Zabbix40的Ansible Playbook。
游民
Vagrant.configure("2") do |config|
config.vm.box = "centos/7"
config.vm.define "host" do |server|
server.vm.network "private_network", ip: "192.168.33.10"
end
config.vm.define "server1" do |server|
server.vm.network "private_network", ip: "192.168.33.11"
end
config.vm.define "server2" do |server|
server.vm.network "private_network", ip: "192.168.33.12"
end
end
命令历史
[vagrant@localhost zabbix40-ansible]$ history
ansible-playbook -i inventory/inventory.ini site.yml
ansible-playbook -i inventory/inventory.ini site.yml --check --start-at-task="create database zabbix" -vvv
ansible-playbook -i inventory/inventory.ini site.yml --check --start-at-task="modify file /etc/my.cnf.d/server.cnf" -vvv
ansible-playbook -i inventory/inventory.ini site.yml --check --start-at-task="yum install zabbix" -vvv
ansible-playbook -i inventory/inventory.ini site.yml --check -vvv
ansible-playbook -i inventory/inventory.ini site.yml --start-at-task="enabled and start zabbix-server" -vv
ansible-playbook -i inventory/inventory.ini site.yml --start-at-task="set firewall zabbix-agent.service" -vv
sudo ssh-copy-id -i ~/.ssh/id_rsa.pub vagrant@192.168.33.11
sudo vi inventory/inventory.ini
sudo vi roles/agent/handlers/main.yml
sudo vi roles/agent/tasks/check.yml
sudo vi roles/agent/tasks/main.yml
sudo vi roles/common/tasks/check.yml
sudo vi roles/common/tasks/main.yml
sudo vi roles/server/handlers/main.yml
sudo vi roles/server/tasks/check.yml
sudo vi roles/server/tasks/main.yml
sudo vi roles/server/vars/centos7.yml
sudo yum install ansible
sudo yum install epel-release
sudo yum install git
sudo yum update -y
樹的結果
│ site.yml
│
├─inventory
│ inventory.ini
│
└─roles
├─agent
│ ├─handlers
│ │ main.yml
│ │
│ └─tasks
│ check.yml
│ main.yml
│
├─common
│ ├─tasks
│ │ check.yml
│ │ main.yml
│ │
│ └─vars
│ centos7.yml
│ centos8.yml
│
└─server
├─handlers
│ main.yml
│
├─tasks
│ check.yml
│ main.yml
│
├─templates
│ zabbix.conf.php.j2
│
└─vars
centos7.yml
centos8.yml
根源
- name: setup server
hosts: servers
roles:
- common
- server
- name: setup agent
hosts: agents
roles:
- common
- agent
库存
[servers]
server1 ansible_ssh_host=192.168.33.11 ansible_ssh_user=vagrant
[agents]
server2 ansible_ssh_host=192.168.33.12 ansible_ssh_user=vagrant
[all:vars]
timezone="Asia/Tokyo"
zabbix_server_ip="192.168.11.11"
[servers:vars]
zabbix_mysql_password="password"
角色
服务器
任务
- include: tasks/check.yml
- name: set firewall http.service
become: yes
firewalld:
service: http
permanent: true
immediate: yes
state: enabled
- name: set firewall snmptrap.service
become: yes
firewalld:
service: snmptrap
permanent: true
immediate: yes
state: enabled
- name: set firewall zabbix-server.service
become: yes
firewalld:
port: 10051/tcp
permanent: true
immediate: yes
state: enabled
- name: yum install zabbix
become: yes
yum:
name: "{{ yum_list }}"
#- name: modify file {{ mysql_server_file }}
# become: yes
# lineinfile:
# path: "{{ mysql_server_file }}"
# regexp: ^innodb_file_per_table
# insertafter: '^\[mysqld\]'
# line: innodb_file_per_table = 1
# notify: restart mysqld
- name: enabled and start {{ mysql_name }}
become: yes
service:
name: "{{ mysql_name }}"
state: started
enabled: yes
- name: create database zabbix
become: yes
mysql_db:
name: zabbix
encoding: utf8
collation: utf8_bin
state: present
- name: create dbuser zabbix
become: yes
mysql_user:
name: zabbix
password: "{{ vars.zabbix_mysql_password }}"
priv: 'zabbix.*:ALL,GRANT'
state: present
no_log: true
- name: check to exist zabbix table. ignore status is OK.
