Reloading privilege tables..
 ... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] n     //是否移除anonymous用戶
 ... skipping.

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] n       //是否容許root用戶遠程登陸
 ... skipping.

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] n    //是否移除test數據庫
 ... skipping.

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y    //從新加載數據表
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

5.登陸mysql,建立zabbix數據庫及建立zabbix用戶並設置密碼

mysql -u root -p

CREATE DATABASE zabbix character set utf8 collate utf8_bin;
GRANT all privileges ON *.* TO 'zabbix'@'%' IDENTIFIED BY 'admin123';
flush privileges;

6.建立mysql數據庫的測試網頁文件

vi /var/www/html/index.php

<?php
phpinfo();
$link=mysql_connect('192.168.26.161','zabbix','admin123');
if($link) echo "<h1>Success!!</h1>";
else echo "Fail!!";
mysql_close();
?>

7.客戶端訪問index.php網頁

顯示success則訪問mysql正常，fail則訪問失敗，檢查index.php中鏈接地址、用戶名、密碼是否正確，若仍是有問題請檢查mysql.user表用戶名稱是否有空用戶名稱佔用而致使的錯誤，如下爲解決方法

> select user,host from mysql.user; //用戶名稱爲空佔用致使本地沒法登陸遠程可登陸

+--------+-----------+
| user   | host      |
+--------+-----------+
| zabbix | %         |
| root   | 127.0.0.1 |
| root   | ::1       |
|        | localhost |
| root   | localhost |
|        | zabbix    |
| root   | zabbix    |
+--------+-----------+

> drop user ''@localhost;

> drop user ''@zabbix;

> flush privileges;

2、部署zabbix Server

1.下載zabbix官方yum源文件

rpm -i https://repo.zabbix.com/zabbix/2.2/rhel/7/x86_64/zabbix-release-2.2-1.el7.noarch.rpm

2.安裝zabbix服務端及被控端軟件包

yum install zabbix-server-mysql zabbix-web-mysql zabbix-agent -y

3.導入zabbix數據庫

zcat /usr/share/doc/zabbix-server-mysql-4.0.0/create.sql.gz | mysql -uzabbix -p  zabbix

4.編輯zabbix_service.conf配置,結果以下

egrep -n '^'[a-Z] /etc/zabbix/zabbix_server.conf

38:LogFile=/var/log/zabbix/zabbix_server.log
49:LogFileSize=0
72:PidFile=/var/run/zabbix/zabbix_server.pid
82:SocketDir=/var/run/zabbix
101:DBName=zabbix
117:DBUser=zabbix
125:DBPassword=admin123 //修改本行爲建立zabbix數據庫的密碼
347:SNMPTrapperFile=/var/log/snmptrap/snmptrap.log
465:Timeout=4
507:AlertScriptsPath=/usr/lib/zabbix/alertscripts
517:ExternalScripts=/usr/lib/zabbix/externalscripts
553:LogSlowQueries=3000

5.編輯zabbix配置文件，指定時區

vim /etc/httpd/conf.d/zabbix.conf

   php_value date.timezone Asia/Shanghai

6.修正zabbix-web圖表中文亂碼

vim /usr/share/zabbix/include/defines.inc.php

#替換全文中全部graphfot爲kaiti
:%s/graphfont/kaiti/g

7.複製字體文件至zabbix/fonts/目錄下

cp kaiti.ttf /usr/share/zabbix/fonts/

8.啓動zabbix-server服務

systemctl enable zabbix-server
systemctl start zabbix-server

9.檢查是否已監聽10051端口

netstat -anpt | grep zabbix

10.重啓httpd服務

systemctl restart httpd.service

3、部署Zabbix-agent

1.下載zabbix官方yum源文件

rpm -i https://repo.zabbix.com/zabbix/2.2/rhel/7/x86_64/zabbix-release-2.2-1.el7.noarch.rpm

