一、Zabbix

• zabbix 是一個企業級分布式開源監控解決方案
• zabbix 軟體能夠監控眾多網路引數和服務器的健康度、完整性，zabbix使用靈活的告警機制，允許用戶為幾乎任何時間配置基于郵件的告警，這樣用戶可以快速回應服務器問題，zabbix基于存盤的資料提供出色的報表和資料可視化功能，這些功能使得zabbix稱為容量規劃的理想選擇

二、zabbix功能

①資料采集
②靈活的閾值定義
③高度可配置話的告警
④實時圖形
⑤web監控功能
⑥可視化選項繁多
⑦配置簡單

三、部署zabbix

1、安裝

[root@localhost ~]#systemctl  stop firewalld  #關防火墻
[root@localhost ~]#setenforce 0
[root@localhost ~]#vim /etc/yum.repos.d/nginx.repo  #配置nginx源，用于下載nginx
[nginx]	  
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
[root@localhost ~]#yum clean all #清楚元資料
[root@localhost ~]#yum list  #加載元資料串列
[root@localhost ~]# yum -y install nginx  # yum安裝nginx服務
已加載插件：fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: mirrors.cn99.com
 * extras: mirrors.ustc.edu.cn
 * updates: mirrors.ustc.edu.cn
軟體包 1:nginx-1.20.1-1.el7.ngx.x86_64 已安裝并且是最新版本
無須任何處理
[root@localhost ~]# systemctl start nginx #開啟服務
[root@localhost ~]# systemctl enable nginx #開啟nginx服務開機自啟
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[root@localhost ~]# netstat -anpt | grep nginx #查看埠是否開啟
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      22332/nginx: master 

2、部署mariadb

[root@localhost ~]# yum  -y install mariadb*  #安裝mariadb，該服務為mysql的分支，埠3306
已加載插件：fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: mirrors.cn99.com
 * extras: mirrors.ustc.edu.cn
 * updates: mirrors.ustc.edu.cn
軟體包 1:mariadb-embedded-5.5.68-1.el7.x86_64 已安裝并且是最新版本
軟體包 1:mariadb-server-5.5.68-1.el7.x86_64 已安裝并且是最新版本
軟體包 1:mariadb-test-5.5.68-1.el7.x86_64 已安裝并且是最新版本
軟體包 1:mariadb-devel-5.5.68-1.el7.x86_64 已安裝并且是最新版本
軟體包 1:mariadb-bench-5.5.68-1.el7.x86_64 已安裝并且是最新版本
軟體包 1:mariadb-embedded-devel-5.5.68-1.el7.x86_64 已安裝并且是最新版本
軟體包 1:mariadb-5.5.68-1.el7.x86_64 已安裝并且是最新版本
軟體包 1:mariadb-libs-5.5.68-1.el7.x86_64 已安裝并且是最新版本
無須任何處理
[root@localhost ~]# systemctl  start mariadb.service #開啟服務
[root@localhost ~]# systemctl  enable mariadb.service #開啟服務開機自啟
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[root@localhost ~]# netstat -anpt | grep 3306 #查看埠
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      31153/mysqld
 [root@localhost ~]# mysql_secure_installation  #mysql安全配置向導

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):   #回車
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y  #是否為root用戶設定密碼
New password:  #設定的新的密碼
Re-enter new password:  #再次確認密碼
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] n #是否洗掉匿名用戶
 ... skipping.

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] n #是否禁止root用戶遠程登錄
 ... skipping.

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] n #是否洗掉test庫和訪問權限
 ... skipping.

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y #是否重繪授權表
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!
 

3、部署php

[root@localhost ~]# yum  -y install epel-release.noarch
[root@localhost ~]# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
[root@localhost ~]# yum -y install php72w php72w-devel php72w-fpm php72w-gd php72w-mbstring php72w-mysql

[root@localhost ~]# vim /etc/php.ini
202 short_open_tag = On #支持php短標簽
359 expose_php = Off #隱藏php版本
368 max_execution_time = 300 #修改執行時間為300s
378 max_input_time = 300 #修改接收資料等待時間
656 post_max_size = 16M #post資料大小
799 upload_max_filesize = 2M #上傳檔案大小為2M
800 always_populate_raw_post_data = -1 #使原始資料可以直接被處理
878 date.timezone = Asia/Shanghai #修改時區
[root@localhost ~]# systemctl start php-fpm #開啟php服務
[root@localhost ~]# systemctl enable php-fpm #開啟服務開機自啟
Created symlink from /etc/systemd/system/multi-user.target.wants/php-fpm.service to /usr/lib/systemd/system/php-fpm.service.
[root@localhost ~]# netstat -anpt | grep 9000 #查看埠
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      87450/php-fpm: mast 

4、測驗連接資料庫

[root@localhost ~]# vim /usr/share/nginx/html/info.php #在首頁根目錄下寫一個首頁檔案

<?php
phpinfo();
?>
[root@localhost ~]# systemctl restart php-fpm.service 
[root@localhost ~]# systemctl restart nginx

宿主機訪問

[root@localhost ~]# vim /usr/share/nginx/html/info.php
<?php
$link=mysqli_connect('127.0.0.1','root','lwj2828427125'); #測驗連接資料庫 （是之前設定的mysql安全配置向導）
if ($link) echo '連接成功';
else echo '連接失敗';
?>

