manual:appliance

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

manual:appliance [2020/04/06 12:20]
yuriii [4 Firewall] updated to CentOS 8
manual:appliance [2021/05/17 11:38]
Line 1: Line 1:
-====== 6. Zabbix appliance ====== 
- 
-=== Overview === 
- 
-As an alternative to setting up manually or reusing an existing server for Zabbix, users may [[http://​www.zabbix.com/​download_appliance|download]] a Zabbix appliance or Zabbix appliance installation CD image. ​ 
- 
-Zabbix appliance and installation CD versions are based upon the following OS:  
-^Zabbix appliance version^OS^ 
-|5.0.0|CentOS 8  | 
- 
-Zabbix appliance installation CD can be used for instant deployment of Zabbix server (MySQL). 
- 
-|{{:​manual:​installation_cd_boot_menu1.png?​600|}}| 
-|Zabbix installation CD/DVD boot menu| 
- 
- 
-Zabbix appliance contains a Zabbix server (configured and running on MySQL) and a frontend. 
- 
-Zabbix virtual appliance is available in the following formats: 
- 
-  * VMX (VMware) 
-  * OVF (Open Virtualisation Format) 
-  * KVM 
-  * HDD/flash image, USB stick 
-  * Live CD/DVD 
-  * Xen guest 
-  * Microsoft VHD (Azure) 
-  * Microsoft VHD (Hyper-V) 
- 
-To get started, boot the appliance and point a browser at the IP the appliance has received over DHCP.  
- 
-To get the IP address from inside the virtual machine run: 
-  ip addr show 
- 
-To access Zabbix frontend go to **<​nowiki>​http://<​host_ip></​nowiki>​** (for access from the host's browser bridged mode should be enabled in the VM network settings). ​ 
- 
-<note tip>If the appliance fails to start up in Hyper-V, you may want to press ''​Ctrl+Alt+F2''​ to switch tty sessions.</​note>​ 
-=== - Changes to CentOS 8 configuration === 
- 
-The appliance is based on CentOS 8. There are some changes applied to the base CentOS configuration. 
- 
-== - Repositories == 
- 
-Official Zabbix [[manual:​installation:​install_from_packages/​rhel_centos|repository]] has been added to ///​etc/​yum.repos.d//:​ 
-  [zabbix] 
-  name=Zabbix Official Repository - $basearch 
-  baseurl=http://​repo.zabbix.com/​zabbix/​4.5/​rhel/​8/​$basearch/​ 
-  enabled=1 
-  gpgcheck=1 
-  gpgkey=file:///​etc/​pki/​rpm-gpg/​RPM-GPG-KEY-ZABBIX-A14FE591 
- 
-== - Firewall == 
- 
-The appliance uses iptables firewall with predefined rules: 
-  * Opened SSH port (22 TCP); 
-  * Opened Zabbix agent (10050 TCP) and Zabbix trapper (10051 TCP) ports; 
-  * Opened HTTP (80 TCP) and HTTPS (443 TCP) ports; 
-  * Opened SNMP trap port (162 UDP); 
-  * Opened outgoing connections to NTP port (53 UDP); 
-  * ICMP packets limited to 5 packets per second; 
-  * All other incoming connections are dropped. 
- 
- 
-== - Using a static IP address == 
- 
-By default the appliance uses DHCP to obtain the IP address. To specify a static IP address: 
- 
-  * Log in as root user; 
-  * Open ///​etc/​sysconfig/​network-scripts/​ifcfg-eth0//​ file; 
-  * Replace //​BOOTPROTO=dhcp//​ with //​BOOTPROTO=none//​ 
-  * Add the following lines: 
-    * //​IPADDR=<​IP address of the appliance>//​ 
-    * //​PREFIX=<​CIDR prefix>//​ 
-    * //​GATEWAY=<​gateway IP address>//​ 
-    * //​DNS1=<​DNS server IP address>//​ 
-  * Run **systemctl restart network** command. 
- 
-[[https://​access.redhat.com/​documentation/​en-us/​red_hat_enterprise_linux/​6/​html/​deployment_guide/​s1-networkscripts-interfaces|Cosult official Red Hat documentation if needed.]] 
-== - Changing time zone == 
- 
-By default the appliance uses UTC for the system clock. To change the time zone, copy the appropriate file from ///​usr/​share/​zoneinfo//​ to ///​etc/​localtime//,​ for example: 
- 
-  cp /​usr/​share/​zoneinfo/​Europe/​Riga /​etc/​localtime 
- 
- 
- 
- 
-=== - Zabbix configuration === 
- 
-Appliance Zabbix setup has the following passwords and other configuration changes: 
- 
-== - Credentials (login:​password) == 
- 
-System: 
-  * root:zabbix 
- 
-Database: 
-  * root:<​random>​ 
-  * zabbix:<​random>​ 
- 
-<​note>​Database passwords are randomly generated during the installation process.\\ Root password is stored to /​root/​.my.cnf file, it is not required to input a password under the "​root"​ account.</​note>​ 
- 
-Zabbix frontend: 
-  * Admin:​zabbix 
- 
-To change the database user password it has to be changed in the following locations: 
-  * MySQL; 
-  * /​etc/​zabbix/​zabbix_server.conf;​ 
-  * /​etc/​zabbix/​web/​zabbix.conf.php. 
- 
-<​note>​ Separate users ''​zabbix_srv''​ and ''​zabbix_web''​ are defined for server and frontend respectively. </​note>​ 
- 
-== - File locations == 
- 
-  * Configuration files are placed in **/​etc/​zabbix**. 
-  * Zabbix server, proxy and agent logfiles are placed in **/​var/​log/​zabbix**. 
