zabbix 安裝配置

[root@localhost ~]# ?rpm -Uvh https://mirrors.aliyun.com/zabbix/zabbix/5.0/rhe1/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm

[root@localhost ~]# vim /etc/yum.repos.d/zabbix.repo?

[root@localhost ~]# sed -i 's#http://repo.zabbix.com#https://mirrors.aliyun.com/zabbix#' /etc/yum.repos.d/zabbix.repo?

[root@localhost ~]# yum clean all?

[root@localhost ~]# yum makecache

[root@localhost ~]#?yum install -y zabbix-server-mysql zabbix-agent?

[root@localhost ~]# yum install centos-release-scl -y?

[root@localhost ~]# yum install -y zabbix-web-mysql-scl zabbix-apache-conf-scl?

[root@localhost ~]# yum install -y?mariadb-server.x86_64?

[root@localhost ~]# mysql_secure_installation?

MariaDB [(none)]> create database zabbix character set utf8 collate utf8_bin;

Query OK, 1 row affected (0.00 sec)

?zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -p zabbix

MariaDB [(none)]>?

MariaDB [(none)]> create user zabbix@localhost identified by 'abc123';

Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> grant all privileges on zabbix.* to zabbix@localhost;

Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges;

Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> exit;

[root@localhost ~]# vim /etc/zabbix/zabbix_server.conf?

[root@localhost ~]# vim /etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf?

啟動(dòng)

[root@localhost ~]# systemctl restart zabbix-server zabbix-agent httpd rh-php72-php-fpm

[root@localhost ~]# http://192.168.40.171

登錄

http://192.168.40.171/zabbix/index.php

Admin

zabbix

Zabbix agent2

# 部署客戶端

agent2 10050端口 新版本和就很版本一樣，沒修改端口的情況下不可以同時(shí)啟動(dòng)

機(jī)器環(huán)境準(zhǔn)備

注意時(shí)間正確 ?yum install ntpdate -y ?ntpdate -u ntp.aliyun.com

安裝：

[root@localhost ~]#?yum install -y zabbix-agent2.x86_64?

ls -l /usr/sbin/zabbix_agent2?

啟動(dòng)：

[root@localhost ~]# systemctl enable --now zabbix-agent2.service?

[root@localhost yum.repos.d]# netstat -tnpl | grep 10050

?vim /etc/zabbix/zabbix_agent2.conf? // Server ServerActive 、 Hostname

驗(yàn)證zabbix鏈接：

客戶端 yum install -y zabbix-get.x86_64?

[root@localhost ~]# zabbix_get -s '192.168.40.172' -p 10050 -k 'agent.ping'

1

[root@localhost ~]# zabbix_get -s '192.168.40.172' -p 10050 -k 'system.hostname'

zbx-agent02

zabbix 使用

解決亂碼問題：安裝字體

[root@localhost ~]# yum install -y wqy-microhei-fonts.noarch?

覆蓋原本的字體

[root@localhost ~]# \cp?/usr/share/fonts/wqy-microhei/wqy-microhei.ttc?/usr/share/fonts/dejavu/DejaVuSans.ttf?

添加主機(jī)

命令行操作

自定義監(jiān)控登錄的用于大于三就報(bào)警

1、明確命令 who | wc -l

2、創(chuàng)建配置文件如下

[root@zbx-agent02 zabbix_agent2.d]# cat userparameter_login.conf?

UserParameter=login.user,who|wc -l

3、使用（服務(wù)端）

[root@localhost ~]# zabbix_get -s '192.168.40.172' -p 10050 -k 'login.user'

修改字符編碼

localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8

export LC_ALL=zh_CN.UTF-8

?echo 'LANG="zh_CN.UTF-8"' >/etc/locale.conf?

換源

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo &&

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

yum clean all &&

yum makecache

Python3 安裝虛擬環(huán)境

更換源

[root@localhost ~]# mkdir ~/.pip

[root@localhost ~]# touch ~/.pip/pip.conf

[root@localhost ~]# vim ~/.pip/pip.conf?

[root@localhost ~]# cat ~/.pip/pip.conf?

[global]

index-url = https://mirrors.aliyun.com/pypi/simple

執(zhí)行安裝：

pip3 install virtualenv

如果出現(xiàn)SSL不可用排查錯(cuò)誤

1、編譯安裝的python3操作撤回

2、安裝openssl工具重新編譯python3

創(chuàng)建環(huán)境

[root@localhost ~]# virtualenv --python=python3 jmp_venv1

?解釋器位置creator CPython3Posix(dest=/root/jmp_venv1,

更換python3環(huán)境

[root@localhost bin]# source /root/jmp_venv1/bin/activate

退出虛擬環(huán)境

deactivate

Redis數(shù)據(jù)庫(kù)

yum下載

[root@localhost bin]# systemctl start redis

[root@localhost bin]# netstat -tnupl?

tcp????0???0 127.0.0.1:6379?????0.0.0.0:*????????LISTEN???3057/redis-server 1?

