使用 Docker 部署 Zabbix 6.0
Zabbix 部署步骤和升级步骤基本相同, 升级操作跳过数据库操作即可.
PostgreSQL 创建 Zabbix 用户和数据库 (首次部署时执行这一步):
/* 创建 zabbix 用户和数据库 */
CREATE USER zabbix WITH PASSWORD 'Qa6oT7BKzx';
CREATE DATABASE zabbix OWNER=zabbix ENCODING=UTF8 TEMPLATE=template0;
- https://www.zabbix.com/documentation/6.0/en/manual/appendix/install/db_scripts
- https://www.postgresql.org/docs/14/multibyte.html
MySQL 8.0 创建 Zabbix 用户和数据库 (首次部署时执行这一步):
/* 创建 zabbix 数据库 */
/* 如果不使用 utf8 字符集, 可能会报以下错误: */
/* ERROR 1071 (42000) at line 348: Specified key was too long; max key length is 3072 bytes */
DROP DATABASE IF EXISTS zabbix;
CREATE DATABASE zabbix CHARACTER SET utf8 COLLATE utf8_bin;
/* 创建 zabbix 用户, 设置权限 */
DROP USER IF EXISTS 'zabbix'@'localhost';
CREATE USER 'zabbix'@'localhost' IDENTIFIED BY 'zabbix';
GRANT ALL PRIVILEGES ON zabbix.* TO 'zabbix'@'localhost';
DROP USER IF EXISTS 'zabbix'@'127.0.0.1';
CREATE USER 'zabbix'@'127.0.0.1' IDENTIFIED BY 'zabbix';
GRANT ALL PRIVILEGES ON zabbix.* TO 'zabbix'@'127.0.0.1';
DROP USER IF EXISTS 'zabbix'@'%';
CREATE USER 'zabbix'@'%' IDENTIFIED BY 'Qa6oT7BKzx';
GRANT ALL PRIVILEGES ON zabbix.* TO 'zabbix'@'%';
GRANT PROCESS ON *.* TO 'zabbix'@'localhost';
GRANT PROCESS ON *.* TO 'zabbix'@'127.0.0.1';
GRANT PROCESS ON *.* TO 'zabbix'@'%';
/* 刷新权限 */
FLUSH PRIVILEGES;
使用 PostgreSQL 数据库:
# 删除容器
podman rm -f zabbix_server
# 创建容器
podman create \
--env TZ=Asia/Shanghai \
--env DB_SERVER_HOST=10.25.246.200 \
--env DB_SERVER_PORT=5432 \
--env POSTGRES_USER=zabbix \
--env POSTGRES_PASSWORD=Qa6oT7BKzx \
--env POSTGRES_DB=zabbix \
--env ZBX_STARTPOLLERS=8 \
--env ZBX_STARTTRAPPERS=8 \
--env ZBX_STARTDISCOVERERS=8 \
--env ZBX_CACHESIZE=1024M \
--publish 10051:10051 \
--privileged \
--name zabbix_server \
zabbix/zabbix-server-pgsql:6.0.21-ol
# 拷贝数据库文件 (首次部署时执行这一步)
# podman cp zabbix_server:/usr/share/doc/zabbix-server-postgresql .
# 导入数据 (首次部署时执行这一步)
# zcat zabbix-server-postgresql/create.sql.gz | psql -h 10.25.246.200 -U zabbix -d zabbix
# 启动容器
systemctl enable --now podman@zabbix_server
# 查看日志
podman logs -f zabbix_server
使用 MySQL 数据库:
