备注:由于个人比较懒 写的比较仓促;马上下班;有问题的 可以私信我
改天 再补充
先安装#mysql zabbix6.0 对版本有要求;具体可以去官方看
在安装zabbix;然后导如zabbix的库到mysql;设置权限
配置zabbix ;启动zabbix
然后zabbix_agent 配置;centos和ubuntu agent用的不一样
然后配置zabbix_agent 重启即可
#########################################################################
zabbixx ubuntu22
# dpkg -i zabbix-release_6.0-4+ubuntu20.04_all.deb
# apt update
apt install zabbix-server-mysql zabbix-frontend-php zabbix-apache-conf zabbix-sql-scripts zabbix-agent
########################
确保mysql 已提前安装,且正常运行
#######################
第一次默认无密码即可登录
需要设置密码,然后启用加密
启用加密
use mysql
select user,plugin from user;
update user set plugin="mysql_native_password" where user='root';
SELECT user,plugin ,authentication_string FROM user;
设置zabbix的数据库
create database zabbix character set utf8mb4 collate utf8mb4_bin;
用已有的root
grant all privileges on zabbix.* to root@localhost;
set global log_bin_trust_function_creators = 1;
flush privileges;
quit
导入zabbix数据库的架构 -uroot 以root用户登录 zabbix为数据库名
zcat /usr/share/zabbix-sql-scripts/mysql/server.sql.gz | mysql --default-character-set=utf8mb4 -uroot -p Zabbix
systemctl restart zabbix-server zabbix-agent apache2
systemctl enable zabbix-server zabbix-agent apache2
#################################################################
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '123qwe!@#QWE';
跟改密码
mysqladmin -uroot -p password '123qwe!@#QWE';
##########################
zabbix的数据库 为Zabbix
###############################################################
zabbix_server 配置
root@zabbix:/etc/zabbix# egrep -v '^$|^#' zabbix_server.conf
ListenPort=10051
LogFile=/var/log/zabbix/zabbix_server.log
LogFileSize=1
PidFile=/run/zabbix/zabbix_server.pid
SocketDir=/run/zabbix
DBHost=localhost
DBName=zabbix
DBUser=root
DBPassword=123qwe!@#QWE
StartPollers=80
StartIPMIPollers=5
StartPollersUnreachable=50
StartTrappers=15
StartPingers=88
StartDiscoverers=15
SNMPTrapperFile=/var/log/snmptrap/snmptrap.log
CacheSize=2028M
StartDBSyncers=10
HistoryCacheSize=256M
HistoryIndexCacheSize=256M
TrendFunctionCacheSize=64M
Timeout=30
AlertScriptsPath=/usr/lib/zabbix/alertscripts
FpingLocation=/usr/bin/fping
Fping6Location=/usr/bin/fping6
LogSlowQueries=3000
StatsAllowedIP=127.0.0.1
字体更改只能用简体的
####################################
##################################ubuntu agent################################
sudo apt-get update
sudo apt-get install -y zabbix-agent
sudo sed -i 's/# User=zabbix/User=zabbix/g' /etc/zabbix/zabbix_agentd.conf ; sudo sed -i 's/# Group=zabbix/Group=zabbix/g' /etc/zabbix/zabbix_agentd.conf ;sudo sed -i 's/# AllowRoot=0/AllowRoot=1/g' /etc/zabbix/zabbix_agentd.conf ;sudo sed -i 's/# UnsafeUserParameters=0/UnsafeUserParameters=1/g' /etc/zabbix/zabbix_agentd.conf ; sudo sed -i 's/# Timeout=3/Timeout=30/g' /etc/zabbix/zabbix_agentd.conf ;sudo sed -i 's/ServerActive=127.0.0.1/ServerActive=154.23.243.84/g' /etc/zabbix/zabbix_agentd.conf ; sudo sed -i 's/Server=127.0.0.1/Server=154.23.243.84/g' /etc/zabbix/zabbix_agentd.conf ;sudo sed -i 's/Hostname=Zabbix server/#Hostname=Zabbix server/g' /etc/zabbix/zabbix_agentd.conf ; sudo sed -i 's/# EnableRemoteCommands=0/EnableRemoteCommands=1/g' /etc/zabbix/zabbix_agentd.conf ; sudo sed -i 's/# StartAgents=3/StartAgents=20/g' /etc/zabbix/zabbix_agentd.conf ; sudo sed -i 's/# RefreshActiveChecks=120/RefreshActiveChecks=120/g' /etc/zabbix/zabbix_agentd.conf;sed -i 's/User=LogFileSize=0/LogFileSize=1/g' /etc/zabbix/zabbix_agentd.conf
systemctl restart zabbix-agent
systemctl enable zabbix-agent
防火墙开通端口
sudo ufw allow 10050/tcp
