Merge pull request #86 from AlibabaCloudLandingZone/solution-ARMS-Grafana-integrate-Zabbix-Prometheus/0.0.1

solution-ARMS-Grafana-integrate-Zabbix-Prometheus/0.0.1

Author: wibud

solution/solution-ARMS-Grafana-integrate-Zabbix-Prometheus/README.md

@@ -0,0 +1,26 @@
+# 解决方案《基于阿里云ARMS Grafana构建线下IDC Zabbix和云上Prometheus的统一监控》代码仓库
+
+本方案用阿里云的一个单独的地域模拟线下IDC环境,在其中通过terraform自动化脚本部署:
+
+* 一台ECS作为Zabbix Server服务器提供监控服务;
+* 一台ECS作为Zabbix Agent,它是Zabbix Server的监控对象和数据来源;
+* 相关必要的VPC、交换机、安全组。
+
+然后,把该Zabbix监控接入到阿里云统一监控平台--应用实时监控服务ARMS中的Grafana工作区;
+再把云上Prometheus监控接入到上述Grafana工作区;
+最后,把线下IDC Zabbix监控和云上Prometheus监控集成到同一个仪表盘文件夹。
+
+## 使用步骤
+
+用阿里云Terraform Explorer创建调试任务并创建资源
+确保已登录阿里云账号（并保证有足够的权限），并浏览器访问
+https://api.aliyun.com/terraform;
+
+* 点击示例模板--创建模板--创建空白模板，填写模板名称和模板描述；
+* 打开编辑模式；
+* 贴入本代码仓库中的代码；
+* 点击发起调试；
+* 点击预览并执行；
+
+整个创建资源的过程大概需要3~5分钟,执行成功后,点击执行详情,把日志拉到最底部,可以看到该terraform脚本设置的三个Outputs输出,其中第一个和第三个参数之后会用到。
+后续步骤请参考解决方案文档。

