Zabbix（CentOS8）

２．vsftpdのインストール

#　Chronyのインストール
[root@CE08PRDD104 ~]# dnf -y module install httpd
（省略）
完了しました!

#　Chronyの設定ファイル編集
[root@CE08PRD101 ~]# dnf -y module install php
（省略）
完了しました!

#　Chronyの設定ファイル編集
[root@CE08PRD101 ~]# dnf -y module install mysql
（省略）
完了しました!

#　Chronyの設定ファイル編集
[root@CE08PRD101 ~]# dnf -y install https://repo.zabbix.com/zabbix/5.0/rhel/8/x86_64/zabbix-release-5.0-1.el8.noarch.rpm
（省略）
完了しました!


[root@CE08PRD101 ~]#dnf -y install zabbix-server-mysql zabbix-web-japanese zabbix-apache-conf
（省略）
完了しました!

[root@CE08PRD101 ~]# dnf -y install zabbix-agent2
（省略）
完了しました!

#　phpのタイムゾーン変更
[root@CE08PRD101 ~]# vi /etc/php-fpm.d/zabbix.conf
; php_value[date.timezone] = Europe/Riga
↓
php_value[date.timezone] = Asia/Tokyo

# Zabbixサーバのパスワード設定
[root@CE08PRDD104 ~]# vi /etc/zabbix/zabbix_server.conf
#DBPassword=
↓
DBPassword=password

#　Zabbixエージェントの設定
[root@CE08PRDD104 ~]# vi /etc/zabbix/zabbix_agent2.conf
Hostname=Zabbix server
↓
Hostname=zbx01

#　mysqlの起動
[root@CE08PRDD104 ~]# systemctl enable --now mysqld
Created symlink /etc/systemd/system/multi-user.target.wants/mysqld.service → /usr/lib/systemd/system/mysqld.service.

#　サービス起動確認
#　Active:がactiveになっていることを確認する。
[root@CE08PRD101 ~]# systemctl status chronyq
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2020-09-08 12:00:38 JST; 59s ago
（省略）

#　mysql初期設定
[root@CE08PRDD104 ~]# mysql_secure_installation
Securing the MySQL server deployment.
Connecting to MySQL using a blank password
VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?

Press y|Y for Yes, any other key for No: y
There are three levels of password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 0
Please set the password for root here.
New password:
Re-enter new password:
Estimated strength of the password: 50
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : yDropping test database…
Success.

Removing privileges on test database…
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.
All done!

３．セキュリティ設定

#　ファイヤーウォールの許可設定
[root@CE08PRD101 ~]# firewall-cmd --add-port=10051/tcp --zone=public --permanent

[root@CE08PRD101 ~]# firewall-cmd --add-service=http --zone=public --permanent
[root@CE08PRD101 ~]# firewall-cmd --reload
success

#　ファイヤーウォールの許可設定確認
#　ftpが追加されたことを確認する。
[root@CE08PRD101 ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s3
sources:
services: cockpit dhcpv6-client ftp http ntp ssh
（省略）

#　Zabbix用のデータベースとDBユーザ作成
[root@CE08PRDD104 ~]# mysql -u root -p
Enter password:
（省略）

mysql> CREATE DATABASE zabbix character set utf8 collate utf8_bin;
Query OK, 1 row affected, 2 warnings (0.03 sec)

mysql> CREATE USER zabbix@localhost IDENTIFIED BY '＜パスワード＞';
Query OK, 0 rows affected (0.05 sec)

mysql> GRANT ALL ON zabbix.* TO zabbix@localhost;
Query OK, 0 rows affected (0.02 sec)

mysql> quit;
Bye

#　Zabbix用のDBスキーマと初期データをデータベースに読み込み
[root@CE08PRDD104 ~]# zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | mysql -u zabbix -p zabbix
Enter password:

[root@CE08PRDD104 ~]# sed -i -e "s/^SELINUX=enforcing$/SELINUX=disabled/g" /etc/selinux/config
systemctl reboot

#　Apacheのサービス起動
[root@CE08PRDD104 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.

#　PHP-FPMのサービス起動
[root@CE08PRDD104 ~]# systemctl enable --now php-fpm
Created symlink /etc/systemd/system/multi-user.target.wants/php-fpm.service → /usr/lib/systemd/system/php-fpm.service.

#　Zabbixサーバのサービス起動
[root@CE08PRDD104 ~]# systemctl enable --now zabbix-server
Created symlink /etc/systemd/system/multi-user.target.wants/zabbix-server.service → /usr/lib/systemd/system/zabbix-server.service.

#　Zabbixエージェントのサービス起動
[root@CE08PRDD104 ~]# systemctl enable--now zabbix-agent2
Created symlink /etc/systemd/system/multi-user.target.wants/zabbix-agent2.service → /usr/lib/systemd/system/zabbix-agent2.service.

４．動作確認

#

設定が完了すると、ログイン画面に遷移します。
初期ユーザ名「Admin」、初期パスワード「zabbix」を入力し、「Sign in」を押下します。

#　時刻同期の確認
#　*の付いた行にのReach377になっていればOK。
[root@CE08PRD101 ~]# chronyc sources
210 Number of sources = 4
MS Name/IP address Stratum Poll Reach LastRx Last sample
==============================================================
^+ ntp-a3.nict.go.jp 1 8 377 120 +213us[ +242us] +/- 7337us
^+ ntp-a2.nict.go.jp 1 8 377 61 +14us[ +14us] +/- 6993us
^+ ntp-a2.nict.go.jp 1 8 377 60 +135us[ +135us] +/- 6530us
^* ntp-b2.nict.go.jp 1 8 377 118 +1028us[+1057us] +/- 7384us