I have written an ansible playbook and role to upgrade existing zabbix agent installations to TLS.
NOTE: It assumes the agent is 3.X already
NOTE: It auto generates a key for the group hosts
NOTE: It assumes you have your own inventory and groups setup
NOTE: I have only tested it for REDHAT derived systems at present.
NOTE: any agents for RHEL5 and below systems don't ship with TLS support due to library issues, so they are skipped over.
NOTE: i use the include files in a non standard place so you will probably need to edit accordingly, and maybe add a lineinfile part if you dont have the includedir option set.
NOTE: it doesn't configure the server. This is a pretty quick and easy thing to do with a mass update though.
anyway here is the role
and the playbook
Here is a sample run
NOTE: It assumes the agent is 3.X already
NOTE: It auto generates a key for the group hosts
NOTE: It assumes you have your own inventory and groups setup
NOTE: I have only tested it for REDHAT derived systems at present.
NOTE: any agents for RHEL5 and below systems don't ship with TLS support due to library issues, so they are skipped over.
NOTE: i use the include files in a non standard place so you will probably need to edit accordingly, and maybe add a lineinfile part if you dont have the includedir option set.
NOTE: it doesn't configure the server. This is a pretty quick and easy thing to do with a mass update though.
anyway here is the role
and the playbook
Here is a sample run
