Hello.
I am trying to make a proof of concept with a Zabbix system using dockers. My dockers contains 4 containers, 1 container are mysql server, 2 container is zabbix server, 3 container is zabbix front end, and the last one is hashicorp vault.
I found out at zabbix offical docker sites at github (https://github.com/zabbix/zabbix-docker/tree/6.4) they provide a all in solution (without the hashicorp) vault with separating the containers and talking to each other. I see that you can edit "env_vars" you can change important secrets that i am planning to keep in hashicorp vault, and if i take a better look at the .yaml file, for be specific i use "docker-compose_v3_ubuntu_mysql_latest.yaml". But when i take a look inside it i see secrets like:
# client-key.pem:
# file: ./env_vars/.ZBX_DB_KEY_FILE
# client-cert.pem:
# file: ./env_vars/.ZBX_DB_CERT_FILE
# root-ca.pem:
# file: ./env_vars/.ZBX_DB_CA_FILE
# server-cert.pem:
# file: ./env_vars/.DB_CERT_FILE
# server-key.pem:
# file: ./env_vars/.DB_KEY_FILE
Its obvious i dont know much about cryptography.
I want to make a secure connections to every part of zabbix and actually store it in hashicorp vault (i know its a 3rd party program). But without hashicorp i still cant find out how to do this.
To wrap things up and not just everything to be a pile of soup what i am actually asking about is how do i make certificate to make everything encrypted in specific to this docker file, cant find a tutorial...? (without hashicorp)
And also is this a good system for zabbix or are their improvements to make?
Thank you in advance.
I am trying to make a proof of concept with a Zabbix system using dockers. My dockers contains 4 containers, 1 container are mysql server, 2 container is zabbix server, 3 container is zabbix front end, and the last one is hashicorp vault.
I found out at zabbix offical docker sites at github (https://github.com/zabbix/zabbix-docker/tree/6.4) they provide a all in solution (without the hashicorp) vault with separating the containers and talking to each other. I see that you can edit "env_vars" you can change important secrets that i am planning to keep in hashicorp vault, and if i take a better look at the .yaml file, for be specific i use "docker-compose_v3_ubuntu_mysql_latest.yaml". But when i take a look inside it i see secrets like:
# client-key.pem:
# file: ./env_vars/.ZBX_DB_KEY_FILE
# client-cert.pem:
# file: ./env_vars/.ZBX_DB_CERT_FILE
# root-ca.pem:
# file: ./env_vars/.ZBX_DB_CA_FILE
# server-cert.pem:
# file: ./env_vars/.DB_CERT_FILE
# server-key.pem:
# file: ./env_vars/.DB_KEY_FILE
Its obvious i dont know much about cryptography.
I want to make a secure connections to every part of zabbix and actually store it in hashicorp vault (i know its a 3rd party program). But without hashicorp i still cant find out how to do this.
To wrap things up and not just everything to be a pile of soup what i am actually asking about is how do i make certificate to make everything encrypted in specific to this docker file, cant find a tutorial...? (without hashicorp)
And also is this a good system for zabbix or are their improvements to make?
Thank you in advance.