(Grav GitSync) Automatic Commit from RealStickman
This commit is contained in:
parent
296aa8bb4b
commit
c0ddd07fcc
118
pages/02.linux/25.zabbix/default.en.md
Normal file
118
pages/02.linux/25.zabbix/default.en.md
Normal file
@ -0,0 +1,118 @@
|
||||
---
|
||||
title: Zabbix
|
||||
---
|
||||
|
||||
## Podman
|
||||
### Pod
|
||||
```
|
||||
# podman pod create --name zabbix -p 127.0.0.1:8080:8080 -p 10051:10051
|
||||
```
|
||||
|
||||
### Database
|
||||
```
|
||||
# podman run --name zabbix-mysql -t \
|
||||
-e MYSQL_DATABASE="zabbix" \
|
||||
-e MYSQL_USER="zabbix" \
|
||||
-e MYSQL_PASSWORD="zabbix" \
|
||||
-e MYSQL_ROOT_PASSWORD="rootpass" \
|
||||
-v /mnt/mysql/:/var/lib/mysql/:Z \
|
||||
--restart=always \
|
||||
--pod=zabbix \
|
||||
-d docker.io/mysql:latest \
|
||||
--character-set-server=utf8 --collation-server=utf8_bin \
|
||||
--default-authentication-plugin=mysql_native_password
|
||||
```
|
||||
|
||||
### Application
|
||||
Zabbix consists of multiple containers that need to be running.
|
||||
First is the server itself.
|
||||
```
|
||||
# podman run --name zabbix-server -t \
|
||||
-e DB_SERVER_HOST="127.0.0.1" \
|
||||
-e MYSQL_DATABASE="zabbix" \
|
||||
-e MYSQL_USER="zabbix" \
|
||||
-e MYSQL_PASSWORD="zabbix" \
|
||||
-e MYSQL_ROOT_PASSWORD="rootpass" \
|
||||
--pod=zabbix \
|
||||
-d docker.io/zabbix/zabbix-server-mysql:latest
|
||||
```
|
||||
|
||||
Next, we need the webserver
|
||||
```
|
||||
# podman run --name zabbix-web -t \
|
||||
-e ZBX_SERVER_HOST="127.0.0.1" \
|
||||
-e DB_SERVER_HOST="127.0.0.1" \
|
||||
-e MYSQL_DATABASE="zabbix" \
|
||||
-e MYSQL_USER="zabbix" \
|
||||
-e MYSQL_PASSWORD="zabbix" \
|
||||
-e MYSQL_ROOT_PASSWORD="rootpass" \
|
||||
--restart=always \
|
||||
--pod=zabbix \
|
||||
-d docker.io/zabbix/zabbix-web-nginx-mysql:latest
|
||||
```
|
||||
|
||||
Finally, we will also install the agent as a container
|
||||
```
|
||||
# podman run --name zabbix-agent \
|
||||
-e ZBX_SERVER_HOST="127.0.0.1,localhost" \
|
||||
--restart=always \
|
||||
--pod=zabbix \
|
||||
-d docker.io/zabbix/zabbix-agent:latest
|
||||
```
|
||||
|
||||
The default user is `Admin` with password `zabbix`
|
||||
|
||||
## Zabbix Proxy
|
||||
`ZBX_HOSTNAME` has to be the same as the value configured on the zabbix server as the proxy name.
|
||||
```
|
||||
# podman run --name zabbix-proxy \
|
||||
-p 10051:10051 \
|
||||
-e ZBX_SERVER_HOST="178.18.243.82" \
|
||||
-e ZBX_HOSTNAME="he1prx1" \
|
||||
-e ZBX_TLSCONNECT=psk \
|
||||
-e ZBX_TLSPSKIDENTITY="PSK Zabbix he1prx1" \
|
||||
-e ZBX_TLSPSKFILE="/mnt/zabbix/zabbix_agentd.psk" \
|
||||
-v /mnt/zabbix:/var/lib/zabbix/db_data \
|
||||
-v /mnt/zabbix:/mnt/zabbix \
|
||||
-d docker.io/zabbix/zabbix-proxy-sqlite3:latest
|
||||
```
|
||||
|
||||
## Zabbix Agent
|
||||
```
|
||||
# podman run --name zabbix-agent \
|
||||
-p 10050:10050 \
|
||||
-e ZBX_HOSTNAME="he1app1" \
|
||||
-e ZBX_SERVER_HOST="172.18.50.60" \
|
||||
-d docker.io/zabbix/zabbix-agent:latest
|
||||
```
|
||||
|
||||
### XCP-ng
|
||||
Use zabbix package from EPEL.
|
||||
Zabbix server can handle the older agent fine (https://www.zabbix.com/documentation/current/en/manual/appendix/compatibility)
|
||||
`# yum install zabbix50-agent --enablerepo=epel`
|
||||
|
||||
Edit `/etc/zabbix_agentd.conf`
|
||||
*haven't managed to make encryption work yet*
|
||||
```
|
||||
Server=(Zabbix server ip)
|
||||
ServerActive=(Zabbix server ip)
|
||||
Hostname=he1xcp1
|
||||
#TLSConnect=psk
|
||||
#TLSAccept=psk
|
||||
#TLSPSKIdentity=he1xcp1
|
||||
#TLSPSKFile=/mnt/zabbix/zabbix_agentd.psk
|
||||
```
|
||||
|
||||
Create the .psk file. Set the user and group to `zabbix`
|
||||
|
||||
Allow 10050/TCP on the firewall
|
||||
|
||||
*nope*
|
||||
`# yum install openssl11 --enablerepo=epel`
|
||||
|
||||
## TODO
|
||||
### Encryption with PSK
|
||||
> https://www.zabbix.com/documentation/6.0/en/manual/encryption/using_pre_shared_keys
|
||||
|
||||
### Force refresh Proxy
|
||||
> https://www.zabbix.com/forum/zabbix-troubleshooting-and-problems/363196-cannot-send-list-of-active-checks-to-ip-address-host-ip-address-hostnames-match?p=363205#post363205
|
Loading…
Reference in New Issue
Block a user