基于saltstack自动化部署zabbix-client端实践

参考样例视频教程:

http://www.roncoo.com/course/view/fb3050a5b34b42f39ccad83ebebc89c1

一、软件版本

操作系统:CentOS-6.5-x86_64

salt版本:2015.5.2(直接yum源码安装)

zabbix版本:3.0.3

二、部署环境规划

名称

IP

主机名

配置

Slat-master

192.168.63.205

Zabbix_server

2核、2G

Salt-client

192.168.63.184

Zabbix_client

2核、2G

三、zabbix-server(slat-master)架构图如下:

图解说明:

(1) zabbix_server和saltstack同时安装在同一台服务器上。

(2) 通过编写配置文件和批量文档,由zabbix_server这台主机进行推送。

注:当在centos 6.5这样进行安装zabbix_server的时候注意,php的版本必须是在5.4以上,可以使用;

Saltstack可以使用epel源直接进行安装。

四、salt的安装(192.168.63.205)

1、安装epel源:

#rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

2、安装master并修改配置文件启动:

#yum install salt-master -y

修改配置文件:

#vim /etc/salt/master

auto_accept: True(自动接口客户端key)

#/etc/init.d/salt-master start

3、安装salt-minion并修改配置文件(salt_client):

#yum install salt-minion -y

修改配置文件:

#vim /etc/salt/minion

master: 192.168.10.205(指向master端)

#/etc/init.d/salt-minion start

4、验证客户端是否已经接收客户端key:

#salt-key -L  (如果没有接收到在客户端执行salt-minion -l debug检测过程)

Accepted Keys:

Minion

Zabbix_client

Denied Keys:

Unaccepted Keys:

Rejected Keys:

5、检测是否能够通讯:

#salt 'monitor' test.ping

monitor:

True     (表示成功)

五、配置批量管理(在master上操作):

1、修改salt-master配置文件:

#vim /etc/salt/master

file_roots:

base:

- /srv/salt/     (定义sls路径)

pillar_roots:

base:

- /srv/salt/pillar  (定义pillar路径:主要存放自定义变量)

2、创建存放目录:

#mkdir /srv/salt/

#mkdir /srv/salt/pillar

3、定义入口文件:查看结构:

#cd /srv/salt/

#ls

pillar  top.sls  zabbix

#tree

.

├── pillar

│ ├── file.sls

│ └── top.sls

├── top.sls

└── zabbix

├── files

│ ├── zabbix-3.0.3.tar.gz

│ ├── zabbix_agentd

│ └── zabbix_agentd.conf

├── file.sls

├── init.sls

├── install.sls

└── server.s

4、入口文件top.sls:

#cat top.sls      (定义所有的主机只是sls的时候去zabbix目录查找相关操作)

base:

'*':

- zabbix

5、zabbix目录下的结构和引导文件init.sls:

# cd zabbix/

# ls

files  file.sls  init.sls  install.sls  server.sls

# cat init.sls    (定义执行是加载这几个文件)

include:

- zabbix.install

- zabbix.file

- zabbix.server

6、安装包文件zabbix.install:

# cat install.sls

#zabbix.tar.gz

zabbix_source:

file.managed:

- name: /tmp/zabbix-3.0.3.tar.gz

- unless: test -e /tmp/zabbix-3.0.3.tar.gz  #(检测目录下是否有这个文件)

- source: salt://zabbix/files/zabbix-3.0.3.tar.gz  #(没有的话从files目录下推送一个)

#extract

extract_zabbix:

cmd.run:

- cwd: /tmp                         #(切换到cmd目录)

- names:

- tar zxvf zabbix-3.0.3.tar.gz    #(解压zabbix包)

- unless: test -d /tmp/zabbix-3.0.3

- require:                          #(表示先执行上面的zabbix_source操作才到下面)

- file: zabbix_source

#user                                    #(创建一个uid为1501的用户)

zabbix_user:

user.present:

- name: zabbix

- uid: 1501

- createhome: False

- gid_from_name: True

- shell: /sbin/nologin

#zabbix_pkgs                           #(用yum方式安装依赖包)

zabbix_pkg:

pkg.installed:

- pkgs:

- gcc

- openssl-devel

- pcre-devel

- zlib-devel

# - curl-devel

#zabbix_compile

zabbix_compile:

cmd.run:

- cwd: /tmp/zabbix-3.0.3

- names:

- ./configure  --with-net-snmp --with-libcurl --enable-agent --prefix=/usr/local/zabbix

- make

- make install

- require:                    #(完成解压和依赖包之后才执行这步操作)

- cmd: extract_zabbix

- pkg:  zabbix_pkg

- unless: test -d /usr/local/zabbix

7、配置文件推送操作:

