基于CentOS 7下最小化安装的操作系统搭建Zabbix3.0环境
Posted 静念
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了基于CentOS 7下最小化安装的操作系统搭建Zabbix3.0环境相关的知识,希望对你有一定的参考价值。
环境说明
系统版本:CentOS Linux release 7.3.1611 (Core)
内核版本:3.10.0-514.el7.x86_64
Httpd版本:Apache/2.4.6 (CentOS)
MariaDB版本:5.5.52-MariaDB
php版本:PHP 5.4.16
环境准备
[[email protected] ~]# setenforce 0
[[email protected] ~]# sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
[[email protected] ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
[[email protected] ~]# yum install epel-release.noarch wget vim gcc gcc-c++ lsof chrony tree nmap unzip rsync -y
[[email protected] ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
基于LAMP环境的Zabbix3.0
LAMP环境安装
[[email protected] ~]# yum install httpd mariadb mariadb-server mariadb-client php php-mysql
安装Zabbix服务
[[email protected] ~]# rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
[[email protected] ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
[[email protected] ~]# yum install zabbix-server-mysql zabbix-web-mysql zabbix-get zabbix-agent
创建数据库
[[email protected] ~]# mysql -uroot -p
MariaDB [(none)]> CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
MariaDB [(none)]> GRANT ALL ON zabbix.* TO ‘zabbix‘@‘%‘ IDENTIFIED BY ‘zabbix‘;
MariaDB [(none)]> quit
导入数据
[[email protected] ~]# cd /usr/share/doc/zabbix-server-mysql-3.0.3/
[[email protected] zabbix-server-mysql-3.0.3]# zcat create.sql.gz | mysql -uroot -p zabbix
[[email protected] zabbix-server-mysql-3.0.3]# cd
修改配置
[[email protected] ~]# vim /etc/zabbix/zabbix_server.conf
DBHost=localhost
DBName=zabbix
DBUser=zabbix
DBPassword=zabbix
上述配置文件中,我们只需要关注DBHost、DBName、DBUser、DBPassword几项即可。这几项是配置zabbix server连接mysql数据库的参数。
[[email protected] ~]# vim /etc/httpd/conf.d/zabbix.conf
php_value date.timezone Asia/Chongqing
其中php_value date.timezone Asia/Chongqing主要是定义php的时区
启动
[[email protected] ~]# systemctl start httpd
[[email protected] ~]# systemctl start zabbix-server
[[email protected] ~]# systemctl start zabbix-agent
通过 http://ip/zabbix 访问
默认用户名/密码:Admin/zabbix,注意用户名也区分大小写
# 配置中重写了访问路径
[[email protected] ~]# vim /etc/httpd/conf.d/zabbix.conf
Alias /zabbix /usr/share/zabbix
基于LNMP环境的Zbbix3.0
LNMP环境安装
[[email protected] ~]# yum install nginx mariadb mariadb-server mariadb-client php php-mysql php-fpm -y
/run/php-fpm/php-fpm.pid
安装Zabbix服务
[[email protected] ~]# rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
[[email protected] ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
[[email protected] ~]# yum install zabbix-server-mysql zabbix-web-mysql zabbix-get zabbix-agent
修改文件属主和属组
zabbix的rpm包里默认编译apache为文件拥有者,把httpd服务替换为nginx服务,相应文件的拥有者需要进行对应的更改。
[[email protected] ~]# ll /etc/zabbix/
total 28
drwxr-x---. 2 apache apache 32 Apr 20 09:41 web
-rw-r--r--. 1 root root 10341 Apr 20 2016 zabbix_agentd.conf
drwxr-xr-x. 2 root root 37 Apr 20 09:41 zabbix_agentd.d
-rw-r-----. 1 root zabbix 14876 Apr 20 2016 zabbix_server.conf
[[email protected] ~]# chown nginx:nginx /etc/zabbix/web/
[[email protected] ~]# ll -d /var/log/php-fpm
drwxrwx---. 2 apache root 6 Jun 23 2015 /var/log/php-fpm
[[email protected] ~]# chown nginx /var/log/php-fpm
[[email protected] ~]# ll -d /var/log/php-fpm
drwxrwx---. 2 apache root 22 Apr 20 09:53 /var/log/php-fpm
