Shulou(Shulou.com)06/03 Report--

Role deployment: CentOS 7-2 CentOS 192.168.18.147 (monitoring side: deployment and installation of zabbix) CentOS 7-3 CentOS 192.168.18.128 (monitored side) Monitor operation: [root@cacti ~] # systemctl stop firewalld.service # turn off firewall function [root@cacti ~] # systemctl disable firewalld.service # disable firewall function Removed symlink / etc/systemd/system/multi-user.target.wants/firewalld.service when powered on .removed symlink / etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@cacti ~] # setenforce 0 # disable enhanced security features` install LAMP architecture `[root@cacti ~] # yum install-y\ httpd\ mariadb-server mariadb\ php\ php-mysql\ libjpeg*\ php-ldap\ php-odbc\ php-pear\ php-xmlrpc\ php- mhash` Edit apache configuration Set the file `[ root@cacti ~] # vim / etc/httpd/conf/httpd.conf95 ServerName www.yun.com:80 # line 95 Delete comments, domain name customization 164164lines, add homepage support class type index.php# after modification, press Esc to exit insert mode, enter: wq save exit `modify time zone to Chinese `[root@cacti ~] # vim / etc/php.ini878 date.timezone = PRC # 878line, change the previous template's Delete the number, then add the Chinese time zone PRC# and press Esc to exit the insert mode after the modification is completed. Input: wq save and exit [root@cacti ~] # systemctl start httpd.service # start the apache service [root@cacti ~] # systemctl start mariadb.service # start the mariadb service [root@cacti ~] # netstat-ntap | egrep'(3306 | 80)'# use the egrep command to view the 3306 and 80 ports tcp 00 0.0.0.0 systemctl start httpd.service 3306 0.0.0.0 * simultaneously LISTEN 4410/mysql tcp6 0 0: 80: * LISTEN 4131/httpd `initialize database configuration` [root@cacti ~] # mysql_secure_installationNOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!In order to log into MariaDB to secure it, we'll need the currentpassword for the root user. If you've just installed MariaDB, andyou haven't set the root password yet, the password will be blank,so you should just press enter here.Enter current password for root (enter for none): # enter OK, successfully used password, moving on...Setting the root password ensures that nobody can log into the MariaDBroot user without the proper authorisation.Set root password directly here? [industry] y # set password New password: # abc123Re-enter new password: # confirm input: abc123Password updated fulfilling Reloading privilege tables.. ... Success!By default, a MariaDB installation has an anonymous user, allowing anyoneto log into MariaDB without having to have a user account created forthem. This is intended only for testing, and to make the installationgo a bit smoother. You should remove them before moving into aproduction environment.Remove anonymous users? [YPAPO] n # whether to delete anonymous users, choose not to delete. Skipping.Normally, root should only be allowed to connect from 'localhost'. Thisensures that someone cannot guess at the root password from the network.Disallow root login remotely? [YPo] y # whether to connect remotely or not. Successful by default, MariaDB comes with a database named 'test' that anyone canaccess. This is also intended only for testing, and should be removedbefore moving into a production environment.Remove test database and access to it? [YBO] n # whether to delete the test database. Skipping.Reloading the privilege tables will ensure that all changes made so farwill take effect immediately.Reload privilege tables now? [YBO] y # whether to reload... Success!Cleaning up...All done! If you've completed all of the above steps, your MariaDBinstallation should now be secure.Thanks for using MariaDBMS # verify login database [root@cacti] # mysql-u root-pEnter password: # enter password abc123Welcome to the MariaDB monitor. Commands end with; or\ g.Your MariaDB connection id is 8Server version: 5.5.64-MariaDB MariaDB ServerCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.Type 'help;' or'\ h' for help. Type'\ c' to clear the current input statement.` creates a zabbix database and sets it to utf8. Convert the string in it to binary `MariaDB [(none)] > CREATE DATABASE zabbix character set utf8 collate utf8_bin;Query OK, 1 row affected (0.00 sec) `promote user `MariaDB [(none)] > show databases +-+ | Database | +-+ | information_schema | | mysql | | performance_schema | | test | | zabbix | +-+ 5 rows in set (0.00 sec) # there is a zabbix database at this time You need to create the user MariaDB [(none)] > GRANT all privileges ON *. * TO 'zabbix'@'%' IDENTIFIED BY' admin123' of this database in management. Query OK, 0 rows affected (0.01 sec) # hand over all databases and tables to zabbix for management, and set the password to admin123MariaDB [(none)] > flush privileges # refresh Query OK, 0 rows affected (0.00 sec) MariaDB [(none)] > quit # exit database Bye` Test php basic information `[root@localhost ~] # cd / var/www/html/ [root@localhost html] # ls [root@localhost html] # vim index.php enter: 192.168.18.147 in the host, visit the php page:

Test whether you can connect to the database: [root@localhost html] # vim index.php# first press 3dd to delete the original content, and then insert the following content from the previous page refreshed in the host at this time: 192.168.18.147. Return a Success prompt if you can access the mysql database, and a Fail prompt if you cannot:

If an error occurs in Fail, the following methods can be used to solve the problem: [root@cacti html] # mysql-u zabbix-pEnter password: # enter admin123 to log in to the database at this time, indicating that a user occupies ERROR 1045 (28000): Access denied for user 'zabbix'@'localhost' (using password: YES) `first use the root user to log in to the database` [root@cacti html] # mysql-u login-pEnter password:Welcome to the MariaDB monitor. Commands end with; or\ g.Your MariaDB connection id is 15Server version: 5.5.64-MariaDB MariaDB ServerCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.Type 'help;' or'\ h' for help. Type'\ c'to clear the current input statement.MariaDB [(none)] > select user,host from mysql.user +-+-+ | user | host | +-+-+ | zabbix |% | | root | 127.0.0.1 | | root |: 1 | | cacti | | localhost | | root | localhost | +-+-+ 6 rows Delete empty user `MariaDB [(none)] > drop user'@ localhost by in set (0.00 sec) ` Query OK, 0 rows affected (0.00 sec) MariaDB [(none)] > drop user'@ cacti;Query OK, 0 rows affected (0.00 sec) `this spatio-temporal user is deleted `MariaDB [(none)] > select user,host from mysql.user +-+-+ | user | host | +-+-+ | zabbix |% | root | 127.0.0.1 | | root |: 1 | | root | localhost | +-+-+ 4 rows in set (0.00 sec) MariaDB [(none)] > quitBye` refreshes the page again at this time and the success will be displayed! Successfully log in to `deploy Zabbix Server [root@cacti html] # yum install php-bcmath php-mbstring-y` to install Zabbix source `[root@cacti html] # rpm-ivh http://repo.zabbix.com/zabbix/3.5/rhel/7/x86_64/zabbix-release-3.5-1.el7.noarch.rpm to get http://repo.zabbix.com/zabbix/3.5/rhel/7/x86_64/zabbix-release-3.5-1.el7.noarch. Rpm warning: / var/tmp/rpm-tmp.13QGZK: header V4 RSA/SHA512 Signature Key ID a14fe591: NOKEY in preparation. # # [100%] upgrading / installing... 1:zabbix-release-3.5-1.el7 # # # [100%] `View source `[root@cacti html] # cd / etc/yum.repos.d/ [root@cacti yum.repos.d] # lsCentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repoCentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo zabbix.repo [root@cacti yum.repos.d] # cat zabbix.repos [zabbix] name=Zabbix Official Repository-$basearchbaseurl= http://repo.zabbix.com/zabbix/3.5/ Rhel/7/$basearch/enabled=1gpgcheck=1gpgkey= file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591[zabbix-non-supported]name=Zabbix Official Repository non-supported-$basearchbaseurl= http://repo.zabbix.com/non-supported/rhel/7/$basearch/enabled=1gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIXgpgcheck=1[root@cacti yum.repos.d] # yum install zabbix-server-mysql zabbix-web-mysql-y. Omit multiple lines installed here: zabbix-server-mysql.x86_64 0VOR 4.0.0-1.1rc3.el7 zabbix-web-mysql.noarch 0VOR 4.0.0-1.1rc3.el7 installed as a dependency: OpenIPMI.x86_64 0VOR 2.0.27-1.el7 OpenIPMI-libs.x86_64 0RO 1.el7 OpenIPMI-libs.x86_64 2.0.27-1.el7 OpenIPMI-modalias.x86_64 0Rover 2.0.27 -1.el7 fping.x86_64 0zcat 3.10-1.el7 iksemel.x86_64 0VR 1.4-2.el7.centos zabbix-web.noarch 0VR 4.0.0-1.1rc3.el7` generate database file `[root@cacti yum.repos.d] # zcat / usr/share/doc/zabbix-server-mysql-4.0.0/create.sql.gz | mysql- u zabbix- p zabbixEnter password: # enter the password admin123 [root@cacti yum.repos.d] # grep-n'^'[amurz] / etc/zabbix/zabbix_server.conf38:LogFile=/var/log/zabbix/zabbix_server.log49:LogFileSize=072:PidFile=/var/run/zabbix/zabbix_server.pid82:SocketDir=/var/run/zabbix101:DBName=zabbix117:DBUser=zabbix357:SNMPTrapperFile=/var/log/snmptrap/snmptrap.log475:Timeout=4518:AlertScriptsPath=/usr/lib/zabbix/alertscripts529:ExternalScripts=/usr/lib/zabbix/externalscripts565:LogSlowQueries=3000# is the missing password in the configuration file Other systems have automatically configured [root@cacti yum.repos.d] # vim / etc/zabbix/zabbix_server.conf125 DBPassword=admin123 # 125line to delete comments, add password admin123 after # modification is completed, press Esc to exit insertion mode, enter: wq save exit `modify time zone` [root@cacti yum.repos.d] # vim / etc/httpd/conf.d/zabbix.conf20 php_value date.timezone Asia/Shanghai # 20 line to delete comments After losing it and changing it to Asia/Shanghai#, press Esc to exit the insert mode, enter: wq save exit, correct the Chinese garbled in the chart `[root@cacti yum.repos.d] # vim / usr/share/zabbix/include/defines.inc.php#, enter the following content to replace the global font with kaiti:%s / graphfont/kaiti/g#, press Esc to exit the insert mode. Input: wq save and exit `copy STKAITI.TTF file to font directory `[root@cacti yum.repos.d] # mkdir / aaa # create mount directory [root@cacti yum.repos.d] # mount.cifs / / 192.168.0.105/rpm / aaa # to mount Password for root@//192.168.0.105/rpm remotely: [root@cacti yum.repos.d] # cd / aaa/zabbix/ [root @ cacti zabbix] # lsphp-bcmath-5.4.16-42.el7.x86_64.rpm STKAITI.TTFphp-mbstring-5.4.16-42.el7.x86_64.rpm zabbix.conf.php [root@cacti zabbix] # cp STKAITI.TTF / usr/share/zabbix/fonts/ `start the service to check whether the port is open` [root@cacti zabbix] # systemctl enable zabbix-serverCreated symlink from / etc/systemd/system/multi-user.target.wants/zabbix-server.service to / usr/lib/systemd/system/zabbix-server.service. [root@cacti zabbix] # systemctl start zabbix-server [root@cacti zabbix] # netstat-ntap | grep zabbix # listening port is 10051tcp 00 0.0.0.0 systemctl start zabbix-server 10051 0.0.0.0 root@cacti zabbix * LISTEN 6735/zabbix_servertcp6 00: 10051:: * LISTEN 6735 Zabib bix _ server [root @ cacti zabbix] # systemctl restart httpd.service # restart httpd service Used to verify login zabbix authentication: login operation, install zabbix

