简介

以下实验由yaml清单部署PV+zabbix-server,使用helm构建zabbix-proxy/agent完成




环境介绍

名称版本信息操作系统IP备注信息
K8S集群1.20.15Centos7.9192.168.11.21
192.168.11.22
192.168.11.23
21:k8s-master
22:k8s-node01
23:k8s-node02
Zabbix6.2.6Centos7.9容器内所有zabbix容器都在zabbix名称空间
MySQL8.0.30-glicCentos7.9192.168.11.24MySQL程序在/home/application下
NFSCentos7.9192.168.11.24共享目录为/nfs

K8S集群在此不做演示,请先搭建K8S集群再做以下实验




一、部署MySQL服务

1.1、准备软件包

本次实验使用8.0.30-glibc版本:https://downloads.mysql.com/archives/community/
在这里插入图片描述

1.2、卸载mariadb
#查看是否存在MariaDB
rpm -qa|grep mariadb

#卸载mariadb
yum remove mariadb*
1.3、安装MySQL
root@mysql-nfs-server][~] 
mkdir -p /home/application/mysql
##创建mysql工作目录
tar -xf mysql-8.0.30-linux-glibc2.12-x86_64.tar.xz 
mv mysql-8.0.30-linux-glibc2.12-x86_64 /home/application/mysql/app
##将mysql目录移动并改名
echo "export PATH=$PATH:/home/application/mysql/app/bin" >> /etc/profile
##永久添加mysql的命令路径
. /etc/profile
##已经生效
useradd -s /sbin/nologin mysql -M
##创建mysql用户,用来运行mysql程序
mkdir -p /home/application/mysql/data
##创建mysql的数据目录
chown -Rf mysql.mysql /home/application/mysql/app
chown -Rf mysql.mysql /home/application/mysql/data
##修改目录属主属组	
yum -y install wget cmake gcc gcc-c++ ncurses ncurses-devel libaio-devel openssl openssl-devel  libaio libaio-devel
##安装mysql的依赖
mysqld --initialize-insecure  --user=mysql --basedir=/home/application/mysql/app --datadir=/home/application/mysql/data
##初始化mysql
mkdir -p /home/application/mysql/data/logs
##创建mysql的日志存放目录
chown -Rf mysql.mysql /home/application/mysql/data/logs 
##修改目录属主属组

修改mysql的配置文件

vim /etc/my.cnf
[mysqld]
user=mysql
basedir=/home/application/mysql/app
datadir=/home/application/mysql/data
character_set_server=utf8
collation-server=utf8_general_ci

skip-name-resolve=1
#设置只能用IP登录,不能用主机名,跳过域名解析

log_timestamps=SYSTEM
#日志时间

#慢日志设置
long_query_time=3
slow_query_log=ON
slow_query_log_file=/home/application/mysql/data/logs/slow_query.log

#通用日志设置
general_log=1
general_log_file=/home/application/mysql/data/logs/mysql_general.log

#错误日志设置
log-error=/home/application/mysql/data/logs/mysql-error.log

#设置默认的存储引擎
default-storage-engine=INNODB

#设置默认密码插件
default_authentication_plugin=mysql_native_password

port=3306
socket=/tmp/mysql.sock
max_connections=1000
sql_mode=STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION
max_allowed_packet=300M
[mysql]
socket=/tmp/mysql.sock

使用systemctl控制MySQL

vim /etc/systemd/system/mysqld.service  
[Unit]
Description=MySQL Server
Documentation=man:mysqld(8)
Documentation=http://dev.mysql.com/doc/refman/en/using-systemd.html
After=network.target
After=syslog.target
[Install]
WantedBy=multi-user.target
[Service]
User=mysql
Group=mysql
ExecStart=/home/application/mysql/app/bin/mysqld --defaults-file=/etc/my.cnf
LimitNOFILE = 5000

启动服务

[15:47:30 root@mysql-server][~]
systemctl daemon-reload
systemctl  enable  --now mysqld.service  
systemctl status  mysqld.service
1.4、登录mysql数据库,创建用户、库、修改权限
[15:47:30 root@mysql-NFS-server][~]
mysql -uroot

mysql> alter user 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'zabbix';    
##修改root的密码为zabbix
mysql> CREATE DATABASE zabbix DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_bin;     
##创建zabbix库
mysql> CREATE USER 'zabbix'@'%' IDENTIFIED BY 'zabbix';     
##创建zabbix用户,密码为zabbix
mysql> GRANT ALL PRIVILEGES ON *.* TO 'zabbix'@'%';    
##修改zabbix为全权限用户
mysql> flush privileges;  
##刷新权限
mysql> \q




二、搭建NFS

[16:23:51 root@mysql-nfs-server][~]
mkdir -p /nfs
#创建nfs挂载目录
yum -y install nfs-utils rpcbind
#安装nfs和rpc
echo "/nfs *(rw,sync,no_root_squash,no_subtree_check)" >> /etc/exports
systemctl start nfs && systemctl start rpcbind
systemctl enable nfs-server && systemctl enable rpcbind
showmount -e   
##是否看到/nfs *字样

