Shulou(Shulou.com)06/02 Report--

13. Use Ansible to install Zabbix Agent in bulk and add Linux hosts through automatic registration:

1. Introduction to Ansible:

Ansible is an open source automation tool based on Python, which realizes the functions of batch running commands, batch deployment programs, batch configuration system and so on. By default, remote command execution or configuration is carried out through the SSH protocol (other protocols can also be used), there is no need to deploy any client agent software (agentless) on the controlled host, and multiple hosts can be managed in parallel at the same time. Ansible is based on the module work, itself does not have the ability to batch deployment, the real batch deployment is the module that Ansible runs, Ansible only provides a framework. Ansible help documentation: https://docs.ansible.com/ansible/latest/index.html

2. Demo environment:

IP

Operating system

Hostnam

Role

192.168.0.120

CentOS 7.7 x86_64

Zabbix-server

Zabbix Database, Zabbix Server, Zabbix Web, Zabbix Agent, Ansible hosts

192.168.0.121

CentOS 7.7 x86_64

Web01

Zabbix Agent, controlled mainframe

192.168.0.122

CentOS 7.7 x86_64

Db01

Zabbix Agent, controlled mainframe

Goal: zabbix-server node automatically configures firewall, SELinux, system time and hostname of web01 and db01 nodes through Ansible, automatically installs, configures and starts Zabbix Agent, and finally adds Linux hosts in batches through Zabbix Web automatic registration

3. Zabbix-server node preparation work:

(1) configure hosts file:

# vim / etc/hosts

192.168.0.120 zabbix-server

192.168.0.121 web01

192.168.0.122 db01

(2) configure chrony server:

A. Modify chrony.conf configuration file:

# yum-y install chrony

# mv / etc/chrony.conf {, .bak}

# vim / etc/chrony.conf, add the following code:

# specify the public network NTP server provided by the upper layer NTP server for Ali Cloud

Server ntp1.aliyun.com iburst minpoll 4 maxpoll 10

Server ntp2.aliyun.com iburst minpoll 4 maxpoll 10

Server ntp3.aliyun.com iburst minpoll 4 maxpoll 10

Server ntp4.aliyun.com iburst minpoll 4 maxpoll 10

Server ntp5.aliyun.com iburst minpoll 4 maxpoll 10

Server ntp6.aliyun.com iburst minpoll 4 maxpoll 10

Server ntp7.aliyun.com iburst minpoll 4 maxpoll 10

# record the rate of system clock acquisition / loss time to drift file

Driftfile / var/lib/chrony/drift

# if the offset of the system clock is greater than 10 seconds, step-by-step adjustment of the system clock is allowed during the first three updates

Makestep 10 3

# enable kernel synchronization of RTC (real-time clock)

Rtcsync

# only allow clients of the 192.168.0 network segment to perform time synchronization

Allow 192.168.0.0/24

# if you fail to synchronize to time from the public network NTP server provided by Aliyun, local time is also allowed to be given to other clients as standard time

Local stratum 10

# specify the file that contains the NTP authentication key

Keyfile / etc/chrony.keys

# specify the directory where log files are stored

Logdir / var/log/chrony

# Let chronyd ignore the level of the source when selecting the source

Stratumweight 0

# disable logging of client access

Noclientlog

# if the clock is adjusted for more than 0.5 seconds, send a message to the system log

Logchange 0.5

Description: detailed instruction parameters can be viewed using the command # man chrony.conf

B. Start chronyd:

# systemctl start chronyd

# systemctl status chronyd

# ps aux | grep chronyd

# ss-tunlp | grep chronyd

Note: port 123is NTP service listening port, port 323 is chrony service listening port

C. Configure self-boot: # systemctl enable chronyd

D. View time synchronization source: # chronyc sources-v

Description:

Address after 120.25.115.20:ntp1.aliyun.com domain name resolution

Address after 203.107.6.88:ntp2.aliyun.com~ntp7.aliyun.com domain name resolution

E. View the status of time synchronization source: # chronyc sourcestats-v

(3) check the Python version: # python-V

(4) restore to the original configuration and delete all nodes in the Zabbix Web except zabbix-server:

4. Web01 and db01 nodes minimize the newly installed CentOS 7.7 for VMware Workstation

5. Install ansible on zabbix-server node:

# yum-y install epel-release

# yum-y install ansible

# ansible-version

6. Zabbix-server node configures the host manifest file of the controlled host:

# vim / etc/ansible/hosts, with the following code added at the end:

[websrvs]

Web01 ansible_host=192.168.0.121

[dbsrvs]

Db01 ansible_host=192.168.0.122

7. Zabbix-server nodes configure SSH mutual trust:

(1) generate key pairs based on key authentication: # ssh-keygen-t rsa-P ""

(2) copy the public key to all controlled hosts:

# ssh-copy-id-I ~ / .ssh/id_rsa.pub root@192.168.0.121

# ssh-copy-id-I ~ / .ssh/id_rsa.pub root@192.168.0.122

(3) Test connectivity: # ansible all-m ping

8. Zabbix-server node creates roles-related directory structure:

# cd / etc/ansible/roles

# mkdir-pv {prepare,zabbix-agent} / {files,templates,tasks,handlers,vars,meta,defaults}

9. Configure prepare role for zabbix-server node:

(1) modify the prepare/tasks/main.yml configuration file:

# vim prepare/tasks/main.yml

-name: Stop Iptables On CentOS 6

Service: name=iptables state=stopped enabled=no

When: ansible_distribution== "CentOS" and ansible_distribution_major_version== "6"

-name: Stop Firewalld On CentOS 7

Systemd: name=firewalld.service state=stopped enabled=no

When: ansible_distribution== "CentOS" and ansible_distribution_major_version== "7"

-name: Install libselinux-python

Yum: name=libselinux-python state=latest

-name: Stop SELinux

Selinux: state=disabled

-name: Set Hostname

Hostname: name= {{inventory_hostname}}

-name: Edit Hosts File

Lineinfile: path=/etc/hosts line= "{{ansible_host}} {{inventory_hostname}}" state=present backup=yes

-name: Install {{item}}

Yum: name= {{item}} state=latest

Loop:

-epel-release

-chrony

-name: Install Configuration File

Copy: src=chrony.conf dest=/etc/ owner=root group=root mode=0644 backup=yes

Notify: Restart Chrony Service

Tags: Chrony Configuration File

-name: Start Chrony Service

Service: name=chronyd state=started enabled=yes

(2) modify the prepare/files/chrony.conf configuration file:

# vim prepare/files/chrony.conf

Server 192.168.0.120 iburst

Driftfile / var/lib/chrony/drift

Makestep 10 3

Rtcsync

Local stratum 10

Keyfile / etc/chrony.keys

Logdir / var/log/chrony

Stratumweight 0

Noclientlog

Logchange 0.5

Note: 192.168.0.120 is the IP of the private network chrony server.

(3) modify the prepare/handlers/main.yml configuration file:

# vim prepare/handlers/main.yml

-name: Restart Chrony Service

Service: name=chronyd state=restarted

10. Configure zabbix-agent role for zabbix-server node:

(1) modify the zabbix-agent/tasks/main.yml configuration file:

# vim zabbix-agent/tasks/main.yml

-name: Create Zabbix Repository

Yum_repository: file=zabbix name=aliyun-zabbix description= "Aliyun Zabbix Repository" baseurl= https://mirrors.aliyun.com/zabbix/zabbix/4.0/rhel/7/$basearch/ gpgcheck=no enabled=yes owner=root group=root mode=0644 state=present

-name: Install zabbix-agent

Yum: name=zabbix-agent state=latest

-name: Install Configuration File

Template: src=zabbix_agentd.conf.j2 dest=/etc/zabbix/zabbix_agentd.conf owner=root group=root mode=0644 backup=yes

Notify: Restart zabbix-agent Service

Tags: zabbix-agent Configuration File

-name: Start zabbix-agent Service

Service: name=zabbix-agent state=started enabled=yes

Description:

Yum_repository: file=zabbix name=aliyun-zabbix description= "Aliyun Zabbix Repository" baseurl= https://mirrors.aliyun.com/zabbix/zabbix/4.0/rhel/7/$basearch/ gpgcheck=no enabled=yes owner=root group=root mode=0644 state=present

Corresponding / etc/yum.repos.d/zabbix.repo

[aliyun-zabbix]

Name=Aliyun Zabbix Repository

Baseurl= https://mirrors.aliyun.com/zabbix/zabbix/4.0/rhel/7/$basearch/

Enabled=1

Gpgcheck=0

(2) modify the zabbix-agent/handlers/main.yml configuration file:

# vim zabbix-agent/handlers/main.yml

-name: Restart zabbix-agent Service

Service: name=zabbix-agent state=restarted

(3) copy the zabbix_agentd.conf configuration file of the zabbix-server node and modify it into a zabbix_agentd.conf.j2 general template file:

# cp / etc/zabbix/zabbix_agentd.conf / etc/ansible/roles/zabbix-agent/templates/zabbix_agentd.conf.j2

# vim / etc/ansible/roles/zabbix-agent/templates/zabbix_agentd.conf.j2

Before modification

After modification

Server=192.168.0.120

Server= {{zabbix_server}}

ListenPort=10050

ListenPort= {{listen_port}}

ListenIP=192.168.0.120

ListenIP= {{ansible_host}}

ServerActive=192.168.0.120

ServerActive= {{zabbix_server}}

Hostname=zabbix-server

Hostname= {{inventory_hostname}}

# HostMetadata=

HostMetadata= {{inventory_hostname}}

(4) modify / etc/ansible/roles/zabbix-agent/vars/main.yml configuration file:

# vim / etc/ansible/roles/zabbix-agent/vars/main.yml

Zabbix_server: 192.168.0.120

Listen_port: 10050

Note: there can be no middle bar, underscore can.

11. Zabbix-server node to view the roles directory structure:

# yum-y install tree

# cd / etc/ansible

# tree

12. The zabbix-server node writes playbook and executes:

# mkdir-pv / playbooks

# vim / playbooks/zabbix-agent.yml

-hosts: all

Remote_user: root

Roles:

-prepare

-zabbix-agent

# ansible-playbook-- syntax-check / playbooks/zabbix-agent.yml

# ansible-playbook-C / playbooks/zabbix-agent.yml

# ansible-playbook / playbooks/zabbix-agent.yml

13. Define actions in Zabbix Web:

Configuration-- > Actions-- > Auto registration-- > Create action-- > Add

14. View the added hosts:

Configuration-- > Hosts

15. View the latest monitoring data of 2 nodes:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.