登錄Redis

[root@localhost bin]# redis-cli?

127.0.0.1:6379> ping

PONG

jumpServer后臺(tái)部署

1、

2、

修改配置文件

1、生成秘鑰

修改后配置

數(shù)據(jù)庫(kù)遷移

1、

2、

安裝完成

啟動(dòng)

(jmp_venv1) [root@jumserver1 jumpserver]# ./jmsctl.sh start

查看docker數(shù)據(jù)庫(kù)

(jmp_venv1) [root@jumserver1 jumpserver]# docker exec -it jms_mysql /bin/bash

root@4103f3eda9af:/#?

root@4103f3eda9af:/#?

root@4103f3eda9af:/# mysql -uroot -p$MARIADB_ROOT_PASSWORD

老版本啟動(dòng)

堡壘機(jī)設(shè)置SSH 登錄

1、客戶機(jī)配置 （只允許通過堡壘機(jī)ssh登錄）

[root@jumserver2 ~]# iptables -A INPUT -s 192.168.40.181 -p tcp --dport 22 -j ACCEPT

[root@jumserver2 ~]# iptables -A INPUT?-p tcp --dport 22 -j REJECT

2、添加資產(chǎn)

3、資產(chǎn)授權(quán)

Docker & k8s

1、Docker

架構(gòu)圖

安裝docker

預(yù)先配置

開起linux內(nèi)核的流量轉(zhuǎn)發(fā)：

cat <<EOF > /etc/sysctl.d/docker.conf

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

net.ipv4.conf.default.rp_filter = 0?

net.ipv4.conf.all.rp_filter = 0?

net.ipv4.ip_forward = 1

EOF

出錯(cuò)：

[root@localhost ~]# sysctl -p /etc/sysctl.d/docker.conf?

sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-ip6tables: 沒有那個(gè)文件或目錄

sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-iptables: 沒有那個(gè)文件或目錄

sysctl: cannot stat /proc/sys/net/ipv4/conf/default-rp_filter: 沒有那個(gè)文件或目錄

net.ipv4.conf.all.rp_filter = 0

net.ipv4.ip_forward = 1

解決方法

[root@localhost ~]# modprobe br_netfilter

再次執(zhí)行，執(zhí)行成功

docker-ce版本

[root@localhost ~]# curl -o /etc/yum.repos.d/docker-ce.repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

yum安裝docker

yum install -y docker-ce 安裝docker

啟動(dòng)Docker

1、配置Docker加速器

?116?mkdir /etc/docker

?117?vim /etc/docker/daemon.json

?118?systemctl daemon-reload

?119?systemctl enable docker

?120?systemctl restart docker

?121?history

2、Docker 安裝Nginx

搜索鏡像 docker search nginx

拉取鏡像 docker pull nginx

3、image運(yùn)行進(jìn)行命令 -d 后臺(tái)運(yùn)行 -p 80:80 指定外部訪問端口以及內(nèi)部被映射端口

docker run -d -p 80:80 nginx

4、停止&啟動(dòng)

[root@localhost ~]# docker stop 7fc05c93eb3d?

7fc05c93eb3d

[root@localhost ~]# docker start 7fc05c93eb3d

7fc05c93eb3d

[root@localhost ~]#?

進(jìn)入容器空間內(nèi)： -i 交互式操作 -t開啟一個(gè)終端 bash 進(jìn)入容器空間后執(zhí)行的命令

[root@localhost ~]# docker run -it 5d0da3dc9764 bash

運(yùn)行nginx并且進(jìn)去進(jìn)入image

[root@localhost ~]# docker run -d -p 8080:80 nginx

7a14bb6b5bb2cc408087b86406b4e1aca15359cf4706531cc0df0c13fd6b8202

[root@localhost ~]# docker ps

CONTAINER ID??IMAGE???COMMAND??????????CREATED?????STATUS?????PORTS??????????????????NAMES

7a14bb6b5bb2??nginx???"/docker-entrypoint.…"??51 seconds ago??Up 50 seconds??0.0.0.0:8080->80/tcp, :::8080->80/tcp??infallible_shtern

[root@localhost ~]# docker exec -it 7a14bb6b5bb2 bash

# -it 打開一個(gè)控制臺(tái) --rm 退出image后刪除

[root@localhost ~]# docker run -it --rm centos bash

# docker 查看相關(guān)命令

[root@localhost ~]# docker images -q

7e89539dd8bd

021283c8eb95

5d0da3dc9764

afb6fca791e0

#格式化顯示鏡像 使用 --format參數(shù)

[root@localhost ~]# docker images?--format "{{.ID}}--{{.Repository}}"

