本文主要是介绍linux serport模块,Puppet模块(六):zabbix模块及server资源,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
作用:Zabbix是一款强大的自动化监控软件,通过puppet自动部署zabbix客户端。
1、服务端配置zabbix模块
(1)模块清单[root@puppet ~]# tree /etc/puppet/modules/zabbix/
/etc/puppet/modules/zabbix/
├── files
│ ├── discovertcpport.sh
│ └── zabbix-2.2.5.tar.gz
├── manifests
│ ├── config.pp
│ ├── init.pp
│ ├── install.pp
│ ├── params.pp
│ └── service.pp
└── templates
├── zabbix_agentd_conf.erb
└── zabbix_install_sh.erb
(2)定义参数类[root@puppet ~]# vi /etc/puppet/modules/zabbix/manifests/params.pp
class zabbix::params {
$zabbixserver = "zabbix.ewin.com" #zabbix服务器名
$zabbixversion = 'zabbix-2.2.5' #zabbix版本
}
(3)定义安装类[root@puppet ~]# vi /etc/puppet/modules/zabbix/manifests/install.pp
class zabbix::install {
include zabbix::install::files, zabbix::install::sh
}
#文件子类
class zabbix::install::files {
#创建软件存放目录
file { "/home/zabbix":
ensure => directory,
}
#复制源码包
file { "zabbix-agent":
name => "/home/zabbix/${zabbix::params::zabbixversion}.tar.gz",
ensure => file,
owner => 'root',
group => 'root',
source => "puppet:///modules/zabbix/${zabbix::params::zabbixversion}.tar.gz",
require => File["/home/zabbix"],
}
#复制安装脚本,必须是unix格式
file { "zabbix-install":
name => "/home/zabbix/zabbix_install.sh",
ensure => file,
owner => 'root',
group => 'root',
mode => '0755',
content => template("zabbix/zabbix_install_sh.erb"),
require => File["/home/zabbix"],
}
}
#脚本子类
class zabbix::install::sh {
#安装依赖软件包
package { ["gcc","curl"]:#,"curl-devel","net-snmp","net-snmp-devel","perl-DBI"
ensure => installed,
before => Exec["/bin/bash zabbix_install.sh"],
}
#执行安装脚本
exec { "/bin/bash zabbix_install.sh":
cwd => "/home/zabbix",
creates => "/etc/init.d/zabbix_agentd", #脚本执行成功后会生成这个文件,当文件存在了就不再执行此资源
require => Class["zabbix::install::files"],
}
}
说明:使用安装脚本可以简化很多代码,简省puppet资源,也可以使用exec来执行tar、configure、make等命令来进行部署。
(4)定义配置类[root@puppet ~]# vi /etc/puppet/modules/zabbix/manifests/config.pp
class zabbix::config {
include zabbix::config::files, zabbix::config::iptables
}
#配置文件子类
class zabbix::config::files {
file { "/usr/local/zabbix_agent/etc/zabbix_agentd.conf":
ensure => present,
owner => 'root',
group => 'root',
mode => '0600',
content => template("zabbix/zabbix_agentd_conf.erb"),
require => Class["zabbix::install"],
notify => Class["zabbix::service"],
}
file { "/usr/local/zabbix_agent/sbin/discovertcpport.sh":
ensure => present,
owner => 'root',
group => 'root',
mode => '0755',
source => "puppet:///modules/zabbix/discovertcpport.sh",
require => Class["zabbix::install"],
}
#指定日志属主,否则进程启动时报错cannot open [/var/log/zabbix_agentd.log]: [13] Permission denied
file { "/var/log/zabbix_agentd.log":
ensure => present,
owner => 'zabbix',
group => 'zabbix',
require => Class["zabbix::install"],
}
}
#防火墙设置子类
class zabbix::config::iptables {
service { "iptables":
ensure => running,
enable => true,
hasstatus => true,
hasrestart => true,
}
exec { 'iptables -I INPUT -p tcp --dport 10050:10051 -j ACCEPT':
unless => 'grep "tcp --dport 10050:10051" /etc/sysconfig/iptables 2>/dev/null',
require => Service["iptables"],
notify => Exec["service iptables save"],
}
exec { 'iptables -I INPUT -p udp --dport 10050:10051 -j ACCEPT':
unless => 'grep "udp --dport 10050:10051" /etc/sysconfig/iptables 2>/dev/null',
require => Service["iptables"],
notify => Exec["service iptables save"],
}
