Zabbix offers VMware vSphere cluster monitoring out of the box, but its functionality is quite limited. I manage the cluster. VCSA (vCenter Server Appliance) is a linux-based solution, essentially SUSE Linux Enterprise with VMware add-ons. I had bad experience with a simple vCenter on Windows Server, and indeed I am a Linuxoid, so I immediately decided to deploy the cluster using VCSA. In version 5.5 there were some limitations of VCSA regarding the solution on Windows, but version 6 does not have these restrictions and is positioned as production-ready. Good.
So ... a little off topic. Offal - Susya, there is a zypper, only turnips are not connected. In general, you can install anything on VCSA, but you can kill the system this way, and it’s not difficult.
To get started, look at which version of Susi VCSA is spinning:
To get started, look at which version of Susi VCSA is spinning:
vc:~ # cat /etc/SuSE-release
SUSE Linux Enterprise Server 11 (x86_64)
VERSION = 11
PATCHLEVEL = 3
Now we go to software.opensuse.org , look for zabbix-agent and select the appropriate rap. Often, for SLE, rap from Opensuse is suitable:
Copy the link to the RPM file, enable SSH access to VCSA, cut and run the shell. We need only get the path to the turnip from the link. Add rap to the system:
vc:~ # zypper ar -f http://download.opensuse.org/repositories/server:/monitoring/SLE_11_SP3/ monitoring
Adding repository 'monitoring' [done]
Repository 'monitoring' successfully added
Enabled: Yes
Autorefresh: Yes
GPG check: Yes
URI: http://download.opensuse.org/repositories/server:/monitoring/SLE_11_SP3/
Update rep:
vc:~ # zypper ref
After that, you can install software as usual in Sousse. For example:
vc:~ # zypper se zabbix
Loading repository data...
Reading installed packages...
S | Name | Summary | Type
--+--------------------------+--------------------------------------------------------------+-----------
| percona-zabbix-templates | Percona MySQL Monitoring Plugins for Zabbix | package
| zabbix | Enterprise-class open source distributed monitoring solution | srcpackage
| zabbix-agent | The Zabbix agents | package
| zabbix-debuginfo | Debug information for package zabbix | package
| zabbix-debugsource | Debug sources for package zabbix | package
| zabbix-java-gateway | Zabbix java gateway | package
| zabbix-phpfrontend | Zabbix web frontend (php) | package
| zabbix-proxy | The Zabbix proxy | package
| zabbix-proxy-mysql | Zabbix proxy with MySQL support | package
| zabbix-proxy-postgresql | Zabbix proxy with PostgreSQL support | package
| zabbix-proxy-sqlite | Zabbix proxy with SQLite support | package
| zabbix-server | The Zabbix server | package
| zabbix-server-mysql | Zabbix server with MySQL support | package
| zabbix-server-postgresql | Zabbix server with PostgreSQL support | package
| zabbix-server-sqlite | Zabbix server with SQLite support | package
vc:~ # zypper in zabbix-agent
We correct the file /etc/zabbix/zabbix-agent.conf, start the service through /etc/init.d/zabbix-agentd start ... But only active verification works. That is, only when the agent contacts the server, on VCSA, incoming connections are closed by a firewall, except for individual ports. You can add a rule to iptables, but it will crash when you reboot VCSA, or when editing the network filter settings through the web interface.
We go to / etc / vmware / appliance and first of all we backup the file we are going to edit:
vc:~ # cd /etc/vmware/appliance/
vc:/etc/vmware/appliance # cp services.conf services.conf.bak
Now through vim we edit the file and add the rule. Ready option:
vc:/etc/vmware/appliance # diff services.conf.bak services.conf
70a71,84
> },
> "zabbix-agent": {
> "firewall": {
> "enable": true,
> "rules": [
> {
> "direction": "inbound",
> "protocol": "tcp",
> "porttype": "dst",
> "port": "10050",
> "portoffset": 0
> }
> ]
> }
We overload the rules of the firewall:
vc:~ # /usr/lib/applmgmt/networking/bin/firewall-reload
Everything is ready. In Zabbix, we add a host, use the standard template for linux-systems and enjoy the performance and graphics.
But after updating the VCSA, the services.conf file will be overwritten, so it’s better to keep the current version:
But after updating the VCSA, the services.conf file will be overwritten, so it’s better to keep the current version:
vc:/etc/vmware/appliance # cp services.conf services.conf.new
So after the update it will be possible to update the firewall rules in two lines.
Comments
Post a Comment