安裝Zabbix5.0_ZenDei技術網路在線

概述 Zabbix 5.0已經正式發佈，相比4.0，它在可用性，安全性和完整性方面都有一系列重要改進。支持的平臺除了現有的官方軟體包和appliances外，Zabbix 5.0現在還支持以下平臺： SUSE Linux Enterprise Server 15 Debian 10 Ubuntu ...

概述
部署
- 安裝要求
- 安裝

概述

Zabbix 5.0已經正式發佈，相比4.0，它在可用性，安全性和完整性方面都有一系列重要改進。

支持的平臺

除了現有的官方軟體包和appliances外，Zabbix 5.0現在還支持以下平臺：

SUSE Linux Enterprise Server 15
Debian 10
Ubuntu 20.04
Raspbian 10
Mac OS/X
RHEL 8
CentOS 8
MSI for Windows Agent

安全相關

SAML用於在安全身份提供者處提供單點身份驗證，這意味著用戶登錄認證需要滿足防火牆的安全策略，然後SAML用於向Zabbix和其他應用程式聲明身份。SAML方式的支持使Zabbix具備開箱即用的與各種本地和雲身份提供商（如Microsoft ADFS、OpenAM、Secureath、Okta、Auth0等）集成的功能。

Zabbix 5.0為更安全的監控進行了重大改進：

支持Webhook的HTTP代理，使從Zabbix server到外部告警和ITSM系統的連接更加安全和可控
agent端的監控指標支持黑名單和白名單
所有Zabbix組件都可配置密碼，以避免在TLS連接中使用非安全密碼
支持到MySQL和PostgreSQL後端的加密連接
更強大的SHA256用於保存用戶密碼的Hash值

Zabbix 5.0支持更隱秘的用戶巨集，用於保存任何敏感信息，如不希望向最終用戶公開的密碼和API令牌。

支持TimescaleDB

Zabbix 5.0支持對TimescaleDB收集的數據進行可選壓縮。除了TimescaleDB的通用優勢（自動表分區、高性能和可擴展性）之外，它還有助於進一步提高性能和降低存儲成本。

Zabbix用戶界面也得到了改進，以支持監控和管理數百萬受監控設備。

agent升級

新一代agent為Linux和Windows提供了一系列新功能和高級監控功能：

用Golang編寫
用於監控各種服務和應用程式的插件框架
在執行監控檢查時能保持現有狀態（例如，保持持久的資料庫連接）
支持trapping
內置調度器，支持靈活的時間間隔
使用批量數據傳輸實現高效的網路使用
支持持續存儲收集的數據
直接替換Linux和Windows上的現有agent

垂直菜單

5.0的新界面：

部署

安裝要求

資料庫要求

Software	Version	Comments
MySQL	5.5.62 - 8.0.x	Required if MySQL is used as Zabbix backend database. InnoDB engine is required. MariaDB (10.0.37 or later) also works with Zabbix.
Oracle	11.2 or later	Required if Oracle is used as Zabbix backend database.
PostgreSQL	9.2.24 or later	Required if PostgreSQL is used as Zabbix backend database. It is suggested to use at least PostgreSQL 8.3, which introduced much better VACUUM performance.
TimescaleDB	1.0 or later, OSS (free) version	Required if TimescaleDB is used as Zabbix backend database.
SQLite	3.3.5 or later	SQLite is only supported with Zabbix proxies. Required if SQLite is used as Zabbix proxy database.

前端要求

Zabbix前端支持的最小屏幕寬度為1200 px。

ftware	Version	Comments
Apache	1.3.12 or later
Nginx	？
PHP	7.2.0 or later
PHP extensions:
gd	2.0.28 or later	PHP GD extension must support PNG images (--with-png-dir), JPEG (--with-jpeg-dir) images and FreeType 2 (--with-freetype-dir).
bcmath		php-bcmath (--enable-bcmath)
ctype		php-ctype (--enable-ctype)
libXML	2.6.15 or later	php-xml, if provided as a separate package by the distributor.
xmlreader		php-xmlreader, if provided as a separate package by the distributor.
xmlwriter		php-xmlwriter, if provided as a separate package by the distributor.
session		php-session, if provided as a separate package by the distributor.
sockets		php-net-socket (--enable-sockets). Required for user script support.
mbstring		php-mbstring (--enable-mbstring)
gettext		php-gettext (--with-gettext). Required for translations to work.
ldap		php-ldap. Required only if LDAP authentication is used in the frontend.
mysqli		Required if MySQL is used as Zabbix backend database.
oci8		Required if Oracle is used as Zabbix backend database.
pgsql		Required if PostgreSQL is used as Zabbix backend database.