7e89539dd8bd--redis

021283c8eb95--nginx

5d0da3dc9764--centos

afb6fca791e0--centos

#以表格形式顯示 --table

[root@localhost ~]# docker images?--format "table {{.ID}}\t{{.Repository}}\t{{.Tag}}"

IMAGE ID????REPOSITORY??TAG

7e89539dd8bd??redis????latest

021283c8eb95??nginx????latest

5d0da3dc9764??centos????latest

afb6fca791e0??centos????7.8.2003

#批量刪除鏡像

[root@localhost ~]# docker rmi `docker images -aq`

# 導(dǎo)出鏡像

[root@localhost ~]# docker image save centos:7.8.2003 > /opt/centos7.tgz

[root@localhost ~]# ll /opt/centos7.tgz?

-rw-r--r-- 1 root root 211077120 7月?18 18:59 /opt/centos7.tgz

[root@localhost ~]#?

#導(dǎo)入鏡像 -i 指定鏡像的位置

[root@localhost ~]# docker image load -i /opt/centos7.tgz?

fb82b029bea0: Loading layer [==================================================>]?211.1MB/211.1MB

Loaded image: centos:7.8.2003

[root@localhost ~]# docker images?

REPOSITORY??TAG????IMAGE ID????CREATED?????SIZE

redis????latest???7e89539dd8bd??7 days ago???130MB

nginx????latest???021283c8eb95??13 days ago???187MB

centos????latest???5d0da3dc9764??22 months ago??231MB

centos????7.8.2003??afb6fca791e0??3 years ago???203MB

[root@localhost ~]#?

#查看鏡像詳細(xì)信息

[root@localhost ~]# docker images inspect afb6fca791e0

#多命令執(zhí)行 -d 后臺(tái) --rm 運(yùn)行后刪除 --name 命名

[root@localhost ~]# docker run -d --rm --name centos7 centos:7.8.2003 ping www.baidu.co

#查看容器日志

[root@localhost ~]# docker logs bea42e15f885 #查看全部日志

PING www.baidu.com (36.152.44.95) 56(84) bytes of data.

64 bytes from 36.152.44.95 (36.152.44.95): icmp_seq=1 ttl=127 time=21.4 ms

[root@localhost ~]# docker logs -f bea42e15f885 #實(shí)時(shí)刷新日志

PING www.baidu.com (36.152.44.95) 56(84) bytes of data.

[root@localhost ~]# docker logs bea42e15f885 | tail -5

#進(jìn)入運(yùn)行中的容器

[root@localhost ~]# docker exec -it bea42e15f885 bash

#容器的端口映射 正常映射 -p 80:80

隨機(jī)端口映射 -P

[root@localhost ~]# docker run -d --name nginx -P?nginx?

c1a5dd1b6efed9d063064ba4784f2be61d1e80f4604afc7cd1727eb7d5a632b5

[root@localhost ~]# docker ps

CONTAINER ID??IMAGE???????COMMAND??????????CREATED?????STATUS?????PORTS???????????????????NAMES

c1a5dd1b6efe??nginx???????"/docker-entrypoint.…"??5 seconds ago??Up 4 seconds??0.0.0.0:49153->80/tcp, :::49153->80/tcp??nginx

bea42e15f885??centos:7.8.2003??"ping www.baidu.com"???14 minutes ago??Up 14 minutes???????????????????????centos7

[root@localhost ~]#?

#容器提交 commit

[root@localhost ~]# docker commit c415aca2b6fd gerizeng01/centos-vim-7.8

sha256:72ebd3b8edadeda8b114c6972d4fe1a9b476178106dd4e2c060c63269611f993

[root@localhost ~]# docker images

REPOSITORY?????????TAG????IMAGE ID????CREATED?????SIZE

gerizeng01/centos-vim-7.8??latest???72ebd3b8edad??6 seconds ago??472MB

centos???????????7.8.2003??afb6fca791e0??3 years ago???203MB

#DockerFile 自定義定制鏡像

主要組成部分：

1、基礎(chǔ)鏡像信息 FROM centos：7.8

2、制作鏡像操作指令 RUN yum install -y Apache

3、容器啟動(dòng)時(shí)執(zhí)行指令CMD["/bin/bash"]

補(bǔ)充 ： USER 改變工作用戶環(huán)境

#構(gòu)建一個(gè)Dockerfile

[root@localhost DockerFIle]# vim Dockerfile

[root@localhost DockerFIle]# cat Dockerfile?

FROM nginx

RUN echo '<meta charset=utf8>hello world' > /usr/share/nginx/html/index.html

[root@localhost DockerFIle]# ls

1?Dockerfile

[root@localhost DockerFIle]# docker build .

