• 基于CentOS 7下最小化安装的操作系统搭建Zabbix3.0环境

    环境说明

    系统版本:CentOS Linux release 7.3.1611 (Core)
内核版本:3.10.0-514.el7.x86_64
Httpd版本:Apache/2.4.6 (CentOS)
MariaDB版本:5.5.52-MariaDB
PHP版本:PHP 5.4.16

    环境准备

    [root@master ~]# setenforce 0
[root@master ~]# sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
[root@master ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
[root@master ~]# yum install epel-release.noarch wget vim gcc gcc-c++ lsof chrony tree nmap unzip rsync -y
[root@master ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

    基于LAMP环境的Zabbix3.0

    LAMP环境安装

    [root@master ~]# yum install httpd mariadb mariadb-server mariadb-client php php-mysql

    安装Zabbix服务

    [root@master ~]# rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
[root@master ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
[root@master ~]# yum install zabbix-server-mysql zabbix-web-mysql zabbix-get zabbix-agent

    创建数据库

    [root@master ~]# mysql -uroot -p
MariaDB [(none)]> CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
MariaDB [(none)]> GRANT ALL ON zabbix.* TO 'zabbix'@'%' IDENTIFIED BY 'zabbix';
MariaDB [(none)]> quit

    导入数据

    [root@master ~]# cd /usr/share/doc/zabbix-server-mysql-3.0.3/
[root@master zabbix-server-mysql-3.0.3]# zcat create.sql.gz | mysql -uroot -p zabbix
[root@master zabbix-server-mysql-3.0.3]# cd

    修改配置

    [root@master ~]# vim /etc/zabbix/zabbix_server.conf
DBHost=localhost
DBName=zabbix
DBUser=zabbix
DBPassword=zabbix

    上述配置文件中,我们只需要关注DBHost、DBName、DBUser、DBPassword几项即可。这几项是配置zabbix server连接mysql数据库的参数。

    [root@master ~]# vim /etc/httpd/conf.d/zabbix.conf
php_value date.timezone Asia/Chongqing

    其中php_value date.timezone Asia/Chongqing主要是定义php的时区

    启动

    [root@master ~]# systemctl start httpd
[root@master ~]# systemctl start zabbix-server
[root@master ~]# systemctl start zabbix-agent

    通过 http://ip/zabbix 访问
    默认用户名/密码:Admin/zabbix,注意用户名也区分大小写

    # 配置中重写了访问路径
[root@master ~]# vim /etc/httpd/conf.d/zabbix.conf
Alias /zabbix /usr/share/zabbix

    基于LNMP环境的Zbbix3.0

    LNMP环境安装

    [root@master ~]# yum install nginx mariadb mariadb-server mariadb-client php php-mysql php-fpm -y
/run/php-fpm/php-fpm.pid

    安装Zabbix服务

    [root@master ~]# rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
[root@master ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
[root@master ~]# yum install zabbix-server-mysql zabbix-web-mysql zabbix-get zabbix-agent

    修改文件属主和属组

    zabbix的rpm包里默认编译apache为文件拥有者,把httpd服务替换为nginx服务,相应文件的拥有者需要进行对应的更改。

    [root@master ~]# ll /etc/zabbix/
total 28
drwxr-x---. 2 apache apache    32 Apr 20 09:41 web
-rw-r--r--. 1 root   root   10341 Apr 20  2016 zabbix_agentd.conf
drwxr-xr-x. 2 root   root      37 Apr 20 09:41 zabbix_agentd.d
-rw-r-----. 1 root   zabbix 14876 Apr 20  2016 zabbix_server.conf
[root@master ~]# chown nginx:nginx /etc/zabbix/web/
[root@master ~]# ll -d /var/log/php-fpm
drwxrwx---. 2 apache root 6 Jun 23  2015 /var/log/php-fpm
[root@master ~]# chown nginx /var/log/php-fpm
[root@master ~]# ll -d /var/log/php-fpm
drwxrwx---. 2 apache root 22 Apr 20 09:53 /var/log/php-fpm
[root@master ~]# ll -d /var/lib/php/session
drwxrwx---. 2 root apache 44 Apr 20 10:22 /var/lib/php/session
[root@master ~]# chown root:nginx /var/lib/php/session/
[root@master ~]# ll -d /var/lib/php/session
drwxrwx---. 2 root nginx 44 Apr 20 10:28 /var/lib/php/session
[root@master ~]# cp -r /usr/share/zabbix /var/www
[root@master ~]# chown nginx:nginx -R /var/www/zabbix