服務端要求

Requirement	Status	Description
libpcre	Mandatory	PCRE library is required for Perl Compatible Regular Expression (PCRE) support. The naming may differ depending on the GNU/Linux distribution, for example 'libpcre3' or 'libpcre1'. Note that you need exactly PCRE (v8.x); PCRE2 (v10.x) library is not used.
libevent	Required for bulk metric support and IPMI monitoring. Version 1.4 or higher. Note that for Zabbix proxy this requirement is optional; it is needed for IPMI monitoring support.
libpthread	Required for mutex and read-write lock support.
zlib	Required for compression support.
OpenIPMI	Optional	Required for IPMI support.
libssh2 or libssh	Required for SSH checks. Version 1.0 or higher (libssh2); 0.6.0 or higher (libssh). libssh is supported since Zabbix 4.4.6.
fping	Required for ICMP ping items.
libcurl	Required for web monitoring, VMware monitoring, SMTP authentication, `web.page.*` Zabbix agent items, HTTP agent items and Elasticsearch (if used). Version 7.28.0 or higher is recommended. Libcurl version requirements: - SMTP authentication: version 7.20.0 or higher - Elasticsearch: version 7.28.0 or higher
libxml2	Required for VMware monitoring and XML XPath preprocessing.
net-snmp	Required for SNMP support. Version 5.3.0 or higher.

Agent 2

Agent 2 支持64位的Linux和Microsoft Windows。

Requirement	Status	Description
libpcre	Mandatory	PCRE library is required for Perl Compatible Regular Expression (PCRE) support. The naming may differ depending on the GNU/Linux distribution, for example 'libpcre3' or 'libpcre1'. Note that you need exactly PCRE (v8.x); PCRE2 (v10.x) library is not used.
OpenSSL	Optional	Required when using encryption. OpenSSL 1.0.1 or later is required on UNIX platforms. The OpenSSL library must have PSK support enabled. LibreSSL is not supported. On Microsoft Windows systems OpenSSL 1.1.1 or later is required.

Java gateway

Library	License	Website	Comments
logback-core-0.9.27.jar	EPL 1.0, LGPL 2.1	http://logback.qos.ch/	Tested with 0.9.27, 1.0.13, and 1.1.1.
logback-classic-0.9.27.jar	EPL 1.0, LGPL 2.1	http://logback.qos.ch/	Tested with 0.9.27, 1.0.13, and 1.1.1.
slf4j-api-1.6.1.jar	MIT License	http://www.slf4j.org/	Tested with 1.6.1, 1.6.6, and 1.7.6.
android-json-4.3_r3.1.jar	Apache License 2.0	https://android.googlesource.com/platform/libcore/+/master/json	Tested with 2.3.3_r1.1 and 4.3_r3.1. See src/zabbix_java/lib/README for instructions on creating a JAR file.

安裝

環境如下：

系統版本：CentOS Linux release 8.1.1911 (Core)
MySQL：8.0.17
Nginx：1.14.1
PHP：7.2.11

關閉防火牆和SELingux

systemctl stop firewalld
systemctl disable firewalld
sed -i 's#^SELINUX=.*#SELINUX=disabled#g' /etc/sysconfig/selinux 
setenforce 0

配置鏡像源

新增阿裡雲zabbix鏡像源zabbix.repo：

[zabbix]
name=Zabbix Official Repository - $basearch
baseurl=http://mirrors.aliyun.com/zabbix/zabbix/5.0/rhel/8/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591

[zabbix-non-supported]
name=Zabbix Official Repository non-supported - $basearch
baseurl=http://mirrors.aliyun.com/zabbix/non-supported/rhel/8/$basearch/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
gpgcheck=1

dnf clean all

安裝資料庫

添加源

rpm -Uvh https://repo.mysql.com//mysql80-community-release-el8-1.noarch.rpm
dnf clean all

安裝

dnf install mysql mysql-server mysql-devel

啟動並設置開機自啟

systemctl enable mysqld
systemctl start mysqld

修改root密碼

[root@centos8 yum.repos.d]# mysql -uroot -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 8.0.17 Source distribution

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> ALTER user 'root'@'localhost' IDENTIFIED BY 'PASSWORD';
Query OK, 0 rows affected (0.00 sec)

mysql> exit
Bye

Tips：密碼必須包含大寫字母、數字、特殊符號，不需要flush privileges來刷新許可權。

Zabbix server，Web前端，agent及相關依賴

dnf install zabbix-server-mysql zabbix-web-mysql zabbix-nginx-conf zabbix-agent

創建初始資料庫

create database zabbix character set utf8 collate utf8_bin;
create user zabbix@localhost identified by 'password';
grant all privileges on zabbix.* to zabbix@localhost;

導入初始架構和數據，系統將提示您輸入新創建的密碼。

zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -p zabbix

為Zabbix server配置資料庫

修改資料庫密碼，編輯配置文件 /etc/zabbix/zabbix_server.conf

DBPassword=password

為Zabbix前端配置PHP

配置web埠，編輯配置文件 /etc/nginx/conf.d/zabbix.conf

listen 80;
# server_name example.com;

修改時區，編輯配置文件 /etc/php-fpm.d/zabbix.conf

php_value[date.timezone] = Asia/Shanghai

啟動Zabbix server和agent進程

啟動Zabbix server和agent進程，併為它們設置開機自啟：

systemctl restart zabbix-server zabbix-agent nginx php-fpm
systemctl enable zabbix-server zabbix-agent nginx php-fpm

配置Zabbix前端

打開URL： http://<server_ip_or_name>/zabbix

Tips：若打不開以上URL，試試http://<server_ip_or_name>/zabbix.php。

填寫資料庫密碼

Name為可選，但是如果填寫，它將顯示在菜單欄和頁面標題中。

用戶名：Admin，密碼：zabbix

自此安裝完成