Archive for the ‘03. 配置笔记’ Category.

Zabbix5.0+Grafana可视化试用(三):通过SNMP添加华为S5700交换机实现数据采集及监控

zabbix5.0的设备添加并实现采集数据与监控的操作与4.x基本一样,首先交换机启用SNMP:

[Lan-center-s5700]snmp-agent
[Lan-center-s5700]snmp-agent community read cipher lsywsnmp123
[Lan-center-s5700]snmp-agent sys-info version all

启动SNMP后,在zabbix5.0中开始添加交换机,操作如下:

进入【配置】-【主机】配置界面,点击右上角的【创建主机】按扭,如下图所示

zabbix5.0_18

主机名称中输入全英文的名称,可见的名称中输入页面最终显示的中文名称,如下图所示,群组中选择网络群组,并移除agent代理程序的接口,SNMP接口点【添加】,并输入交换机的管理地址192.168.10.253,端口使用161默认不变。

zabbix5.0_19

再切换至模板选项栏,在Link new templates中选择【Template Net Huawei VRP SNMPv3】,如下图所示

zabbix5.0_20

切换至宏选项栏,在宏一栏中输入{$SNMP_COMMUNITY},在值一栏中输入刚才交换机设置的SNMP密码lsywsnmp123,如下图所示,完成后,点击【更新】按扭完成添加。

zabbix5.0_21

至此,交换机添加完成,过一段时间,列表中就有华为S5700核心交换机清单,监控项、触发器、图形等都有内容,如下图。

zabbix5.0_22

Zabbix5.0+Grafana可视化试用(二):将图形界面中的乱码修复为中文显示

默认zabbix在图形显示中中文显示为乱码,需要修复才能正常显示,如下图红框所示:

zabbix5.0_12

操作如下:

首先将WINDOWS FONTS文件夹中的黑体字复制至本机硬盘

zabbix5.0_13

将本地电脑上的黑体字体文件simhei.ttf复制到/usr/share/zabbix/assets/fonts/目录下,如下图

zabbix5.0_15

再通过vi修改/usr/share/zabbix/include目录下的defines.inc.php文件,将红框位置中原graphfont修改为simhei,如下图,完成后保存退出。

zabbix5.0_16

刷新图形界面,已能显示中文,如下。

zabbix5.0_17

Zabbix5.0+Grafana可视化试用(一):在CentOS8(1911)上采用二进制包安装Zabbix5.0.1

1、完成CentOS8(1911)安装

[root@localhost ~]# cat /etc/redhat-release
CentOS Linux release 8.1.1911 (Core)
[root@localhost ~]# hostnamectl
   Static hostname: localhost.localdomain
          Icon name: computer-vm
           Chassis: vm
        Machine ID: f8712212dcd94fe0915ce5c9250b8d39
           Boot ID: fa1e9af220c349e4a760f3053ef4bee0
    Virtualization: vmware
  Operating System: CentOS Linux 8 (Core)
       CPE OS Name: cpe:/o:centos:centos:8
            Kernel: Linux 4.18.0-147.el8.x86_64
      Architecture: x86-64
[root@localhost ~]#

2、关闭防火墙及SElinux

[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# systemctl disable firewalld.service

接着将SELinux关闭,运行如下命令编辑SELINUX配置文件:

[root@localhost ~]# vi /etc/selinux/config

并将SELINUX=enforcing改成SELINUX=disable,如下:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing – SELinux security policy is enforced.
#     permissive – SELinux prints warnings instead of enforcing.
#     disabled – No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
#     targeted – Targeted processes are protected,
#     minimum – Modification of targeted policy. Only selected processes are protected.
#     mls – Multi Level Security protection.
SELINUXTYPE=targeted

修改完成后,重启机器,重启后运行getenforce命令查看已经关闭SELinux。

3、修改主机名hostname

[root@localhost ~]# hostnamectl –static set-hostname zabbixserver
[root@localhost ~]#
[root@localhost ~]# hostnamectl
    Static hostname: zabbixserver
         Icon name: computer-vm
           Chassis: vm
        Machine ID: f8712212dcd94fe0915ce5c9250b8d39
           Boot ID: fa1e9af220c349e4a760f3053ef4bee0
    Virtualization: vmware
  Operating System: CentOS Linux 8 (Core)
       CPE OS Name: cpe:/o:centos:centos:8
            Kernel: Linux 4.18.0-147.el8.x86_64
      Architecture: x86-64
[root@localhost ~]#
[root@localhost ~]# more /etc/hostname
zabbixserver
[root@localhost ~]#
[root@localhost ~]# reboot

完成以上操作后重启系统。

4、安装依赖包

[root@zabbixserver ~]# yum install -y httpd mariadb-server mariadb php php-gd libjpeg* php-ldap php-odbc php-pear php-xml php-xmlrpc php-mhash

[root@zabbixserver ~]# rpm -qa httpd php mariadb
mariadb-10.3.17-1.module_el8.1.0+257+48736ea6.x86_64
httpd-2.4.37-16.module_el8.1.0+256+ae790463.x86_64
php-7.2.11-2.module_el8.1.0+209+03b9a8ff.x86_64
[root@zabbixserver ~]#