#cat file.sls      #(为了配置方便我这里吧一个zabbix_agentd.conf事先定义好直接推送)

include:

- zabbix.install

config:

file.managed:

- name: /usr/local/zabbix/etc/zabbix_agentd.conf   #(查看是否有这个文件)

- user: root

- mode: 644

- source: salt://zabbix/files/zabbix_agentd.conf   #(没有从files目录下推送一个)

- template: jinja                       #(基于jinja模板,这样可以在主服务器定义一些变量)

8、服务配置文件也是从主服务端推送:

#cat server.sls

include:

- zabbix.install

server:

file.managed:

- name: /etc/init.d/zabbix_agentd

- user: zabbix

- mode: 755

- source: salt://zabbix/files/zabbix_agentd

service.running:                    #(检测并启动)

- name: zabbix_agentd

- enable: True

- reload: True

- watch:

- file: /etc/init.d/zabbix_agentd

9、查看pillar下面的内容,主要存放的是jinja模板调用的变量

#cd /srv/salt/pillar/

#ls

file.sls  top.sls

#cat top.sls

base:

'*':

- file

#cat file.sls

server: 192.168.63.205   ##(定义zabbix-server的IP地址)

10、查看files目录下面被推送的几个文件:

#cd /srv/salt/zabbix/files/

#ls

zabbix-3.0.3.tar.gz  zabbix_agentd  zabbix_agentd.conf

11、zabbix_agentd启动文件:

#cat zabbix_agentd

#!/bin/bash

#

#       /etc/rc.d/init.d/zabbix_agentd

#

# Starts the zabbix_agentd daemon

#

# chkconfig: - 95 5

# description: Zabbix Monitoring Agent

# processname: zabbix_agentd

# pidfile: /tmp/zabbix_agentd.pid

# Modified for Zabbix 2.0.0

# May 2012, Zabbix SIA

# Source function library.

. /etc/init.d/functions

RETVAL=0

prog="Zabbix Agent"

ZABBIX_BIN="/usr/local/zabbix/sbin/zabbix_agentd"

if [ ! -x ${ZABBIX_BIN} ] ; then

echo -n "${ZABBIX_BIN} not installed! "

# Tell the user this has skipped

exit 5

fi

start() {

echo -n $"Starting $prog: "

daemon $ZABBIX_BIN

RETVAL=$?

[ $RETVAL -eq 0 ] && touch /var/lock/subsys/zabbix_agentd

echo

}

stop() {

echo -n $"Stopping $prog: "

killproc $ZABBIX_BIN

RETVAL=$?

[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/zabbix_agentd

echo

}

case "$1" in

start)

start

;;

stop)

stop

;;

reload|restart)

stop

sleep 10

start

RETVAL=$?

;;

condrestart)

if [ -f /var/lock/subsys/zabbix_agentd ]; then

stop

start

fi

;;

status)

status $ZABBIX_BIN

RETVAL=$?

;;

*)

echo $"Usage: $0 {condrestart|start|stop|restart|reload|status}"

exit 1

esac

exit $RETVAL

12、zabbix_agentd.conf配置文件(为了方便配置zabbis_serverIP地址这里从server端推送):