四、创建PV

[15:43:11 root@k8s-master1 ~]# 
mkdir -p /webapp  ##创建yaml文件存放目录
cd /webapp
4.1、创建nfs的deployment
[16:29:02 root@k8s-master1 webapp]# 
vim nfs-client.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nfs-client-provisioner
  labels:
    app: nfs-client-provisioner
    # replace with namespace where provisioner is deployed
  namespace: default
spec:
  replicas: 1
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: nfs-client-provisioner
  template:
    metadata:
      labels:
        app: nfs-client-provisioner
    spec:
      serviceAccountName: nfs-client-provisioner
      containers:
        - name: nfs-client-provisioner
          image: registry.cn-beijing.aliyuncs.com/xngczl/nfs-subdir-external-provisione:v4.0.0
          volumeMounts:
            - name: nfs-client-root
              mountPath: /persistentvolumes
          env:
            - name: PROVISIONER_NAME
              value: fuseim.pri/ifs #注意这个值,可以自定义
            - name: NFS_SERVER
              value: 192.168.11.24 #nfs的IP,不一样要更换
            - name: NFS_PATH
              value: /nfs  #共享目录,不一样要更换
      volumes:
        - name: nfs-client-root
          nfs:
            server: 192.168.11.24 #nfs的IP,不一样要更换
            path: /nfs  #共享目录,不一样要更换
4.2、创建nfs-rbac
[16:30:42 root@k8s-master1 webapp]# 
vim nfs-client-rbac.yaml 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-client-provisioner
  # replace with namespace where provisioner is deployed
  namespace: default
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-client-provisioner-runner
rules:
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-client-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-client-provisioner
    # replace with namespace where provisioner is deployed
    namespace: default
roleRef:
  kind: ClusterRole
  name: nfs-client-provisioner-runner
  apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-client-provisioner
  # replace with namespace where provisioner is deployed
  namespace: default
rules:
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-client-provisioner
  # replace with namespace where provisioner is deployed
  namespace: default
subjects:
  - kind: ServiceAccount
    name: nfs-client-provisioner
    # replace with namespace where provisioner is deployed
    namespace: default
roleRef:
  kind: Role
  name: leader-locking-nfs-client-provisioner
  apiGroup: rbac.authorization.k8s.io
4.3、创建nfs-sc
[16:32:54 root@k8s-master1 webapp]#
vim nfs-client-class.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata: 
  name: course-nfs-storage
provisioner: fuseim.pri/ifs
4.4、启动PV
[16:34:12 root@k8s-master1 webapp]#
kubectl  apply  -f nfs-client.yaml 
kubectl  apply  -f nfs-client-rbac.yaml
kubectl  apply  -f nfs-client-class.yaml 
kubectl  get po,sc
NAME                                          READY   STATUS    RESTARTS   AGE
pod/nfs-client-provisioner-8579c9d69b-m6vp4   1/1     Running   0          13m

NAME                                             PROVISIONER      RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
storageclass.storage.k8s.io/course-nfs-storage   fuseim.pri/ifs   Delete          Immediate           false                  13m

五、创建zabbix-service

5.1、创建zabbix-service.yaml
[16:36:54 root@k8s-master1 webapp]#
vim zabbix-server.yaml 
apiVersion: v1
kind: Namespace
metadata:
  name: zabbix
---
apiVersion: v1
kind: Service
metadata:
  name: zabbix-server
  namespace: zabbix
  labels:
    app: zabbix-server
spec:
  selector:
    app: zabbix-server
  ports:
  - name: zabbix-server
    port: 10051
    nodePort: 30051
  type: NodePort

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: zabbix-scripts
  namespace: zabbix
spec:
  storageClassName: "course-nfs-storage"
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: zabbix-server
  name: zabbix-server
  namespace: zabbix
spec:
  replicas: 1
  selector:
    matchLabels:
      app: zabbix-server
  template:
    metadata:
      labels:
        app: zabbix-server
    spec:
      nodeSelector:
        zabbix-server: "true"
      hostNetwork: true
      containers:
      - image: zabbix/zabbix-server-mysql:6.2.6-centos
        imagePullPolicy: IfNotPresent
        name: zabbix-server-mysql
        volumeMounts:
        - mountPath: /usr/lib/zabbix/alertscripts
          name: zabbix-scripts
        env:
        - name: DB_SERVER_HOST
          value: 192.168.11.24
        - name: DB_SERVER_PORT
          value: "3306"
        - name: MYSQL_DATABASE
          value: zabbix
        - name: MYSQL_USER
          value: zabbix
        - name: MYSQL_PASSWORD
          value: zabbix
        - name: ZBX_CACHESIZE
          value: "512M"
        - name: ZBX_HISTORYCACHESIZE
          value: "128M"
        - name: ZBX_HISTORYINDEXCACHESIZE
          value: "128M"
        - name: ZBX_TRENDCACHESIZE
          value: "128M"
        - name: ZBX_VALUECACHESIZE
          value: "256M"
        - name: ZBX_TIMEOUT
          value: "30"
        resources:
          requests:
            cpu: 500m
            memory: 500Mi
          limits:
            cpu: 1000m
            memory: 1Gi
      volumes:
        - name: zabbix-scripts
          persistentVolumeClaim:
            claimName: zabbix-scripts
5.2、启动zabbix-server
[16:39:33 root@k8s-master1 webapp]#
kubectl label node k8s-node01  zabbix-server=true
#因为设置只能允许再标签为zabbix-server=true的节点上,所以设置一个标签
kubectl apply -f zabbix-server.yaml
kubectl get all -n zabbix
NAME                                             READY   STATUS    RESTARTS   AGE
pod/zabbix-server-69d5fdb86d-z6h58               1/1     Running   0          47s

