Zabbix 监控系统部署
Zabbix是一个企业级开源分布式监控解决方案,可监控网络的众多参数以及服务器、虚拟机、应用程序、服务、数据库、网站、云等的运行状况和完整性。 Zabbix 使用灵活的通知机制,允许用户为几乎任何事件配置基于电子邮件的警报。这允许对服务器问题做出快速反应。 Zabbix 基于存储的数据提供出色的报告和数据可视化功能。这使得 Zabbix 成为容量规划的理想选择。
部署环境规划
节点规划如下:
| 节点名称 | 节点IP | 操作系统 |
|---|---|---|
| zabbix-server | 192.168.72.50 | Ubuntu 22.04 |
| zabbix-agent | 192.168.72.51 | Ubuntu 22.04 |
其中zabbix-server节点同时部署zabbix-server、zabbix-web以及zabbix-agent三个组件,以及MySQL数据库服务。
MySQL数据库部署
安装MySQL数据库
在zabbix-server节点安装mysql数据库。
配置主机名
root@ubuntu:~# hostnamectl set-hostname zabbix-server
安装mysql-server
apt update -y
apt install -y mysql-server
查看安装版本
root@zabbix-server:~# mysqld --version
/usr/sbin/mysqld Ver 8.0.37-0ubuntu0.22.04.3 for Linux on x86_64 ((Ubuntu))
查看数据库服务运行状态
root@zabbix-server:~# systemctl status mysql
● mysql.service - MySQL Community Server
Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2024-06-27 12:27:35 CST; 3h 39min ago
Main PID: 3426 (mysqld)
Status: "Server is operational"
Tasks: 37 (limit: 4556)
Memory: 365.1M
CPU: 13.084s
CGroup: /system.slice/mysql.service
└─3426 /usr/sbin/mysqld
Jun 27 12:27:34 db01 systemd[1]: Starting MySQL Community Server...
Jun 27 12:27:35 db01 systemd[1]: Started MySQL Community Server.
root@zabbix-server:~#
默认情况下,MySQL在127.0.0.1的本地地址上监听3306端口,可以使用以下命令查看:
root@db01:~# ss -antpl | grep -i mysql
LISTEN 0 70 127.0.0.1:33060 0.0.0.0:* users:(("mysqld",pid=3426,fd=21))
LISTEN 0 151 127.0.0.1:3306 0.0.0.0:* users:(("mysqld",pid=3426,fd=23))
MySQL 安全加固
运行 mysql_secure_installation 脚本来启用一些额外的安全功能,包括设置新的 MySQL root 密码、删除匿名用户和禁用远程登录。
mysql_secure_installation
回答所有问题,如下所示:
root@db01:~# mysql_secure_installation
Securing the MySQL server deployment.
Connecting to MySQL using a blank password.
VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?
Press y|Y for Yes, any other key for No: Y
There are three levels of password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2
输入 Y 并按 Enter 键以删除匿名用户。
Skipping password set for root as authentication with auth_socket is used by default.
If you would like to use password authentication instead, this can be done with the "ALTER_USER" command.
See https://dev.mysql.com/doc/refman/8.0/en/alter-user.html#alter-user-password-management for more information.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y
Success.
输入 Y 并按 Enter 键以禁止远程 root 登录。
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y
Success.
输入 Y 并按 Enter 键以删除测试数据库。
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
重新加载配置
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
Success.
All done!