Step 1: enter http://192.168.18.147/zabbix/ in the host address bar to enter the following page and press Next step to proceed to the next step

Step 2: after confirming that all the checks are OK, press Next step to proceed to the next step.

Step 3: set the database. Enter the port number 3306, fill in the password admin123, and press Next step to proceed to the next step.

Step 4: enter the name of the zabbix service, enter Zabbix here (can be defined by yourself), and press Next step to proceed to the next step.

Step 5: you can display all the previous configurations and press Next step directly to proceed to the next step.

Step 6: after entering the page, press Finish to end, enter the login screen, enter the default account Admin, default password zabbix, and click to log in.

At this point, you can enter the monitoring interface of zabbix:

Click on the profile portrait in the upper right corner, select Chinese (zh_CN) simplified Chinese in the Language language bar, and click Update to update.

These are all the operations of the monitoring side!

Operation of the monitored side:

[root@localhost ~] # systemctl stop firewalld.service [root@localhost ~] # systemctl disable firewalld.serviceRemoved symlink / etc/systemd/system/multi-user.target.wants/firewalld.service.Removed symlink / etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@localhost ~] # setenforce 0` install yumsource `[root@localhost ~] # rpm-ivh http://repo.zabbix.com/zabbix/3.5/rhel/7/x86_64/zabbix-release-3.5-1 .el7.noarch.rpm get http://repo.zabbix.com/zabbix/3.5/rhel/7/x86_64/zabbix-release-3.5-1.el7.noarch.rpm warning: / var/tmp/rpm-tmp.elS5cl: header V4 RSA/SHA512 Signature Key ID a14fe591: NOKEY in preparation. # # [100%] upgrading / installing... 1:zabbix-release-3.5-1.el7 # # # [100%] [root@localhost ~] # cd / etc/yum.repos.d/ [root@localhost yum.repos.d] # lsCentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repoCentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo zabbix.repo [root@localhost yum.repos.d] # yum install zabbix-agent-y` modify configuration file `[root@localhost yum.repos.d] # grep-n'^'[ Amurz] / etc/zabbix/zabbix_agentd.conf13:PidFile=/var/run/zabbix/zabbix_agentd.pid32:LogFile=/var/log/zabbix/zabbix_agentd.log43:LogFileSize=098:Server=127.0.0.1 # here needs to be modified to monitor side IP139:ServerActive=127.0.0.1 # here needs to be modified to monitor side IP150:Hostname=Zabbix server268:Include=/etc/zabbix/zabbix_agentd.d/* .confs [root @ localhost yum.repos .d] # vim / etc/zabbix/zabbix_agentd.conf98 Server=192.168.18.147 # 98 line Point to the monitoring server IP139 ServerActive=192.168.18.147 # 139line and point to the monitoring server IP150 Hostname=zhou # hostname. You can define it by yourself. After modification, press Esc to exit the insert mode. Enter: wq save and exit `start service `[root@localhost yum.repos.d] # systemctl enable zabbix-agent.serviceCreated symlink from / etc/systemd/system/multi-user.target.wants/zabbix-agent.service to / usr/lib/systemd/system/zabbix-agent.service. [root@localhost yum.repos.d] # systemctl restart zabbix-agent.service [root@localhost yum.repos.d] # netstat-ntap | grep zabbix # listening port is 10050tcp 0 0 0.0.0.0 10050 0.0.0.0 * LISTEN 5425/zabbix_agentdtcp6 00: 10050: * LISTEN 5425/zabbix_agentd will not automatically identify the monitored end at this time You need to do the following:

Step 1: find the host option under the configuration, and click create Host

Step 2: enter the appropriate content in the host configuration interface, and then click the template

Step 3: select the template links for HTTP and SSH in the template, click add in the prompt, and then click the blue add icon

When you go back to the original interface, the newly added monitoring items will be displayed.

If the monitored end encounters a problem, it will trigger the alarm and eventually provide the Zabbix monitoring and alarm mechanism in the form of e-mail (need to add mail sending service).

The operation of installing the mail alarm function on the monitoring side

[root@cacti zabbix] # yum install mailx-y [root@cacti zabbix] # vim / etc/mail.rc# insert the following under the last line: set from= email address # such as 19919919911@163.comset smtp=smtp.163.comset smtp-auth-user= email address set smtp-auth-password= mailbox password set smtp-auth=login# modification press Esc to exit insert mode Enter: wq save exit `attempt to send test email` [root@cacti zabbix] # echo "hello world" | mail-s "testmail" email address

At this point, the mailbox receives the test message:

Write an email script:

[root@cacti zabbix] # cd / usr/lib/zabbix/alertscripts [root@cacti alertscripts] # vim mail.shroud mail.mail.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxit. After modification, press Esc to exit the insert mode. Input: wq save and exit [root@cacti alertscripts] # mv mail.sh mailx.sh` create mailx log file in tmp directory `[root@cacti alertscripts] # touch / tmp/ mailx.log` grant permission` [root@cacti alertscripts] # chown-R zabbix.zabbix / tmp/mailx.log [root@cacti alertscripts] # chmod + x / usr/lib/zabbix/alertscripts/mailx.sh [root@cacti alertscripts] # chown-R zabbix.zabbix / usr/lib/zabbix/ `verified Program `[root@cacti alertscripts] #. / mailx.sh email address "yun"hello" # where the email address is $1 Yun is a $2 topic Hello is $3 content

After executing the script at this time, the corresponding email can be received in the mailbox!

Next, go to the Web interface to set up:

Step 1: select Management above, find the alarm media type, click create Media Type in the upper right corner of the page, and enter relevant information in the interface.

Step 2: three detection services will be displayed in the option. If the service is disabled, an alarm will be triggered. Finally, click the blue add icon below to generate a new alarm type.

Next we need to specify the user

Step 1: find the user interface in the configuration and click Admin user

Step 2: click add in the user's alarm media, enter the corresponding media information, and finally click add

Step 3: don't forget to click Update after adding media

Delete the original template in the action, redefine it, and click create Action in the upper right corner.

Step 1: enter a name in the action interface to generate a new trigger condition

Step 2: do the following in the operation, click New below, do the add operation, and finally click New

A new operation is generated at this time!

Step 3: fill in the following during the recovery operation

A new operation is generated at this time!

Step 4: click the blueprint to add, and continuous monitoring will be carried out at this time.

Check the SSH remote connection service status of the monitored side [root@localhost yum.repos.d] # systemctl status sshd ● sshd.service-OpenSSH server daemon Loaded: loaded (/ usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled) Active: active (running) since-2019-11-25 11:00:11 CST 2 months 7 days ago# is displayed as running running status `stop this service `[root@localhost yum.repos.d] # systemctl stop sshd at this time, let's see if the monitoring interface will pop up with a prompt.

After waiting for a few minutes, the monitoring interface will automatically jump out of the prompt of the SSH service down, and the mailbox will also receive an email.

`start the sshd service `[root@localhost yum.repos.d] # systemctl start sshd

At this point, a few minutes later, the service will be automatically detected that the service has been successfully started, the alarm has been resolved, and the mailbox will also receive the service recovery email.

These are the monitoring and alarm mechanisms of Zabbix monitoring.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.