Ad Widget

Collapse

zabbix-server running in Kubernetes doesn't work ICMP

Collapse
This topic has been answered.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • mfuk
    Junior Member
    • Jul 2023
    • 18
    #1

    zabbix-server running in Kubernetes doesn't work ICMP

    Hi,
    I deployed zabbix-server 7.0.22 on Kubernetes.
    Everything works fine, except ICMPping.
    this is my yaml file:
    Code:
    ##########################################
##### Zabbix-Server Service           ####
##########################################
---
apiVersion: v1
kind: Service
metadata:
  name: zabbix-server-0
  namespace: mon-zabbix-test
spec:
  selector:
    statefulset.kubernetes.io/pod-name: zabbix-server-0-0
  ports:
  - name: zabbix-trapper
    port: 10051
    targetPort: 10051
    protocol: TCP
  - name: snmp-trap
    port: 162
    targetPort: 162
    protocol: UDP
  clusterIP: None
##########################################
##### Zabbix-Server StatefulSet       ####
##########################################
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: zabbix-server-0
  namespace: mon-zabbix-test
  labels:
    name: zabbix-server-0
spec:
  serviceName: zabbix-server
  replicas: 1
  selector:
    matchLabels:
      name: zabbix-server-0
      part: "0"
  template:
    metadata:
      labels:
        name: zabbix-server-0
        part: "0"
        app: zabbix-server
    spec:
      affinity:
        podAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 100
            podAffinityTerm:
              labelSelector:
                matchExpressions:
                - key: name
                  operator: In
                  values:
                  - galera-ss
                - key: apps.kubernetes.io/pod-index
                  operator: In
                  values:
                  - "0"
              topologyKey: kubernetes.io/hostname
      imagePullSecrets:
        - name: aws-ecr-credentials
      containers:
      - name: zabbix-server
        image: zabbix/zabbix-server-mysql:ubuntu-7.0-latest
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 10051
          protocol: TCP
          name: zabbix-trapper
        readinessProbe:
          tcpSocket:
            port: zabbix-trapper
          initialDelaySeconds: 5
          periodSeconds: 10
        livenessProbe:
          tcpSocket:
            port: zabbix-trapper
          initialDelaySeconds: 15
          periodSeconds: 20
        resources:    
          requests:
            cpu: 100m
            memory: 256Mi
          limits:
            cpu: 4
            memory: 1Gi
        startupProbe:
          exec:
            command:
              - /bin/sh
              - -c
              - zabbix_server -R ha_status
          failureThreshold: 60
          periodSeconds: 10
        readinessProbe:
          exec:
            command:
              - /bin/sh
              - -c
              - zabbix_server -R ha_status
          failureThreshold: 5
          initialDelaySeconds: 10
          periodSeconds: 30
          successThreshold: 1
          timeoutSeconds: 2
        livenessProbe:
          exec:
            command:
              - /bin/sh
              - -c
              - zabbix_server -R ha_status  
          initialDelaySeconds: 15
          periodSeconds: 20
        env:
        - name: POD_INDEX
          valueFrom:
            fieldRef:
              fieldPath: metadata.labels['apps.kubernetes.io/pod-index']
        - name: MYSQL_ROOT_PASSWORD
          valueFrom:
            secretKeyRef:
              key: MARIADB_ROOT_PASSWORD
              name: zabbix-db-secrets
        - name: MYSQL_PASSWORD
          valueFrom:
            secretKeyRef:
              name: zabbix-db-secrets
              key:  MARIADB_PASSWORD
        - name: DB_SERVER_HOST
          value: galera-0
        - name: MYSQL_DATABASE
          value: zabbix
        - name: MYSQL_USER
          value: zabbix
        - name: ZABBIX_ADMIN_USER
          value: Admin
        - name: ZABBIX_ADMIN_PASSWORD
          valueFrom:
            secretKeyRef:
              key: ZABBIX_ADMIN_PASSWORD
              name: zabbix-db-secrets
        - name: ZBX_STARTPOLLERS
          value: 150
        - name: ZBX_STARTCONNECTORS
          value: 2
        - name: ZBX_STARTPREPROCESSORS
          value: 10
        - name: ZBX_STARTPOLLERSUNREACHABLE
          value: 25
        - name: ZBX_STARTTRAPPERS
          value: 10
        - name: ZBX_STARTPINGERS
          value: 30
        - name: ZBX_CACHESIZE
          value: 256M
        - name: ZBX_HISTORYCACHESIZE
          value: 256M
        - name: ZBX_VALUECACHESIZE
          value: 256M
        - name: ZBX_TIMEOUT
          value: 25
        - name: ZBX_ENABLE_SNMP_TRAPS
          value: true
        - name: ZBX_STARTPROXYPOLLERS
          value: 16
        - name: ZBX_NODEADDRESSPORT
          value: 10051
        - name: ZBX_STARTIPMIPOLLERS
          value: 1
        - name: ZBX_NODEADDRESS
          valueFrom:
            fieldRef:
              fieldPath: status.podIP
        - name: ZBX_HANODENAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: ZBX_SERVICEMANAGERSYNCFREQUENCY
          value: "10"
        - name: ZBX_PROBLEMHOUSEKEEPINGFREQUENCY
          value: "60"
        volumeMounts:
        - name: pvc-zabbix-server
          mountPath: /var/lib/zabbix/snmptraps #/usr/lib/zabbix
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
              - NET_RAW
      restartPolicy: Always
  volumeClaimTemplates:
  - metadata:
      name: pvc-zabbix-server
    spec:
      accessModes: [ "ReadWriteOnce" ]
      storageClassName: mayastor-single-replica
      resources:
        requests:
          storage: 5Gi
    If I try ping works, fping no:
    Code:
    zabbix@zabbix-server-0-0:~$ ping 10.192.4.177
PING 10.192.4.177 (10.192.4.177) 56(84) bytes of data.
64 bytes from 10.192.4.177: icmp_seq=1 ttl=62 time=1.34 ms
^C
--- 10.192.4.177 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.342/1.342/1.342/0.000 ms
zabbix@zabbix-server-0-0:~$ /usr/bin/fping 10.192.4.177
10.192.4.177 is unreachable​
    Did I forget to set some environment variable or something incorrect?
    Last edited by mfuk; Yesterday, 18:54. Reason: k8s, ICMP
    Tags: None
    • Answer selected by mfuk at Today, 14:46.
      mfuk
      Junior Member
      • Jul 2023
      • 18
      I fixed setting:
      allowPrivilegeEscalation: true
        • Selected Answer

        Comment

        • mfuk
          Junior Member
          • Jul 2023
          • 18
          #2
          I fixed setting:
          allowPrivilegeEscalation: true
            • Selected Answer

            Comment

            Previous template Next
            Working...