solution/solution-ARMS-Grafana-integrate-Zabbix-Prometheus/main.tf

@@ -0,0 +1,304 @@
+#设置变量
+variable "region" {
+  default = "cn-qingdao"
+}
+
+variable "instance_name" {
+  default = "deploying-zabbix-server"
+}
+
+variable "instance_type" {
+  default = "ecs.c6.large"
+}
+
+variable "image_id" {
+  default = "centos_7_9_x64_20G_alibase_20240628.vhd"
+}
+
+variable "internet_bandwidth" {
+  default = "10"
+}
+
+variable "instance_password" {
+  default = "Test@12345"
+}
+
+variable "mysql_zabbix_password" {
+  default = "zabbix"
+}
+
+provider "alicloud" {
+  region = var.region
+}
+
+data "alicloud_zones" "default" {
+  available_disk_category     = "cloud_efficiency"
+  available_resource_creation = "VSwitch"
+  available_instance_type     = var.instance_type
+}
+
+resource "alicloud_vpc" "vpc" {
+  vpc_name   = var.instance_name
+  cidr_block = "172.16.0.0/12"
+}
+
+resource "alicloud_vswitch" "vsw" {
+  vpc_id     = alicloud_vpc.vpc.id
+  cidr_block = "172.16.0.0/21"
+  zone_id    = data.alicloud_zones.default.zones.0.id
+}
+
+resource "alicloud_security_group" "default" {
+  name   = var.instance_name
+  vpc_id = alicloud_vpc.vpc.id
+}
+
+resource "alicloud_instance" "instance" {
+  availability_zone          = data.alicloud_zones.default.zones.0.id
+  security_groups            = alicloud_security_group.default.*.id
+  password                   = var.instance_password
+  instance_type              = var.instance_type
+  system_disk_category       = "cloud_efficiency"
+  image_id                   = var.image_id
+  instance_name              = var.instance_name
+  vswitch_id                 = alicloud_vswitch.vsw.id
+  internet_max_bandwidth_out = var.internet_bandwidth
+}
+
+resource "alicloud_security_group_rule" "allow_tcp_22" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "22/22"
+  priority          = 1
+  security_group_id = alicloud_security_group.default.id
+  cidr_ip           = "0.0.0.0/0"
+}
+
+resource "alicloud_security_group_rule" "allow_tcp_80" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "80/80"
+  priority          = 1
+  security_group_id = alicloud_security_group.default.id
+  cidr_ip           = "0.0.0.0/0"
+}
+
+resource "alicloud_security_group_rule" "allow_tcp_10050" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  nic_type          = "intranet"
+  policy            = "accept"
+  port_range        = "10050/10050"
+  priority          = 1
+  security_group_id = alicloud_security_group.default.id
+  cidr_ip           = "0.0.0.0/0"
+}
+
+# deploy zabbix server
+resource "null_resource" "deploy" {
+  triggers = {
+    always_run = "${timestamp()}"
+    script_hash = sha256("${local.mirrorlist_Adjust}")
+  }
+  provisioner "remote-exec" {
+    connection {
+      type     = "ssh"
+      user     = "root"
+      password = var.instance_password
+      host     = alicloud_instance.instance.public_ip
+    }
+    inline = [
+      # 1、关闭防火墙，修改主机名
+      "systemctl disable --now firewalld",
+      "setenforce 0",
+      "hostnamectl set-hostname zbx-server",
+      
+      # 2、获取 zabbix 的下载源
+      "rpm -ivh https://mirrors.aliyun.com/zabbix/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm",
+      
+      # 3、更换 zabbix.repo 为阿里源，安装zabbix-server-mysql和zabbix-agent
+      #"cd /etc/yum.repos.d",
+      "sed -i.bak 's#http://repo.zabbix.com#https://mirrors.aliyun.com/zabbix#' /etc/yum.repos.d/zabbix.repo",
+      #Centos7使用yum命令失效，报错：Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was 14: curl#6 - "Could not resolve host: mirrorlist.centos.org; 未知的错误", 通过如下命令添加参数到CentOS-Base.repo中解决。
+      "echo \"${local.mirrorlist_Adjust}\" >> /etc/yum.repos.d/CentOS-Base.repo",
+
+      "yum clean all && yum makecache",
+      "yum install -y zabbix-server-mysql zabbix-agent",
+      # 安装SCL（Software Collections），便于后续安装高版本的 php，默认 yum 安装的 php 版本为 5.4,版本过低，zabbix 5.0 版本对 php 版本最低要 7.2.0 版本。SCL 可以使得在同一台机器上使用多个版本的软件，而又不会影响整个系统的依赖环境。软件包会安装在 /etc/opt/rh 目录下。
+      "yum install -y centos-release-scl",
+      
+      # 4、修改 zabbix-front 前端源，安装 zabbix 前端环境到 scl 环境下
+      "sed -i.bak 's#enabled=0#enabled=1#' /etc/yum.repos.d/zabbix.repo",
+      # 安装zabbix前端环境到 scl 环境下
+      "yum install -y zabbix-web-mysql-scl zabbix-apache-conf-scl",
+
+      # 5、安装 zabbix 所需的数据库
+      "yum install -y mariadb-server mariadb",
+      #将数据库设置为开机自启，并立即启动
+      "systemctl enable --now mariadb", 
+      # 6、初始化数据库,添加数据库用户，以及 zabbix 所需的数据库信息
+      "echo \"${local.mysqlConfig}\" > /tmp/mysqlConfig.sh",
+      "source /tmp/mysqlConfig.sh",
+      #"mysqladmin -u root -p password abc123",
+
+      #查询已安装的zabbix-server-mysql的文件列表，找到 sql.gz 文件的位置
+      "rpm -ql zabbix-server-mysql",
+      #获取zabbix-server-mysql版本号
+      "zabbix_server_mysql_version=$(rpm -q zabbix-server-mysql --queryformat "%{VERSION}")",
+      #导入数据库信息，使用zcat将sql.gz文件导入数据库