    修改php配置

    [root@master ~]# sed -i 's/^user = .*/user = nginx/' /etc/php-fpm.d/www.conf
[root@master ~]# sed -i 's/^group = .*/group = nginx/' /etc/php-fpm.d/www.conf
[root@master ~]# sed -i 's/^;date.timezone =/date.timezone = Asia/Shanghai/' /etc/php.ini
[root@master ~]# sed -i 's/^post_max_size =.*/post_max_size = 16M/' /etc/php.ini
[root@master ~]# sed -i 's/^max_execution_time =.*/max_execution_time = 300/' /etc/php.ini
[root@master ~]# sed -i 's/^max_input_time =.*/max_input_time = 300/' /etc/php.ini

    创建数据库

    [root@master ~]# mysql -uroot -p
MariaDB [(none)]> CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
MariaDB [(none)]> GRANT ALL ON zabbix.* TO 'zabbix'@'%' IDENTIFIED BY 'zabbix';
MariaDB [(none)]> quit

    导入数据

    [root@master zabbix-server-mysql-3.0.3]# cd /usr/share/doc/zabbix-server-mysql-3.0.3/
[root@master zabbix-server-mysql-3.0.3]# zcat create.sql.gz | mysql -uroot -p zabbix
[root@master zabbix-server-mysql-3.0.3]# cd

    配置nginx虚拟主机

    [root@master ~]# cat /etc/nginx/conf.d/zabbix.conf
server {
    root /var/www;
    index index.php index.html;
    access_log   /var/log/nginx/access_zabbix.log;
    error_log   /var/log/nginx/error_zabbix.log;

    location ~ .php$ {
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_buffer_size 128k;
        fastcgi_buffers 4 256k;
        fastcgi_busy_buffers_size 256k;
    }
}

    YUM安装的nginx服务,主配置文件里有server项配置,需要进行注销

    [root@master ~]# cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
[root@master ~]# sed -i '35,54s/^/#/' /etc/nginx/nginx.conf
[root@master ~]# vim /etc/nginx/nginx.conf
[root@master ~]# cat /etc/nginx/nginx.conf
# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

#    server {
#        listen       80 default_server;
#        listen       [::]:80 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }
}

    启动服务

    [root@master ~]# systemctl start mariadb
[root@master ~]# systemctl start php-fpm
[root@master ~]# systemctl start nginx
[root@master ~]# systemctl start zabbix-server

    Zabbix Agent

    Zabbix Agent安装

    [root@client01 ~]# rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
[root@client01 ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[root@client01 ~]# yum install zabbix-agent

    配置修改

    [root@client01 ~]# vim /etc/zabbix/zabbix_agentd.conf
Server=192.168.60.103
ServerActive=192.168.60.103
Hostname=client01

    启用Zabbix Agent

    [root@client01 ~]# systemctl start zabbix-agent

    Zabbix-Get的使用

    Zabbix-Get是Zabbix中的一个应用程序,用于Zabbix-Server到Zabbix-Agent的数据获取,通常可以用来测试Agent的配置是否正确。

    使用帮助

    usage:
  zabbix_get -s host-name-or-IP [-p port-number] [-I IP-address] -k item-key
  zabbix_get -s host-name-or-IP [-p port-number] [-I IP-address]
                --tls-connect cert --tls-ca-file CA-file
                [--tls-crl-file CRL-file] [--tls-agent-cert-issuer cert-issuer]
                [--tls-agent-cert-subject cert-subject]
                --tls-cert-file cert-file --tls-key-file key-file -k item-key
  zabbix_get -s host-name-or-IP [-p port-number] [-I IP-address]
                --tls-connect psk --tls-psk-identity PSK-identity
                --tls-psk-file PSK-file -k item-key
  zabbix_get -h
  zabbix_get -V

