Ad Widget

Collapse

Zabbix Agent on AWS machine

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • clarkritchie
    Member
    • Aug 2013
    • 46
    #1

    Zabbix Agent on AWS machine

    Testing out Zabbix (we are an OpenNMS shop now).

    I have my Zabbix server installed locally and can monitor an AWS box of ours via SNMP. Great!

    I installed zabbix-agent on that server and can telnet to it from a shell on the machine. Great!

    In my AWS security group, I opened up ports 10050 and 10051, both tcp and udp, to the world however I cannot telnet to the zabbix-agent from outside.

    What settings in zabbix_agentd.conf should I look at to make it reachable from outside?

    Thanks!
    Tags: aws, zabbix_agent
    • Pada
      Senior Member
      • Apr 2012
      • 236
      #2
      The passive zabbix agent will be listening on TCP port 10050, where as the zabbix server/proxy/trapper will listen on TCP port 10051 by default.

      Perhaps just start off by disabling the iptables service: sudo service iptables stop
      Typically the iptables (firewall) only allow SSH and block every other incoming connection.

      Also make sure that those TCP ports are open:
      sudo netstat -nltp | grep 1005[01]

        Comment

        • clarkritchie
          Member
          • Aug 2013
          • 46
          #3
          So in a NATd environment like AWS, one should not have to do anything special with zabbix_agentd.conf?

          I'm pretty sure there isn't a local firewall issue on the server itself.

          xxx@xxx:~$ sudo iptables -L -n
          Chain INPUT (policy ACCEPT)
          target prot opt source destination

          Chain FORWARD (policy ACCEPT)
          target prot opt source destination

          Chain OUTPUT (policy ACCEPT)
          target prot opt source destination

          xxx@xxx:~$ sudo ufw disable
          Firewall stopped and disabled on system startup

          xxx@xxx:~$ sudo netstat -nltp | grep 1005[01]
          tcp 0 0 10.192.13.64:10050 0.0.0.0:* LISTEN 26572/zabbix_agentd



          But when I try to get there from my localhost:


          [yyy@yyy ~]$ telnet xxx.xxx.com 10050
          Trying 1.2.3.4...
          Connected to xxxx.
          Escape character is '^]'.
          Connection closed by foreign host.
          [yyy@yyy ~]$

            Comment

            • clarkritchie
              Member
              • Aug 2013
              • 46
              #4
              PS - When I remove the AWS firewall rule allowing 0.0.0.0/0 to connect to 10050, telnet hangs. When I add the AWS firewall rule allowing 0.0.0.0/0 to connect to 10050, telnet immediately returns Connection closed by foreign host which makes me think zabbix_agentd is what is closing the connection.

                Comment

                • clarkritchie
                  Member
                  • Aug 2013
                  • 46
                  #5
                  Ah, I think setting debug to 4 helped me fix this.

                  In my logs:
                  12379:20130812:145145.380 Listener error: Connection from [1.2.3.4] rejected. Allowed server is [localhost]

                  Added this to zabbix_agentd.conf:
                  Server=localhost,1.2.3.4

                  Telnet to my server no longer hangs!

                    Comment

                    Previous template Next
                    Working...