基于CentOS 7下最小化安装的操作系统搭建Zabbix3.0环境

环境说明

系统版本：CentOS Linux release 7.3.1611 (Core)
内核版本：3.10.0-514.el7.x86_64
Httpd版本：Apache/2.4.6 (CentOS)
MariaDB版本：5.5.52-MariaDB
PHP版本：PHP 5.4.16

环境准备

[root@master ~]# setenforce 0
[root@master ~]# sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
[root@master ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
[root@master ~]# yum install epel-release.noarch wget vim gcc gcc-c++ lsof chrony tree nmap unzip rsync -y
[root@master ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

基于LAMP环境的Zabbix3.0

LAMP环境安装

[root@master ~]# yum install httpd mariadb mariadb-server mariadb-client php php-mysql

安装Zabbix服务

[root@master ~]# rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
[root@master ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
[root@master ~]# yum install zabbix-server-mysql zabbix-web-mysql zabbix-get zabbix-agent

创建数据库

[root@master ~]# mysql -uroot -p
MariaDB [(none)]> CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
MariaDB [(none)]> GRANT ALL ON zabbix.* TO 'zabbix'@'%' IDENTIFIED BY 'zabbix';
MariaDB [(none)]> quit

导入数据

[root@master ~]# cd /usr/share/doc/zabbix-server-mysql-3.0.3/
[root@master zabbix-server-mysql-3.0.3]# zcat create.sql.gz | mysql -uroot -p zabbix
[root@master zabbix-server-mysql-3.0.3]# cd

修改配置

[root@master ~]# vim /etc/zabbix/zabbix_server.conf
DBHost=localhost
DBName=zabbix
DBUser=zabbix
DBPassword=zabbix

上述配置文件中，我们只需要关注DBHost、DBName、DBUser、DBPassword几项即可。这几项是配置zabbix server连接mysql数据库的参数。

[root@master ~]# vim /etc/httpd/conf.d/zabbix.conf
php_value date.timezone Asia/Chongqing

其中php_value date.timezone Asia/Chongqing主要是定义php的时区

启动

[root@master ~]# systemctl start httpd
[root@master ~]# systemctl start zabbix-server
[root@master ~]# systemctl start zabbix-agent

通过 http://ip/zabbix 访问
默认用户名/密码：Admin/zabbix，注意用户名也区分大小写

# 配置中重写了访问路径
[root@master ~]# vim /etc/httpd/conf.d/zabbix.conf
Alias /zabbix /usr/share/zabbix

基于LNMP环境的Zbbix3.0

LNMP环境安装

[root@master ~]# yum install nginx mariadb mariadb-server mariadb-client php php-mysql php-fpm -y
/run/php-fpm/php-fpm.pid

安装Zabbix服务

[root@master ~]# rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
[root@master ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
[root@master ~]# yum install zabbix-server-mysql zabbix-web-mysql zabbix-get zabbix-agent

修改文件属主和属组

zabbix的rpm包里默认编译apache为文件拥有者，把httpd服务替换为nginx服务，相应文件的拥有者需要进行对应的更改。

[root@master ~]# ll /etc/zabbix/
total 28
drwxr-x---. 2 apache apache    32 Apr 20 09:41 web
-rw-r--r--. 1 root   root   10341 Apr 20  2016 zabbix_agentd.conf
drwxr-xr-x. 2 root   root      37 Apr 20 09:41 zabbix_agentd.d
-rw-r-----. 1 root   zabbix 14876 Apr 20  2016 zabbix_server.conf
[root@master ~]# chown nginx:nginx /etc/zabbix/web/
[root@master ~]# ll -d /var/log/php-fpm
drwxrwx---. 2 apache root 6 Jun 23  2015 /var/log/php-fpm
[root@master ~]# chown nginx /var/log/php-fpm
[root@master ~]# ll -d /var/log/php-fpm
drwxrwx---. 2 apache root 22 Apr 20 09:53 /var/log/php-fpm
[root@master ~]# ll -d /var/lib/php/session
drwxrwx---. 2 root apache 44 Apr 20 10:22 /var/lib/php/session
[root@master ~]# chown root:nginx /var/lib/php/session/
[root@master ~]# ll -d /var/lib/php/session
drwxrwx---. 2 root nginx 44 Apr 20 10:28 /var/lib/php/session
[root@master ~]# cp -r /usr/share/zabbix /var/www
[root@master ~]# chown nginx:nginx -R /var/www/zabbix