NAME                                    TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)           AGE
service/zabbix-server                   NodePort    10.101.70.252   <none>        10051:30051/TCP    47s

NAME                                        READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/zabbix-server               1/1     1            1           47s

NAME                                                   DESIRED   CURRENT   READY   AGE
replicaset.apps/zabbix-server-69d5fdb86d               1         1         1       47s

5.3、启动zabbix的web页面
[16:47:03 root@k8s-master1 webapp]# 
vim zabbix-web.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: zabbix-web
  name: zabbix-web
  namespace: zabbix
spec:
  replicas: 1
  selector:
    matchLabels:
      app: zabbix-web
  template:
    metadata:
      labels:
        app: zabbix-web
    spec:
      containers:
      - image: zabbix/zabbix-web-nginx-mysql:6.2.6-centos
        imagePullPolicy: IfNotPresent
        name: zabbix-web-nginx-mysql
        env:
        - name: DB_SERVER_HOST
          value: 192.168.11.24 #指定数据数据库IP
        - name: MYSQL_USER
          value: zabbix #登录数据库的用户
        - name: MYSQL_PASSWORD
          value: zabbix #密码
        - name: ZBX_SERVER_HOST
          value: zabbix-server
        - name: PHP_TZ
          value: Asia/shanghai
        resources:
          requests:
            cpu: 500m
            memory: 500Mi
          limits:
            cpu: 1000m
            memory: 1Gi
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: zabbix-web
  name: zabbix-web
  namespace: zabbix
spec:
  ports:
  - name: web
    port: 8080
    protocol: TCP
    targetPort: 8080
    nodePort: 30008 #访问的端口
  selector:
    app: zabbix-web
  type: NodePort
5.4、启动zabbix的web页面
[16:51:25 root@k8s-master1 webapp]# 
kubectl  apply  -f zabbix-web.yaml
kubectl get all -n zabbix
NAME                                             READY   STATUS    RESTARTS   AGE
pod/zabbix-server-69d5fdb86d-z6h58               1/1     Running   0          3m20s
pod/zabbix-web-fdb545749-dhk7b                   1/1     Running   0          72s

NAME                                    TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)           AGE
service/zabbix-server                   NodePort    10.101.70.252    <none>        10051:30051/TCP   3m20s
service/zabbix-web                      NodePort    10.110.39.191    <none>        8080:30008/TCP    72s 

NAME                                        READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/zabbix-server               1/1     1            1           3m20s
deployment.apps/zabbix-web                  1/1     1            1           72s

NAME                                                   DESIRED   CURRENT   READY   AGE
replicaset.apps/zabbix-server-69d5fdb86d               1         1         1       3m20s
replicaset.apps/zabbix-web-fdb545746                   1         1         1       72s
5.5、访问zabbix的web页面

浏览器访问192.168.11.21:30008
在这里插入图片描述

六、Helm部署zabbix-proxy&zabbix-agent

6.1、安装Helm工具
[17:00:37 root@k8s-master1 webapp]
mkdir -p /webapp/helm
cd /webapp/helm

[17:02:10 root@k8s-master1 helm]
wget https://get.helm.sh/helm-v3.8.1-linux-amd64.tar.gz  
##安装Helm工具
tar zxvf helm-v3.8.1-linux-amd64.tar.gz
cp linux-amd64/helm /usr/local/bin/helm
6.2、添加Helm Chart Repository
[17:02:33 root@k8s-master1 helm]# 
helm repo add zabbix-chart-6.2 https://cdn.zabbix.com/zabbix/integrations/kubernetes-helm/6.2/ 
helm repo list
NAME                URL                                                          
zabbix-chart-6.2    https://cdn.zabbix.com/zabbix/integrations/kubernetes-helm/6.2
6.3、Zabbix Helm Chart,并解压
[17:04:38 root@k8s-master1 helm]# 
helm pull zabbix-chart-6.2/zabbix-helm-chrt  
##下载chart
tar -xf zabbix-helm-chrt-1.1.1.tgz
6.4、配置Chart
[17:07:19 root@k8s-master1 helm]#
cd /webapp/helm/zabbix-helm-chrt/