2.安裝zabbix被控端軟件包

yum install -y zabbix-agent

3.編輯zabbix_agentd.conf配置，結果以下

egrep -n '^'[a-Z] /etc/zabbix/zabbix_agentd.conf

13:PidFile=/var/run/zabbix/zabbix_agentd.pid
23:LogFile=/var/log/zabbix/zabbix_agentd.log
34:LogFileSize=0
85:Server=192.168.96.70
126:ServerActive=192.168.96.70
137:Hostname=zabbix
246:Include=/etc/zabbix/zabbix_agentd.d/

4.啓動zabbix-agent服務

systemctl enable zabbix-agent.service
systemctl start zabbix-agent.service

5.檢查是否已監聽10050端口

netstat -anpt | grep zabbix

4、在web界面安裝zabbix

打開瀏覽器輸入：
http://192.168.26.161/zabbix/
安裝後登陸 用戶名Admin 密碼：zabbix
點擊用戶：設置中文環境方便管理

添加被控主機

配置>主機>建立主機
主機頁面根據需求配置
選中主機>點擊批量更新（能夠添加監控項）> 模板 （添加2個模板測試下）

5、配置郵件報警功能

1.首先在zabbix-server上配置

yum install mailx  -y

vi /etc/mail.rc 

----文件末尾新增---
set from=qq郵箱
set smtp=smtp.qq.com
set smtp-auth-user=qq郵箱
set smtp-auth-password=郵箱受權碼
set smtp-auth=login

echo "hello world" | mail -s "testmail" qq郵箱 //測試發信正常

cd /usr/lib/zabbix/alertscripts

vi mailx.sh //e編寫發郵件腳本
#!/bin/bash
#send mail

messages=`echo $3 | tr '\r\n' '\n'`
subject=`echo $2 | tr '\r\n' '\n'`
echo "${messages}" | mail -s "${subject}" $1 >>/tmp/mailx.log 2>&1

------
touch /tmp/mailx.log 
chown -R zabbix.zabbix  /tmp/mailx.log 
chmod +x /usr/lib/zabbix/alertscripts/mailx.sh
chown -R zabbix.zabbix /usr/lib/zabbix/

./mailx.sh  qq郵箱 "主題" "內容"   //測試發郵件腳本是否能夠正常工做

2.而後在服務器WEB上配置

打開管理==》報警媒體類型==》建立媒體類型

名稱：Mail-Test
類型：腳本
腳本名稱：mailx.sh
腳本參數：//新增如下三個參數
{ALERT.SENDTO}
{ALERT.SUBJECT}
{ALERT.MESSAGE}

管理==》用戶==》點擊Admin=》報警媒介
類型：Mail-Test //調用上面的腳本br/>收件人：qq郵箱
其它默認-保存

配置-》動做-》建立動做-》刪除默認標籤，修改觸發條件
名稱：Mailx
條件 A 主機羣組=Linux servers

操做-》以下配置
默認操做步驟持續時間 60
默認接收人 ： {TRIGGER.STATUS}:{TRIGGER.NAME}
默認信息：
告警主機：{HOST.NAME}
告警 IP：{HOST.IP}
告警時間：{EVENT.DATE}-{EVENT.TIME}
告警等級：{TRIGGER.SEVERITY}
告警信息：{TRIGGER.NAME}:{ITEM.VALUE}
事件 ID：{EVENT.ID}

操做細節：-》
操做類型：發送消息
發送到用戶：Admin (Zabbix Administrator)
僅送到：Mail-Test //必定要配置不然郵件發送不成功

恢復操做：{TRIGGER.STATUS}:{TRIGGER.NAME}
恢復信息：
恢復主機：{HOST.NAME}
恢復 IP：{HOST.IP}
恢復時間：{EVENT.DATE}-{EVENT.TIME}
恢復等級：{TRIGGER.SEVERITY}
恢復信息：{TRIGGER.NAME}:{ITEM.VALUE}
恢復 ID：{EVENT.ID}

操做細節：-》
操做類型：發送消息
發送到用戶：Admin (Zabbix Administrator)
僅送到：Mail-Test //必定要配置不然郵件發送不成功

6、測試郵箱報警功能

添加一個監控項（ssh service）
systemctl stop sshd //在被監控主機上關閉ssh服務

從新啓動ssh服務