Ad Widget

Collapse

Using Zabbix when server and hosts use cloudflared tunnel

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • BWBama85
    Junior Member
    • Mar 2023
    • 3
    #1

    Using Zabbix when server and hosts use cloudflared tunnel


    Hey everyone,

    Just getting started with Zabbix and really love the potential. The basic setup of the server side was straightforward and adding an agent was easy enough for a host I want to monitor.

    My issue, and hopefully I can get this to work, is my Zabbix server and the host that I want to monitor are access by cloudflare tunnels.

    The server is hosted on my home Proxmox server on a Debian 11 VM. I have this setup at zabbix.mylan.com for example and it routes via Cloudflared which is hosted on a container on the proxmox. The Cloudflared container handles routing all internet traffic to my interal lan. For example, proxmox.mylan.com goes to my proxmox server login page, zabbix.mylan.com goes to my zabbix server login page on a proxmox vm, webserver.mylan.com goes to a web server vpm on my proxmox domain. Etc etc.

    For those that need extra security, I setup cloudflare access rules so that only I can access them through [email protected] email address.

    For monitoring, I have setup monitor.mylan.com and I have not setup any access restrictions. I have monitor.mylan.com set to forward to 192.168.1.251:10051 which is the ip address of zabbix.mylan.com.

    zabbix_server.conf is left untouched except for updating the mysql password.


    For my host, I have monitor.myhost.com setup. It forwards to 127.0.0.1:10050 on the host server.

    The host zabbix_agent2.conf has the following:

    Server=monitor.mylan.com
    ServerActive=monitor.mylan.com
    Hostname=monitor.myhost.com

    /etc/hosts on host machine:

    ipv4address monitor.myhost.com myhost.com
    ipv6address monitor.myhost.com myhost.com


    Unfortunately, this is not working. The host machines agent reports:

    Code:
    2023/03/11 16:51:38.008676 [101] cannot connect to [monitor.mylan.com:10051]: dial tcp :0->[ipv6address]:10051: i/o timeout
2023/03/11 16:51:38.008759 [101] active check configuration update from host [monitor] started to fail
2023/03/11 16:51:59.999804 [101] cannot connect to [monitor.mylan.com:10051]: dial tcp :0->[ipv6address]:10051: i/o timeout
2023/03/11 16:51:59.999863 [101] sending of heartbeat message for [monitor] started to fail zz0.0zwcbnv3n0kfzz
    How badly am I misconfiguring this? Trying to wrap my head around how I can get both to communicate with each other when protecting the servers with Cloudflared Tunnel.

    Tags: None
    • BWBama85
      Junior Member
      • Mar 2023
      • 3
      #2
      Hi,

      Maybe I gave too much information.

      Essentially, what I am trying to do is this:

      I am using cloudflare tunnels on the server and the host running the agent.

      The server is hosted on my local lan on a Proxmox VM.

      zabbix.mylan.com uses a cloudflare tunnel to resolve DNS to the server.

      myhost.com is a web server that is protected by cloudflare tunnels. No ports are open on this server and everything is routed through the tunnel.

      I have created monitor.myhost.com and monitor.mylan.com in order to connect the server and agent to each other for monitoring.

      I am currently unable to make the connection to work.

      Has anyone setup an enviroment in this way? If so, do you have some guideance on how I can make this work?

        Comment

        • BWBama85
          Junior Member
          • Mar 2023
          • 3
          #3
          Has no one installed Zabbix on their Homelab and used it to monitor remote services, such as Linode web servers? If so, how did you do it? Has anyone done it with a Cloudflare Tunnel?

            Comment

            • ryazur
              Junior Member
              • May 2024
              • 2
              #4
              I am currently trying to achieve the same thing, have you been successful with this? It is hard to believe that there is so little info about this type of monitoring. I have tried to follow the instructions here: https://www.zabbix.com/integrations/cloudflare but I think because my domain is not officially hosted by Cloudfare and only has the DNS managed by them, and I only use it for tunnels, that the collecting of info from http is not useful as there is no actual site to monitor. I really would like to monitor tunnels and will share any updates if I succeed.

              Thanks.

                Comment

                • ryazur
                  Junior Member
                  • May 2024
                  • 2
                  #5
                  I have followed this to set up monitoring of my tunnels:

                  GitHub - Relkci/Zabbix_Cloudflared: Zabbix Template for Cloudflared Tunnel Metrics
                  https://github.com/Relkci/Zabbix_Cloudflared
                  Zabbix Template for Cloudflared Tunnel Metrics. Contribute to Relkci/Zabbix_Cloudflared development by creating an account on GitHub.


                  the only thing I had to change a little was the macros to set the tunnel id and cloudfare version, and because my tunnels are remote managed instead of adding the metric: 40705 to the config.yml file, I had to use `systemctl edit --full cloudflared.service` and in that config there is a ExecStart under the [Service] section, I added the --metrics localhost:40705 after the /usr/bin/cloudflared --no-autoupdate.

                  Hope this helps anyone else looking to monitor thier tunnels.

                    Comment

                    • mayk0_
                      Junior Member
                      • May 2024
                      • 1
                      #6
                      Estimados buenas noches!, exactamente intento hacer lo mismo y no lo he logrado la verdad.
                      Espero que en algĂșn momento alguien pueda lograrlo!

                        Comment

                        Previous template Next
                        Working...