[[email protected] ~]# ll -d /var/lib/php/session
drwxrwx---. 2 root apache 44 Apr 20 10:22 /var/lib/php/session
[[email protected] ~]# chown root:nginx /var/lib/php/session/
[[email protected] ~]# ll -d /var/lib/php/session
drwxrwx---. 2 root nginx 44 Apr 20 10:28 /var/lib/php/session
[[email protected] ~]# cp -r /usr/share/zabbix /var/www
[[email protected] ~]# chown nginx:nginx -R /var/www/zabbix
修改php配置
[[email protected] ~]# sed -i ‘s/^user = .*/user = nginx/‘ /etc/php-fpm.d/www.conf
[[email protected] ~]# sed -i ‘s/^group = .*/group = nginx/‘ /etc/php-fpm.d/www.conf
[[email protected] ~]# sed -i ‘s/^;date.timezone =/date.timezone = Asia\/Shanghai/‘ /etc/php.ini
[[email protected] ~]# sed -i ‘s/^post_max_size =.*/post_max_size = 16M/‘ /etc/php.ini
[[email protected] ~]# sed -i ‘s/^max_execution_time =.*/max_execution_time = 300/‘ /etc/php.ini
[[email protected] ~]# sed -i ‘s/^max_input_time =.*/max_input_time = 300/‘ /etc/php.ini
创建数据库
[[email protected] ~]# mysql -uroot -p
MariaDB [(none)]> CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
MariaDB [(none)]> GRANT ALL ON zabbix.* TO ‘zabbix‘@‘%‘ IDENTIFIED BY ‘zabbix‘;
MariaDB [(none)]> quit
导入数据
[[email protected] zabbix-server-mysql-3.0.3]# cd /usr/share/doc/zabbix-server-mysql-3.0.3/
[[email protected] zabbix-server-mysql-3.0.3]# zcat create.sql.gz | mysql -uroot -p zabbix
[[email protected] zabbix-server-mysql-3.0.3]# cd
配置nginx虚拟主机
[[email protected] ~]# cat /etc/nginx/conf.d/zabbix.conf
server {
root /var/www;
index index.php index.html;
access_log /var/log/nginx/access_zabbix.log;
error_log /var/log/nginx/error_zabbix.log;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
}
}
YUM安装的nginx服务,主配置文件里有server项配置,需要进行注销
[[email protected] ~]# cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
[[email protected] ~]# sed -i ‘35,54s/^/#/‘ /etc/nginx/nginx.conf
[[email protected] ~]# vim /etc/nginx/nginx.conf
[[email protected] ~]# cat /etc/nginx/nginx.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main ‘$remote_addr - $remote_user [$time_local] "$request" ‘
‘$status $body_bytes_sent "$http_referer" ‘
‘"$http_user_agent" "$http_x_forwarded_for"‘;
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
# server {
# listen 80 default_server;
# listen [::]:80 default_server;
# server_name _;
# root /usr/share/nginx/html;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
}
启动服务
[[email protected] ~]# systemctl start mariadb
[[email protected] ~]# systemctl start php-fpm
[[email protected] ~]# systemctl start nginx
[[email protected] ~]# systemctl start zabbix-server
Zabbix Agent
Zabbix Agent安装
[[email protected] ~]# rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
[[email protected] ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[[email protected] ~]# yum install zabbix-agent
配置修改
[[email protected] ~]# vim /etc/zabbix/zabbix_agentd.conf
Server=192.168.60.103
ServerActive=192.168.60.103
Hostname=client01
启用Zabbix Agent
[[email protected] ~]# systemctl start zabbix-agent
Zabbix-Get的使用
Zabbix-Get是Zabbix中的一个应用程序,用于Zabbix-Server到Zabbix-Agent的数据获取,通常可以用来测试Agent的配置是否正确。
使用帮助
usage:
zabbix_get -s host-name-or-IP [-p port-number] [-I IP-address] -k item-key
zabbix_get -s host-name-or-IP [-p port-number] [-I IP-address]