[root@xiaoluo files]# cat zabbix_agentd.conf

# This is a configuration file for Zabbix agent daemon (Unix)

# To get more information about Zabbix, visit http://www.zabbix.com

############ GENERAL PARAMETERS #################

### Option: PidFile

#       Name of PID file.

#

# Mandatory: no

# Default:

# PidFile=/tmp/zabbix_agentd.pid

### Option: LogType

#       Specifies where log messages are written to:

#               system  - syslog

#               file    - file specified with LogFile parameter

#               console - standard output

#

# Mandatory: no

# Default:

# LogType=file

### Option: LogFile

#       Log file name for LogType 'file' parameter.

#

# Mandatory: no

# Default:

# LogFile=

LogFile=/tmp/zabbix_agentd.log

### Option: LogFileSize

#       Maximum size of log file in MB.

#       0 - disable automatic log rotation.

#

# Mandatory: no

# Range: 0-1024

# Default:

# LogFileSize=1

### Option: DebugLevel

#       Specifies debug level:

#       0 - basic information about starting and stopping of Zabbix processes

#       1 - critical information

#       2 - error information

#       3 - warnings

#       4 - for debugging (produces lots of information)

#       5 - extended debugging (produces even more information)

#

# Mandatory: no

# Range: 0-5

# Default:

# DebugLevel=3

### Option: SourceIP

#       Source IP address for outgoing connections.

#

# Mandatory: no

# Default:

# SourceIP=

### Option: EnableRemoteCommands

#       Whether remote commands from Zabbix server are allowed.

#       0 - not allowed

#       1 - allowed

#

# Mandatory: no

# Default:

# EnableRemoteCommands=0

### Option: LogRemoteCommands

#       Enable logging of executed shell commands as warnings.

#       0 - disabled

#       1 - enabled

#

# Mandatory: no

# Default:

# LogRemoteCommands=0

##### Passive checks related

### Option: Server

#       List of comma delimited IP addresses (or hostnames) of Zabbix servers.

#       Incoming connections will be accepted only from the hosts listed here.

#       If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally.

#

# Mandatory: no

# Default:

# Server=

Server={{ pillar['server'] }}

### Option: ListenPort

#       Agent will listen on this port for connections from the server.

#

# Mandatory: no

# Range: 1024-32767

# Default:

# ListenPort=10050

### Option: ListenIP

#       List of comma delimited IP addresses that the agent should listen on.

#       First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks.

#

# Mandatory: no

# Default:

# ListenIP=0.0.0.0

### Option: StartAgents

#       Number of pre-forked instances of zabbix_agentd that process passive checks.

#       If set to 0, disables passive checks and the agent will not listen on any TCP port.

#

# Mandatory: no

# Range: 0-100

# Default:

# StartAgents=3

##### Active checks related

### Option: ServerActive

#       List of comma delimited IP:port (or hostname:port) pairs of Zabbix servers for active checks.

#       If port is not specified, default port is used.

#       IPv6 addresses must be enclosed in square brackets if port for that host is specified.

#       If port is not specified, square brackets for IPv6 addresses are optional.

#       If this parameter is not specified, active checks are disabled.

#       Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]

#

# Mandatory: no

# Default:

# ServerActive=

ServerActive={{pillar['server']}}      ##(调用pillar的server里面的IP,推送到客户端)

