1安装Rocky9系统
注意勾选ssh远程连接
进入系统后登录root用户
查看IP在远程连接软件上远程连接
2永久关闭防火墙和selinux
3修改静态IP
进入etc/NetworkManager/system-connections/ens33.nmconnection
编辑IPv4
重启网卡
4 部署监控系统zabbix
Proceed with installing zabbix repository.获取zabbix包
rpm -Uvh https://repo.zabbix.com/zabbix/6.4/rhel/9/x86_64/zabbix-release-6.4-2.el9.noarch.rpm
dnf clean all
5安装必要软件
dnf install glibc-common zabbix-server-mysql zabbix-web-mysql zabbix-nginx-conf zabbix-sql-scripts zabbix-selinux-policy zabbix-agent langpacks-zh_CN
6安装数据库
2)
在下面点击
获得yum源
右击保存链接
yum -y install wget
wget+链接
yum install +链接
修改下载版本
选择80版本
保存退出
安装mysql
开启mysql
获取数据库临时密码
修改数据库密码
7在数据库中导入zabbix数据
create database zabbix character set utf8mb4 collate utf8mb4_bin;
create user zabbix@'%' identified by 'LJB@hzh230505';
grant all privileges on zabbix.* to zabbix@'%';
完成后退出
导入数据
zcat /usr/share/zabbix-sql-scripts/mysql/server.sql.gz | mysql -uzabbix -p zabbix
配置zabbix文件
vim /etc/zabbix/zabbix_server.conf
ListenPort=10051
DBHost=
DBUser=
DBPassword=
DBName=
SourceIP=
修改nginx文件
vim /etc/nginx. conf将server内容全部注释
vim /etc/nginx/nginx.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
# server {
# listen 80;
# listen [::]:80;
# server_name _;
# root /usr/share/nginx/html;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# error_page 404 /404.html;
# location = /404.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl http2;
# listen [::]:443 ssl http2;
# server_name _;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers PROFILE=SYSTEM;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
}
vim /etc/nginx/conf.d/zabbix.conf
server {
listen 80;
server_name _;
root /usr/share/zabbix;
index index.php;
location = /favicon.ico {
log_not_found off;
}
location / {
try_files $uri $uri/ =404;
}
location /assets {
access_log off;
expires 10d;
}
location ~ /\.ht {
deny all;
}
location ~ /(api\/|conf[^\.]|include|locale) {
deny all;
return 404;
}
location /vendor {
deny all;
return 404;
}
location ~ [^/]\.php(/|$) {
fastcgi_pass unix:/run/php-fpm/zabbix.sock;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_param DOCUMENT_ROOT /usr/share/zabbix;
fastcgi_param SCRIPT_FILENAME /usr/share/zabbix$fastcgi_script_name;
fastcgi_param PATH_TRANSLATED /usr/share/zabbix$fastcgi_script_name;
include fastcgi_params;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
}
修改agent配置:
vim /etc/zabbix/zabbix_agentd.conf
启动服务:
保存退出
systemctl start zabbix-server zabbix-agent nginx php-fpm
systemctl enable zabbix-server zabbix-agent nginx php-fpm
开启agent服务:
进入192.168.42.135
后登录,
至此zabbix部署完成。
在客户机上 安装zabbix-agent服务,修改agent配置文件。
在etc/sudoers中,添加其他用户操作免密,保证自动脚本运行成功。
保存退出
进入zabbix
1创建主机群组后创建主机
创建模板组,然后创建模板
在创建好的模板里,新建监听项
nginx的端口号是80
创建触发器
手动关闭nginx
手动启动nginx
实现自动修复:
创建脚本
手动关闭nginx
自动执行脚本
配置钉钉报警
在服务机上执行 vim /etc/zabbix/zabbix_server.conf修改配置文件
进入目录
/usr/lib/zabbix/alertscripts
安装依赖包
dnf -y install python3-requests
创建dingding.py文件