[17:07:41 root@k8s-master1 zabbix-helm-chrt]#
vim Chart.yaml
apiVersion: v2
appVersion: 6.2.0
dependencies:
- condition: kubeStateMetrics.enabled
  name: kube-state-metrics
  repository: https://charts.bitnami.com/bitnami
  version: 3.5.*
description: A Helm chart for deploying Zabbix agent and proxy
home: https://www.zabbix.com/
icon: https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png
name: zabbix-helm-chrt
type: application
version: 1.1.1
6.5、配置values.yaml
[17:10:49 root@k8s-master1 zabbix-helm-chrt]#
vim values.yaml
## nameOverride -- Override name of app
nameOverride: ""
## fullnameOverride -- Override the full qualified app name
fullnameOverride: "zabbix"
## kubeStateMetricsEnabled -- If true, deploys the kube-state-metrics deployment
kubeStateMetricsEnabled: true
## Service accoun for Kubernetes API
rbac:
  ## rbac.create  Specifies whether the RBAC resources should be created
  create: true
  additionalRulesForClusterRole: []
  ##  - apiGroups: [ "" ]
  ##    resources:
  ##      - nodes/proxy
  ##    verbs: [ "get", "list", "watch" ]
serviceAccount:
  ## serviceAccount.create  Specifies whether a service account should be created
  create: true
  ## serviceAccount.name  The name of the service account to use. If not set name is generated using the fullname template
  name: zabbix-service-account


##  **Zabbix proxy** configurations
zabbixProxy:
  ## Enables use of **Zabbix proxy**
  enabled: true
  containerSecurityContext: {}
  resources: {}
  image:
    ## Zabbix proxy Docker image name
    repository: zabbix/zabbix-proxy-sqlite3
    ## Tag of Docker image of Zabbix proxy
    tag: 6.2.6-centos
    pullPolicy: IfNotPresent
    ## List of dockerconfig secrets names to use when pulling images
    pullSecrets: []

  env:
    ## The variable allows to switch Zabbix proxy mode. Bu default, value is 0 - active proxy. Allowed values are 0 and 1.
    - name: ZBX_PROXYMODE
      value: 0
    ## Zabbix proxy hostname
    - name: ZBX_HOSTNAME
      value: zabbix-proxy-k8s
    ## Zabbix server host
    ## If ProxyMode is set to active mode:
    ## IP address or DNS name of Zabbix server to get configuration data from and send data to.

    ## If ProxyMode is set to passive mode:
    ## List of comma delimited IP addresses, optionally in CIDR notation, or DNS names of Zabbix server. Incoming connections will be accepted only from the addresses listed here. If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally and '::/0' will allow any IPv4 or IPv6 address. '0.0.0.0/0' can be used to allow any IPv4 address.
    ## Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.example.com
    - name: ZBX_SERVER_HOST
      value: "172.16.201.31"
    ## Zabbix server port
    - name: ZBX_SERVER_PORT
      value: 10051
    ## The variable is used to specify debug level. By default, value is 3
    - name: ZBX_DEBUGLEVEL
      value: 3
    ## Cache size
    - name: ZBX_CACHESIZE
      value: 128M
    ## The variable enable communication with Zabbix Java Gateway to collect Java related checks
    - name: ZBX_JAVAGATEWAY_ENABLE
      value: false
    ## How often proxy retrieves configuration data from Zabbix server in seconds. Active proxy parameter. Ignored for passive proxies.
    - name: ZBX_CONFIGFREQUENCY
      value: 60
    ## List can be extended with other environment variables listed here: https://github.com/zabbix/zabbix-docker/tree/5.4/agent/alpine#other-variables
    ## For example:
    ## The variable is list of comma separated loadable Zabbix modules.
    ## - name: ZBX_LOADMODULE
    ##   value : dummy1.so,dummy2.so


  service:
    annotations: {}
    labels: {}
    ## Type of service for Zabbix proxy
    type: ClusterIP
    ## Port to expose service
    port: 10051
    ## Port of application pod
    targetPort: 10051
    ## Zabbix proxy Ingress externalIPs with optional path
    ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
    ## Must be provided if ProxyMode is set to passive mode
    externalIPs: []
    ## Loadbalancer IP
    ## Only use if service.type is "LoadBalancer"
    ##
    loadBalancerIP: ""
    loadBalancerSourceRanges: []


  ## Node selector for Zabbix proxy
  nodeSelector: {}

  ## Tolerations configurations for Zabbix proxy
  tolerations: {}

  ## Affinity configurations for Zabbix proxy
  affinity: {}

  persistentVolume:
    ## If true, Zabbix proxy will create/use a Persistent Volume Claim
    ##
    enabled: false

    ## Zabbix proxy data Persistent Volume access modes
    ## Must match those of existing PV or dynamic provisioner
    ## Ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
    ##
    accessModes:
      - ReadWriteOnce