修改php配置

[root@master ~]# sed -i 's/^user = .*/user = nginx/' /etc/php-fpm.d/www.conf
[root@master ~]# sed -i 's/^group = .*/group = nginx/' /etc/php-fpm.d/www.conf
[root@master ~]# sed -i 's/^;date.timezone =/date.timezone = Asia/Shanghai/' /etc/php.ini
[root@master ~]# sed -i 's/^post_max_size =.*/post_max_size = 16M/' /etc/php.ini
[root@master ~]# sed -i 's/^max_execution_time =.*/max_execution_time = 300/' /etc/php.ini
[root@master ~]# sed -i 's/^max_input_time =.*/max_input_time = 300/' /etc/php.ini

创建数据库

[root@master ~]# mysql -uroot -p
MariaDB [(none)]> CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
MariaDB [(none)]> GRANT ALL ON zabbix.* TO 'zabbix'@'%' IDENTIFIED BY 'zabbix';
MariaDB [(none)]> quit

导入数据

[root@master zabbix-server-mysql-3.0.3]# cd /usr/share/doc/zabbix-server-mysql-3.0.3/
[root@master zabbix-server-mysql-3.0.3]# zcat create.sql.gz | mysql -uroot -p zabbix
[root@master zabbix-server-mysql-3.0.3]# cd

配置nginx虚拟主机

[root@master ~]# cat /etc/nginx/conf.d/zabbix.conf
server {
    root /var/www;
    index index.php index.html;
    access_log   /var/log/nginx/access_zabbix.log;
    error_log   /var/log/nginx/error_zabbix.log;

    location ~ .php$ {
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_buffer_size 128k;
        fastcgi_buffers 4 256k;
        fastcgi_busy_buffers_size 256k;
    }
}

YUM安装的nginx服务，主配置文件里有server项配置，需要进行注销

[root@master ~]# cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
[root@master ~]# sed -i '35,54s/^/#/' /etc/nginx/nginx.conf
[root@master ~]# vim /etc/nginx/nginx.conf
[root@master ~]# cat /etc/nginx/nginx.conf
# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

#    server {
#        listen       80 default_server;
#        listen       [::]:80 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }
}

启动服务

[root@master ~]# systemctl start mariadb
[root@master ~]# systemctl start php-fpm
[root@master ~]# systemctl start nginx
[root@master ~]# systemctl start zabbix-server

Zabbix Agent

Zabbix Agent安装

[root@client01 ~]# rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
[root@client01 ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[root@client01 ~]# yum install zabbix-agent

配置修改

[root@client01 ~]# vim /etc/zabbix/zabbix_agentd.conf
Server=192.168.60.103
ServerActive=192.168.60.103
Hostname=client01

启用Zabbix Agent

[root@client01 ~]# systemctl start zabbix-agent

Zabbix-Get的使用

Zabbix-Get是Zabbix中的一个应用程序，用于Zabbix-Server到Zabbix-Agent的数据获取，通常可以用来测试Agent的配置是否正确。

使用帮助

usage:
  zabbix_get -s host-name-or-IP [-p port-number] [-I IP-address] -k item-key
  zabbix_get -s host-name-or-IP [-p port-number] [-I IP-address]
                --tls-connect cert --tls-ca-file CA-file
                [--tls-crl-file CRL-file] [--tls-agent-cert-issuer cert-issuer]
                [--tls-agent-cert-subject cert-subject]
                --tls-cert-file cert-file --tls-key-file key-file -k item-key
  zabbix_get -s host-name-or-IP [-p port-number] [-I IP-address]
                --tls-connect psk --tls-psk-identity PSK-identity
                --tls-psk-file PSK-file -k item-key
  zabbix_get -h
  zabbix_get -V