# 删除容器
podman rm -f zabbix_server
# 创建容器
podman create \
--env TZ=Asia/Shanghai \
--env DB_SERVER_HOST=10.25.246.200 \
--env DB_SERVER_PORT=3306 \
--env MYSQL_USER=zabbix \
--env MYSQL_PASSWORD=Qa6oT7BKzx \
--env MYSQL_DATABASE=zabbix \
--env ZBX_STARTPOLLERS=8 \
--env ZBX_STARTTRAPPERS=8 \
--env ZBX_STARTDISCOVERERS=8 \
--env ZBX_CACHESIZE=1024M \
--publish 10051:10051 \
--privileged \
--name zabbix_server \
zabbix/zabbix-server-mysql:6.0.21-ol
# 拷贝数据库文件 (首次部署时执行这一步)
# podman cp zabbix_server:/usr/share/doc/zabbix-server-mysql .
# 导入数据 (首次部署时执行这一步, MySQL 使用 root 账户)
# zcat zabbix-server-mysql/create.sql.gz | mysql -h10.25.246.200 -P3306 -uroot -pDRbL2TS7IE zabbix
# 启动容器
systemctl enable --now podman@zabbix_server
# 查看日志
podman logs -f zabbix_server
# 删除容器
podman rm -f zabbix_web_60
# 创建容器(PostgreSQL)
podman run \
--env TZ=Asia/Shanghai \
--env ZBX_SERVER_HOST=10.25.193.187 \
--env ZBX_SERVER_PORT=10051 \
--env DB_SERVER_HOST=10.25.246.200 \
--env DB_SERVER_PORT=5432 \
--env POSTGRES_USER=zabbix \
--env POSTGRES_PASSWORD=Qa6oT7BKzx \
--env POSTGRES_DB=zabbix \
--env PHP_TZ=Asia/Shanghai \
--env ZBX_MEMORYLIMIT=512M \
--env ZBX_POSTMAXSIZE=64M \
--publish 8050:8080 \
--detach \
--privileged \
--name zabbix_web_60 \
zabbix/zabbix-web-nginx-pgsql:6.0.21-ol
# 创建容器(MySQL)
podman run \
--env TZ=Asia/Shanghai \
--env ZBX_SERVER_HOST=10.25.193.187 \
--env ZBX_SERVER_PORT=10051 \
--env DB_SERVER_HOST=10.25.246.200 \
--env DB_SERVER_PORT=3306 \
--env MYSQL_USER=zabbix \
--env MYSQL_PASSWORD=Qa6oT7BKzx \
--env MYSQL_DATABASE=zabbix \
--env PHP_TZ=Asia/Shanghai \
--env ZBX_MEMORYLIMIT=512M \
--env ZBX_POSTMAXSIZE=64M \
--publish 8050:8080 \
--detach \
--privileged \
--name zabbix_web_60 \
zabbix/zabbix-web-nginx-mysql:6.0.21-ol
# Nginx 移除 IPv6 绑定
podman exec -it --user root zabbix_web_60 sed -i '/listen \[::\]:8080*/d' /etc/zabbix/nginx.conf
# PHP 性能优化
podman exec -it --user root zabbix_web_60 sed -i 's/^post_max_size =.*/post_max_size = 64M/g;s/memory_limit =.*/memory_limit = 512M/g' /etc/php.ini
# 重启容器
systemctl enable podman@zabbix_web_60
systemctl restart podman@zabbix_web_60
# 查看日志
podman logs -f zabbix_web_60
访问 Zabbix Web: http://10.25.193.187:8050, 默认用户 Admin, 默认密码 zabbix
Nginx 代理, 用于外网访问 ( 注意: location 和 proxy_pass 结尾都要加 / )
location /zabbix/ {
proxy_pass http://10.25.193.187:8050/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
创建自动注册规则: Zabbix -> Configuration -> Hosts
删除 Zabbix server
创建 Host group: Zabbix -> Configuration -> Host groups -> 点击右上角的 Create host group 按钮
- Group name: Linux servers
- Add
创建自动注册规则: Zabbix -> Configuration -> Actions -> Autoregistration actions -> 点击右上角的 Create action 按钮
- Action
- Name: Linux servers
- Conditions: Add (用于自动注册, Zabbix Agent 的 HostMetadata 设置为 Linux 即可)
- Type: Host metadata
- Operator: contains
- Value: Linux
- Add
- Operations
- Operations: Add
- Operation type: Add to host groups
- Host groups: Linux servers
- Add
- Operations: Add
- Operation type: Link to template
