Build Zabbix5.0 with official docker-compose, monitor SNMPTRAP and set Slack notifications
Introduction
When doing home server monitoring with Zabbix, I built it with a container using official docker-compose Since there are network devices, alert notifications can be sent when receiving SNMPTRAP. Since Alert is a Slack notification, I will also include a construction memo at that time (Information at the time of construction as of 2020.11.01)
The following rough picture
Implementation content
- Build Zabbix with docker-compose
- zabbix settings
- Monitoring settings
- zabbix slack integration
- Alert exam
Implementation environment
--docker server - OS: CentOS 7.8.2003 - Docker: docker-ce 19.03.13 - Docker-compose: 1.18.0
- Slack --Workspace: Created with the name HomeLab
1. Install with docker-compose
Zabbix publishes zabbix-docker on GitHub below https://github.com/zabbix/zabbix-docker
Start using this docker-compose
Check the latest tag of 5.0 on zabbix-dokcer site and clone by tag specification (If you do not specify the tag, it will be the latest version such as 5.2) https://github.com/zabbix/zabbix-docker/tags
git_clone
git clone https://github.com/zabbix/zabbix-docker.git -b 5.0.5
This time I'm using a version of the centos image that uses mysql as the DB, so
Make the following yaml docker-compose.yaml and make it the default
cp_use_version
cd zabbix-docker/
cp -p docker-compose_v3_centos_mysql_latest.yaml docker-compose.yaml
Start the daemon below
docker-compose_up
docker-compose up -d
Check the startup status below. There is no problem with Exit 0 at the top
check_ps
# docker-compose ps
WARNING: Some services (zabbix-agent, zabbix-java-gateway, zabbix-proxy-mysql, zabbix-proxy-sqlite3, zabbix-server, zabbix-snmptraps, zabbix-web-apache-mysql, zabbix-web-nginx-mysql) use the 'deploy' key, which will be ignored. Compose does not support 'deploy' configuration - use `docker stack deploy` to deploy to a swarm.
Name Command State Ports
------------------------------------------------------------------------------------------------------------------------
zabbixdocker_db_data_mysql_1 sh Exit 0
zabbixdocker_mysql-server_1 docker-entrypoint.sh mysql ... Up
zabbixdocker_zabbix-agent_1 /sbin/tini -- /usr/bin/doc ... Up
zabbixdocker_zabbix-java-gateway_1 docker-entrypoint.sh /usr/ ... Up
zabbixdocker_zabbix-proxy-mysql_1 /sbin/tini -- /usr/bin/doc ... Up 0.0.0.0:10071->10051/tcp
zabbixdocker_zabbix-proxy-sqlite3_1 /sbin/tini -- /usr/bin/doc ... Up 0.0.0.0:10061->10051/tcp
zabbixdocker_zabbix-server_1 /sbin/tini -- /usr/bin/doc ... Up 0.0.0.0:10051->10051/tcp
zabbixdocker_zabbix-snmptraps_1 /usr/bin/supervisord -c /e ... Up 0.0.0.0:162->1162/udp
zabbixdocker_zabbix-web-apache-mysql_1 docker-entrypoint.sh Up 0.0.0.0:80->8080/tcp,
0.0.0.0:443->8443/tcp
zabbixdocker_zabbix-web-nginx-mysql_1 docker-entrypoint.sh Up 0.0.0.0:8081->8080/tcp,
0.0.0.0:8443->8443/tcp
If you access the browser with http: // [docker server IP], the following screen will appear. Login with Username: Admin, Password: zabbix.
When you log in, the screen below will appear.
2. zabbix settings
As a basic setting to start using, user setting and monitoring of zabbix server are enabled.
2.1. User settings
2.2. zabbix-server
zabbix-server is a failure, so deal with it
Settings> Host >> Zabbix server
As shown in the screen below, change the DNS name to zabbix-agent and the connection method to DNS and click Update.
After a while, you can confirm that agent communication is possible.