    测试 Agent 配置

    [root@master zabbix-server-mysql-3.0.3]# zabbix_get -s 192.168.60.104 -k system.uname
Linux client01 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64

    zabbix用户忘记密码

    进入数据库直接更改密码

    [root@master ~]# mysql -uroot -p

MariaDB [(none)]> use zabbix
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

MariaDB [zabbix]> select userid, alias, name, passwd from users;
+--------+-------+--------+----------------------------------+
| userid | alias | name   | passwd                           |
+--------+-------+--------+----------------------------------+
|      1 | Admin | Zabbix | *DEEF4D7D88CD046ECA02A80393B7780 |
|      2 | guest |        | d41d8cd98f00b204e9800998ecf8427e |
+--------+-------+--------+----------------------------------+
2 rows in set (0.00 sec)

MariaDB [zabbix]> update users set passwd=md5('zabbix') where userid='1';
Query OK, 1 row affected, 1 warning (0.00 sec)
Rows matched: 1  Changed: 1  Warnings: 1

    Grafana 2.6

    [root@master ~]# yum install https://grafanarel.s3.amazonaws.com/builds/grafana-2.6.0-1.x86_64.rpm
[root@master ~]# systemctl start grafana-server
[root@master ~]# yum install https://grafanarel.s3.amazonaws.com/builds/grafana-2.6.0-1.x86_64.rpm
[root@master ~]# cp -r grafana-zabbix-2.5.1/zabbix/  /usr/share/grafana/public/app/plugins/datasource/
[root@master ~]# systemctl restart grafana-server

[root@master ~]# mkdir /var/lib/grafana/plugins
[root@master ~]# cd /var/lib/grafana/plugins
[root@master plugins]# git clone https://github.com/alexanderzobnin/grafana-zabbix-app
[root@master plugins]# cd grafana-zabbix-app/
[root@master grafana-zabbix-app]# git pull
[root@master grafana-zabbix-app]# systemctl restart grafana-server

    CentOS 7下最小化安装系统之快速部署Zabbix3.0测试环境

    基于LAMP环境的Zabbix3.0测试环境

    # 初始环境调整
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
yum install epel-release.noarch wget vim gcc gcc-c++ lsof chrony tree nmap unzip rsync -y
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

# LAMP环境部署
yum install httpd mariadb mariadb-server mariadb-client php php-mysql -y

systemctl start mariadb

# MariaDB数据库安全调整
mysql -e "DELETE FROM mysql.user WHERE User=''"
mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')"
mysql -e "DROP DATABASE test;"
mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'"
mysql -e "FLUSH PRIVILEGES"

# 创建Zabbix服务端的数据库和使用的账号
mysql -e "CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;"
mysql -e "GRANT ALL ON zabbix.* TO 'zabbix'@'%' IDENTIFIED BY 'zabbix';"

# Zabbix应用部署
rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
yum install zabbix-server-mysql zabbix-web-mysql zabbix-get zabbix-agent -y

# 导入Zabbix服务端的表结构
cd /usr/share/doc/zabbix-server-mysql-3.0.3/
zcat create.sql.gz | mysql -uroot zabbix
cd

sed -i '/^# DBPassword=/a \nDBPassword=zabbix' /etc/zabbix/zabbix_server.conf

#sed -i 's/^;date.timezone =/date.timezone = Asia/Shanghai/' /etc/php.ini
sed -i 's@# (php_value date.timezone ).*@1Asia/Shanghai@' /etc/httpd/conf.d/zabbix.conf

systemctl start httpd
systemctl start zabbix-agent
systemctl start zabbix-server

    通过 http://ip/zabbix 访问 默认用户名/密码:Admin/zabbix

    基于LNMP环境的Zabbix3.0测试环境

    # 初始环境调整
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
yum install epel-release.noarch wget vim gcc gcc-c++ lsof chrony tree nmap unzip rsync -y
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