--tls-connect cert --tls-ca-file CA-file
[--tls-crl-file CRL-file] [--tls-agent-cert-issuer cert-issuer]
[--tls-agent-cert-subject cert-subject]
--tls-cert-file cert-file --tls-key-file key-file -k item-key
zabbix_get -s host-name-or-IP [-p port-number] [-I IP-address]
--tls-connect psk --tls-psk-identity PSK-identity
--tls-psk-file PSK-file -k item-key
zabbix_get -h
zabbix_get -V
测试 Agent 配置
[[email protected] zabbix-server-mysql-3.0.3]# zabbix_get -s 192.168.60.104 -k system.uname
Linux client01 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64
zabbix用户忘记密码
进入数据库直接更改密码
[[email protected] ~]# mysql -uroot -p
MariaDB [(none)]> use zabbix
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
MariaDB [zabbix]> select userid, alias, name, passwd from users;
+--------+-------+--------+----------------------------------+
| userid | alias | name | passwd |
+--------+-------+--------+----------------------------------+
| 1 | Admin | Zabbix | *DEEF4D7D88CD046ECA02A80393B7780 |
| 2 | guest | | d41d8cd98f00b204e9800998ecf8427e |
+--------+-------+--------+----------------------------------+
2 rows in set (0.00 sec)
MariaDB [zabbix]> update users set passwd=md5(‘zabbix‘) where userid=‘1‘;
Query OK, 1 row affected, 1 warning (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 1
Grafana 2.6
[[email protected] ~]# yum install https://grafanarel.s3.amazonaws.com/builds/grafana-2.6.0-1.x86_64.rpm
[[email protected] ~]# systemctl start grafana-server
[[email protected] ~]# yum install https://grafanarel.s3.amazonaws.com/builds/grafana-2.6.0-1.x86_64.rpm
[[email protected] ~]# cp -r grafana-zabbix-2.5.1/zabbix/ /usr/share/grafana/public/app/plugins/datasource/
[[email protected] ~]# systemctl restart grafana-server
[[email protected] ~]# mkdir /var/lib/grafana/plugins
[[email protected] ~]# cd /var/lib/grafana/plugins
[[email protected] plugins]# git clone https://github.com/alexanderzobnin/grafana-zabbix-app
[[email protected] plugins]# cd grafana-zabbix-app/
[[email protected] grafana-zabbix-app]# git pull
[[email protected] grafana-zabbix-app]# systemctl restart grafana-server
CentOS 7下最小化安装系统之快速部署Zabbix3.0测试环境
基于LAMP环境的Zabbix3.0测试环境
# 初始环境调整
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
yum install epel-release.noarch wget vim gcc gcc-c++ lsof chrony tree nmap unzip rsync -y
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
# LAMP环境部署
yum install httpd mariadb mariadb-server mariadb-client php php-mysql -y
systemctl start mariadb
# MariaDB数据库安全调整
mysql -e "DELETE FROM mysql.user WHERE User=‘‘"
mysql -e "DELETE FROM mysql.user WHERE User=‘root‘ AND Host NOT IN (‘localhost‘, ‘127.0.0.1‘, ‘::1‘)"
mysql -e "DROP DATABASE test;"
mysql -e "DELETE FROM mysql.db WHERE Db=‘test‘ OR Db=‘test\\_%‘"
mysql -e "FLUSH PRIVILEGES"
# 创建Zabbix服务端的数据库和使用的账号
mysql -e "CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;"
mysql -e "GRANT ALL ON zabbix.* TO ‘zabbix‘@‘%‘ IDENTIFIED BY ‘zabbix‘;"
# Zabbix应用部署
rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
yum install zabbix-server-mysql zabbix-web-mysql zabbix-get zabbix-agent -y
# 导入Zabbix服务端的表结构
cd /usr/share/doc/zabbix-server-mysql-3.0.3/
zcat create.sql.gz | mysql -uroot zabbix
cd
sed -i ‘/^# DBPassword=/a \\nDBPassword=zabbix‘ /etc/zabbix/zabbix_server.conf