设置 MySQL root 密码
默认情况下,未设置MySQL root 密码。要设置它,请连接到 MySQL shell:
root@zabbix-server:~# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 8.0.37-0ubuntu0.22.04.3 (Ubuntu)
Copyright (c) 2000, 2024, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
连接到 MySQL shell 后,使用以下命令设置 MySQL 密码:
mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password by 'Mysql@123456';
接下来,运行以下命令来保存更改:
mysql> FLUSH PRIVILEGES;
接下来,使用以下命令退出 MySQL shell:
mysql> EXIT;
接下来,再次登录MySQL shell验证root密码:
mysql -u root -p
登录后,您将进入 MySQL shell,如下所示:
root@zabbix-server:~# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 11
Server version: 8.0.37-0ubuntu0.22.04.3 (Ubuntu)
Copyright (c) 2000, 2024, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
Zabbix-server安装
以下操作在zabbix server节点执行。
官方文档:https://www.zabbix.com/cn/download
选择相应平台获取安装命令,这里以Zabbix 7.0 + Ubuntu + MySQL + Apache为例。
安装 Zabbix 软件源
wget https://repo.zabbix.com/zabbix/7.0/ubuntu/pool/main/z/zabbix-release/zabbix-release_7.0-1+ubuntu22.04_all.deb
dpkg -i zabbix-release_7.0-1+ubuntu22.04_all.deb
apt update
安装Zabbix server,Web前端,agent
apt install -y zabbix-server-mysql zabbix-frontend-php zabbix-apache-conf \
zabbix-sql-scripts zabbix-agent
初始化zabbix数据库。
在数据库主机上运行以下代码。
# mysql -uroot -p
password
mysql> create database zabbix character set utf8mb4 collate utf8mb4_bin;
mysql> create user zabbix@localhost identified by 'Zabbix@123456';
mysql> grant all privileges on zabbix.* to zabbix@localhost;
mysql> set global log_bin_trust_function_creators = 1;
mysql> quit;
导入初始架构和数据,系统将提示您输入新创建的密码,这里为Zabbix@123456。
zcat /usr/share/zabbix-sql-scripts/mysql/server.sql.gz | \
mysql --default-character-set=utf8mb4 -uzabbix -p zabbix
导入数据库架构后禁用log_bin_trust_function_creators选项。
# mysql -uroot -p
password
mysql> set global log_bin_trust_function_creators = 0;
mysql> quit;
为Zabbix server配置数据库,编辑配置文件 /etc/zabbix/zabbix\_server.conf
$ vim /etc/zabbix/zabbix_server.conf
DBHost=localhost
DBName=zabbix
DBUser=zabbix
DBPassword=Zabbix@123456
安装中文语言包
sudo apt install -y zabbix-frontend-php language-pack-zh-hans
启动Zabbix server和agent进程,并为它们设置开机自启:
systemctl restart zabbix-server zabbix-agent apache2
systemctl enable zabbix-server zabbix-agent apache2
打开Zabbix UI网页,开始使用Zabbix。使用Apache web服务器时,Zabbix UI的默认URL为http://host/zabbix:
http://192.168.72.50/zabbix
选择默认语言
检查必要条件
配置数据库连接,数据库主机配置为localhost,密码为Zabbix@123456
设置主机名及系统时间
安装前汇总
完成安装
进入登录页面,默认账号密码为Admin/zabbix
登录后如下:
Zabbix-agent 安装
以下操作在zabbix-agent节点执行。
参考官方文档,选择agent组件,按照官方指引进行安装。
配置主机名
root@ubuntu:~# hostnamectl set-hostname zabbix-agent01
安装 Zabbix 软件源
wget https://repo.zabbix.com/zabbix/7.0/ubuntu/pool/main/z/zabbix-release/zabbix-release_7.0-1+ubuntu22.04_all.deb
dpkg -i zabbix-release_7.0-1+ubuntu22.04_all.deb
apt update
安装Zabbix agent组件
apt install -y zabbix-agent
修改zabbix agent配置文件
$ vim /etc/zabbix/zabbix_agentd.conf
Server=192.168.72.50 #被动模式下的Zabbix服务端地址
ListenPort=10050
ServerActive=192.168.72.50 #主动模式下的Zabbix服务端地址,若纯被动模式可注释此行
Hostname=zabbix-agent01
启动zabbix-agent服务
systemctl restart zabbix-agent
systemctl enable zabbix-agent
zabbix-server 添加主机
选择数据采集–主机–创建主机
主机配置如下:
添加后确认可用性
选择监测–最新数据,确认是否监测到最新数据:
zabbix-server 配置告警
示例场景:当zabbix-server监测到zabbix-agent01节点CPU负载过高时,发送告警到163邮箱。
设置163邮箱
登录 https://mail.163.com/ 邮箱,设置中开启POP3/SMTP/IMAP服务,新增并记录下授权密码。
创建媒介类型
登录zabbix控制台,选择告警–媒介–创建媒介类型,配置如下,注意密码配置为授权码密码。
设置消息模板。
添加后点击测试
确认测试成功
登录163邮箱,确认收到测试邮件
用户添加报警媒介
选择用户–用户–Admin–报警媒介–添加报警媒介
设置触发器动作
选择告警–动作–触发器动作–创建动作
选择操作,发送给指定用户
触发告警事件
在zabbix-agent01节点安装stress-ng工具,使用stress-ng进行压测,触发告警负载过高事件
apt install -y stress-ng
stress-ng --cpu 8 --vm 8
等待5分钟,在zabbix-server控制台查看产生的告警事件,并且状态显示已送达。
在163邮箱确认已收到告警邮件
![[数据集][目标检测]电力场景下电柜箱门把手检测数据集VOC+YOLO格式1167张1类别](https://img-blog.csdnimg.cn/direct/885fddbf0d7d4e6aa6cdb24587d695b9.png)