    ## Zabbix proxy data Persistent Volume Claim annotations
    ##
    annotations: {}

    ## Zabbix proxy data Persistent Volume existing claim name
    ## Requires zabbixProxy.persistentVolume.enabled: true
    ## If defined, PVC must be created manually before volume will be bound
    existingClaim: ""

    ## Zabbix proxy data Persistent Volume mount root path
    ##
    mountPath: /data

    ## Zabbix proxy data Persistent Volume size
    ##
    size: 2Gi

    ## Zabbix proxy data Persistent Volume Storage Class
    ## If defined, storageClassName: <storageClass>
    ## If set to "-", storageClassName: "", which disables dynamic provisioning
    ## If undefined (the default) or set to null, no storageClassName spec is
    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
    ##   GKE, AWS & OpenStack)
    ##
    storageClass: "-"

    ## Zabbix proxy data Persistent Volume Binding Mode
    ## If defined, volumeBindingMode: <volumeBindingMode>
    ## If undefined (the default) or set to null, no volumeBindingMode spec is
    ##   set, choosing the default mode.
    ##
    volumeBindingMode: ""

    ## Subdirectory of Zabbix proxy data Persistent Volume to mount
    ## Useful if the volume's root directory is not empty
    ##
    subPath: ""

## **Zabbix agent** configurations
zabbixAgent:
  ## Enables use of Zabbix agent
  enabled: true
  resources: {}
      ##  requests:
      ##   cpu: 100m
      ##   memory: 54Mi
      ##  limits:
      ##   cpu: 100m
      ##   memory: 54Mi

  securityContext: {}
    # fsGroup: 65534
    # runAsGroup: 65534
    # runAsNonRoot: true
    # runAsUser: 65534

  containerSecurityContext: {}
    ## capabilities:
    ##   add:
    ##   - SYS_TIME

  ## Expose the service to the host network
  hostNetwork: true

  # Specify dns configuration options for agent containers e.g ndots
  ## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-config
  dnsConfig: {}
  #  options:
  #  - name: ndots
  #    value: "1"

  ## Share the host process ID namespace
  hostPID: true
  ## If true, agent pods mounts host / at /host/root
  ##
  hostRootFsMount: true
  extraHostVolumeMounts: []
  ##  - name: <mountName>
  ##    hostPath: <hostPath>
  ##    mountPath: <mountPath>
  ##    readOnly: true|false
  ##    mountPropagation: None|HostToContainer|Bidirectional
  image:
    ## Zabbix agent Docker image name
    repository: zabbix/zabbix-agent2
    ## Tag of Docker image of Zabbix agent
    tag: 6.2.6-centos
    pullPolicy: IfNotPresent
    ## List of dockerconfig secrets names to use when pulling images
    pullSecrets: []
  env:
      ## Zabbix server host
    - name: ZBX_SERVER_HOST
      value: 0.0.0.0/0
      ## Zabbix server port
    - name: ZBX_SERVER_PORT
      value: 10051
      ## This variable is boolean (true or false) and enables or disables feature of passive checks. By default, value is true
    - name: ZBX_PASSIVE_ALLOW
      value: true
      ## The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent container.
    - name: ZBX_PASSIVESERVERS
      value: 0.0.0.0/0
      ## This variable is boolean (true or false) and enables or disables feature of active checks
    - name: ZBX_ACTIVE_ALLOW
      value: false
      ## The variable is used to specify debug level, from 0 to 5
    - name: ZBX_DEBUGLEVEL
      value: 3
      ## The variable is used to specify timeout for processing checks. By default, value is 4.
    - name: ZBX_TIMEOUT
      value: 4
    ## List can be extended with other environment variables listed here: https://github.com/zabbix/zabbix-docker/tree/5.4/agent/alpine#other-variables
    ## For example:
    ## The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent container. You may specify port.
    ## - name: ZBX_ACTIVESERVERS
    ##   value: ''
      ## The variable is list of comma separated loadable Zabbix modules. It works with volume /var/lib/zabbix/modules.
    ## - name: ZBX_LOADMODULE
    ##   value: ''

  ## Node selector for Agent. Only supports Linux.
  nodeSelector:
    kubernetes.io/os: linux

  ## Tolerations configurations
  tolerations:
    - effect: NoSchedule
      key: node-role.kubernetes.io/master
  ## Affinity configurations
  affinity: {}
  serviceAccount:
    ## Specifies whether a ServiceAccount should be created
    create: true
    ## The name of the ServiceAccount to use.
    ## If not set and create is true, a name is generated using the fullname template
    name: zabbix-agent-service-account
    annotations: {}
    imagePullSecrets: []
    automountServiceAccountToken: false

  service:
    type: ClusterIP
    port: 10050
    targetPort: 10050
    nodePort: 10050
    portName: zabbix-agent
    listenOnAllInterfaces: true
    annotations:
      agent.zabbix/monitor: "true"

  rbac:
    ## If true, create & use RBAC resources
    ##
    create: true
    ## If true, create & use Pod Security Policy resources
    ## https://kubernetes.io/docs/concepts/policy/pod-security-policy/
    ## PodSecurityPolicies disabled by default because they are deprecated in Kubernetes 1.21 and will be removed in Kubernetes 1.25.
    ## If you are using PodSecurityPolicies you can enable the previous behaviour by setting `rbac.pspEnabled: true`
    pspEnabled: false
    pspAnnotations: {}
6.6、修改kube-state-metrics 依赖Chart参数配置
[17:12:29 root@k8s-master1 zabbix-helm-chrt]#
cd charts/kube-state-metrics/