# LNMP环境部署
yum install nginx mariadb mariadb-server mariadb-client php php-mysql php-fpm -y
cat > /etc/nginx/conf.d/zabbix.conf << EOF
server {
    root /var/www;
    index index.php index.html;
    access_log  /var/log/nginx/access_zabbix.log;
    error_log   /var/log/nginx/error_zabbix.log;

    location ~ .php$ {
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_buffer_size 128k;
        fastcgi_buffers 4 256k;
        fastcgi_busy_buffers_size 256k;
    }
}
EOF

sed -i '35,54s/^/#/' /etc/nginx/nginx.conf
sed -i 's/^;date.timezone =/date.timezone = Asia/Shanghai/' /etc/php.ini
sed -i 's/^post_max_size =.*/post_max_size = 16M/' /etc/php.ini
sed -i 's/^max_execution_time =.*/max_execution_time = 300/' /etc/php.ini
sed -i 's/^max_input_time =.*/max_input_time = 300/' /etc/php.ini
sed -i 's/^user = .*/user = nginx/' /etc/php-fpm.d/www.conf
sed -i 's/^group = .*/group = nginx/' /etc/php-fpm.d/www.conf
chown nginx /var/log/php-fpm
systemctl start mariadb
# MariaDB数据库安全调整
mysql -e "DELETE FROM mysql.user WHERE User=''"
mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')"
mysql -e "DROP DATABASE test;"
mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'"
mysql -e "FLUSH PRIVILEGES"
# 创建Zabbix服务端的数据库和使用的账号
mysql -e "CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;"
mysql -e "GRANT ALL ON zabbix.* TO 'zabbix'@'%' IDENTIFIED BY 'zabbix';"
# Zabbix应用部署
rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
yum install zabbix-server-mysql zabbix-web-mysql zabbix-get zabbix-agent -y
# 导入Zabbix服务端的表结构
cd /usr/share/doc/zabbix-server-mysql-3.0.3/
zcat create.sql.gz | mysql -uroot zabbix
cd
# 文件权限修改
chown nginx:nginx -R /etc/zabbix/web/
cp -r /usr/share/zabbix /var/www
chown nginx:nginx -R /var/www/zabbix
chown root:nginx /var/lib/php/session
sed -i '/^# DBPassword=/a \nDBPassword=zabbix' /etc/zabbix/zabbix_server.conf
systemctl start nginx
systemctl start php-fpm
systemctl start zabbix-agent
systemctl start zabbix-server

    通过 http://ip/zabbix 访问 默认用户名/密码:Admin/zabbix

    Zabbix Agent快速部署

    setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
yum install vim lsof chrony -y
rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
yum install zabbix-agent -y
sed -i 's/^Server=.*/Server=192.168.60.103/' /etc/zabbix/zabbix_agentd.conf
sed -i 's/^ServerActive=.*/ServerActive=192.168.60.103/' /etc/zabbix/zabbix_agentd.conf
sed -i 's/^Hostname=.*/Hostname=client01/' /etc/zabbix/zabbix_agentd.conf
systemctl start zabbix-agent

    从安全角度,做如下改进:

    1. 保持 /var/www/zabbix 目录的user和group均为root,不允许nginx用户写入。使用符号链接替代目录拷贝,用于提供nginx服务。
    # ln -s /var/www/zabbix /var/www/
    2. Zabbix 页面初始化结束后,生成的配置文件应及时去掉可写权限,并去掉other的可读权限:
    # chown nginx:nginx /etc/zabbix/web/zabbix.conf.php
    # chmod 600 /etc/zabbix/web/zabbix.conf.php
  • 相关阅读:
    Oracle基础操作
    Linux的常用命令
    Javascript 上课笔记
    Linux操作指令
    css样式分类
    DW
    标准sql执行顺序
    Mysql数据库
    模拟课----需求文本
    php 发送邮件
  • 原文地址:https://www.cnblogs.com/lwf-blog/p/7457655.html
Copyright © 2020-2023  润新知