sudo ufw allow 10051/tcp
sudo ufw allow from any to any port 10050
sudo ufw allow from any to any port 10051
##################################centos agent################################
redhat
rpm -Uvh https://repo.zabbix.com/zabbix/6.0/rhel/7/x86_64/zabbix-release-6.0-4.el7.noarch.rpm
centos
rpm -Uvh https://repo.zabbix.com/zabbix/6.0/rhel/7/x86_64/zabbix-release-6.0-4.el7.noarch.rpm
yum install zabbix-agent2 zabbix-agent2-plugin-*
yum install zabbix-agent2 zabbix-agent2-plugin-*
(centos系列)
sudo sed -i 's/# User=zabbix/User=zabbix/g' /etc/zabbix/zabbix_agent2.conf ; sudo sed -i 's/# Group=zabbix/Group=zabbix/g' /etc/zabbix/zabbix_agent2.conf ;sudo sed -i 's/# AllowRoot=0/AllowRoot=1/g' /etc/zabbix/zabbix_agent2.conf ;sudo sed -i 's/# UnsafeUserParameters=0/UnsafeUserParameters=1/g' /etc/zabbix/zabbix_agent2.conf ; sudo sed -i 's/# Timeout=3/Timeout=30/g' /etc/zabbix/zabbix_agent2.conf ;sudo sed -i 's/ServerActive=127.0.0.1/ServerActive=154.23.243.84/g' /etc/zabbix/zabbix_agent2.conf ; sudo sed -i 's/Server=127.0.0.1/Server=154.23.243.84/g' /etc/zabbix/zabbix_agent2.conf ;sudo sed -i 's/Hostname=Zabbix server/#Hostname=Zabbix server/g' /etc/zabbix/zabbix_agent2.conf ; sudo sed -i 's/# EnableRemoteCommands=0/EnableRemoteCommands=1/g' /etc/zabbix/zabbix_agent2.conf ; sudo sed -i 's/# StartAgents=3/StartAgents=20/g' /etc/zabbix/zabbix_agent2.conf ; sudo sed -i 's/# RefreshActiveChecks=120/RefreshActiveChecks=120/g' /etc/zabbix/zabbix_agent2.conf;sed -i 's/LogFileSize=0/LogFileSize=1/g' /etc/zabbix/zabbix_agent*.conf
systemctl restart zabbix-agent2
firewalld 开通10050和10051端口
sudo firewall-cmd --add-port=10050/tcp --permanent
sudo firewall-cmd --add-port=10051/tcp --permanent
systemctl restart firewalld
################# http 重定向到 https ############################## #############################
sudo apt update
sudo apt install apache2 ssl-cert
sudo mkdir /etc/apache2/ssl
cd /etc/apache2/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt
都是默认回车
/sites-available目录存放的是可用的虚拟主机
/sites-enabled目录存放的是已经启用的虚拟主机
vi /etc/apache2/sites-available/000-default.conf
新增SSLCertificateFile 和 SSLCertificateKeyFile 其次将原有的注释掉;保存退出
SSLCertificateFile /etc/apache2/ssl/server.crt
SSLCertificateKeyFile /etc/apache2/ssl/server.key
然后将000-default.conf 所有的内容添加到/etc/apache2/sites-available/default-ssl.conf 下面(另起一行)
启用apache的重定向功能;
sudo a2enmod rewrite
在 <VirtualHost *:80> </VirtualHost> 之间添加
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{SERVER_NAME}$1 [L,R]
然后重启即可
systemctl restart zabbix-server zabbix-agent apache2
##########################################################################################################################################################
########################################
查看二进制的zabbix_server是否支持ssl加密
ldd /usr/sbin/zabbix_server | egrep 'libssl|libcrypto'
libssl.so.1.1 => /lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f32ef737000)
libcrypto.so.1.1 => /lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f32ef460000)
说明是支持加密的;这个时候可以用PSK
在agent上进行操作
生成psk密钥
openssl rand -hex 32 > /etc/zabbix/zabbix_agent*.d/zabbix_agentd.psk
openssl rand -hex 32 > ./zabbix_agentd.psk
TLSConnect=psk
TLSAccept=psk
TLSPSKFile=/etc/zabbix/zabbix_agent*.d/zabbix_agentd.psk
TLSPSKIdentity=psk050
systemctl restart zabbix-agent
#####################################################################
然后在zabbix web界面操作
设置--> 主机 -->154.19.242.186 -->加密--> 共享密钥-->
第一个是TLSPSKIdentity
第二个是TLSPSKFile对应的psk密钥
即可
Zabbix server安装
Zabbix agent配置加密
Zabbix https访问
已完成