5、相关配置

[root@zabbixserver ~]# vi /etc/httpd/conf/httpd.conf

将servername设置为192.168.10.218:80,在DirectoryIndex中添加index.php,如下:

# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If your host doesn’t have a registered DNS name, enter its IP address here.
#
ServerName 192.168.10.218:80

# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
< IfModule dir_module>
    DirectoryIndex index.html index.php
< /IfModule>

接着配置php.ini,如下:

[root@zabbixserver ~]# vi /etc/php.ini

将date.timezone设置为PRC:

[Date]
; Defines the default timezone used by the date functions
; http://php.net/date.timezone
date.timezone = PRC

开始启动http和mysql数据库:

[root@zabbixserver ~]# systemctl start httpd
[root@zabbixserver ~]# systemctl start mariadb
[root@zabbixserver ~]#
[root@zabbixserver ~]# ss -naplt | grep httpd
LISTEN   0         128                       *:80                     *:*        users:(("httpd",pid=31049,fd=4),("httpd",pid=31048,fd=4),("httpd",pid=31047,fd=4),("httpd",pid=31045,fd=4))
[root@zabbixserver ~]# ss -naplt | grep mysqld
LISTEN   0         80                        *:3306                   *:*        users:(("mysqld",pid=31397,fd=22))
[root@zabbixserver ~]#

设置开机自启动模式:

[root@zabbixserver ~]# systemctl enable httpd
[root@zabbixserver ~]#
[root@zabbixserver ~]# systemctl enable mariadb
Created symlink /etc/systemd/system/mysql.service 鈫/usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/mysqld.service 鈫/usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/multi-user.target.wants/mariadb.service 鈫/usr/lib/systemd/system/mariadb.service.
[root@zabbixserver ~]#

开始测试PHP功能:

[root@zabbixserver ~]# vi /var/www/html/index.php

输入以下内容:

<?php
phpinfo();
?>

打开http://192.168.10.218,显示如下界面说明PHP运行正常。

zabbix5.0_01

最后在centos8上安装中文语言包:

[root@zabbixserver ~]# yum install langpacks-zh_CN.noarch

6、配置并初始化数据库

设置mysql数据库root密码为zabbixroot,如下:

[root@zabbixserver ~]# mysqladmin -u root password zabbixroot
[root@zabbixserver ~]#
[root@zabbixserver ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 9
Server version: 10.3.17-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE zabbix character set utf8 collate utf8_bin;
Query OK, 1 row affected (0.001 sec)

MariaDB [(none)]>
MariaDB [(none)]>
MariaDB [(none)]> GRANT all ON zabbix.* TO ‘zabbix’@’zabbixserver’ IDENTIFIED BY ‘zabbix123’;
Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]>
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]>
MariaDB [(none)]> quit
Bye
[root@zabbixserver ~]#
[root@zabbixserver ~]#

7、安装依赖包

[root@zabbixserver ~]# yum -y install net-snmp net-snmp-devel curl curl-devel libxml2 libxml2-devel libevent-devel.x86_64

8、安装并配置zabbix5.0

[root@zabbixserver ~]# rpm -ivh https://repo.zabbix.com/zabbix/5.0/rhel/8/x86_64/zabbix-release-5.0-1.el8.noarch.rpm
Retrieving https://repo.zabbix.com/zabbix/5.0/rhel/8/x86_64/zabbix-release-5.0-1.el8.noarch.rpm
warning: /var/tmp/rpm-tmp.3RlAnb: Header V4 RSA/SHA512 Signature, key ID a14fe591: NOKEY
Verifying…                          ################################# [100%]
Preparing…                          ################################# [100%]
Updating / installing…
   1:zabbix-release-5.0-1.el8         ################################# [100%]

[root@zabbixserver ~]# yum clean all
20 files removed
[root@zabbixserver ~]#

开始安装以下组件:

[root@zabbixserver ~]# yum install -y zabbix-server-mysql zabbix-web-mysql zabbix-apache-conf zabbix-agent

导入初始架构和数据:

[root@zabbixserver ~]# cat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -p -h 192.168.10.218 zabbix
Enter password:

输入zabbix用户的密码zabbix123,开始导入。

完成后开始配置zabbix server的配置文件,使配置文件中引用刚才创建的数据库,编辑/etc/zabbix/zabbix_server.conf文件:

[root@zabbixserver ~]# vi /etc/zabbix/zabbix_server.conf

完成如下DBHost、DBName、DBUser、DBPassword配置:

### Option: DBHost
#       Database host name.
#       If set to localhost, socket is used for MySQL.
#       If set to empty string, socket is used for PostgreSQL.
#
# Mandatory: no
# Default:
DBHost=zabbixserver

### Option: DBName
#       Database name.
#
# Mandatory: yes
# Default:
# DBName=

DBName=zabbix

### Option: DBSchema
#       Schema name. Used for PostgreSQL.
#
# Mandatory: no
# Default:
# DBSchema=

### Option: DBUser
#       Database user.
#
# Mandatory: no
# Default:
# DBUser=

DBUser=zabbix

### Option: DBPassword
#       Database password.
#       Comment this line if no password is used.
#
# Mandatory: no
# Default:
DBPassword=zabbix123

接着配置zabbix配置文件zabbix.conf:

[root@zabbixserver ~]# vi /etc/php-fpm.d/zabbix.conf

将date.timezone设置成Asia/Shanghai,如下:

php_value[date.timezone] = Asia/Shanghai

启动zabbix程序:

[root@zabbixserver ~]# systemctl restart zabbix-server zabbix-agent httpd php-fpm
[root@zabbixserver ~]#
[root@zabbixserver ~]#
[root@zabbixserver ~]# systemctl enable zabbix-server zabbix-agent httpd php-fpm
Created symlink /etc/systemd/system/multi-user.target.wants/zabbix-server.service 鈫/usr/lib/systemd/system/zabbix-server.service.
Created symlink /etc/systemd/system/multi-user.target.wants/zabbix-agent.service 鈫/usr/lib/systemd/system/zabbix-agent.service.
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service 鈫/usr/lib/systemd/system/httpd.service.
Created symlink /etc/systemd/system/multi-user.target.wants/php-fpm.service 鈫/usr/lib/systemd/system/php-fpm.service.
[root@zabbixserver ~]#

查看日志文件zabbix_server.log,没有相关错误,说明运行正常

[root@zabbixserver ~]# more /var/log/zabbix/zabbix_server.log
  7323:20200531:164159.807 Starting Zabbix Server. Zabbix 5.0.1 (revision c2a0b03480).
  7323:20200531:164159.807 ****** Enabled features ******
  7323:20200531:164159.807 SNMP monitoring:           YES
  7323:20200531:164159.807 IPMI monitoring:           YES
  7323:20200531:164159.807 Web monitoring:            YES
  7323:20200531:164159.807 VMware monitoring:         YES
  7323:20200531:164159.807 SMTP authentication:       YES
  7323:20200531:164159.807 ODBC:                      YES
  7323:20200531:164159.807 SSH support:               YES
  7323:20200531:164159.807 IPv6 support:              YES
  7323:20200531:164159.807 TLS support:               YES
  7323:20200531:164159.807 ******************************
  7323:20200531:164159.807 using configuration file: /etc/zabbix/zabbix_server.conf
  7323:20200531:164159.867 current database version (mandatory/optional): 05000000/05000000
  7323:20200531:164159.867 required mandatory version: 05000000
  7323:20200531:164159.961 server #0 started [main process]
  7346:20200531:164159.962 server #1 started [configuration syncer #1]
  7349:20200531:164200.074 server #3 started [timer #1]
  7350:20200531:164200.075 server #4 started [http poller #1]
  7348:20200531:164200.076 server #2 started [housekeeper #1]
  7351:20200531:164200.077 server #5 started [discoverer #1]
  7353:20200531:164200.079 server #7 started [history syncer #2]
  7354:20200531:164200.080 server #8 started [history syncer #3]
  7352:20200531:164200.080 server #6 started [history syncer #1]
  7355:20200531:164200.081 server #9 started [history syncer #4]
  7357:20200531:164200.083 server #11 started [proxy poller #1]
  7356:20200531:164200.084 server #10 started [escalator #1]
  7362:20200531:164200.087 server #14 started [poller #1]
  7360:20200531:164200.091 server #12 started [self-monitoring #1]
  7367:20200531:164200.091 server #17 started [poller #4]
  7363:20200531:164200.099 server #15 started [poller #2]
  7361:20200531:164200.106 server #13 started [task manager #1]
  7372:20200531:164200.108 server #20 started [trapper #1]
  7364:20200531:164200.109 server #16 started [poller #3]
  7374:20200531:164200.119 server #22 started [trapper #3]
  7370:20200531:164200.124 server #18 started [poller #5]
  7373:20200531:164200.132 server #21 started [trapper #2]
  7378:20200531:164200.136 server #25 started [icmp pinger #1]
  7380:20200531:164200.137 server #26 started [alert manager #1]
  7383:20200531:164200.139 server #29 started [alerter #3]
  7371:20200531:164200.140 server #19 started [unreachable poller #1]
  7375:20200531:164200.142 server #23 started [trapper #4]
  7382:20200531:164200.150 server #28 started [alerter #2]
  7389:20200531:164200.162 server #35 started [lld worker #1]
  7390:20200531:164200.163 server #36 started [lld worker #2]
  7391:20200531:164200.164 server #37 started [alert syncer #1]
  7384:20200531:164200.164 server #30 started [preprocessing manager #1]
  7385:20200531:164200.165 server #31 started [preprocessing worker #1]
  7386:20200531:164200.166 server #32 started [preprocessing worker #2]
  7376:20200531:164200.167 server #24 started [trapper #5]
  7387:20200531:164200.184 server #33 started [preprocessing worker #3]
  7388:20200531:164200.188 server #34 started [lld manager #1]
  7381:20200531:164200.189 server #27 started [alerter #1]
  7362:20200531:164201.305 enabling Zabbix agent checks on host "Zabbix server": host became available
  7355:20200531:164242.192 item "Zabbix server:zabbix[process,ipmi poller,avg,busy]" became not supported:
No "ipmi poller" processes started.
  7354:20200531:164243.199 item "Zabbix server:zabbix[process,java poller,avg,busy]" became not supported:
No "java poller" processes started.
  7354:20200531:164247.346 item "Zabbix server:zabbix[process,snmp trapper,avg,busy]" became not supported:
  No "snmp trapper" processes started.
  7354:20200531:164247.346 item "Zabbix server:zabbix[process,ipmi manager,avg,busy]" became not supported:
  No "ipmi manager" processes started.
  7354:20200531:164248.448 item "Zabbix server:zabbix[process,vmware collector,avg,busy]" became not suppor
ted: No "vmware collector" processes started.
  7354:20200531:164255.770 item "Zabbix server:zabbix[vmware,buffer,pused]" became not supported: No "vmwar
e collector" processes started.
  7355:20200531:164320.376 item "Zabbix server:vfs.dev.read.await[sda]" became not supported: Cannot evalua
te expression: "Cannot evaluate function "last()": not enough data.".
  7355:20200531:164321.527 item "Zabbix server:vfs.dev.write.await[sda]" became not supported: Cannot evalu
ate expression: "Cannot evaluate function "last()": not enough data.".
  7353:20200531:164620.339 item "Zabbix server:vfs.dev.read.await[sda]" became supported
  7353:20200531:164621.449 item "Zabbix server:vfs.dev.write.await[sda]" became supported
  7348:20200531:171200.339 executing housekeeper
  7348:20200531:171200.360 housekeeper [deleted 0 hist/trends, 0 items/triggers, 0 events, 0 problems, 0 se
ssions, 0 alarms, 0 audit, 0 records in 0.013464 sec, idle for 1 hour(s)]