vim /usr/lib/zabbix/alertscripts/dingding.py
写入
#!/usr/bin/env python3
# coding:utf8
#
import configparser
import os
import time
import hmac
import hashlib
import base64
import urllib.parse
import requests
import json
import sys
config = configparser.ConfigParser()
config.read('/etc/zabbix/zabbix_ding.conf', encoding='utf-8')
log_path = config.get('config', 'log_path')
api_url = config.get('config', 'webhook')
api_secret = config.get('config', 'secret')
log_time = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
# 钉钉机器人文档说明
# https://ding-doc.dingtalk.com/doc#/serverapi2/qf2nxq
def get_timestamp_sign():
timestamp = str(round(time.time() * 1000))
secret = api_secret
secret_enc = secret.encode('utf-8')
string_to_sign = '{}\n{}'.format(timestamp, secret)
string_to_sign_enc = string_to_sign.encode('utf-8')
hmac_code = hmac.new(secret_enc, string_to_sign_enc, digestmod=hashlib.sha256).digest()
sign = urllib.parse.quote_plus(base64.b64encode(hmac_code))
return timestamp, sign
# 获取加签后的链接
def get_signed_url():
timestamp, sign = get_timestamp_sign()
webhook = api_url + "×tamp=" + timestamp + "&sign=" + sign
return webhook
# 定义消息模式
def get_webhook(mode):
if mode == 0: # only 关键字
webhook = api_url
elif mode == 1 or mode == 2: # 关键字和加签 或 # 关键字+加签+ip
webhook = get_signed_url()
else:
webhook = ""
print("error! mode: ", mode, " webhook : ", webhook)
return webhook
def get_message(text, user_info):
# 和类型相对应,具体可以看文档 :https://ding-doc.dingtalk.com/doc#/serverapi2/qf2nxq
# 可以设置某个人的手机号,指定对象发送
message = {
"msgtype": "text", # 有text, "markdown"、link、整体跳转ActionCard 、独立跳转ActionCard、FeedCard类型等
"text": {
"content": text # 消息内容
},
"at": {
"atMobiles": [
user_info,
],
"isAtAll": False # 是否是发送群中全体成员
}
}
return message
# 消息发送日志
def log(info):
if os.path.exists(log_path):
log_file = open(log_path, "a+")
else:
log_file = open(log_path, "w+")
log_file.write(info)
def send_ding_message(text, user_info):
# 请求的URL,WebHook地址
# 主要模式有 0 : 关键字 1:# 关键字 +加签 3:关键字+加签+IP
webhook = get_webhook(1)
# 构建请求头部
header = {
"Content-Type": "application/json",
"Charset": "UTF-8"
}
# 构建请求数据
message = get_message(text, user_info)
# 对请求的数据进行json封装
message_json = json.dumps(message)
# 发送请求
info = requests.post(url=webhook, data=message_json, headers=header).json()
code = info["errcode"]
errmsg = info["errmsg"]
if code == 0:
log(log_time + ":消息已发送成功 返回信息:%s %s\n" % (code, errmsg))
else:
log(log_time + ":消息发送失败 返回信息:%s %s\n" % (code, errmsg))
print(log_time + ":消息发送失败 返回信息:%s %s\n" % (code, errmsg))
exit(3)
if __name__ == "__main__":
text = sys.argv[3]
user_info = sys.argv[1]
send_ding_message(text, user_info)
给脚本执行权
chmod +x /usr/lib/zabbix/alertscripts/dingding.py
chown -R zabbix.zabbix /usr/lib/zabbix/alertscripts/
将脚本和zabbix关联
vim /etc/zabbix/zabbix_ding.conf
[config]
log_path=/var/log/zabbix/zabbix_ding.log
webhook=
secret=
整合zabbix和钉钉告警
添加告警媒介
添加媒介
添加动作
之后手动在客户机上关闭nginx
显示已解决
钉钉机器人报警