[root@localhost ~]# vim /usr/share/nginx/html/info.php

<?php
$link=mysqli_connect('127.0.0.1','zabbix','admin123');
if ($link) echo 'zabbix連接成功';
else echo 'zabbix連接失敗';
?>

解決方法：
出現這樣的問題一般是用戶沖突，

5、部署 zabbix server

[root@localhost ~]# rpm -i https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-release-4.0-1.el7.noarch.rpm
[root@localhost ~]# yum -y install zabbix-server-mysql zabbix-web-mysql zabbix-agent

[root@localhost ~]# vim /etc/zabbix/zabbix_server.conf #編輯zabbix服務端組態檔
38 LogFile=/var/log/zabbix/zabbix_server.log #定義日志檔案位置和名稱
49 LogFileSize=0  #定義日志檔案大小，0表示不限制大小
72 PidFile=/var/run/zabbix/zabbix_server.pid  #行程檔案位置
82 SocketDir=/var/run/zabbix  #通信檔案位置
91  DBHost=localhost #資料庫所在服務器，本地
100 DBName=zabbix  #資料庫名稱
116 DBUser=zabbix #資料庫用戶
124 DBPassword=admin123 #資料庫密碼
356 SNMPTrapperFile=/var/log/snmptrap/snmptrap.log  #snmp協議日志位置
471 Timeout=4 #定義超時時間
514 AlertScriptsPath=/usr/lib/zabbix/alertscripts #告警的腳本存放位置
525 ExternalScripts=/usr/lib/zabbix/externalscripts #擴展性腳本存放位置
561 LogSlowQueries=3000 #定義慢查詢時間

[root@localhost ~]# cp -r /usr/share/zabbix/ /usr/share/nginx/html #將zabbix的所有必要內容復制
[root@localhost ~]# chown -R zabbix.zabbix /etc/zabbix #到nginx默認首頁目錄下
[root@localhost ~]# chown -R zabbix.zabbix /usr/share/nginx #將zabbix相關的目錄用戶和組進行修改
[root@localhost ~]# chown -R zabbix.zabbix /usr/lib/zabbix  
[root@localhost ~]# chmod -R 777 /etc/zabbix/web  #為zabbix web頁面目錄和php動態會話目錄賦予權限
[root@localhost ~]# chmod -R 777 /var/lib/php/session
[root@localhost ~]# 
[root@localhost ~]# 
[root@localhost ~]# systemctl  start zabbix-server.service #開啟服務
[root@localhost ~]# systemctl enable zabbix-server.service
Created symlink from /etc/systemd/system/multi-user.target.wants/zabbix-server.service to /usr/lib/systemd/system/zabbix-server.service.
[root@localhost ~]# netstat -anpt | grep 10051 #10051是zabbix服務端埠號
tcp        0      0 0.0.0.0:10051           0.0.0.0:*               LISTEN      36435/zabbix_server 
tcp6       0      0 :::10051                :::*                    LISTEN      36435/zabbix_server 
[root@localhost ~]# 

訪問宿主機

6、配置代理端zabbix

重新開一臺虛擬機

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# rpm -i https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-release-4.0-1.el7.noarch.rpm  #安裝zabbix源
警告：/var/tmp/rpm-tmp.yhXjIo: 頭V4 RSA/SHA512 Signature, 密鑰 ID a14fe591: NOKEY
[root@localhost ~]# yum -y install zabbix-agent #安裝zabbix代理服務
已加載插件：fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: mirrors.huaweicloud.com
 * extras: mirrors.ustc.edu.cn
 * updates: ftp.sjtu.edu.cn
軟體包 zabbix-agent-4.0.33-1.el7.x86_64 已安裝并且是最新版本
無須任何處理

[root@localhost ~]# vim /etc/zabbix/zabbix_agentd.conf #編輯zabbix代理服務組態檔
98 Server=192.168.159.110 #指向監控端地址
139 ServerActive=192.168.159.110 #指向監控服務器
150 Hostname=test #修改名稱

7、配置告警自動發布郵件

QQ郵箱的開啟方式

在服務器上配置

[root@localhost ~]# yum -y install mailx #安裝收發郵件工具mailx
已加載插件：fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: mirrors.cn99.com
 * epel: ftp.iij.ad.jp
 * extras: mirrors.ustc.edu.cn
 * updates: mirrors.ustc.edu.cn
 * webtatic: us-east.repo.webtatic.com
軟體包 mailx-12.5-19.el7.x86_64 已安裝并且是最新版本
無須任何處理
[root@localhost ~]# vim /etc/mail.rc  #編輯組態檔
set from=2641028933@qq.com
set smtp=smtp.qq.com
set smtp-auth-user=2641028933@qq.com
set smtp-auth-password=ytwkwsbgovsoecgc
set smtp-auth=login

測驗能否正常發送

[root@localhost ~]# cd /usr/lib/zabbix/alertscripts/
[root@localhost alertscripts]# vim mailx.sh
#!/bin/bash
#send mail

messages=`echo $3 | tr '\r\n' '\n'`
subject=`echo $2 | tr '\r\n' '\n'`
echo "${messages}" | mail -s "${subject}" $1 >> /tmp/mailx.log 2>&1

#$3是資訊  $2是標題 $1是郵箱

8、web頁面配置監控機制

服務器重啟zabbix服務
192.168.159.110

代理服務器重啟ssh服務，