[+] Building 0.6s (6/6) FINISHED?????????????????????????????????????????????????????????????????docker:default

?=> [internal] load build definition from Dockerfile????????????????????????????????????????????????????????????0.0s

?=> => transferring dockerfile: 125B????????????????????????????????????????????????????????????????????0.0s

?=> [internal] load .dockerignore?????????????????????????????????????????????????????????????????????0.0s

?=> => transferring context: 2B??????????????????????????????????????????????????????????????????????0.0s

?=> [internal] load metadata for docker.io/library/nginx:latest??????????????????????????????????????????????????????0.0s

?=> [1/2] FROM docker.io/library/nginx???????????????????????????????????????????????????????????????????0.0s

?=> [2/2] RUN echo '<meta charset=utf8>hello world' > /usr/share/nginx/html/index.html???????????????????????????????????????????0.5s

?=> exporting to image???????????????????????????????????????????????????????????????????????????0.0s

?=> => exporting layers??????????????????????????????????????????????????????????????????????????0.0s

?=> => writing image sha256:f3d297dce94720df27d76103f822e6b6a49d63ffab0381211550ff7779ebdd76????????????????????????????????????????0.0s

#修改鏡像名字

[root@localhost DockerFIle]# docker tag f3d297dce947 my_nginx

# 啟動(dòng)運(yùn)行

[root@localhost DockerFIle]# docker run -d?-p 80:80?my_nginx

# 注意容器沒有后臺(tái)概念，必須在前臺(tái)運(yùn)行

正確寫法應(yīng)該為 使用原生命令 ：CMD ["nginx","-g","daemon off"]

ENTRYPOINT和CMD之間的區(qū)別

執(zhí)行時(shí)添加額外的參數(shù) CMD內(nèi)的內(nèi)容會(huì)被覆蓋掉。

ENTRYPOINT

內(nèi)容：

FROM centos:7.8.2003

RUN rpm --rebuilddb && yum install curl -y?

ENTRYPOINT ["curl","-s","http://ipinfo.io/ip"]

執(zhí)行效果

[root@localhost DockerFIle]# docker tag d44db96a9e98 centos_curl

[root@localhost DockerFIle]# docker run centos_curl

223.84.234.161[root@localhost DockerFIle]# docker run centos_curl -s

223.84.234.161[root@localhost DockerFIle]# docker run centos_curl -I

HTTP/1.1 200 OK

access-control-allow-origin: *

content-type: text/html; charset=utf-8

content-length: 14

date: Wed, 19 Jul 2023 11:04:57 GMT

x-envoy-upstream-service-time: 0

strict-transport-security: max-age=2592000; includeSubDomains

Via: 1.1 google

#VOLUME 掛載目錄 （在存儲(chǔ)層容器內(nèi)不寫入數(shù)據(jù)，在容器內(nèi)運(yùn)行產(chǎn)生的數(shù)據(jù)我們推薦的是使用掛載）

還可以使用docker run -v 參數(shù)直接指定掛載的目錄

#案例

#Dockerfile配置

[root@localhost DockerFIle]# cat Dockerfile?

FROM centos:7.8.2003

MAINTAINER GERI

RUN curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo;

RUN curl =o /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo;

RUN yum makecache fast;

RUN yum install python3-devel python3-pip -y

RUN pip3 install -i https://pypi.douban.com/simple flask

COPY flask.py /opt

WORKDIR /opt

EXPOSE 8080

CMD ["python3","flask.py"]

#生成鏡像 --no-cache 不使用之前生成的緩存重新下載

[root@localhost DockerFIle]#docker build --no-cache -t 'geri/myflaskweb' .

?#運(yùn)行結(jié)果

#Docker 命令總結(jié)

1、[root@localhost ~]# docker run -it centos:7.8.2003 bash

2、[root@localhost ~]# docker run -it --name mynginx -d --restart=always?centos:7.8.2003?

8ce970e24c01ecbbb8e30337d7a878ca12c9d8368243cad81cbba884a9f97cc3

[root@localhost ~]# docker ps

CONTAINER ID??IMAGE???????COMMAND????CREATED?????STATUS?????PORTS???NAMES

8ce970e24c01??centos:7.8.2003??"/bin/bash"??49 seconds ago??Up 47 seconds???????mynginx

[root@localhost ~]# docker exec -it?8ce970e24c01 bash

[root@8ce970e24c01 /]#?

3、docker logs -f 鏡像ID #-f 實(shí)時(shí)查看

4、[root@localhost ~]# docker rm -f `docker ps -aq` #刪除全部

8ce970e24c01

5、docker top 容器id #查看當(dāng)前容器內(nèi)的進(jìn)程信息

6、docker state 容器id # 顯示當(dāng)前容器的資源情況

7、docker inspect 容器id #查看容器的詳細(xì)信息

8、[root@localhost ~]# docker inspect --format '{{.ContainerConfig.Image}}'?72ebd3b8edad

centos:7.8.2003 #格式化輸出想要的信息