公网环境部署zabbix5.0

实验环境

虚拟机两台,一台公网地址为 1.1.1.1,部署 zabbix server,一台公网地址为 1.1.1.2,部署 zabbix proxy,系统为centos7.2。

1 zabbix server部署

1.1 准备工作

配置防火墙

systemctl start firewalld
systemctl enable firewalld
firewall-cmd --permanent --zone=public --add-rich-rule="rule family="ipv4" source address="1.1.1.2/32" port port="10051" protocol="tcp" accept"
firewall-cmd --permanent --zone=public --add-rich-rule="rule family="ipv4" source address="1.1.1.2/32" port port="123" protocol="udp" accept"
firewall-cmd --reload

配置selinux

setenforce 0

vim /etc/sysconfig/selinux
SELINUX=disabled

1.2 安装 server

安装 zabbix库

rpm -Uvh https://repo.zabbix.com/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm
yum clean all

如果出现 curl: (60) The certificate issuer's certificate has expired. Check your system date and time 报错,则需要更新证书

yum install -y ca-certificates
update-ca-trust extract

安装 zabbix server

mariadb

yum install -y zabbix-server-mysql

PostgreSQL

yum install -y zabbix-server-pgsql

安装 zabbix 前端

yum install -y centos-release-scl

vim /etc/yum.repos.d/zabbix.repo
[zabbix-frontend]
enabled=1

Mariadb

yum install -y zabbix-web-mysql-scl zabbix-apache-conf-scl

PostgreSQL

yum install -y zabbix-web-pgsql-scl zabbix-apache-conf-scl

安装 mariadb

yum install -y mariadb-server

vim /etc/my.cnf
max_connections = 4096
character-set-server = utf8

systemctl start mariadb
systemctl enable mariadb
mysql_secure_installation 设置root密码为r00tP@ssw0rd
mysql -uroot -p'r00tP@ssw0rd'
mysql> create database zabbix character set utf8 collate utf8_bin;
mysql> create user zabbix@localhost identified by 'z@bbixP@ssw0rd';
mysql> grant all privileges on zabbix.* to zabbix@localhost;
mysql> quit;
zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -p'z@bbixP@ssw0rd' zabbix

安装 PostgreSQL

yum install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
yum install -y postgresql14-server
/usr/pgsql-14/bin/postgresql-14-setup initdb

配置

systemctl enable postgresql-14
systemctl start postgresql-14
sudo -u postgres createuser --pwprompt zabbix 设置密码为z@bbixP@ssw0rd
sudo -u postgres createdb -O zabbix zabbix

zcat /usr/share/doc/zabbix-server-pgsql*/create.sql.gz | sudo -u zabbix psql zabbix

安装timescaledb

tee /etc/yum.repos.d/timescale_timescaledb.repo <<EOL
[timescale_timescaledb]
name=timescale_timescaledb
baseurl=https://packagecloud.io/timescale/timescaledb/el/$(rpm -E %{rhel})/\$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packagecloud.io/timescale/timescaledb/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
EOL

yum -y update
yum install -y timescaledb-2-postgresql-14
timescaledb-tune --pg-config=/usr/pgsql-14/bin/pg_config
systemctl restart postgresql-14

sudo -u zabbix psql zabbix
CREATE EXTENSION IF NOT EXISTS timescaledb;

zcat /usr/share/doc/zabbix-server-pgsql*/timescaledb.sql.gz | sudo -u zabbix psql zabbix

配置 php

修改时区

vim /etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf
php_value[date.timezone] = Asia/Shanghai

修改端口

vim /etc/httpd/conf/httpd.conf
Listen 12345

启动 zabbix server

vim /etc/zabbix/zabbix_server.conf
DBPassword=z@bbixP@ssw0rd

systemctl start zabbix-server httpd rh-php72-php-fpm
systemctl enable zabbix-server httpd rh-php72-php-fpm

配置zabbix前端

访问 http://1.1.1.1:12345/zabbix 按照提示配置,默认密码 Admin/zabbix,立即修改,并限制guest访问

1.3 配置ntp服务端

由于agent与server之间时间相差过大容易造成nodata的误告警,强烈建议设置时间同步

yum install –y ntp

vim /etc/ntp.conf
Server ntp.ntsc.ac.cn iburst

systemctl start ntpd
systemctl enable ntpd

检查ntp服务状态

ntpstat
ntpq -p

1.4 安装agent

yum install -y zabbix-agent
systemctl start zabbix-agent
systemctl enable zabbix-agent

2 zabbix proxy部署

2.1 准备工作

配置防火墙

systemctl start firewalld
systemctl enable firewalld
firewall-cmd --permanent --zone=public --add-rich-rule="rule family="ipv4" source address="1.1.1.1/32" port port="10050" protocol="tcp" accept"
firewall-cmd --reload

配置selinux

setenforce 0

vim /etc/sysconfig/selinux
SELINUX=disabled

配置时间同步

vim /etc/chrony.conf
server 1.1.1.1 iburst

systemctl start chronyd

2.2 安装 proxy

安装 proxy

rpm -ivh https://repo.zabbix.com/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm
yum-config-manager --enable rhel-7-server-optional-rpms
yum install -y zabbix-proxy-mysql

如果出现 curl: (60) The certificate issuer's certificate has expired. Check your system date and time 报错,则需要更新证书

yum install -y ca-certificates
update-ca-trust extract

安装 mariadb

yum install -y mariadb-server

vim /etc/my.cnf  
max_connections = 4096

systemctl start mariadb
systemctl enable mariadb
mysql_secure_installation 设置root密码为r00tP@ssw0rd
mysql -uroot -p'r00tP@ssw0rd'
mysql> create database zabbix_proxy character set utf8 collate utf8_bin;
mysql> create user zabbix@localhost identified by 'z@bbixP@ssw0rd';
mysql> grant all privileges on zabbix_proxy.* to zabbix@localhost;
mysql> quit;
zcat /usr/share/doc/zabbix-proxy-mysql*/schema.sql.gz | mysql -uzabbix -p'z@bbixP@ssw0rd' zabbix_proxy

启动 proxy

web配置

vim /etc/zabbix/zabbix_proxy.conf
Server=1.1.1.1
Hostname=ZabbixProxy01
DBPassword=z@bbixP@ssw0rd

systemctl start zabbix-proxy
systemctl enable zabbix-proxy

2.3 安装agent

web配置

yum install -y zabbix-agent

vim /etc/zabbix/zabbix_agentd.conf
Hostname=ZabbixProxy01
Server=1.1.1.1

systemctl start zabbix-agent
systemctl enable zabbix-agent
posted @ 2022-08-04 22:33  virtualzzf  阅读(181)  评论(0编辑  收藏  举报