[17:14:05 root@k8s-master1 kube-state-metrics]# 
vim values.yaml
## nameOverride -- Override name of app
nameOverride: ""
## fullnameOverride -- Override the full qualified app name
fullnameOverride: "zabbix"
## kubeStateMetricsEnabled -- If true, deploys the kube-state-metrics deployment
kubeStateMetricsEnabled: true
## Service accoun for Kubernetes API
rbac:
  ## rbac.create  Specifies whether the RBAC resources should be created
  create: true
  additionalRulesForClusterRole: []
  ##  - apiGroups: [ "" ]
  ##    resources:
  ##      - nodes/proxy
  ##    verbs: [ "get", "list", "watch" ]
serviceAccount:
  ## serviceAccount.create  Specifies whether a service account should be created
  create: true
  ## serviceAccount.name  The name of the service account to use. If not set name is generated using the fullname template
  name: zabbix-service-account


##  **Zabbix proxy** configurations
zabbixProxy:
  ## Enables use of **Zabbix proxy**
  enabled: true
  containerSecurityContext: {}
  resources: {}
  image:
    ## Zabbix proxy Docker image name
    repository: zabbix/zabbix-proxy-sqlite3
    ## Tag of Docker image of Zabbix proxy
    tag: 6.2.6-centos
    pullPolicy: IfNotPresent
    ## List of dockerconfig secrets names to use when pulling images
    pullSecrets: []

  env:
    ## The variable allows to switch Zabbix proxy mode. Bu default, value is 0 - active proxy. Allowed values are 0 and 1.
    - name: ZBX_PROXYMODE
      value: 0
    ## Zabbix proxy hostname
    - name: ZBX_HOSTNAME
      value: zabbix-proxy-k8s
    ## Zabbix server host
    ## If ProxyMode is set to active mode:
    ## IP address or DNS name of Zabbix server to get configuration data from and send data to.

    ## If ProxyMode is set to passive mode:
    ## List of comma delimited IP addresses, optionally in CIDR notation, or DNS names of Zabbix server. Incoming connections will be accepted only from the addresses listed here. If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally and '::/0' will allow any IPv4 or IPv6 address. '0.0.0.0/0' can be used to allow any IPv4 address.
    ## Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.example.com
    - name: ZBX_SERVER_HOST
      value: "172.16.201.31"
    ## Zabbix server port
    - name: ZBX_SERVER_PORT
      value: 10051
    ## The variable is used to specify debug level. By default, value is 3
    - name: ZBX_DEBUGLEVEL
      value: 3
    ## Cache size
    - name: ZBX_CACHESIZE
      value: 128M
    ## The variable enable communication with Zabbix Java Gateway to collect Java related checks
    - name: ZBX_JAVAGATEWAY_ENABLE
      value: false
    ## How often proxy retrieves configuration data from Zabbix server in seconds. Active proxy parameter. Ignored for passive proxies.
    - name: ZBX_CONFIGFREQUENCY
      value: 60
    ## List can be extended with other environment variables listed here: https://github.com/zabbix/zabbix-docker/tree/5.4/agent/alpine#other-variables
    ## For example:
    ## The variable is list of comma separated loadable Zabbix modules.
    ## - name: ZBX_LOADMODULE
    ##   value : dummy1.so,dummy2.so


  service:
    annotations: {}
    labels: {}
    ## Type of service for Zabbix proxy
    type: ClusterIP
    ## Port to expose service
    port: 10051
    ## Port of application pod
    targetPort: 10051
    ## Zabbix proxy Ingress externalIPs with optional path
    ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
    ## Must be provided if ProxyMode is set to passive mode
    externalIPs: []
    ## Loadbalancer IP
    ## Only use if service.type is "LoadBalancer"
    ##
    loadBalancerIP: ""
    loadBalancerSourceRanges: []


  ## Node selector for Zabbix proxy
  nodeSelector: {}

  ## Tolerations configurations for Zabbix proxy
  tolerations: {}

  ## Affinity configurations for Zabbix proxy
  affinity: {}

  persistentVolume:
    ## If true, Zabbix proxy will create/use a Persistent Volume Claim
    ##
    enabled: false