测试 Agent 配置

[root@master zabbix-server-mysql-3.0.3]# zabbix_get -s 192.168.60.104 -k system.uname
Linux client01 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64

zabbix用户忘记密码

进入数据库直接更改密码

[root@master ~]# mysql -uroot -p

MariaDB [(none)]> use zabbix
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

MariaDB [zabbix]> select userid, alias, name, passwd from users;
+--------+-------+--------+----------------------------------+
| userid | alias | name   | passwd                           |
+--------+-------+--------+----------------------------------+
|      1 | Admin | Zabbix | *DEEF4D7D88CD046ECA02A80393B7780 |
|      2 | guest |        | d41d8cd98f00b204e9800998ecf8427e |
+--------+-------+--------+----------------------------------+
2 rows in set (0.00 sec)

MariaDB [zabbix]> update users set passwd=md5('zabbix') where userid='1';
Query OK, 1 row affected, 1 warning (0.00 sec)
Rows matched: 1  Changed: 1  Warnings: 1

Grafana 2.6

[root@master ~]# yum install https://grafanarel.s3.amazonaws.com/builds/grafana-2.6.0-1.x86_64.rpm
[root@master ~]# systemctl start grafana-server
[root@master ~]# yum install https://grafanarel.s3.amazonaws.com/builds/grafana-2.6.0-1.x86_64.rpm
[root@master ~]# cp -r grafana-zabbix-2.5.1/zabbix/  /usr/share/grafana/public/app/plugins/datasource/
[root@master ~]# systemctl restart grafana-server

[root@master ~]# mkdir /var/lib/grafana/plugins
[root@master ~]# cd /var/lib/grafana/plugins
[root@master plugins]# git clone https://github.com/alexanderzobnin/grafana-zabbix-app
[root@master plugins]# cd grafana-zabbix-app/
[root@master grafana-zabbix-app]# git pull
[root@master grafana-zabbix-app]# systemctl restart grafana-server

CentOS 7下最小化安装系统之快速部署Zabbix3.0测试环境

基于LAMP环境的Zabbix3.0测试环境

# 初始环境调整
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
yum install epel-release.noarch wget vim gcc gcc-c++ lsof chrony tree nmap unzip rsync -y
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

# LAMP环境部署
yum install httpd mariadb mariadb-server mariadb-client php php-mysql -y

systemctl start mariadb

# MariaDB数据库安全调整
mysql -e "DELETE FROM mysql.user WHERE User=''"
mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')"
mysql -e "DROP DATABASE test;"
mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'"
mysql -e "FLUSH PRIVILEGES"

# 创建Zabbix服务端的数据库和使用的账号
mysql -e "CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;"
mysql -e "GRANT ALL ON zabbix.* TO 'zabbix'@'%' IDENTIFIED BY 'zabbix';"

# Zabbix应用部署
rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
yum install zabbix-server-mysql zabbix-web-mysql zabbix-get zabbix-agent -y

# 导入Zabbix服务端的表结构
cd /usr/share/doc/zabbix-server-mysql-3.0.3/
zcat create.sql.gz | mysql -uroot zabbix
cd

sed -i '/^# DBPassword=/a \nDBPassword=zabbix' /etc/zabbix/zabbix_server.conf

#sed -i 's/^;date.timezone =/date.timezone = Asia/Shanghai/' /etc/php.ini
sed -i 's@# (php_value date.timezone ).*@1Asia/Shanghai@' /etc/httpd/conf.d/zabbix.conf

systemctl start httpd
systemctl start zabbix-agent
systemctl start zabbix-server

通过 http://ip/zabbix 访问默认用户名/密码：Admin/zabbix

基于LNMP环境的Zabbix3.0测试环境

# 初始环境调整
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
yum install epel-release.noarch wget vim gcc gcc-c++ lsof chrony tree nmap unzip rsync -y
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

