实战案例(Zabbix 对 Nginx的监控)

登山则情满于山,观海则意溢于海。这篇文章主要讲述实战案例:Zabbix 对 Nginx的监控相关的知识,希望能为你提供帮助。
在实际生产中经常需要自定义各种软件的Zabbix的监控项,相对繁琐,在Zabbix官网和第三方网站都提供了大量的监控模板,很多写得非常完美,我们可下载并导入这些模板,并进行修改成适合自己生产用的监控模板,非常便利和高效。本文介绍利用现有的模板对nginx的活动连接和当前状态等运行状态等项目进行监控的全过程。
基本步骤:通过脚本采集Nginx状态页数据→zabbix agent获取监控项数据 → 导入监控模板→检查并修改完善监控项、触发器及图形→验证数据


1.部署Nginx如果是编译安装需要添加编译参数--with-http_stub_status_module;本次采用yum安装方式。

#### 安装并配置Nginx,前面还需要安装zabbix agent
## 配置zabbix 的yum源并安装zabbix agent
[root@CentOS84-IP88 ]#rpm -Uvh https://repo.zabbix.com/zabbix/6.0/rhel/8/x86_64/zabbix-release-6.0-1.el8.noarch.rpm
[root@CentOS84-IP88 ]#dnf clean all
[root@CentOS84-IP88 ]#dnf -y install zabbix-agent

########################################################################
#### 安装nginx
[root@CentOS84-IP88 ]#yum info nginx
.......................
Name: nginx
Epoch: 1
Version: 1.14.1
.......................


[root@CentOS84-IP88 ]#yum install -y nginx
[root@CentOS84-IP88 ]#find / -name nginx.conf
/etc/nginx/nginx.conf
[root@CentOS84-IP88 ]#vim /etc/nginx/nginx.conf
.........................
server
listen80 default_server;
listen[::]:80 default_server;
server_name_;
root/usr/share/nginx/html;

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
########################加上下面这段启用nginx状态页的配置######################
location /nginx_status
stub_status;
allow 192.168.0.0/16;
allow 127.0.0.1;
deny all;

########################加上上面这段启用nginx状态页的配置######################
location /


error_page 404 /404.html;
location = /40x.html

............................

#### 定位nginx二进制可执行文件位置并验证语法
[root@CentOS84-IP88 ]#find / -name nginx
/etc/logrotate.d/nginx
/etc/nginx
/var/lib/nginx
/var/log/nginx
/usr/sbin/nginx
/usr/lib64/perl5/vendor_perl/auto/nginx
/usr/lib64/nginx
/usr/share/licenses/nginx
/usr/share/doc/nginx
/usr/share/nginx
[root@CentOS84-IP88 ]#/usr/sbin/nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@CentOS84-IP88 ]#

#### 启动Nginx服务
[root@CentOS84-IP88 ]#systemctl enable --now nginx

[root@CentOS84-IP88 ]#ss -tln
StateRecv-QSend-QLocal Address:PortPeer Address:PortProcess
LISTEN05110.0.0.0:800.0.0.0:*
LISTEN01280.0.0.0:100500.0.0.0:*
LISTEN0511[::]:80[::]:*
LISTEN0128[::]:10050[::]:*

#### 在IP88上配置好nginx的状态页后,切换到另外主机测试状态页的访问

[root@CentOS84-IP18 ]#curl http://192.168.250.88/nginx_status
Active connections: 1
server accepts handled requests
3 3 3
Reading: 0 Writing: 1 Waiting: 0
[root@CentOS84-IP18 ]#

2.自定义监控项脚本:
#### 脚本的编写思路,是通过访问Nginx的状态页面,并抽取需要监控的数据在Zabbix上去显示、分析并报警
## 本机上通过命令查看到的信息
[root@CentOS84-IP88 ]#curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/"
Active connections: 1
server accepts handled requests
717 717 717
Reading: 0 Writing: 1 Waiting: 0
[root@CentOS84-IP88 ]#