    ## Zabbix proxy data Persistent Volume access modes
    ## Must match those of existing PV or dynamic provisioner
    ## Ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
    ##
    accessModes:
      - ReadWriteOnce

    ## Zabbix proxy data Persistent Volume Claim annotations
    ##
    annotations: {}

    ## Zabbix proxy data Persistent Volume existing claim name
    ## Requires zabbixProxy.persistentVolume.enabled: true
    ## If defined, PVC must be created manually before volume will be bound
    existingClaim: ""

    ## Zabbix proxy data Persistent Volume mount root path
    ##
    mountPath: /data

    ## Zabbix proxy data Persistent Volume size
    ##
    size: 2Gi

    ## Zabbix proxy data Persistent Volume Storage Class
    ## If defined, storageClassName: <storageClass>
    ## If set to "-", storageClassName: "", which disables dynamic provisioning
    ## If undefined (the default) or set to null, no storageClassName spec is
    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
    ##   GKE, AWS & OpenStack)
    ##
    storageClass: "-"

    ## Zabbix proxy data Persistent Volume Binding Mode
    ## If defined, volumeBindingMode: <volumeBindingMode>
    ## If undefined (the default) or set to null, no volumeBindingMode spec is
    ##   set, choosing the default mode.
    ##
    volumeBindingMode: ""

    ## Subdirectory of Zabbix proxy data Persistent Volume to mount
    ## Useful if the volume's root directory is not empty
    ##
    subPath: ""

## **Zabbix agent** configurations
zabbixAgent:
  ## Enables use of Zabbix agent
  enabled: true
  resources: {}
      ##  requests:
      ##   cpu: 100m
      ##   memory: 54Mi
      ##  limits:
      ##   cpu: 100m
      ##   memory: 54Mi

  securityContext: {}
    # fsGroup: 65534
    # runAsGroup: 65534
    # runAsNonRoot: true
    # runAsUser: 65534

  containerSecurityContext: {}
    ## capabilities:
    ##   add:
    ##   - SYS_TIME

  ## Expose the service to the host network
  hostNetwork: true

  # Specify dns configuration options for agent containers e.g ndots
  ## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-config
  dnsConfig: {}
  #  options:
  #  - name: ndots
  #    value: "1"

  ## Share the host process ID namespace
  hostPID: true
  ## If true, agent pods mounts host / at /host/root
  ##
  hostRootFsMount: true
  extraHostVolumeMounts: []
  ##  - name: <mountName>
  ##    hostPath: <hostPath>
  ##    mountPath: <mountPath>
  ##    readOnly: true|false
  ##    mountPropagation: None|HostToContainer|Bidirectional
  image:
    ## Zabbix agent Docker image name
    repository: zabbix/zabbix-agent2
    ## Tag of Docker image of Zabbix agent
    tag: 6.2.6-centos
    pullPolicy: IfNotPresent
    ## List of dockerconfig secrets names to use when pulling images
    pullSecrets: []
  env:
      ## Zabbix server host
    - name: ZBX_SERVER_HOST
      value: 0.0.0.0/0
      ## Zabbix server port
    - name: ZBX_SERVER_PORT
      value: 10051
      ## This variable is boolean (true or false) and enables or disables feature of passive checks. By default, value is true
    - name: ZBX_PASSIVE_ALLOW
      value: true
      ## The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent container.
    - name: ZBX_PASSIVESERVERS
      value: 0.0.0.0/0
      ## This variable is boolean (true or false) and enables or disables feature of active checks
    - name: ZBX_ACTIVE_ALLOW
      value: false
      ## The variable is used to specify debug level, from 0 to 5
    - name: ZBX_DEBUGLEVEL
      value: 3
      ## The variable is used to specify timeout for processing checks. By default, value is 4.
    - name: ZBX_TIMEOUT
      value: 4
    ## List can be extended with other environment variables listed here: https://github.com/zabbix/zabbix-docker/tree/5.4/agent/alpine#other-variables
    ## For example:
    ## The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent container. You may specify port.
    ## - name: ZBX_ACTIVESERVERS
    ##   value: ''
      ## The variable is list of comma separated loadable Zabbix modules. It works with volume /var/lib/zabbix/modules.
    ## - name: ZBX_LOADMODULE
    ##   value: ''

  ## Node selector for Agent. Only supports Linux.
  nodeSelector:
    kubernetes.io/os: linux

  ## Tolerations configurations
  tolerations:
    - effect: NoSchedule
      key: node-role.kubernetes.io/master
  ## Affinity configurations
  affinity: {}
  serviceAccount:
    ## Specifies whether a ServiceAccount should be created
    create: true
    ## The name of the ServiceAccount to use.
    ## If not set and create is true, a name is generated using the fullname template
    name: zabbix-agent-service-account
    annotations: {}
    imagePullSecrets: []
    automountServiceAccountToken: false

  service:
    type: ClusterIP
    port: 10050
    targetPort: 10050
    nodePort: 10050
    portName: zabbix-agent
    listenOnAllInterfaces: true
    annotations:
      agent.zabbix/monitor: "true"

