Rocky Linux 9.4 部署Zabbix 7.0
1-1.检测源
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm #下载epel的源
rpm -ivh epel-release-latest-8.noarch.rpm #epel安装
rpm -Uvh https://repo.zabbix.com/zabbix/7.0/rocky/9/x86_64/zabbix-release-7.0-2.el9.noarch.rpm && yum clean all # 安装zabbix源
1-2.替换源
[root@localhost yum.repos.d]# cat /etc/yum.repos.d/zabbix.repo #看到连接的是官方镜像仓库,有可能因为我们网络不给力可能会下载不了,所以我们更改为阿里云的镜像仓库
[zabbix]
name=Zabbix Official Repository - $basearch
baseurl=https://mirrors.aliyun.com/zabbix/zabbix/7.0/rocky/9/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-B5333005
[zabbix-non-supported]
name=Zabbix Official Repository non-supported - $basearch
baseurl=https://mirrors.aliyun.com/zabbix/non-supported/rhel/9/$basearch/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-08EFA7DD
gpgcheck=1
[zabbix-sources]
name=Zabbix Official Repository source code - $basearch
baseurl=https://repo.zabbix.com/zabbix/7.0/rocky/9/SRPMS
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-B5333005
gpgcheck=1
2-1.安装Zabbix Server、Web前端、Agent
yum install zabbix-server-mysql zabbix-web-mysql zabbix-nginx-conf zabbix-sql-scripts zabbix-selinux-policy zabbix-agent -y
2-2.创建初始数据库
yum install -y mariadb mariadb-server #安装数据库
systemctl enable mariadb --now #启动数据库
[root@zabbix-server ~]# mysql_secure_installation # 初始化脚本
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.
Enter current password for root (enter for none): # 按回车设置或更改root用户的密码
OK, successfully used password, moving on...
Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.
You already have your root account protected, so you can safely answer 'n'.
Switch to unix_socket authentication [Y/n] y # 切换到unix_socket身份验证
Enabled successfully!
Reloading privilege tables..
... Success!
You already have your root account protected, so you can safely answer 'n'.
Change the root password? [Y/n] y # 更改root密码
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y # 删除匿名用户
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n # 限制root远程登录
... skipping.
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y # 删除测试数据库和访问权限
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y # 重新加载权限表
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
2-3.插入数据
# 登陆数据库
mysql -uroot -p
# 创建名为zabbix的数据库,并设置字符集为utf8mb4,排序规则为utf8mb4_bin
create database zabbix character set utf8mb4 collate utf8mb4_bin;
# 创建名为zabbix的用户,并设置其密码为'000000'
create user zabbix@localhost identified by '000000';
# 授予zabbix用户在zabbix数据库上的所有权限
grant all privileges on zabbix.* to zabbix@localhost;
# 设置全局变量log_bin_trust_function_creators为1
set global log_bin_trust_function_creators = 1;
# 退出MariaDB
quit;
2-4.导入数据库
zcat /usr/share/zabbix-sql-scripts/mysql/server.sql.gz | mysql --default-character-set=utf8mb4 -uzabbix -p zabbix
需要输入密码:123456(我设置的)
2-5.导入数据库架构后禁用log_bin_trust_function_creators选项
# 登陆mysql
mysql -uroot -p
# 设置全局变量log_bin_trust_function_creators为0
set global log_bin_trust_function_creators = 0;
# 退出MariaDB
quit;
2-6.Zabbix server配置数据库
编辑配置文件 /etc/zabbix/zabbix_server.conf (改成自己设置的密码)
2-7.为Zabbix前端配置PHP
编辑配置文件 /etc/nginx/conf.d/zabbix.conf 取消注释并设置“listen”和“server_name”指令。
2-8.放行端口(一开始也可以放行)
放行80(nginx),8080(zabbix自定义端口),10050(agent端口),3306(数据库端口)
firewall-cmd --add-port=80/tcp --permanent
firewall-cmd --add-port=10050/tcp --permanent
firewall-cmd --add-port=8080/tcp --permanent
firewall-cmd --add-port=3306/tcp --permanent
firewall-cmd --reload
curl http://192.168.61.17:8080/ #curl请求一下是否正常
浏览器访问:http://本机IP:8080/setup.php #login:Admin passwd:zabbix
3-1.配置zabbix
客户端安装
rpm -Uvh https://repo.zabbix.com/zabbix/7.0/alma/9/x86_64/zabbix-release-7.0-5.el9.noarch.rpm && dnf clear all
#机器进行更换阿里云源
vim /etc/yum.repos.d/zabbix.repo
# 修改完后的内容如下
[zabbix]
name=Zabbix Official Repository - $basearch
baseurl=https://mirrors.aliyun.com/zabbix/zabbix/7.0/rhel/7/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-B5333005
[zabbix-non-supported]
name=Zabbix Official Repository non-supported - $basearch
baseurl=https://mirrors.aliyun.com/zabbix/non-supported/rhel/7/$basearch/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
gpgcheck=1
[zabbix-debuginfo]
name=Zabbix Official Repository debuginfo - $basearch
baseurl=https://repo.zabbix.com/zabbix/7.0/rhel/7/$basearch/debuginfo/
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-B5333005
gpgcheck=1
[zabbix-sources]
name=Zabbix Official Repository source code - $basearch
baseurl=https://repo.zabbix.com/zabbix/7.0/rhel/7/SRPMS
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-B5333005
gpgcheck=1
vim /etc/zabbix/zabbix_agentd.conf
# 修改如下内容
Server=zabbix-server IP # 这里写Zabbix-server 节点的IP(被动监控)
ServerActive=zabbix-server IP # 这里写Zabbix-server 节点的IP(主动监控)
Hostname=zabbix-agent # 被监控的主机名
# 放行10050端口
firewall-cmd --add-port=10050/tcp --permanent
firewall-cmd --reload
添加主机