接着开始配置zabbix,输入http://192.168.10.218/zabbix,如下:

zabbix5.0_02

zabbix5.0_03

zabbix5.0_04

zabbix5.0_05

zabbix5.0_06

zabbix5.0_07

zabbix5.0_08

zabbix5.0_09

设置为中文界面,如下图。

zabbix5.0_10

zabbix5.0_11

Zabbix 4.4试用(五):通过SNMP监控CentOS7服务器

通过SNMP来监控LINUX服务器,首先在CENTOS服务器上安装SNMP,如下:

[root@localhost ~]# yum -y install net-snmp net-snmp-utils
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
  * base: mirrors.cn99.com
  * extras: mirrors.nju.edu.cn
  * updates: mirrors.nju.edu.cn
base

[root@localhost ~]# rpm -qa | grep snmp
net-snmp-libs-5.7.2-43.el7_7.3.x86_64
net-snmp-5.7.2-43.el7_7.3.x86_64
net-snmp-utils-5.7.2-43.el7_7.3.x86_64
net-snmp-agent-libs-5.7.2-43.el7_7.3.x86_64

zabbix4.4config_20

zabbix4.4config_21

通过snmpd -v查看SNMP版本:

[root@localhost ~]# snmpd -v

NET-SNMP version:  5.7.2
Web:               http://www.net-snmp.org/
Email:             net-snmp-coders@lists.sourceforge.net

[root@localhost ~]#

zabbix4.4config_22

开始更改团体名,更改为lsywsnmp123:

[root@localhost ~]# vi /etc/snmp/snmpd.conf

com2sec notConfigUser  default       public

更改为

com2sec notConfigUser  default       lsywsnmp123

重启SNMP服务,并设置为开机启动,如下:

[root@localhost ~]# systemctl start snmpd.service
[root@localhost ~]#
[root@localhost ~]# systemctl enable snmpd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/snmpd.service to /usr/lib/systemd/system/snmpd.service.
[root@localhost ~]#
[root@localhost ~]#

zabbix4.4config_23

接着开始ZABBIX端的设置,添加这台CENTOS服务器:

zabbix4.4config_24

模块设置:

zabbix4.4config_27

设置宏中的团体名

zabbix4.4config_26

完成后,清单中已有服务器,SNMP监控也显示绿色,正常。

zabbix4.4config_28

Zabbix 4.4试用(四):通过SNMP监控Windows 2008R2

ZABBIX支持通过zabbix agent或SNMP来添加和监控WINDOWS服务器,本次将以WINDOWS 2008R2为例 ,通过SNMP来实现WINDOWS服务器的监控,操作如下:

首先在WINDOWS服务器上启用SNMP,打开服务器管理器,在【功能】选项栏上,选择【添加功能】,如下图

zabbix4.4config_12

选择SNMP服务,如下图

zabbix4.4config_13

完成后,进入【服务】界面,在SNMP Service右键,选择【属性】,如下图

zabbix4.4config_14

在安全选项中,设置相关参数,在社区名称中设置lsywsnmp123,在接受主机一栏中选择ZABBIX SERVER的IP 192.168.10.217,如下图所示,完成后点击确定。

zabbix4.4config_15

接着进入ZABBIX配置界面开始添加这台服务器,方法和添加华交换机一样,选择添加主机按扭,如下图,输入主机名称、可见的名称、群组和SNMP接口信息等

zabbix4.4config_16

在链接的模板中选择Template OS Windows SNMPv2,如下图

zabbix4.4config_17

在宏选项栏中,宏中输入{$SNMP_COMMUNITY},值中输入lsywsnmp123,如下图

zabbix4.4config_18

完成后,清单中就能看到添加的备份服务器,且SNMP监控为绿色,监控正常。

zabbix4.4config_19

Zabbix 4.4试用(三):通过SNMP监控华为交换机S5700

zabbix支持通过SNMP或ZABBIX AGENT采集设备信息,交换机自带SNMP,且不能安装ZABBIX AGENT组件,故交换机一般通过SNMP来管理,首先配置交换机,启用SNMP,操作如下:

[Lan-center-s5700]snmp-agent
[Lan-center-s5700]snmp-agent community read cipher lsywsnmp123
[Lan-center-s5700]snmp-agent sys-info version all

zabbix4.4config_06

启用SNMP后,在zabbix中添加此交换机,开始监控,操作如下:

进入【配置】-【主机】配置界面,点击右上角的【创建主机】按扭,如下图所示

zabbix4.4config_07

主机名称中输入全英文的名称,可见的名称中输入页面最终显示的中文名称,如下图所示,群组中选择网络群组,并移除agent代理程序的接口,SNMP接口点【添加】,并输入交换机的管理地址192.168.10.253,端口使用161默认不变。

zabbix4.4config_08

再切换至模板选项栏,在Link new templates中选择【Template Net Huawei VRP SNMPv3】,如下图所示

zabbix4.4config_09

切换至宏选项栏,在宏一栏中输入{$SNMP_COMMUNITY},在值一栏中输入刚才交换机设置的SNMP密码lsywsnmp123,如下图所示,完成后,点击【更新】按扭完成添加。

zabbix4.4config_10

过一估时间,列表中就有华为S5700核心交换机清单,监控项、触发器、图形等都有内容,如下图。

zabbix4.4config_11

至此,交换机添加完成。

Zabbix 4.4试用(二):将图形界面中的乱码修复为中文显示

默认zabbix在图形显示中中文显示为乱码,需要修复才能正常显示,如下图红框所示:

zabbix4.4config_01

操作如下:

首先将WINDOWS FONTS文件夹中的黑体字复制至本机硬盘

zabbix4.4config_02

然后在服务器上操作zabbix-web-nginx-mysql容器,通过docker ps查看zabbix-web-nginx-mysql容器的ID,如下图,这里为48a2c96acc9c

zabbix4.4config_03

通过docker exec进入进入zabbix-web-nginx-mysql容器进行操作,首先查询需要修改的DejaVuSans.ttf和defines.inc.php两个文件的位置,操作如下:

[root@localhost zabbix]# docker exec -it 48a2c96acc9c bash
bash-5.0# find / -name DejaVuSans.ttf
/usr/share/zabbix/assets/fonts/DejaVuSans.ttf
bash-5.0#
bash-5.0# find / -name defines.inc.php
/usr/share/zabbix/include/defines.inc.php
bash-5.0#

然后将刚才本地电脑上的黑体字体文件simhei.ttf复制到/usr/share/zabbix/assets/fonts/目录下,然后通过vi修改defines.inc.php文件,将红框位置中原DejaVuSans修改为simhei,如下图,完成后保存退出。

zabbix4.4config_04

再次刷新图形,已能显示中文,如下图所示。至此修改完成。

zabbix4.4config_05

Zabbix 4.4试用(一):在Centos7上通过Docker方式安装Zabbix 4.4

之前采用一步步安装方式完成了zabbix4.0.2的安装,最近有4.4新版本,且想通过Docker方式安装,操作步骤简洁好多,准备一试。

首先在VMware vSphere平台上完成Centos7.5.1804虚拟机的安装,配置IP地址。然后完成如下步骤的安装:

1、关闭并禁用防火墙

[root@localhost etc]# firewall-cmd –state
running
[root@localhost etc]#
[root@localhost etc]# systemctl stop firewalld.service
[root@localhost etc]#
[root@localhost etc]#
[root@localhost etc]# systemctl disable firewalld.service
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost etc]#
[root@localhost etc]#
[root@localhost etc]# firewall-cmd –state
not running
[root@localhost etc]#

zabbixdocker4.4_01

2、关闭SELINUX

将配置文件/etc/selinux/config的SELINUX设置为disabled,操作如下:

[root@localhost etc]# sed -i ‘s#SELINUX=enforcing#SELINUX=disabled#g’ /etc/selinux/config
[root@localhost etc]#
[root@localhost etc]#
[root@localhost etc]# grep "SELINUX=disabled" /etc/selinux/config
SELINUX=disabled
[root@localhost etc]#

zabbixdocker4.4_02

配置完成后reboot重启,再使用getenforce命令查看是否关闭SELINUX:

[root@localhost ~]# getenforce
Disabled
[root@localhost ~]#

zabbixdocker4.4_03

3、安装docker

开始安装docker,首先安装docker-ce所需的依赖包:

[root@localhost ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
  * base: mirrors.163.com
  * extras: mirrors.aliyun.com
  * updates: mirrors.163.com
base

zabbixdocker4.4_04

设置docker-ce在线存储库,这里设置为阿里云在线存储库,操作如下:

[root@localhost ~]# yum-config-manager –add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
Loaded plugins: fastestmirror, langpacks
adding repo from: http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
grabbing file http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
[root@localhost ~]#
[root@localhost ~]#

zabbixdocker4.4_05

开始安装docker,

[root@localhost ~]# yum clean all
Loaded plugins: fastestmirror, langpacks
Cleaning repos: base docker-ce-stable extras updates
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
Cleaning up list of fastest mirrors
[root@localhost ~]#
[root@localhost ~]# yum makecache fast
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
  * base: mirrors.cn99.com
  * extras: mirrors.cn99.com
  * updates: mirrors.cn99.com
base
docker-ce-stable
extras
updates
(1/6): docker-ce-stable/x86_64/updateinfo
(2/6): docker-ce-stable/x86_64/primary_db
(3/6): base/7/x86_64/group_gz
(4/6): extras/7/x86_64/primary_db
(5/6): base/7/x86_64/primary_db
(6/6): updates/7/x86_64/primary_db
Metadata Cache Created
[root@localhost ~]#
[root@localhost ~]#yum install -y docker-ce
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
  * base: mirrors.cn99.com
  * extras: mirrors.cn99.com
  * updates: mirrors.cn99.com
Resolving Dependencies
–> Running transaction check
—> Package docker-ce.x86_64 3:19.03.8-3.el7 will be installed

zabbixdocker4.4_06

启动并开机自启动docker,操作如下:

[root@localhost ~]# systemctl start docker
[root@localhost ~]#
[root@localhost ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@localhost ~]#
[root@localhost ~]#

zabbixdocker4.4_07

docker版本号及信息查看:

[root@localhost ~]# docker version
Client: Docker Engine – Community
  Version:           19.03.8
  API version:       1.40
  Go version:        go1.12.17
  Git commit:        afacb8b
  Built:             Wed Mar 11 01:27:04 2020
  OS/Arch:           linux/amd64
  Experimental:      false

Server: Docker Engine – Community
  Engine:
   Version:          19.03.8
   API version:      1.40 (minimum version 1.12)
   Go version:       go1.12.17
   Git commit:       afacb8b
   Built:            Wed Mar 11 01:25:42 2020
   OS/Arch:          linux/amd64
   Experimental:     false
  containerd:
   Version:          1.2.13
   GitCommit:        7ad184331fa3e55e52b890ea95e65ba581ae3429
  runc:
   Version:          1.0.0-rc10
   GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
  docker-init:
   Version:          0.18.0
   GitCommit:        fec3683
[root@localhost ~]# docker info
Client:
  Debug Mode: false

Server:
  Containers: 0
   Running: 0
   Paused: 0
   Stopped: 0
  Images: 0
  Server Version: 19.03.8
  Storage Driver: overlay2
   Backing Filesystem: <unknown>
   Supports d_type: true
   Native Overlay Diff: true
  Logging Driver: json-file
  Cgroup Driver: cgroupfs
  Plugins:
   Volume: local
   Network: bridge host ipvlan macvlan null overlay
   Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
  Swarm: inactive
  Runtimes: runc
  Default Runtime: runc
  Init Binary: docker-init
  containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
  runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
  init version: fec3683
  Security Options:
   seccomp
    Profile: default
  Kernel Version: 3.10.0-862.el7.x86_64
  Operating System: CentOS Linux 7 (Core)
  OSType: linux
  Architecture: x86_64
  CPUs: 4
  Total Memory: 7.639GiB
  Name: localhost.localdomain
ID: RFQ5:YIQ2:LDAJ:WVSG:OIWX:KJDP:OFS4:YZOX:OT6V:AIXQ:Y5XT:EC7B
  Docker Root Dir: /var/lib/docker
  Debug Mode: false
  Registry: https://index.docker.io/v1/
  Labels:
  Experimental: false
  Insecure Registries:
   127.0.0.0/8
  Live Restore Enabled: false

4、安装zabbix

启动一个mysql实例,操作如下:

[root@localhost ~]# docker run –name mysql-server -t -e MYSQL_DATABASE="zabbix" -e MYSQL_USER="zabbix" -e MYSQL_PASSWORD="zabbix" -e MYSQL_ROOT_PASSWORD="zabbix" -d mysql:5.7  –character-set-server=utf8 –collation-server=utf8_bin
Unable to find image ‘mysql:5.7’ locally
5.7: Pulling from library/mysql
c499e6d256d6: Downloading [=>                                                 ]  833.9kB/27.09MB
22c4cdf4ea75: Download complete
6ff5091a5a30: Downloading [===================>                               ]  1.661MB/4.178MB
2fd3d1af9403: Download complete
0d9d26127d1d: Download complete
54a67d4e7579: Downloading [=========>                                         ]  2.603MB/13.44MB
fe989230d866: Waiting
466a91a95e2f: Waiting
3e4554c238f1: Waiting
603b48ead88c: Waiting

zabbixdocker4.4_08

[root@localhost ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS                 NAMES
e7f3382c954d        mysql:5.7           "docker-entrypoint.s鈥   About a minute ago   Up About a minute   3306/tcp, 33060/tcp   mysql-server
[root@localhost ~]#

完成后启动ZABBIX JAVA GATEWAY实例,操作如下:

[root@localhost ~]# docker run –name zabbix-java-gateway -t –restart unless-stopped -d zabbix/zabbix-java-gateway:latest
Unable to find image ‘zabbix/zabbix-java-gateway:latest’ locally
latest: Pulling from zabbix/zabbix-java-gateway
aad63a933944: Pull complete
d3ba7323f78e: Pull complete
116fee55b2cb: Pull complete
008031baaa1a: Pull complete
759297fddc58: Pull complete
bdc3c870522b: Pull complete
Digest: sha256:d71da91fc4bb197070724cb2937ebb6548dee73de9df9e7747db895f488c2174
Status: Downloaded newer image for zabbix/zabbix-java-gateway:latest
b6dd2a948eb1076da5ddeacf322f06099aad653987ee344cbc79c0869eee780d
[root@localhost ~]#

zabbixdocker4.4_09

完成后开始启动zabbix server实例,并关联这个实例到刚才已创建的MYSQL服务器实例,操作如下:

[root@localhost ~]# docker run –name zabbix-server-mysql -t -e DB_SERVER_HOST="mysql-server" -e MYSQL_DATABASE="zabbix" -e MYSQL_USER="zabbix" -e MYSQL_PASSWORD="zabbix" -e MYSQL_ROOT_PASSWORD="zabbix" –link mysql-server:mysql -p 10051:10051 -d zabbix/zabbix-server-mysql:latest
Unable to find image ‘zabbix/zabbix-server-mysql:latest’ locally
latest: Pulling from zabbix/zabbix-server-mysql
aad63a933944: Already exists
dc473403998d: Pull complete
3f3f207b0d86: Pull complete
4278aa9ace68: Pull complete
Digest: sha256:8bc24ef87310170a581f5b5881e36e6464062d17f2f2b30e6520281d07e8366f
Status: Downloaded newer image for zabbix/zabbix-server-mysql:latest
c9c0e158a93f541c5a50ae92cd1c5ff82cda5043813fa74d1938e0fe9b5d76de
[root@localhost ~]#

zabbixdocker4.4_10

最后启动ZABBIX WEB接口,并将它与MYSQL服务器实例和ZABBIX SERVER实例关联,操作如下:

[root@localhost ~]# docker run –name zabbix-web-nginx-mysql -t -e DB_SERVER_HOST="mysql-server" -e MYSQL_DATABASE="zabbix" -e MYSQL_USER="zabbix" -e MYSQL_PASSWORD="zabbix" -e MYSQL_ROOT_PASSWORD="zabbix" –link mysql-server:mysql –link zabbix-server-mysql:zabbix-server -p 8080:80 -d zabbix/zabbix-web-nginx-mysql:latest
Unable to find image ‘zabbix/zabbix-web-nginx-mysql:latest’ locally
latest: Pulling from zabbix/zabbix-web-nginx-mysql
aad63a933944: Already exists
f4eabf890618: Pull complete
39f7583adc90: Pull complete
7776e04aff55: Pull complete
fb275d4b4f50: Pull complete
2614dbe8b3f3: Pull complete
8d65f383f456: Pull complete
1b9047914505: Pull complete
be585e988008: Pull complete
ad312041223c: Pull complete
94362bde1339: Pull complete
Digest: sha256:0685485848ce4f759b207f888c4870f936072e4bcf8e5934c3cad62fa5ea4410
Status: Downloaded newer image for zabbix/zabbix-web-nginx-mysql:latest
48a2c96acc9c22ca77dc487a410863487234ad17afe26dafd8c4843b0cf5c46e
[root@localhost ~]#

zabbixdocker4.4_11

查看状态:

[root@localhost ~]# docker ps -a
CONTAINER ID        IMAGE                                  COMMAND                  CREATED              STATUS              PORTS                           NAMES
48a2c96acc9c        zabbix/zabbix-web-nginx-mysql:latest   "docker-entrypoint.sh"   About a minute ago   Up About a minute   443/tcp, 0.0.0.0:8080->80/tcp   zabbix-web-nginx-mysql
c9c0e158a93f        zabbix/zabbix-server-mysql:latest      "/sbin/tini — /usr/鈥   6 minutes ago        Up 6 minutes        0.0.0.0:10051->10051/tcp        zabbix-server-mysql
b6dd2a948eb1        zabbix/zabbix-java-gateway:latest      "docker-entrypoint.s鈥   10 minutes ago       Up 10 minutes       10052/tcp                       zabbix-java-gateway
e7f3382c954d        mysql:5.7                              "docker-entrypoint.s鈥   15 minutes ago       Up 15 minutes       3306/tcp, 33060/tcp             mysql-server
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# docker images
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
zabbix/zabbix-java-gateway      latest              660ab57f1078        6 days ago          82MB
zabbix/zabbix-web-nginx-mysql   latest              2cc114aa7b9c        6 days ago          167MB
zabbix/zabbix-server-mysql      latest              2bb0dd73957d        6 days ago          64.7MB
mysql                           5.7                 413be204e9c3        2 weeks ago         456MB
[root@localhost ~]#

zabbixdocker4.4_13

至此,DOCKER方式安装ZABBIX已经安装,输入网址http://IP:8080,即可打开ZABBIX,用户名Admin,密码zabbix,如下:

zabbixdocker4.4_12

zabbixdocker4.4_14

VMware虚拟机配置任何IP都出现“Windows检测到IP地址冲突”故障的解决

一台VMware虚拟化平台上的虚拟机,配置任意IP都显示“IP地址冲突”,且只有该虚拟机89网段出现此问题,其它网段都正常,主要排查步骤如下:

 nwerr_01

如上图,无论配置89段哪个IP地址,都会出现“Windows检测到IP地址冲突”,且故障只有89网段存在,其它网段正常,如下图

nwerr_02

以为是有ARP病毒,结果排查后不是这个原因,只能查源头,看哪个MAC地址一直与本机IP冲突,开始检查Windows日志,发现日志提示无论更改为哪个IP,都与00-0C-29-04-CF-33这个MAC冲突,如下图所示:

nwerr_03

在核心交换机中查询此MAC,使用dis arp | in 192.168.89.,没有查询到00-0C-29-04-CF-33此MAC地址,如下图所示

nwerr_05

最后发现00-0C-29-04-CF-33这个MAC和上图中的MAC前几位都相同,89段基本都用在VMware虚拟化平台上,故能判断00-0C-29-04-CF-33这个MAC的虚拟机应该也是在此VMware虚拟化平台中运行,通过在ESXi中一台台查看,找到了一台“中标麒麟”的虚拟机为此MAC,如下图:

nwerr_06

进入虚拟机查看,发现lo回环网卡的IP地址为192.168.89.201,不是默认的127.0.0.0/255.0.0.0,如下图

nwerr_07

且ping任意89段中IP都能PING通,怀疑为此原因造成了89段IP在其它虚拟机配置不上去的原因

nwerr_08

故将此虚拟机关机,再在刚才的虚拟机中配置89段的任意IP,发现IP冲突故障消失,可以配置IP,且能PING通网关,如下图。

nwerr_09

综上,本次是由于同网段中一台虚拟机在lo回环网口上配置了相同的89段,而不是127.0.0.1而导致的,将虚拟机关机后,故障现象排除。

Centos8上试用开源堡垒机Jumpserver 1.5.6(八):创建用户时使用密码链接并发邮件给用户功能

===================================================================

开源堡垒机Jumpserver安装/配置系列:

1、Centos8上试用开源堡垒机Jumpserver 1.5.6(一):堡垒机概述
2、Centos8上试用开源堡垒机Jumpserver 1.5.6(二):安装Centos8(CentOS-8.1.1911-x86_64-dvd1.iso)
3、Centos8上试用开源堡垒机Jumpserver 1.5.6(三):在Centos8上安装Jumpserver
4、Centos8上试用开源堡垒机Jumpserver 1.5.6(四):添加被管资源与运维帐户权限分配
5、Centos8上试用开源堡垒机Jumpserver 1.5.6(五):通过堡垒机进行运维管理
6、Centos8上试用开源堡垒机Jumpserver 1.5.6(六):试用批量命令和命令过滤功能
7、Centos8上试用开源堡垒机Jumpserver 1.5.6(七):服务器重启后的恢复操作(手工启动jumpserver等程序)
8、Centos8上试用开源堡垒机Jumpserver 1.5.6(八):创建用户时使用密码链接并发邮件给用户功能

===================================================================

Jumpserver在创建用户时密码策略支持“生成重置密码链接,通过邮件发送给用户”功能,如下图所示,用户收到邮件后,直接修改成自己的密码即可

jumpserver0221_51

需要启用此功能,需要进行相关设置,具体操作如下:

进入“系统设置”->“基本设置”,在当前站点URL中输入访问地址http://192.168.10.216,Email主题前缀设置为“你好,”,如下图所示

jumpserver0221_52

设置“邮件设置”,如下图,需要配置SMTP主机、端口、账号等

jumpserver0221_53

本案例使用126邮箱,登陆126邮箱,进入设置->POP3/SMTP/IMAP,开启SMTP服务,SMTP地址为smtp.126.com,如下图所示

jumpserver0221_54

服务器地址:
POP3服务器: pop.126.com
SMTP服务器: smtp.126.com
IMAP服务器: imap.126.com

jumpserver0221_56

126邮箱对第三方邮件客户端提供POP3\SMTP\IMAP有授权码要求,开启授权码,如下图

jumpserver0221_55

126邮箱设置好后,开始进行邮件设置

SMTP主机:smtp.126.com
SMTP端口:465
SMTP账号:funpower@126.com
SMTP密码:********
发送账号:funpower@126.com
测试收件人:funpower@qq.com
使用SSL:启用SSL,端口465

如下图,输入内容后点击“测试链接”,显示已发送邮件后,点击“提交”保存。

jumpserver0221_57

点击测试连接,右上角出现已发送消息,如下图

jumpserver0221_58

邮件中收到了TEST测试邮件,说明邮件设置正确。

jumpserver0221_59

接着完成“邮件内容设置”,如下图

jumpserver0221_60

最后,重启服务器,确保设置生效。

进入创建用户界面,输入用户相关信息,在密码策略中选择“生成重置密码链接,通过邮件发送给用户”,点“提交”按扭,如下图所示

jumpserver0221_61

点提交后,正常会收到一封用户创建成功的信,点击信中的密码链接进行密码重置,如下图

jumpserver0221_62

重置,设置新密码

jumpserver0221_63

使用新设置的密码进入管理系统

jumpserver0221_64

至此,创建用户完成。