exec { 'service iptables save':
refreshonly => true,
}
}
说明:这里的防火墙规则配置可以应用到很多地方,首先要保证iptables服务启动,否则规则保存不进文件,然后添加临时规则,通知iptables服务保存,unless和refreshonly保证了Exec资源只执行一次就完成任务。
(5)定义配置文件模板[root@puppet ~]# vi /etc/puppet/modules/zabbix/template/zabbix_agentd_conf.erb
### puppet config ###
LogFile=/var/log/zabbix_agentd.log
Server= #参数类中定义的服务器名称
Hostname= #使用facter fqdn获取客户端的计算机全名
UnsafeUserParameters=1
EnableRemoteCommands=1
UserParameter=tcpportlisten,/usr/local/zabbix_agent/sbin/discovertcpport.sh "$1"
说明:关于zabbix的配置就不详述了,可以看我关于zabbix的相关博文。
(6)定义安装文件模板[root@puppet ~]# vi /etc/puppet/modules/zabbix/template/zabbix_install_sh.erb
#!/bin/bash
cd /home/zabbix
useradd zabbix -s /sbin/nologin
tar zvxf .tar.gz
cd
./configure --prefix=/usr/local/zabbix_agent --enable-agent
make install
cp /usr/local/zabbix_agent/sbin/zabbix_agentd /etc/init.d/
chmod +x /etc/init.d/zabbix_agentd
fi
说明:通过参数定义软件版本和服务器地址,模板文件就不用因为这两个值的不同再修改了。
注意:windows下编辑的文件格式是doc,在linux下无法执行(.sh文件),要转换成unix格式。
在linux下转换文件格式方法:[root@puppet ~]# vi /etc/puppet/modules/zabbix/template/zabbix_install_sh.erb
:set ff? #显示fileforma=dos就是windows格式
:set fileformat=unix #转换成unix格式
:wq! #保存退出
在windows下转换文件格式方法(推荐):
UltraEdit编辑器:文件File-->转换Conversions-->DOS转UNIX
(7)定义服务类[root@puppet ~]# vi /etc/puppet/modules/zabbix/manifests/service.pp
class zabbix::service {
service { "zabbix_agentd":
ensure => running,
start => "/etc/init.d/zabbix_agentd start",
stop => "ps ax|grep zabbix_agentd|grep -v grep |awk '{print \$1}'|xargs kill -9", #$1前要加个\进行转义,否则被认为是puppet变量而无效
require => Class["zabbix::config"],
}
}
说明:客户端zabbix_agentd服务的service restart|stop|status没有反应,因此自定义启动和关闭命令来实现重启效果。
(8)定义zabbix主类[root@puppet ~]# vi /etc/puppet/modules/zabbix/manifests/init.pp
class zabbix {
Exec { path => "/usr/bin:/bin:/usr/sbin:/sbin" }
include zabbix::params
include zabbix::install, zabbix::config, zabbix::service
}
(9)定义节点文件,调用模块[root@puppet ~]# vi /etc/puppet/manifests/centostest.pp
node "centostest.ewin.com" {
include ntp, yum, puppet, host, ssh, zabbix
}
(10)应用节点文件[root@puppet ~]# vi /etc/puppet/manifests/site.pp
import "centostest.pp"
(11)下载zabbix源码包
官方下载地地址:http://www.zabbix.com/download.php
下载Zabbix Sources中的源码包,目前是2.4.2和2.2.7版本
我的zabbix服务器安装的2.2.5版本[root@puppet ~]# cd /etc/puppet/modules/zabbix/files/
[root@puppet files]# wget http://jaist.dl.sourceforge.net/project/zabbix/ZABBIX%20Latest%20Stable/2.2.5/zabbix-2.2.5.tar.gz
(12)编写自动监控"监听端口"脚本[root@puppet ~]# vi /etc/puppet/modules/zabbix/files/discovertcpport.sh
#!/bin/bash
portarray=(`netstat -tnlp|egrep -i "$1"|awk {'print $4'}|awk -F':' '{if ($NF~/^[0-9]*$/) print $NF}'|sort |uniq 2>/dev/null`)
length=${#portarray[@]}
printf "{\n"
printf '\t'"\"data\":["
for ((i=0;i
do
printf '\n\t\t{'
printf "\"{#TCP_PORT}\":\"${portarray[$i]}\"};"
if [ $i -lt $[$length-1] ];then
printf ','
fi
done
printf "\n\t]\n"
printf "}\n"
说明:这是给zabbix用来监控客户端正在监听的端口用的脚本,详见我的zabbix相关博文。
注意:.sh脚本文件,格式必须是unix格式才能执行,按第(5)节中的方法修改。
2、测试
(1)客户端执行puppet agent -t同时查看日志[root@centostest ~]# tailf /var/log/messages
Nov 13 11:45:40 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Files/File[/home/zabbix]/ensure) created
Nov 13 11:45:40 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Files/File[zabbix-install]/ensure) defined content as '{md5}dd528a657456fdf527df0fc341f437d0'