#sed -i ‘s/^;date.timezone =/date.timezone = Asia\/Shanghai/‘ /etc/php.ini
sed -i ‘[email protected]# \(php_value date.timezone \).*@\1Asia/[email protected]‘ /etc/httpd/conf.d/zabbix.conf
systemctl start httpd
systemctl start zabbix-agent
systemctl start zabbix-server
通过 http://ip/zabbix 访问 默认用户名/密码:Admin/zabbix
基于LNMP环境的Zabbix3.0测试环境
# 初始环境调整
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
yum install epel-release.noarch wget vim gcc gcc-c++ lsof chrony tree nmap unzip rsync -y
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
# LNMP环境部署
yum install nginx mariadb mariadb-server mariadb-client php php-mysql php-fpm -y
cat > /etc/nginx/conf.d/zabbix.conf << \EOF
server {
root /var/www;
index index.php index.html;
access_log /var/log/nginx/access_zabbix.log;
error_log /var/log/nginx/error_zabbix.log;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
}
}
EOF
sed -i ‘35,54s/^/#/‘ /etc/nginx/nginx.conf
sed -i ‘s/^;date.timezone =/date.timezone = Asia\/Shanghai/‘ /etc/php.ini
sed -i ‘s/^post_max_size =.*/post_max_size = 16M/‘ /etc/php.ini
sed -i ‘s/^max_execution_time =.*/max_execution_time = 300/‘ /etc/php.ini
sed -i ‘s/^max_input_time =.*/max_input_time = 300/‘ /etc/php.ini
sed -i ‘s/^user = .*/user = nginx/‘ /etc/php-fpm.d/www.conf
sed -i ‘s/^group = .*/group = nginx/‘ /etc/php-fpm.d/www.conf
chown nginx /var/log/php-fpm
systemctl start mariadb
# MariaDB数据库安全调整
mysql -e "DELETE FROM mysql.user WHERE User=‘‘"
mysql -e "DELETE FROM mysql.user WHERE User=‘root‘ AND Host NOT IN (‘localhost‘, ‘127.0.0.1‘, ‘::1‘)"
mysql -e "DROP DATABASE test;"
mysql -e "DELETE FROM mysql.db WHERE Db=‘test‘ OR Db=‘test\\_%‘"
mysql -e "FLUSH PRIVILEGES"
# 创建Zabbix服务端的数据库和使用的账号
mysql -e "CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;"
mysql -e "GRANT ALL ON zabbix.* TO ‘zabbix‘@‘%‘ IDENTIFIED BY ‘zabbix‘;"
# Zabbix应用部署
rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
yum install zabbix-server-mysql zabbix-web-mysql zabbix-get zabbix-agent -y
# 导入Zabbix服务端的表结构
cd /usr/share/doc/zabbix-server-mysql-3.0.3/
zcat create.sql.gz | mysql -uroot zabbix
cd
# 文件权限修改
chown nginx:nginx -R /etc/zabbix/web/
cp -r /usr/share/zabbix /var/www
chown nginx:nginx -R /var/www/zabbix
chown root:nginx /var/lib/php/session
sed -i ‘/^# DBPassword=/a \\nDBPassword=zabbix‘ /etc/zabbix/zabbix_server.conf
systemctl start nginx
systemctl start php-fpm
systemctl start zabbix-agent
systemctl start zabbix-server
通过 http://ip/zabbix 访问 默认用户名/密码:Admin/zabbix
Zabbix Agent快速部署
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
yum install vim lsof chrony -y
rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
yum install zabbix-agent -y
sed -i ‘s/^Server=.*/Server=192.168.60.103/‘ /etc/zabbix/zabbix_agentd.conf
sed -i ‘s/^ServerActive=.*/ServerActive=192.168.60.103/‘ /etc/zabbix/zabbix_agentd.conf
sed -i ‘s/^Hostname=.*/Hostname=client01/‘ /etc/zabbix/zabbix_agentd.conf
systemctl start zabbix-agent
从安全角度,做如下改进:
1. 保持 /var/www/zabbix 目录的user和group均为root,不允许nginx用户写入。使用符号链接替代目录拷贝,用于提供nginx服务。
# ln -s /var/www/zabbix /var/www/
2. Zabbix 页面初始化结束后,生成的配置文件应及时去掉可写权限,并去掉other的可读权限:
# chown nginx:nginx /etc/zabbix/web/zabbix.conf.php
# chmod 600 /etc/zabbix/web/zabbix.conf.php
以上是关于基于CentOS 7下最小化安装的操作系统搭建Zabbix3.0环境的主要内容,如果未能解决你的问题,请参考以下文章