become: yes
shell: mysql -u root -s zabbix -e "select count(*) from users"
ignore_errors: yes
register: count_users
- debug: var=count_users
- name: insert zabbix DB
become: yes
shell: zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql zabbix -u root
when: count_users.rc != 0
- name: modify file /etc/php-fpm.d/zabbix.conf centos8-only
become: yes
lineinfile:
dest='/etc/php-fpm.d/zabbix.conf'
state=present
backrefs=no
regexp='date.timezone'
line='php_value[date.timezone] = Asia/Tokyo'
notify:
- restart php-fpm
when: ansible_distribution_major_version == '8'
- name: modify httpd config centos7-only
become: yes
lineinfile:
dest='/etc/httpd/conf.d/zabbix.conf'
state=present
backrefs=no
regexp='php_value date.timezone'
line=' php_value date.timezone Asia/Tokyo'
notify:
- restart httpd
when: ansible_distribution_major_version == '7'
- name: enabled and start httpd
become: yes
service:
name: httpd
state: started
enabled: yes
- name: modify file /etc/zabbix/zabbix_server.conf
become: yes
lineinfile:
dest='/etc/zabbix/zabbix_server.conf'
state=present
backrefs=no
regexp='DBPassword=$'
line="DBPassword={{ vars.zabbix_mysql_password }}"
no_log: true
notify:
- restart zabbix-server
- name: modify file /etc/zabbix/web/zabbix.conf.php
become: yes
template: >
src=zabbix.conf.php.j2
dest=/etc/zabbix/web/zabbix.conf.php
owner=apache
group=apache
mode=0644
- name: enabled and start zabbix-server
become: yes
service:
name: zabbix-server
state: started
enabled: yes
- name: check OS distribution
become: yes
fail: msg="Sorry. the playbook can only on Centos7 or Centos8."
when:
- ( ansible_distribution != 'CentOS' ) or
(( ansible_distribution_major_version != '8' ) and
( ansible_distribution_major_version != '7' ))
- name: include CentOS7 yml
become: yes
include_vars:
file: centos7.yml
when: ansible_distribution_major_version == '7'
- name: include CentOS8 yml
become: yes
include_vars:
file: centos8.yml
when: ansible_distribution_major_version == '8'
处理程序
- name: restart httpd
service: name=httpd state=restarted enabled=yes
become: yes
- name: restart php-fpm
service: name=php-fpm state=restarted enabled=yes
become: yes
- name: restart mariadb
service: name=mariadb state=restarted enabled=yes
become: yes
- name: restart mysqld
service: name=mysqld state=restarted enabled=yes
become: yes
- name: restart zabbix-server
service: name=zabbix-server state=restarted enabled=yes
become: yes
模板
<?php
// Zabbix GUI configuration file.
global $DB;
$DB['TYPE'] = 'MYSQL';
$DB['SERVER'] = 'localhost';
$DB['PORT'] = '0';
$DB['DATABASE'] = 'zabbix';
$DB['USER'] = 'zabbix';
$DB['PASSWORD'] = '{{ vars.zabbix_mysql_password }}';
// Schema name. Used for IBM DB2 and PostgreSQL.