# LNMP环境部署
yum install nginx mariadb mariadb-server mariadb-client php php-mysql php-fpm -y
cat > /etc/nginx/conf.d/zabbix.conf << EOF
server {
    root /var/www;
    index index.php index.html;
    access_log  /var/log/nginx/access_zabbix.log;
    error_log   /var/log/nginx/error_zabbix.log;

    location ~ .php$ {
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_buffer_size 128k;
        fastcgi_buffers 4 256k;
        fastcgi_busy_buffers_size 256k;
    }
}
EOF

sed -i '35,54s/^/#/' /etc/nginx/nginx.conf
sed -i 's/^;date.timezone =/date.timezone = Asia/Shanghai/' /etc/php.ini
sed -i 's/^post_max_size =.*/post_max_size = 16M/' /etc/php.ini
sed -i 's/^max_execution_time =.*/max_execution_time = 300/' /etc/php.ini
sed -i 's/^max_input_time =.*/max_input_time = 300/' /etc/php.ini
sed -i 's/^user = .*/user = nginx/' /etc/php-fpm.d/www.conf
sed -i 's/^group = .*/group = nginx/' /etc/php-fpm.d/www.conf
chown nginx /var/log/php-fpm
systemctl start mariadb
# MariaDB数据库安全调整
mysql -e "DELETE FROM mysql.user WHERE User=''"
mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')"
mysql -e "DROP DATABASE test;"
mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'"
mysql -e "FLUSH PRIVILEGES"
# 创建Zabbix服务端的数据库和使用的账号
mysql -e "CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;"
mysql -e "GRANT ALL ON zabbix.* TO 'zabbix'@'%' IDENTIFIED BY 'zabbix';"
# Zabbix应用部署
rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
yum install zabbix-server-mysql zabbix-web-mysql zabbix-get zabbix-agent -y
# 导入Zabbix服务端的表结构
cd /usr/share/doc/zabbix-server-mysql-3.0.3/
zcat create.sql.gz | mysql -uroot zabbix
cd
# 文件权限修改
chown nginx:nginx -R /etc/zabbix/web/
cp -r /usr/share/zabbix /var/www
chown nginx:nginx -R /var/www/zabbix
chown root:nginx /var/lib/php/session
sed -i '/^# DBPassword=/a \nDBPassword=zabbix' /etc/zabbix/zabbix_server.conf
systemctl start nginx
systemctl start php-fpm
systemctl start zabbix-agent
systemctl start zabbix-server

通过 http://ip/zabbix 访问默认用户名/密码：Admin/zabbix

Zabbix Agent快速部署

setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
yum install vim lsof chrony -y
rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
yum install zabbix-agent -y
sed -i 's/^Server=.*/Server=192.168.60.103/' /etc/zabbix/zabbix_agentd.conf
sed -i 's/^ServerActive=.*/ServerActive=192.168.60.103/' /etc/zabbix/zabbix_agentd.conf
sed -i 's/^Hostname=.*/Hostname=client01/' /etc/zabbix/zabbix_agentd.conf
systemctl start zabbix-agent

从安全角度，做如下改进：

1. 保持 /var/www/zabbix 目录的user和group均为root，不允许nginx用户写入。使用符号链接替代目录拷贝，用于提供nginx服务。
# ln -s /var/www/zabbix /var/www/
2. Zabbix 页面初始化结束后，生成的配置文件应及时去掉可写权限，并去掉other的可读权限：
# chown nginx:nginx /etc/zabbix/web/zabbix.conf.php
# chmod 600 /etc/zabbix/web/zabbix.conf.php

基于CentOS 7下最小化安装的操作系统搭建Zabbix3.0环境

环境说明

环境准备

基于LAMP环境的Zabbix3.0

LAMP环境安装

安装Zabbix服务

创建数据库

导入数据

修改配置

启动

基于LNMP环境的Zbbix3.0

LNMP环境安装

安装Zabbix服务

修改文件属主和属组

修改php配置

创建数据库

导入数据

配置nginx虚拟主机

启动服务

Zabbix Agent

Zabbix Agent安装

配置修改

启用Zabbix Agent

Zabbix-Get的使用

zabbix用户忘记密码

Grafana 2.6

CentOS 7下最小化安装系统之快速部署Zabbix3.0测试环境

基于LAMP环境的Zabbix3.0测试环境

基于LNMP环境的Zabbix3.0测试环境

Zabbix Agent快速部署

相关推荐