- Templates -> Select -> Host groups: Templates/Operating systems -> Linux by Zabbix agent active -> Select
- Add
- Operations: Add
- Add
Zabbix 5.0 版本以后推出了使用 Go 语言重写的 Agent2
- RHEL 下载地址: https://repo.zabbix.com/zabbix/6.0/rhel/
- Debian 下载地址: https://repo.zabbix.com/zabbix/6.0/debian/pool/main/z/zabbix/
- Ubuntu 下载地址: https://repo.zabbix.com/zabbix/6.0/ubuntu/pool/main/z/zabbix/
# 安装 Zabbix Agent
# dpkg -i zabbix-agent2_6.0.14-1+debian10_amd64.deb
# yum -y install zabbix-agent2-6.0.21-release1.el7.x86_64.rpm
# Server
# ServerActive
# Hostname 在 Zabbix Web 显示的名称
# HostMetadata 用于自动注册的信息
# RefreshActiveChecks 自动监测时间
# Zabbix Agent (Zabbix Server 宿主服务器设置)
# 获取 Zabbix Server 容器的 IP
# https://stackoverflow.com/a/20686101
# 注意: 容器重新创建以后, 容器的 IP 会改变, 需要重新配置
# docker inspect --format '{{ .NetworkSettings.IPAddress }}' zabbix_server
podman inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' zabbix_server
# 上条命令获取的 IP 为 10.88.0.37, Zabbix Agent 的 Server 和 ServerActive 需要设置为这个 IP
sed -i 's/^\(Server\)=.*/\1=10.88.0.1,10.88.0.37/g' /etc/zabbix/zabbix_agent2.conf
sed -i 's/^\(ServerActive\)=.*/\1=10.88.0.37/g' /etc/zabbix/zabbix_agent2.conf
sed -i 's/^\(Hostname\)=.*/\1=10.25.193.187/g' /etc/zabbix/zabbix_agent2.conf
sed -i 's!^# \(HostMetadata\)=.*!\1=Linux!g' /etc/zabbix/zabbix_agent2.conf
sed -i 's!^# \(RefreshActiveChecks\)=.*!\1=60!g' /etc/zabbix/zabbix_agent2.conf
# Zabbix Agent (通用设置, Zabbix Server 的 IP 是 10.25.193.187)
sed -i 's/^\(Server\)=.*/\1=10.25.193.187/g' /etc/zabbix/zabbix_agent2.conf
sed -i 's/^\(ServerActive\)=.*/\1=10.25.193.187/g' /etc/zabbix/zabbix_agent2.conf
sed -i 's!^# \(HostMetadata\)=.*!\1=Linux!g' /etc/zabbix/zabbix_agent2.conf
sed -i 's!^# \(RefreshActiveChecks\)=.*!\1=60!g' /etc/zabbix/zabbix_agent2.conf
# Zabbix Agent (Hostname 设置为每台服务器的真实 IP)
sed -i 's/^\(Hostname\)=.*/\1=10.25.193.187/g' /etc/zabbix/zabbix_agent2.conf
# Zabbix Agent 修改端口 (可选)
# sed -i 's/^# \(ListenPort\)=.*/\1=10050/g' /etc/zabbix/zabbix_agent2.conf
# 重启 Zabbix Agent2
systemctl restart zabbix-agent2
# 开机自动启动 Zabbix Agent2
systemctl enable zabbix-agent2
# 检查 Zabbix Agent 是否访问正常
podman exec -it zabbix_server zabbix_get -s 10.25.193.187 -k agent.ping
# 如果出现以下错误
<< COMMENT
zabbix_get [270]: Get value error: ZBX_TCP_READ() failed: [104] Connection reset by peer
zabbix_get [270]: Check access restrictions in Zabbix agent configuration
COMMENT
# 10.25.193.187 的日志 /var/log/zabbix/zabbix_agent2.log 报以下
<< COMMENT
cannot accept incoming connection for peer: 10.25.193.187
COMMENT
# 原因是 Server 设置错误, 修改 Server 配置
sed -i 's/^\(Server\)=.*/\1=10.25.193.187/g' /etc/zabbix/zabbix_agent2.conf
# 重启 Zabbix Agent2
systemctl restart zabbix-agent2
RESOLVED 半个小时后才会消失
端口开放:
- Zabbix Agent: 10050
- Zabbix Server: 10051
# Zabbix Agent
iptables -I INPUT -p tcp -m tcp --dport 10050 -j ACCEPT
iptables -A INPUT -m state --state NEW -p tcp --dport 10050 -j ACCEPT
service iptables save
# Zabbix Server
iptables -t nat -A PREROUTING -d xxx.xxx.xxx.xxx/32,xxx.xxx.xxx.xxx/32 -p tcp -m tcp --dport 10051 -j DNAT --to-destination 10.25.193.187:10051