## 依据上面的现实信息,利用shell命令抽取需要的关键数据
[root@CentOS84-IP88 ]#cd /etc/zabbix/zabbix_agentd.d
[root@CentOS84-IP88 ]#vim nginx_monitor.sh
#!/bin/bash

nginx_status_fun()
NGINX_PORT=$1
NGINX_COMMAND=$2
nginx_active()
/usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2> /dev/null| grep Active | awk print $NF

nginx_reading()
/usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2> /dev/null| grep Reading | awk print $2

nginx_writing()
/usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2> /dev/null| grep Writing | awk print $4

nginx_waiting()
/usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2> /dev/null| grep Waiting | awk print $6

nginx_accepts()
/usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2> /dev/null| awk NR==3 | awk print $1

nginx_handled()
/usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2> /dev/null| awk NR==3 | awk print $2

nginx_requests()
/usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2> /dev/null| awk NR==3 | awk print $3

case $NGINX_COMMAND in
active)
nginx_active;
; ;
reading)
nginx_reading;
; ;
writing)
nginx_writing;
; ;
waiting)
nginx_waiting;
; ;
accepts)
nginx_accepts;
; ;
handled)
nginx_handled;
; ;
requests)
nginx_requests;
esac


main()
case $1 in
nginx_status)
nginx_status_fun $2 $3;
; ;
*)
echo $"Usage: $0 nginx_status key"
esac


main $1 $2 $3
[root@CentOS84-IP88 ]#

## 授权可执行权限
[root@CentOS84-IP88 ]#chmod a+x nginx_monitor.sh
[root@CentOS84-IP88 ]#ll
-rwxr-xr-x 1 root root 1471 May 24 11:48 nginx_monitor.sh

## 测试脚本运行
[root@CentOS84-IP88 ]#bash nginx_monitor.sh nginx_status 80 active
1



3.Zabbix Agent添加自定义监控项
#### 前面已经安装好zabbix_agent,修改并配置好zabbix_agent
[root@CentOS84-IP88 ]#vim /etc/zabbix/zabbix_agentd.conf
..............................
# UserParameter=
UserParameter=nginx_status[*],/etc/zabbix/zabbix_agentd.d/nginx_monitor.sh "$1" "$2" "$3"
..............................

[root@CentOS84-IP88 ]#systemctl restart zabbix-agent
[root@CentOS84-IP88 ]#

[root@CentOS84-IP88 ]#grep "^[a-Z]" /etc/zabbix/zabbix_agentd.conf
PidFile=/run/zabbix/zabbix_agentd.pid
LogFile=/var/log/zabbix/zabbix_agentd.log
LogFileSize=0
Server=192.168.250.18
ListenPort=10050
ServerActive=127.0.0.1
Hostname=192.168.250.88
Include=/etc/zabbix/zabbix_agentd.d/*.conf
UserParameter=nginx_status[*],/etc/zabbix/zabbix_agentd.d/nginx_monitor.sh "$1" "$2" "$3"
[root@CentOS84-IP88 ]#

4.Zabbix Server命令行测试监控项数据
[root@CentOS84-IP18 ]#yum install zabbix-get.x86_64
[root@CentOS84-IP18 ]#find / -name zabbix_get
/usr/bin/zabbix_get
[root@CentOS84-IP18 ]#/usr/bin/zabbix_get -s 192.168.250.88 -p 10050 -k "nginx_status["nginx_status",80,"active"]"
1
[root@CentOS84-IP18 ]#

5.导入Nginx监控模板Zabbix 官网及第三方网站有比较多的模板可以下载,本次导入已经准备并修改好的Nginx监控模板,来建立对nginx的监控。







6.添加主机并关联模板配置 ---主机 --- 创建主机

【实战案例(Zabbix 对 Nginx的监控)】

7.验证监控数据



8.https(SSL443) 报错处置实际生产中使用http越来越少,考虑安全都用https来构建网站的访问,在监控模板内有对Nginx的HTTPS端口的监控,如果不可用就会报警,我们前面做nginx的配置时候特意没开启这个端口,埋下这个坑目的就是演示Zabbix报告问题后演示处置Zabbix在问题修复后的监控显示变化过程。