Nov 13 11:45:44 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Files/File[zabbix-agent]/ensure) defined content as '{md5}e7b74a0208743f743585d9cc1d46eccf'
#以上显示安装脚本和配置文件复制成功
Nov 13 11:45:45 centostest kernel: ip_tables: (C) 2000-2006 Netfilter Core Team
Nov 13 11:45:45 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Config::Iptables/Service[iptables]/ensure) ensure changed 'stopped' to 'running'
Nov 13 11:45:45 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Config::Iptables/Exec[iptables -I INPUT -p tcp --dport 10050:10051 -j ACCEPT]/returns) executed successfully
Nov 13 11:45:45 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Config::Iptables/Exec[iptables -I INPUT -p udp --dport 10050:10051 -j ACCEPT]/returns) executed successfully
Nov 13 11:45:46 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Config::Iptables/Exec[service iptables save]) Triggered 'refresh' from 2 events
#以上显示防火墙由关闭转为启动,添加两条规则,触发了save两次
Nov 13 11:46:19 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Sh/Exec[/bin/bash zabbix_install.sh]/returns) useradd: user 'zabbix' already exists
Nov 13 11:46:19 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Sh/Exec[/bin/bash zabbix_install.sh]/returns) zabbix-2.2.5/
Nov 13 11:46:19 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Sh/Exec[/bin/bash zabbix_install.sh]/returns) zabbix-2.2.5/Makefile.in
Nov 13 11:46:19 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Sh/Exec[/bin/bash zabbix_install.sh]/returns) zabbix-2.2.5/misc/
Nov 13 11:46:19 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Sh/Exec[/bin/bash zabbix_install.sh]/returns) zabbix-2.2.5/misc/Makefile.in
Nov 13 11:46:19 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Sh/Exec[/bin/bash zabbix_install.sh]/returns) zabbix-2.2.5/misc/snmptrap/
Nov 13 11:46:19 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Sh/Exec[/bin/bash zabbix_install.sh]/returns) zabbix-2.2.5/misc/snmptrap/zabbix_trap_receiver.pl
Nov 13 11:46:19 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Sh/Exec[/bin/bash zabbix_install.sh]/returns) zabbix-2.2.5/misc/snmptrap/snmptrap.sh
Nov 13 11:46:19 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Sh/Exec[/bin/bash zabbix_install.sh]/returns) zabbix-2.2.5/misc/p_w_picpaths/
Nov 13 11:46:19 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Sh/Exec[/bin/bash zabbix_install.sh]/returns) zabbix-2.2.5/misc/p_w_picpaths/README
Nov 13 11:46:19 centostest puppet-agent[33875]: (/Stage[main]/Zabbix::Install::Sh/Exec[/bin/bash zabbix_install.sh]/returns) zabbix-2.2.5/misc/p_w_picpaths/png_to_xml.sh
#运行安装脚本,zabbix源码包解压缩,接近200行的样子,这里省略
#脚本中的其他命令不在日志中显示
Nov 13 11:46:19 centostest rsyslogd-2177: imuxsock begins to drop messages from pid 33875 due to rate-limiting
Nov 13 11:46:38 centostest puppet-agent[43176]: Finished catalog run in 2.76 seconds
(2)查看安装文件是否复制到位[root@centostest ~]# ll /home/zabbix/
总用量 14620
drwxrwxr-x. 13 1000 1000 4096 11月 13 11:46 zabbix-2.2.5
-rw-r--r--. 1 root root 14960556 11月 13 11:45 zabbix-2.2.5.tar.gz
-rwxr-xr-x. 1 root root 276 11月 13 11:45 zabbix_install.sh
(3)查看启动进程是否复制到位[root@centostest ~]# ll /etc/init.d/zabbix_agentd
-rwxr-xr-x. 1 root root 862771 11月 12 16:36 /etc/init.d/zabbix_agentd
(4)查看配置文件内容[root@centostest ~]# cat /usr/local/zabbix_agent/etc/zabbix_agentd.conf
### puppet config ###
LogFile=/var/log/zabbix_agentd.log
Server=zabbix.ewin.com
Hostname=centostest.ewin.com