-  * Zabbix frontend is placed in **/​usr/​share/​zabbix**. 
-  * Home directory for user **zabbix** is **/​var/​lib/​zabbix**. 
- 
-== - Changes to Zabbix configuration == 
- 
-  * Frontend timezone is set to Europe/Riga (this can be modified in **/​etc/​php-fpm.d/​zabbix.conf**);​ 
- 
- 
-=== - Frontend access === 
- 
-Access to frontend by default is allowed from everywhere. 
- 
-The frontend can be accessed //​http:​%%//​%%<​host>//​. 
- 
-This can be customised in **/​etc/​nginx/​conf.d/​zabbix.conf**. You have to restart nginx after modifying this file. To do so, log in using SSH as **root** user and execute: 
- 
-  systemctl restart nginx 
- 
-=== - Firewall === 
- 
-By default, only the ports listed in changes are open. To open additional ports just modify "///​etc/​sysconfig/​iptables//"​ file and reload firewall rules: 
- 
-  systemctl reload iptables 
-=== - Monitoring capabilities === 
- 
-Zabbix installation is provided with the support for the following: 
- 
-  * SNMP 
-  * IPMI 
-  * Web monitoring 
-  * VMware monitoring 
-  * ODBC 
-  * SSH2 
-  * IPv6 
-  * SNMP Traps 
-  * Zabbix Java Gateway 
- 
-=== - SNMP traps === 
- 
-Zabbix appliance uses //​snmptrapfmt//​ to handle SNMP traps. It is configured to receive all traps from everywhere. 
- 
-Authentication is not required. To enable authentication,​ open the ///​etc/​snmp/​snmptrapd.conf//​ file and specify required auth settings. 
- 
-All traps are stored in the ///​var/​log/​zabbix/​snmptrapfmt.log//​ file. It is rotated by logrotate before reaching 2GB file size. 
- 
-=== - Upgrading === 
- 
-The appliance Zabbix packages may be upgraded. To do so, run: 
-  dnf update zabbix* 
- 
-=== - System Services === 
- 
-Systemd services are available: 
-  systemctl list-units zabbix* 
- 
-== - Increasing available diskspace == 
- 
-<note warning>​Create a backup of all data before attempting any of the steps.</​note>​ 
- 
-Available diskspace on the appliance might not be sufficient. In that case it is possible to expand the disk. To do so, first expand the block device in your virtualization environment,​ then follow these steps. 
- 
-Start //fdisk// to change the partition size. As //root//, execute: 
- 
-  fdisk /dev/sda 
- 
-This will start //fdisk// on disk //sda//. Next, switch to sectors by issuing: 
- 
-  u 
- 
-<note important>​Don'​t disable DOS compatibility mode by entering **c**. Proceeding with it disabled will damage the partition.</​note>​ 
- 
-Then delete the existing partition and create a new one with the desired size. In the majority of cases you will accept the available maximum, which will expand the filesystem to the size you made available for the virtual disk. To do so, enter the following sequence in fdisk prompt: 
- 
-  d 
-  n 
-  p 
-  1 
-  (accept default 63) 
-  (accept default max) 
- 
-If you wish to leave some space for additional partitions (swap etc), enter another value for //last sector//. When done, save the changes by issuing: 
- 
-  w 
-  ​ 
-After partition creation (new disk or extended existing) create physical volume: 
-  pvcreate /dev/sdb1 
- 
-<note warning>​Partition name /dev/sdb1 is used in the example; in your case disk name and partition number could be different. To check the partition number use //fdisk -l /dev/sdb// command.</​note>​ 
- 
-Check newly created physical volume: 
- 
-  pvdisplay /dev/sdb1 
- 
-Check available physical volumes. There must be 2 volumes zabbix-vg and newly created: 
-  pvs 
- 
-Extend an existing volume group with the newly created physical volume: 
-  vgextend zabbix-vg /dev/sdb1 
- 
-Check "​zabbix-vg"​ volume group: 
-  vgdisplay 
- 
-Now extend the logical volume with the free PE space: 
-  lvextend -l +100%FREE /​dev/​mapper/​zabbix--vg-root 
- 
-Resize the root volume (can be done on a live sysyem): 
-  resize2fs /​dev/​mapper/​zabbix--vg-root 
- 
-Reboot the virtual machine (as the modified partition is currently in use). The filesystem should be increased to the partition size. Check "/​dev/​mapper/​zabbix--vg-root"​ volume: 
-  df -h 
-=== - Format-specific notes === 
-== - Xen == 
- 
-**Converting image for XenServer** 
- 
-To use Xen images with Citrix Xenserver, the disk image has to be converted first. To do so: 
-  * Create a virtual disk, with at least the same size as the image 
-  * Find out the UUID of this disk 
- 
-  xe vdi-list params=all 
- 
-  * If there are a lot of disks, they can be filtered by the name parameter //​name-label//,​ assigned when creating the virtual disk 
-  * Import the image 
- 
-  xe vdi-import filename="​image.raw"​ uuid="<​UUID>"​ 
- 
-//​Instructions from Brian Radford blog//. 
-== - VMware == 
- 
-The images in //vmdk// format are usable directly in VMware Player, Server and Workstation products. For use in ESX, ESXi and vSphere they must be converted using [[http://​www.vmware.com/​products/​converter/​|VMware converter]]. 
-== - HDD/flash image (raw) == 
- 
-  dd if=./​zabbix_appliance_4.0.0_x86_64.raw of=/dev/sdc bs=4k conv=fdatasync 
-  ​ 
-Replace ///​dev/​sdc//​ with your Flash/HDD disk device.