一、基础环境
使用在前面文章中部署的K8S集群、Postgresql数据库、Harbor
| IP地址 | 作用 |
|---|
| 192.168.2.101 | K8S控制器 |
| 192.168.2.102 | K8S节点 |
| 192.168.2.103 | K8S节点 |
| 192.168.2.104 | Harbor |
| 192.168.2.105 | Postgresql主库 |
| 192.168.2.106 | Postgresql从库 |
| 在harbor下载Zabbix的镜像 | |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
| UPSTREAM_REPO="zabbix"
UPSTREAM_TAG="ubuntu-7.0-latest"
# 强行指定拉取 Ubuntu 版本
# 2. 配置本地 Harbor 仓库
HARBOR_REPO="192.168.2.104/library"
LOCAL_TAG="7.0"
# 定义需要同步的核心组件
IMAGES=( "zabbix-server-pgsql" "zabbix-web-nginx-pgsql" "zabbix-java-gateway" "zabbix-web-service" )
for IMAGE in "${IMAGES[@]}"; do
echo "--------------------------------------------------------"
echo "[1/3] 正在拉取官方 Ubuntu 镜像: ${UPSTREAM_REPO}/${IMAGE}:${UPSTREAM_TAG}" docker pull ${UPSTREAM_REPO}/${IMAGE}:${UPSTREAM_TAG}
echo "[2/3] 正在重新打标签为: ${HARBOR_REPO}/${IMAGE}:${LOCAL_TAG}"
docker tag ${UPSTREAM_REPO}/${IMAGE}:${UPSTREAM_TAG}${HARBOR_REPO}/${IMAGE}:${LOCAL_TAG}
echo "⬆️ [3/3] 正在推送到本地 Harbor: ${HARBOR_REPO}/${IMAGE}:${LOCAL_TAG}"
docker push ${HARBOR_REPO}/${IMAGE}:${LOCAL_TAG}
# 清理本地残留的官方镜像包,释放磁盘空间
docker rmi ${UPSTREAM_REPO}/${IMAGE}:${UPSTREAM_TAG}
done
|
二、部署
由于本地裸金属 (Bare-metal) K8s 环境默认不支持 LoadBalancer 类型的 Service,为了让 Ingress 控制器拥有固定的虚拟 IP (VIP),必须部署 MetalLB。
在Master执行,让 MetalLB 能够接管 ARP 请求
1
2
3
4
5
6
| kubectl get configmap kube-proxy -n kube-system -o yaml | \
sed -e "s/strictARP: false/strictARP: true/" | \
kubectl apply -f - -n kube-system
# 重启 kube-proxy 使其生效
kubectl rollout restart daemonset kube-proxy -n kube-system
|
部署 MetalLB 核心组件
1
2
3
| kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.14.3/config/manifests/metallb-native.yaml
#检查状态
kubectl get pods -n metallb-system
|
返回如下结果即可
1
2
| NAME READY STATUS RESTARTS AGE
controller-5c7b7588d7-jwfrh 1/1 Running 0 8h
|
配置 VIP 地址池与二层宣告
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
| apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: ippool-2
namespace: metallb-system
spec:
# 分配给 LoadBalancer 的局域网 IP 段
addresses:
- 192.168.2.200-192.168.2.210
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: l2-advertisement
namespace: metallb-system
spec:
ipAddressPools:
- ippool-2
|
并应用该配置
1
| kubectl apply -f metallb-config.yaml
|
将现有的 Ingress 控制器 Service 类型修改为 LoadBalancer
1
2
| # 假设你的 ingress-nginx service 名称为 ingress-nginx-controller
kubectl patch svc ingress-nginx-controller -n ingress-nginx -p '{"spec": {"type": "LoadBalancer"}}'
|
查看下该controller绑定的ip,使用内部DNS解析需要的域名到该IP
1
2
3
| NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 10.105.253.189 192.168.2.210 80:30385/TCP,443:30117/TCP 2d2h
ingress-nginx-controller-admission ClusterIP 10.100.95.200 <none> 443/TCP 2d2h
|
2.2、部署Zabbix
将zabbix7的image下载到harbor,将zabbix需要的yaml写入
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
| ---
apiVersion: v1
kind: Namespace
metadata:
name: zabbix
---
apiVersion: v1
kind: Secret
metadata:
name: zabbix-db-secret
namespace: zabbix
type: Opaque
stringData:
DB_SERVER_HOST: "192.168.2.105"
DB_SERVER_PORT: "5432"
POSTGRES_DB: "zabbix"
POSTGRES_USER: "zabbix"
POSTGRES_PASSWORD: "zabbix_pwd" # 部署前请修改为真实密码
---
# Java Gateway (用于监控 Java JMX)
apiVersion: apps/v1
kind: Deployment
metadata:
name: zabbix-java-gateway
namespace: zabbix
spec:
replicas: 1
selector:
matchLabels:
app: zabbix-java-gateway
template:
metadata:
labels:
app: zabbix-java-gateway
spec:
containers:
- name: zabbix-java-gateway
image: 192.168.2.104/library/zabbix-java-gateway:7.0
ports:
- containerPort: 10052
---
apiVersion: v1
kind: Service
metadata:
name: zabbix-java-gateway
namespace: zabbix
spec:
ports:
- port: 10052
selector:
app: zabbix-java-gateway
---
# Web Service (用于定时生成 PDF 报表)
apiVersion: apps/v1
kind: Deployment
metadata:
name: zabbix-web-service
namespace: zabbix
spec:
replicas: 1
selector:
matchLabels:
app: zabbix-web-service
template:
metadata:
labels:
app: zabbix-web-service
spec:
containers:
- name: zabbix-web-service
image: 192.168.2.104/library/zabbix-web-service:7.0
securityContext:
privileged: true
env:
- name: ZBX_ALLOWEDIP
value: "0.0.0.0/0"
- name: ZBX_TIMEOUT
value: "30"
- name: ZBX_IGNOREURLCERTERRORS
value: "1"
ports:
- containerPort: 10053
volumeMounts:
- name: dshm
mountPath: /dev/shm
volumes:
- name: dshm
emptyDir:
medium: Memory
sizeLimit: 512Mi
---
apiVersion: v1
kind: Service
metadata:
name: zabbix-web-service
namespace: zabbix
spec:
ports:
- port: 10053
selector:
app: zabbix-web-service
---
# Zabbix Server 核心进程 (暴露 NodePort 给外部 Agent)
apiVersion: apps/v1
kind: Deployment
metadata:
name: zabbix-server
namespace: zabbix
spec:
replicas: 1
selector:
matchLabels:
app: zabbix-server
template:
metadata:
labels:
app: zabbix-server
spec:
containers:
- name: zabbix-server
image: 192.168.2.104/library/zabbix-server-pgsql:7.0
envFrom:
- secretRef:
name: zabbix-db-secret
env:
- name: ZBX_JAVAGATEWAY
value: "zabbix-java-gateway"
- name: ZBX_STARTJAVAPOLLERS
value: "3"
- name: ZBX_WEBSERVICEURL
value: "http://zabbix-web-service:10053/report"
- name: ZBX_STARTREPORTWRITERS
value: "3"
ports:
- containerPort: 10051
---
apiVersion: v1
kind: Service
metadata:
name: zabbix-server
namespace: zabbix
spec:
type: NodePort
ports:
- port: 10051
targetPort: 10051
nodePort: 30051
selector:
app: zabbix-server
---
# Zabbix Web 前端界面 (集群内通信)
apiVersion: apps/v1
kind: Deployment
metadata:
name: zabbix-web
namespace: zabbix
spec:
replicas: 1
selector:
matchLabels:
app: zabbix-web
template:
metadata:
labels:
app: zabbix-web
spec:
containers:
- name: zabbix-web
image: 192.168.2.104/library/zabbix-web-nginx-pgsql:7.0
envFrom:
- secretRef:
name: zabbix-db-secret
env:
- name: ZBX_SERVER_HOST
value: "zabbix-server"
- name: ZBX_SERVER_PORT
value: "10051"
- name: PHP_TZ
value: "Asia/Shanghai"
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: zabbix-web
namespace: zabbix
spec:
ports:
- port: 8080
selector:
app: zabbix-web
---
# Ingress 域名暴露
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: zabbix-ingress
namespace: zabbix
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: "50m"
spec:
ingressClassName: nginx
rules:
- host: zabbix.xxx.com #修改为域名
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: zabbix-web
port:
number: 8080
|
执行命令,将该yaml推行
1
| kubectl apply -f zabbix-all-in-one.yaml
|
检查所有的节点,查看所有的pod是否已经启动
1
2
3
4
5
| NAME READY STATUS RESTARTS AGE
zabbix-java-gateway-5569dcc6cb-w7n22 1/1 Running 0 5h
zabbix-server-787c9f45ff-4jrmd 1/1 Running 0 5h
zabbix-web-789c45ff8-w6cfp 1/1 Running 0 5h
zabbix-web-service-8c768746d-9c6jb 1/1 Running 0 20s
|
三、界面配置
3.1、安装客户端
在三台服务器上安装zabbix-agent2、
1
2
3
4
5
6
7
8
9
10
11
| rpm -Uvh https://repo.zabbix.com/zabbix/7.0/rocky/10/x86_64/zabbix-release-latest-7.0.el10.noarch.rpm
dnf clean all
dnf install -y zabbix-agent2 zabbix-agent2-plugin-postgresql zabbix-agent2-plugin-mysql
# 获取当前物理 IP LOCAL_IP=$(hostname -I | awk '{print $1}') # 3. 注入配置:放行 K8s 与宿主网段 (被动模式),指向 K8s NodePort (主动模式),自动配置主机名
sed -i 's/^Server=127.0.0.1/Server=127.0.0.1,192.168.2.0\/24,10.244.0.0\/16,10.96.0.0\/12/' /etc/zabbix/zabbix_agent2.conf
sed -i 's/^ServerActive=127.0.0.1/ServerActive=192.168.2.101:30051/' /etc/zabbix/zabbix_agent2.conf
sed -i "s/^Hostname=Zabbix server/Hostname=Node-${LOCAL_IP}/" /etc/zabbix/zabbix_agent2.conf
# 重启服务
systemctl restart zabbix-agent2
systemctl enable zabbix-agent2
|
可以修改任意一个的hostname为zabbix server
3.2、页面配置
在web界面的Data collection下的Hosts,找到Zabbix server服务器,点击进去。在Interface中agent填入对应的服务器ip,然后点击Update
等待服务器上线即可