+      "zcat /usr/share/doc/zabbix-server-mysql-$zabbix_server_mysql_version/create.sql.gz | mysql -uroot -pabc123 zabbix",
+
+      # 7、修改 zabbix-server 配置文件，修改数据库的密码
+      #124行，取消注释，指定 zabbix 数据库的密码，DBPassword的值是数据库授权zabbix用户的密码。
+      "sed -i.bak 's/# DBPassword=/DBPassword=${var.mysql_zabbix_password}/' /etc/zabbix/zabbix_server.conf",
+
+      # 8、修改 zabbix 的 php 配置文件，修改时区
+      "sed -i.bak 's/; php_value\\[date.timezone\\] = Europe\\/Riga/php_value\\[date.timezone\\] = Asia\\/Shanghai/'  /etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf",
+
+      # 9、启动 zabbix 相关服务
+      "systemctl restart zabbix-server zabbix-agent httpd rh-php72-php-fpm",
+      "systemctl enable zabbix-server zabbix-agent httpd rh-php72-php-fpm",
+      "netstat -natp | grep zabbix",
+
+      # 10、服务端和客户端都配置时间同步，使用阿里云的时钟源
+      "yum install -y ntpdate",
+      "ntpdate -u ntp.aliyun.com",
+
+      # 11、服务端安装zabbix-get，方便日后排查
+      "yum install -y zabbix-get",
+
+
+      "sleep 2"
+    ]
+  }
+}
+
+
+#Centos7使用yum命令失效，报错：Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was 14: curl#6 - "Could not resolve host: mirrorlist.centos.org; 未知的错误", 通过如下命令添加参数到CentOS-Base.repo中解决。
+locals {
+  mirrorlist_Adjust = <<EOF
+
+[centos-sclo-rh]
+name=CentOS-7 - SCLo rh
+baseurl=http://vault.centos.org/centos/7/sclo/\$basearch/rh/
+gpgcheck=1
+enabled=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-SCLo
+ 
+[centos-sclo-sclo]
+name=CentOS-7 - SCLo sclo
+baseurl=http://vault.centos.org/centos/7/sclo/\$basearch/sclo/
+gpgcheck=1
+enabled=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-SCLo
+EOF
+}
+
+#初始化数据库,添加数据库用户，以及 zabbix 所需的数据库信息
+locals {
+  mysqlConfig = <<EOF
+#!/bin/bash
+#6、添加数据库用户，以及 zabbix 所需的数据库信息
+
+mysqladmin -u root password 'abc123'
+#设置utf8字符集
+mysql -u root -pabc123 -e \"CREATE DATABASE zabbix character set utf8 collate utf8_bin\"
+#创建并授权用户，使得zabbix可以访问数据库
+mysql -u root -pabc123 -e \"GRANT all ON zabbix.* TO 'zabbix'@'%' IDENTIFIED BY 'zabbix'\"
+mysql -u root -pabc123 -e \"GRANT ALL ON zabbix.* TO 'zabbix'@'localhost' IDENTIFIED BY 'zabbix'\"
+
+#刷新权限
+mysql -u root -pabc123 -e \"flush privileges\"
+mysql -u root -pabc123 -e \"show databases\"
+
+EOF
+}
+
+
+
+
+##############################
+#新增Zabbix被监控的Agent相关配置
+##############################
+
+variable "agent_instance_name" {
+  default = "zabbix-agent-1"
+}
+
+resource "alicloud_instance" "agent_instance" {
+  availability_zone          = data.alicloud_zones.default.zones.0.id
+  security_groups            = alicloud_security_group.default.*.id
+  password                   = var.instance_password
+  instance_type              = var.instance_type
+  system_disk_category       = "cloud_efficiency"
+  image_id                   = var.image_id
+  instance_name              = var.agent_instance_name
+  vswitch_id                 = alicloud_vswitch.vsw.id
+  internet_max_bandwidth_out = var.internet_bandwidth
+}
+
+
+# deploy zabbix agent
+resource "null_resource" "agent_deploy" {
+  triggers = {
+    always_run = "${timestamp()}"
+    #script_hash = sha256("${local.mirrorlist_Adjust}")
+  }
+  provisioner "remote-exec" {
+    connection {
+      type     = "ssh"
+      user     = "root"
+      password = var.instance_password
+      host     = alicloud_instance.agent_instance.public_ip
+    }
+    inline = [
+      # 1、关闭防火墙，修改主机名
+      "systemctl disable --now firewalld",
+      "setenforce 0",
+      "hostnamectl set-hostname zbx-agent01",
+
+      # 2、服务端和客户端都配置时间同步，使用阿里云的时钟源
+      "yum install -y ntpdate",
+      "ntpdate -u ntp.aliyun.com",
+      
+      #3、客户端配置时区，与服务器保持一致
+      "mv /etc/localtime{,.bak}",
+      "ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime",
+      "date",
+
+      # 4、设置 zabbix 的下载源，安装 zabbix-agent2
+      "rpm -ivh https://mirrors.aliyun.com/zabbix/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm",
+      "cd /etc/yum.repos.d",
+      "sed -i 's#http://repo.zabbix.com#https://mirrors.aliyun.com/zabbix#'  /etc/yum.repos.d/zabbix.repo",
+      "yum install -y zabbix-agent2",
+
+      # 5、修改 agent2 配置文件
+      "sed -i.bak 's/Server=127.0.0.1/Server=${alicloud_instance.instance.private_ip}/' /etc/zabbix/zabbix_agent2.conf",
+      "sed -i.bak 's/ServerActive=127.0.0.1/Server=${alicloud_instance.instance.private_ip}/' /etc/zabbix/zabbix_agent2.conf",
+      "sed -i.bak 's/Hostname=Zabbix server/Hostname=zbx-agent01/' /etc/zabbix/zabbix_agent2.conf",
+
+      #6、启动 zabbix-agent2
+      "systemctl start zabbix-agent2",
+      "systemctl enable zabbix-agent2",
+      "netstat -natp | grep zabbix",
+
+      "sleep 2"
+    ]
+  }
+}
+
+output "zabbix_Server_URL" {
+  value = format("http://%v/zabbix", alicloud_instance.instance.public_ip)
+}
+
+output "zabbix_Server_Private_IP" {
+  value = format("%v", alicloud_instance.instance.private_ip)
+}
+
+output "zabbix_Agent_Private_IP" {
+  value = format("%v", alicloud_instance.agent_instance.private_ip)
+}