3. Monitoring settings
3.1 Creating an SNMP Trap trigger
The container of zabbix-snmptraps is also started and 162 is assigned to docker-compose, and SNMP Trap can also be acquired as an item. I couldn't find a template that triggers SNMP TRAP, so I'll create one.
There is an item called SNMP traps (fallback) in the default Template Net Network Generic Device SNMP, so when it is received, an alert will be issued as a trigger.
Although it may be possible to link SNMP Trap to recovery, it is difficult, so here we will recover in 60 seconds for the time being.
Go to Settings> Template> Create Template
In the example below, enter the template name Template Net Network Generic Device SNMP plus SNMPTRAP Trigger and the group as Templates / Network devices.
Go to the Link with Template tab, select Template Net Network Generic Device SNMP in the Link New Template and click Add to create a template
Enter the created template, specify the trigger tab and click create trigger in the upper right to create an additional trigger.
Create a trigger with the following contents (severity is high)
- name
- SNMP trap received from {HOST.NAME} --Severity
- warning
--Conditional expression
- {Template Net Network Generic Device SNMP plus SNMPTRAP Trigger:snmptrap.fallback.nodata(60)}=0
3.2. Host registration
Here, register the host in the SNMP monitoring settings of the network device (also used for the alarm test).
Create with Settings> Host> Create Host
- hostname
--Host name to set
--Group
- Templates
- interface
- SNMP --IP address to poll --SNMP community --Enter the community name of the device settings
Open the Template tab, select the created template andadd
If the SNMP polling is successful, the SNMP part will turn green.
4. zabbix slack integration
Slack will be linked with Bot
Create Slack Bots
Create a notification channel in advance
Open slack api and open Your Apps
https://api.slack.com/
Open Create New App
App Name: Select zabbix_alerter Development Slack Workspace HomeLab and click Create App
Select Bots
Open Features> OAuth & Permissions and open
Create a Token in Scopes with calls: write
Click Install App to Workspace under OAuth Tokens & Redirect URLs
Allow cooperation
Copy the generated Access Token and save it (used on Zabbix side)
Open the Details of the created Slack channel ・ ・ ・ Other Add `apps``
Add the created zabbix_alerter
When added, it will be displayed on the channel as shown below
Zabbix settings
Open Management> Media Type and open Slack
Enter the Access Token created by Slack API in bot_token, go to the bottom and click Update
Open Admin> User and open Admin
Open the Media tab and click` Add``
Type Slack, enter the destination # homelab-zabbix (notification channel name) and `add``
Update
To set the global macro
Open Administration> General Settings> Display Settings> Macro
Enter macro {$ ZABBIX.URL}, value http: // [docker server IP] / and click update
To set the trigger action
Open Settings> Actions and click Report problems to Zabbix administrators
Check Enabled and clickAdd
Select the type trigger severity, operator or higher, severity information and click add (select the severity you want to be notified)
Finally click Update to update
5. Alert exam
Alert test with Ping communication
Stop Ping on the registered host device side and perform an Alert alert test.
Slack notifications look like this:
When Ping is re-enabled and restored, the same message is rewritten and becomes Green Up.
Click Open in Zabbix to view details in your browser
Alert test with SNMP TRAP
Bring down the VPN tunnel on the host side and issue SNMPTRAP
After 60 seconds, it will be automatically restored (rewriting the same message)
When the VPN tunnel is restored, SNMPTRAP will appear again and it will be treated as a failure and will be treated as recovery again in 60 seconds.
This completes the alert alert test
in conclusion
I built Zabbix easily with docker-compose which is officially released, and also set the trigger of SNMPTRAP. Alert notification was linked with Slack and we were able to confirm the operation I want to touch Zabbix 5.0 in various ways in the future
reference
GitHub zabbix-docker https://github.com/zabbix/zabbix-docker Zabbix Official: Start with SNMP traps in Zabbix> Create "Template SNMP trap fallback" https://zabbix.org/wiki/Start_with_SNMP_traps_in_Zabbix#Create_.22Template_SNMP_trap_fallback.22 Zabbix Integration Slack https://www.zabbix.com/integrations/slack
Recommended Posts