  rbac:
    ## If true, create & use RBAC resources
    ##
    create: true
    ## If true, create & use Pod Security Policy resources
    ## https://kubernetes.io/docs/concepts/policy/pod-security-policy/
    ## PodSecurityPolicies disabled by default because they are deprecated in Kubernetes 1.21 and will be removed in Kubernetes 1.25.
    ## If you are using PodSecurityPolicies you can enable the previous behaviour by setting `rbac.pspEnabled: true`
    pspEnabled: false
    pspAnnotations: {}
6.7、Helm 安装zabbix Chart
[17:17:04 root@k8s-master1 kube-state-metrics]# 
cd /webapp/helm/zabbix-helm-chrt/

[17:17:32 root@k8s-master1 zabbix-helm-chrt]# 
helm install zabbix . --dependency-update -n zabbix 

NAME: zabbix
LAST DEPLOYED: Fri Dec  30 17:18:22 2023
NAMESPACE: zabbix
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Thank you for installing zabbix-helm-chrt.

Your release is named zabbix.
Zabbix agent installed:  "zabbix/zabbix-agent2:6.2.6-centos"
Zabbix proxy installed:  "zabbix/zabbix-proxy-sqlite3:6.2.6-centos"

Annotations:
app.kubernetes.io/name: zabbix
helm.sh/chart: zabbix-helm-chrt-1.1.1
app.kubernetes.io/version: "6.2.0"
app.kubernetes.io/managed-by: Helm


Service account created:
    zabbix-service-account

To learn more about the release, try:

  $ helm status zabbix
  $ helm get all zabbix

查看pod

[17:19:38 root@k8s-master1 zabbix-helm-chrt]# 
kubectl get pods -n zabbix

NAME                                         READY   STATUS    RESTARTS   AGE
zabbix-agent-cm7fv                           1/1     Running   0          2m40s
zabbix-agent-mj6hb                           1/1     Running   0          2m40s
zabbix-agent-nqtfc                           1/1     Running   0          2m40s
zabbix-kube-state-metrics-f96fb757b-dhlth    1/1     Running   0          2m40s
zabbix-proxy-6b86dfd8df-sk7s6                1/1     Running   0          2m40s
zabbix-server-69d5fdb86-z5h58                1/1     Running   0          34m
zabbix-web-fdb545749-dhk7b                   1/1     Running   0          32m

7、登录Web界面配置proxy

7.1、创建proxy

在这里插入图片描述

Proxy name:zabbix-proxy-k8s

7.2、验证proxy状态

在这里插入图片描述

要等此处不红继续往下走,如果等待几分钟后一只为红色把pod删了试一下(会自己创建):kubectl delete pod -n zabbix zabbix-proxy-79dcdc48bd-m5kf8

7.3、创建主机组

在这里插入图片描述

7.4、添加主机

在这里插入图片描述

7.5、查看IP查看token
[17:29:16 root@k8s-master1 ~]# 
kubectl get endpoints -n zabbix  
##查看ip
kubectl get secret zabbix-service-account -n zabbix -o jsonpath={.data.token} | base64 -d 
##查看token,配置zabbix时使用。
7.6、定义变量
{$KUBE.API.ENDPOINT.URL} : https://192.168.11.21:6443/api
{$KUBE.API.TOKEN}: XXXXXXXX [上面获取到的token]
{$KUBE.NODES.ENDPOINT.NAME}: zabbix-agent 【通过kubectl get ep -n zabbix 获取到】

在这里插入图片描述

7.7、 创建k8s-cluster主机,用于自动发现服务组件
7.7.1、创建主机
Host name: k8s-cluster
Templates: 选择Templates 下的Kubernetes cluster state by HTTP 模板,用于自动发现K8S节点主机
Host groups: K8S Server
Monitored by proxy: 选择 zabbix-proxy-k8s 代理节点

在这里插入图片描述

7.7.2、定义变量
{$KUBE.API.HOST}: 192.168.11.21
{$KUBE.API.PORT}:6443
{$KUBE.API.TOKEN}: XXXXX [上面获取到的token]
{$KUBE.API.URL} : https://192.168.11.21:6443
{$KUBE.API_SERVER.PORT}:6443
{$KUBE.API_SERVER.SCHEME}:https
{$KUBE.CONTROLLER_MANAGER.PORT}:10252
{$KUBE.CONTROLLER_MANAGER.SCHEME}:http
{$KUBE.KUBELET.PORT}:10250
{$KUBE.KUBELET.SCHEME}:https
{$KUBE.SCHEDULER.PORT}:10251 
{$KUBE.SCHEDULER.SCHEME}:http
{$KUBE.STATE.ENDPOINT.NAME}:zabbix-kube-state-metrics 【通过kubectl get ep -n zabbix 获取到】

IP端口以实际为准
在这里插入图片描述

7.7.3、验证主机

在这里插入图片描述

Logo

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