UnsafeUserParameters=1
EnableRemoteCommands=1
UserParameter=tcpportlisten,/usr/local/zabbix_agent/sbin/discovertcpport.sh "$1"
(5)查看防火墙状态[root@centostest ~]# service iptables status
表格:filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:10050:10051
2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:10050:10051
3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
5 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
7 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
结论:成功启动防火墙并添加了两条规则
3、测试服务重启
(1)查看进程是否启动,以及进程的PID(1)[root@centostest ~]# ps aux|grep zabbix
zabbix 45252 0.0 0.0 17592 716 ? S 09:20 0:00 /etc/init.d/zabbix_agentd: collector [idle 1 sec]
zabbix 45253 0.0 0.0 17592 624 ? S 09:20 0:00 /etc/init.d/zabbix_agentd: listener #1 [waiting for connection]
zabbix 45254 0.0 0.0 17592 624 ? S 09:20 0:00 /etc/init.d/zabbix_agentd: listener #2 [waiting for connection]
zabbix 45255 0.0 0.0 17592 624 ? S 09:20 0:00 /etc/init.d/zabbix_agentd: listener #3 [waiting for connection]
root 47201 0.0 0.0 103256 848 pts/2 S+ 09:22 0:00 grep zabbix
(2)修改配置文件模板
在zabbix_agentd_conf.erb中加入一行#test service restart
(3)客户端执行puppet agent -t同时查看日志[root@centostest ~]# tailf /var/log/messages
Nov 13 09:33:28 centostest puppet-agent[62959]: (/Stage[main]/Zabbix::Config/File[/usr/local/zabbix_agent/etc/zabbix_agentd.conf]/content) content changed '{md5}7f16ab238a0febff5d3330a4b4b341c4' to '{md5}d2b43f63f0c101966d8ea32356e0fcdc'
Nov 13 09:33:28 centostest puppet-agent[62959]: (/Stage[main]/Zabbix::Service/Service[zabbix_agentd]) Triggered 'refresh' from 1 events
(4)再次查看启动进程的PID[root@centostest ~]# ps aux|grep zabbixroot 3016 0.0 0.0 103256 840 pts/2 S+ 09:36 0:00 grep zabbix
zabbix 63190 0.0 0.0 17592 748 ? S 09:33 0:00 /etc/init.d/zabbix_agentd start
zabbix 63191 0.0 0.0 17592 728 ? S 09:33 0:00 /etc/init.d/zabbix_agentd: collector [idle 1 sec]
zabbix 63192 0.0 0.0 17592 624 ? S 09:33 0:00 /etc/init.d/zabbix_agentd: listener #1 [waiting for connection]
zabbix 63193 0.0 0.0 17592 624 ? S 09:33 0:00 /etc/init.d/zabbix_agentd: listener #2 [waiting for connection]
zabbix 63194 0.0 0.0 17592 624 ? S 09:33 0:00 /etc/init.d/zabbix_agentd: listener #3 [waiting for connection]
结论:可以看到进程PID改变了,配置文件的更新成功触发服务重启,使用了自定义的start和stop命令来完成重启过程。
总结:成功部署了Zabbix agent端,能通过puppet管理配置文件,自动重启zabbix进程,
之后就是在zabbix服务器上添加对centostest的监控了,这里不详述,经测试监控成功。
4、service服务资源
#默认采用/etc/init.d/下的脚本进行服务管理,自定义的脚本需要加入该目录并在脚本中定义chkconfigservice { 'nginx': #标题等于name参数,服务名
ensure => running,#确保服务运行
enable => true, #开机启动服务
hasrestart => true, #是否支持service nginx restart命令,重启
hasstatus => true, #是否支持service nginx status命令,查看状态,当服务未启动,会执行重启
subscribe => File["nginx.conf"], #当nginx.conf有变更时,执行此服务资源(重启)
restart => "/etc/init.d/nginx reload", #指定重启命令,只需重新加载配置文件即可
}{
binary => , #守护进程的路径
enable => true|false, #设置开机自动启动
ensure => true|false|running, #服务的状态,运行|停止|运行
hasstatus => true|false, #是否支持status
hasrestart => true|false, #是否支持restart,不支持就用stop/start实现
name => 'sshd', #服务名称
path => "/etc/init.d", #指定查找init脚本的路径
pattern => , #设置搜索进程的匹配字符串,用来确认服务进程的状态或重启
restart => "/etc/init.d/nginx reload", #重启命令,可指定
start => "/etc/init.d/nginx start", #启动命令,可指定
status => "/etc/init.d/nginx status", #状态命令,可指定
stop => "/etc/init.d/nginx stop", #停止命令,可指定
}
这篇关于linux serport模块,Puppet模块(六):zabbix模块及server资源的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