$DB['SCHEMA'] = '';
$ZBX_SERVER = 'localhost';
$ZBX_SERVER_PORT = '10051';
$ZBX_SERVER_NAME = '';
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
变量
yum_list:
- httpd
- mariadb-server
- MySQL-python
- https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-server-mysql-4.0.9-3.el7.x86_64.rpm
# - zabbix-server-mysql
# - zabbix-web-mysql
- https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-web-mysql-4.0.9-3.el7.noarch.rpm
# - zabbix-web-japanese
- https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-web-japanese-4.0.9-3.el7.noarch.rpm
# - zabbix-get
# - zabbix-get-4.0.9-3.el7.x86_64.rpm
- https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-get-4.0.44-1.el7.x86_64.rpm
# - zabbix-agent
- https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-agent-4.0.9-3.el7.x86_64.rpm
# - zabbix-sender
- https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-sender-4.0.44-1.el7.x86_64.rpm
- MySQL-python
mysql_server_file: /etc/my.cnf.d/server.cnf
mysql_name: mariadb
yum_list:
- httpd
- mysql-server
- zabbix-server-mysql
- zabbix-web
- zabbix-get
- python3-PyMySQL
mysql_server_file: /etc/my.cnf.d/mysql-server.cnf
mysql_name: mysqld
常见的
任务
- include: tasks/check.yml
- name: disable selinux
become: yes
selinux:
state: disabled
- name: set hostname
become: yes
hostname:
name: "{{ inventory_hostname }}"
- name: set timezone
become: yes
timezone:
name: "{{ vars.timezone }}"
- name: Install Zabbix Repo
become: yes
yum:
name: "{{repo_url}}"
state: present
- name: check OS distribution
become: yes
fail: msg="Sorry. the playbook can only on Centos7 or Centos8."
when:
- ( ansible_distribution != 'CentOS' ) or
(( ansible_distribution_major_version != '8' ) and
( ansible_distribution_major_version != '7' ))
- name: include CentOS7 yml
become: yes
include_vars:
file: centos7.yml
when: ansible_distribution_major_version == '7'
- name: include CentOS8 yml
become: yes
include_vars:
file: centos8.yml
when: ansible_distribution_major_version == '8'
变量
repo_url: https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-release-4.0-2.el7.noarch.rpm
repo_url: https://repo.zabbix.com/zabbix/4.0/rhel/8/x86_64/zabbix-release-4.0-2.el8.noarch.rpm
代理人
处理者
- name: restart zabbix-agent
service: name=zabbix-agent state=restarted enabled=yes
become: yes
任务
- include: tasks/check.yml
- name: set firewall zabbix-agent.service
become: yes
firewalld:
port: 10050/tcp
permanent: true
immediate: yes
state: enabled
- name: yum install zabbix-agent
become: yes
yum:
name:
- zabbix-agent
- name: modify file /etc/zabbix/zabbix_agentd.conf
become: yes
lineinfile:
dest='/etc/zabbix/zabbix_agentd.conf'
state=present
backrefs=no
regexp='^Hostname'
line='#Hostname='
notify:
- restart zabbix-agent
- name: modify file /etc/zabbix/zabbix_agentd.conf
become: yes
lineinfile:
dest='/etc/zabbix/zabbix_agentd.conf'
state=present
backrefs=no
regexp='^HostnameItem'
line='HostnameItem=system.hostname'
notify:
- restart zabbix-agent
- name: modify file /etc/zabbix/zabbix_agentd.conf
become: yes
lineinfile:
dest='/etc/zabbix/zabbix_agentd.conf'
state=present
backrefs=no
regexp='^Server='
line='Server={{ vars.zabbix_server_ip }}'
notify:
- restart zabbix-agent
- name: modify file /etc/zabbix/zabbix_agentd.conf
become: yes
lineinfile:
dest='/etc/zabbix/zabbix_agentd.conf'
state=present
backrefs=no
regexp='^ServerActive='
line='ServerActive={{ vars.zabbix_server_ip }}'
notify:
- restart zabbix-agent
- name: enabled and start zabbix-agent
become: yes
service:
name: zabbix-agent
state: started
enabled: yes
- name: check OS distribution
become: yes
fail: msg="Sorry. the playbook can only on Centos7 or Centos8."
when:
- ( ansible_distribution != 'CentOS' ) or
(( ansible_distribution_major_version != '8' ) and
( ansible_distribution_major_version != '7' ))