ansible-playbook安装zabbix_server,agent监控
主要完成通过playbook自动生成zabbix_server,agent,这里没有完全实现自动化,这里机器的获取还是需要人为手工填写,如果感兴趣想通过自动获取需要部署的机器可以通过namp扫描工具awk命令截取,这里不过多描述。我用两台机器做的测试,老版本的模块用法会有差异,如果无法执行可以通过官网去查看https://ansible-tran.readthedocs.io/en/latest/,参考文档https://www.cnblogs.com/LyShark/p/10886486.html
ansible 2.4.2
zabbix 3.4.15
-
安装nmap扫描工具
yum install nmap -y #通过ping探测172.16.9.0网段中存活机器 nmap -sP 172.16.9.0/24
完成机器间的免密登录
-
生成公钥对
ssh-keygen -t rsa -
设置ansible hosts配置
[test] 172.16.9.141 ansible_ssh_user="root" ansible_ssh_pass="root" 172.16.9.142 ansible_ssh_user="root" ansible_ssh_pass="root" [zabbix_server] 172.16.9.141 [zabbix_client] 172.16.9.142 -
批量推送公钥到集群节点
- hosts: test user: root tasks: - name: ssh-copy authorized_key: user=root key="{{ lookup('file', '/root/.ssh/id_rsa.pub') }}" tags: - sshkey报错:
FAILED! => {"msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host."}解决:
/etc/ansible/ansible.cfg
修改host_key_checking(默认是check的)
-
playbook构建zabbix_server(官方建议一个play写一个独立的任务,测试不过多计较了)
# 初始化,关闭防火墙和SELINUX - hosts: zabbix_server tasks: - name: off selinux shell: setenforce 0 - name: seline modify enforcing lineinfile: dest: /etc/selinux/config regexp: '^SELINUX=' line: 'SELINUX=disabled' - name: seline firealld shell: systemctl stop firewalld && systemctl disable firewalld # 安装部署LAMP环境,通过YUM模块快速安装 - hosts: zabbix_server tasks: - name: install LAMP yum: name={{item}} state=installed with_items: - httpd - httpd-devel - mariadb - mariadb-server - php - php-mysql - name: start httpd shell: systemctl restart httpd - name: start mariadb shell: systemctl restart mariadb # 下载YUM源,更新EOEL源,安装Zabbix - hosts: zabbix_server tasks: - name: clear YUM shell: rm -rf /etc/yum.repos.d/* - name: install YUM EPEL get_url: 'url=http://mirrors.aliyun.com/repo/Centos-7.repo dest=/etc/yum.repos.d/CentOS-Base.repo' - name: yum install EPEL -y yum: name=epel-release state=installed - name: install zabbix.repo shell: rpm -i http://repo.zabbix.com/zabbix/3.4/rhel/7/x86_64/zabbix-release-3.4-2.el7.noarch.rpm - name: install zabbix yum: name={{item}} state=installed with_items: - zabbix-server-mysql - zabbix-web-mysql - zabbix-agent - name: start zabbix-server shell: systemctl restart zabbix-server - name: start zabbix-agent shell: systemctl restart zabbix-agent # 安装配置数据库权限,导入zabbix数据库 - hosts: zabbix_server tasks: - name: set mariadb password shell: mysqladmin -u root password 'ansible' - name: create zabbix master databases shell: mysql -uroot -pansible -e 'create database zabbix character set utf8 collate utf8_bin;' - name: set zabbix master databases grant shell: mysql -uroot -pansible -e 'grant all privileges on zabbix.* to zabbix@localhost identified by "zabbix";' - name: import zabbix initial data SQL shell shell: zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -pzabbix zabbix # 修改并拷贝配置文件,给予权限 - hosts: zabbix_server tasks: - name: edit zabbix dbhost lineinfile: dest: /etc/zabbix/zabbix_server.conf regexp: '# DBHost=localhost' line: 'DBHost=localhost' - name: edit zabbix dbpasswd lineinfile: dest: /etc/zabbix/zabbix_server.conf regexp: '# DBPassword=' line: 'DBPassword=zabbix' - name: cp zabbix web shell: cp -a /usr/share/zabbix/* /var/www/html/ - name: chmod web shell: chmod 755 -R /var/www/html/* - name: chown web shell: chown apache.apache -R /var/www/html/* - name: set php shell: echo "date.timezone = Asia/Shanghai" >> /etc/php.ini - name: set php shell: echo "max_execution_time = 300" >> /etc/php.ini - name: set php shell: echo "max_input_time = 300" >> /etc/php.ini - name: set php shell: echo "post_max_size = 32M" >> /etc/php.ini - name: set php shell: echo "memory_limit = 128M" >> /etc/php.ini - name: set php shell: echo "mbstring.func_overload = 0" >> /etc/php.ini - name: start http mysql zabbix shell: systemctl restart httpd ; systemctl restart mariadb - name: start http mysql zabbix shell: systemctl restart zabbix-server ; systemctl restart zabbix-agent - name: enabled http mysql zabbix shell: systemctl enable httpd ; systemctl enable mariadb - name: start http mysql zabbix shell: systemctl enable zabbix-server ; systemctl enable zabbix-agent- playbook构建zabbixclient
--- # 初始化,关闭防火墙和SELINUX - hosts: zabbix_client tasks: - name: off selinux shell: setenforce 0 - name: seline modify enforcing lineinfile: dest: /etc/selinux/config regexp: '^SELINUX=' line: 'SELINUX=disabled' - name: seline firealld shell: systemctl stop firewalld && systemctl disable firewalld # 安装zabbix_client - hosts: zabbix_client vars: zabbix_server_ip: 172.16.9.141 zabbix_agent_ip: 172.16.9.142 tasks: - name: install zabbix_client shell: rpm -ivh http://repo.zabbix.com/zabbix/3.4/rhel/7/x86_64/zabbix-agent-3.4.15-1.el7.x86_64.rpm - name: Install zabbix agent shell: yum -y install zabbix-agent - name: modify zabbix server ip address shell: sed -i 's#Server=127.0.0.1#Server='{{zabbix_server_ip}}'#g' /etc/zabbix/zabbix_agentd.conf - name: modify zabbix server active ip addr shell: sed -i 's/ServerActive=127.0.0.1/ServerActive='{{zabbix_server_ip}}'/g' /etc/zabbix/zabbix_agentd.conf - name: Enable remote command execution shell: sed -i 's/# EnableRemoteCommands=0/EnableRemoteCommands=1'/g /etc/zabbix/zabbix_agentd.conf - name: Enable remote command logs shell: sed -i 's/# LogRemoteCommands=0/LogRemoteCommands=1'/g /etc/zabbix/zabbix_agentd.conf - name: modify zabbix agent hostname shell: sed -i 's/Hostname=Zabbix server/Hostname='{{zabbix_agent_ip}}'/g' /etc/zabbix/zabbix_agentd.conf - name: enable zabbix-agent shell: systemctl start zabbix-agent ;systemctl enable zabbix-agent
再来几个检查语法结构,主机是否生效的命令
ansible-playbook install_zabbix_server.yaml --syntax-check
ansible-playbook install_zabbix_server.yaml --list-task
ansible-playbook install_zabbix_server.yaml --list-hosts