####在nginx的conf中开启了https,命令格式:listen443 ssl; 再重新启动nginx后在Zabbix的监控端就不再有ssl端口不可用的问题报告了。实际上在配置网站https需要制作申请证书等,仅仅演示SSL端口存活监控就不再做相应的证书申请等配置了。

[root@CentOS84-IP88 ]#vim /etc/nginx/nginx.conf
.......................
server
listen80 default_server;
listen443 ssl;
listen[::]:80 default_server;
server_name_;
root/usr/share/nginx/html;

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;


location /nginx_status
stub_status;
allow 192.168.0.0/16;
allow 127.0.0.1;
deny all;

location /


error_page 404 /404.html;
location = /40x.html


error_page 500 502 503 504 /50x.html;
.......................


[root@CentOS84-IP88 ]#find / -name nginx
/etc/logrotate.d/nginx
/etc/nginx
/var/lib/nginx
/var/log/nginx
/usr/sbin/nginx
/usr/lib64/perl5/vendor_perl/auto/nginx
/usr/lib64/nginx
/usr/share/licenses/nginx
/usr/share/doc/nginx
/usr/share/nginx
[root@CentOS84-IP88 ]#/usr/sbin/nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@CentOS84-IP88 ]#systemctl restart nginx

[root@CentOS84-IP88 ]#ss -tln
StateRecv-QSend-QLocal Address:PortPeer Address:PortProcess
LISTEN05110.0.0.0:800.0.0.0:*
LISTEN05110.0.0.0:4430.0.0.0:*

[root@CentOS84-IP88 ]#

经过上面对nginx的配置修改,添加了ssl443端口的监听后,在Zabbix上观测到故障提示已经消除了。



9.监控模板源代码监控模板文件:Nginx_Monitor.xml是yaml格式的文件,内容如下:
< ?xml version="1.0" encoding="UTF-8"?>
< zabbix_export>
< version> 6.0< /version>
< date> 2022-05-24T07:57:21Z< /date>
< groups>
< group>
< uuid> 7df96b18c230490a9a0a9e2307226338< /uuid>
< name> Templates< /name>
< /group>
< /groups>
< templates>
< template>
< uuid> 3d289c02810f4f46a9a843c51bbcb3eb< /uuid>
< template> Nginx_Monitor.xml< /template>
< name> Nginx_Monitor< /name>
< groups>
< group>
< name> Templates< /name>
< /group>
< /groups>
< items>
< item>
< uuid> 1a3bf4030ee9479d8ba67345d22cb0f9< /uuid>
< name> nginx_listen_80< /name>
< key> net.tcp.listen[80]< /key>
< delay> 5s< /delay>
< history> 30d< /history>
< tags>
< tag>
< tag> Application< /tag>
< value> nginx< /value>
< /tag>
< /tags>
< triggers>
< trigger>
< uuid> 74f8ef360a904708940e562ec05d276a< /uuid>
< expression> last(/Nginx_Monitor.xml/net.tcp.listen[80])< > 1< /expression>
< name> HOST.NAME listen_80< /name>
< priority> HIGH< /priority>
< /trigger>
< /triggers>
< /item>
< item>
< uuid> 1ea87c8ed484470197109eec5d5081b3< /uuid>
< name> nginx_listen_443< /name>
< key> net.tcp.listen[443]< /key>
< delay> 5s< /delay>
< tags>
< tag>
< tag> Application< /tag>
< value> nginx< /value>
< /tag>
< /tags>
< triggers>
< trigger>
< uuid> 0683b27cb6184b86a17ba48c0af2728c< /uuid>
< expression> last(/Nginx_Monitor.xml/net.tcp.listen[443])< > 1< /expression>
< name> HOST.NAME listen_443< /name>
< priority> HIGH< /priority>
< /trigger>
< /triggers>
< /item>
< item>
< uuid> 1e305b

    推荐阅读