### Option: Hostname

#       Unique, case sensitive hostname.

#       Required for active checks and must match hostname as configured on the server.

#       Value is acquired from HostnameItem if undefined.

#

# Mandatory: no

# Default:

# Hostname=

#Hostname=Zabbix server

### Option: HostnameItem

#       Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.

#       Does not support UserParameters or aliases.

#

# Mandatory: no

# Default:

# HostnameItem=system.hostname

### Option: HostMetadata

#       Optional parameter that defines host metadata.

#       Host metadata is used at host auto-registration process.

#       An agent will issue an error and not start if the value is over limit of 255 characters.

#       If not defined, value will be acquired from HostMetadataItem.

#

# Mandatory: no

# Range: 0-255 characters

# Default:

# HostMetadata=

### Option: HostMetadataItem

#       Optional parameter that defines an item used for getting host metadata.

#       Host metadata is used at host auto-registration process.

#       During an auto-registration request an agent will log a warning message if

#       the value returned by specified item is over limit of 255 characters.

#       This option is only used when HostMetadata is not defined.

#

# Mandatory: no

# Default:

# HostMetadataItem=

### Option: RefreshActiveChecks

#       How often list of active checks is refreshed, in seconds.

#

# Mandatory: no

# Range: 60-3600

# Default:

# RefreshActiveChecks=120

### Option: BufferSend

#       Do not keep data longer than N seconds in buffer.

#

# Mandatory: no

# Range: 1-3600

# Default:

# BufferSend=5

### Option: BufferSize

#       Maximum number of values in a memory buffer. The agent will send

#       all collected data to Zabbix Server or Proxy if the buffer is full.

#

# Mandatory: no

# Range: 2-65535

# Default:

# BufferSize=100

### Option: MaxLinesPerSecond

#       Maximum number of new lines the agent will send per second to Zabbix Server

#       or Proxy processing 'log' and 'logrt' active checks.

#       The provided value will be overridden by the parameter 'maxlines',

#       provided in 'log' or 'logrt' item keys.

#

# Mandatory: no

# Range: 1-1000

# Default:

# MaxLinesPerSecond=20

############ ADVANCED PARAMETERS #################

### Option: Alias

#       Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.

#       Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.

#       Different Alias keys may reference the same item key.

#       For example, to retrieve the ID of user 'zabbix':

#       Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,^zabbix:.:([0-9]+),,,,\1]

#       Now shorthand key zabbix.userid may be used to retrieve data.

#       Aliases can be used in HostMetadataItem but not in HostnameItem parameters.

#

# Mandatory: no

# Range:

# Default:

### Option: Timeout

#       Spend no more than Timeout seconds on processing

#

# Mandatory: no

# Range: 1-30

# Default:

# Timeout=3

### Option: AllowRoot

#       Allow the agent to run as 'root'. If disabled and the agent is started by 'root', the agent

#       will try to switch to the user specified by the User configuration option instead.

#       Has no effect if started under a regular user.

#       0 - do not allow

#       1 - allow

#

# Mandatory: no

# Default:

# AllowRoot=0

### Option: User

#       Drop privileges to a specific, existing user on the system.

#       Only has effect if run as 'root' and AllowRoot is disabled.

#

# Mandatory: no

# Default:

# User=zabbix

### Option: Include

#       You may include individual files or all files in a directory in the configuration file.

#       Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time.

#

# Mandatory: no

# Default:

# Include=

# Include=/usr/local/etc/zabbix_agentd.userparams.conf

# Include=/usr/local/etc/zabbix_agentd.conf.d/

Include=/usr/local/zabbix/etc/zabbix_agentd.conf.d/*.conf###(自定义包含位置)

####### USER-DEFINED MONITORED PARAMETERS #######

### Option: UnsafeUserParameters

#       Allow all characters to be passed in arguments to user-defined parameters.

#       The following characters are not allowed:

#       \ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > | # @

#       Additionally, newline characters are not allowed.

#       0 - do not allow

#       1 - allow

#

# Mandatory: no

# Range: 0-1

# Default:

#UnsafeUserParameters=1

### Option: UserParameter

#       User-defined parameter to monitor. There can be several user-defined parameters.

#       Format: UserParameter=

#       See 'zabbix_agentd' directory for examples.

#

# Mandatory: no

# Default:

UserParameter=1

####### LOADABLE MODULES #######

### Option: LoadModulePath

#       Full path to location of agent modules.

#       Default depends on compilation options.

#

# Mandatory: no

# Default:

# LoadModulePath=${libdir}/modules

### Option: LoadModule

#       Module to load at agent startup. Modules are used to extend functionality of the agent.

#       Format: LoadModule=

#       The modules must be located in directory specified by LoadModulePath.

#       It is allowed to include multiple LoadModule parameters.

#

# Mandatory: no

# Default:

# LoadModule=

####### TLS-RELATED PARAMETERS #######

### Option: TLSConnect

#       How the agent should connect to server or proxy. Used for active checks.

#       Only one value can be specified:

#               unencrypted - connect without encryption

#               psk         - connect using TLS and a pre-shared key

#               cert        - connect using TLS and a certificate

#

# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)

# Default:

# TLSConnect=unencrypted

### Option: TLSAccept

#       What incoming connections to accept.

#       Multiple values can be specified, separated by comma:

#               unencrypted - accept connections without encryption

#               psk         - accept connections secured with TLS and a pre-shared key

#               cert        - accept connections secured with TLS and a certificate

#

# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)

# Default:

# TLSAccept=unencrypted

### Option: TLSCAFile

#       Full pathname of a file containing the top-level CA(s) certificates for

#       peer certificate verification.

#

# Mandatory: no

# Default:

# TLSCAFile=

### Option: TLSCRLFile

#       Full pathname of a file containing revoked certificates.

#

# Mandatory: no

# Default:

# TLSCRLFile=

### Option: TLSServerCertIssuer

#      Allowed server certificate issuer.

#

# Mandatory: no

# Default:

# TLSServerCertIssuer=

### Option: TLSServerCertSubject

#      Allowed server certificate subject.

#

# Mandatory: no

# Default:

# TLSServerCertSubject=

### Option: TLSCertFile

#       Full pathname of a file containing the agent certificate or certificate chain.

#

# Mandatory: no

# Default:

# TLSCertFile=

### Option: TLSKeyFile

#       Full pathname of a file containing the agent private key.

#

# Mandatory: no

# Default:

# TLSKeyFile=

### Option: TLSPSKIdentity

#       Unique, case sensitive string used to identify the pre-shared key.

#

# Mandatory: no

# Default:

# TLSPSKIdentity=

### Option: TLSPSKFile

#       Full pathname of a file containing the pre-shared key.

#

# Mandatory: no

# Default:

# TLSPSKFile=

七、执行批量操作:

#salt 'zabbix_client' state.highstate -v

返回成功标志:

八、登录客户端查看:

查看配置文件:

九、打开web界面添加192.168.63.184这台web服务器:

添加一个简单的linux os模板出图:

到此,用saltstack自动化部署zabbix_client已经完成,有了salt我们在可以帮我们在部署zabbix客户端时候省去很多麻烦,后期有同学用ansible的,可以单独咨询。谢谢

更多课程信息,请关注龙果学院官方网站http://www.roncoo.com/

或关注龙果微信公众号RonCoo_com

推荐阅读更多精彩内容