nginx服務之配置https和監控狀態頁面
阿新 • • 發佈:2020-08-10
目錄
1. 配置https
生成證書的操作,這裡就不詳細操作了,有疑問的可以看看這篇nat模式搭建http和https負載均衡叢集,裡面有提到怎麼生成證書!
生成證書後的配置
[root@longnian ssl]# pwd /usr/local/nginx/ssl //證書存放的位置 [root@longnian ssl]# ls nginx.crt nginx.csr nginx.key //修改配置檔案 [root@longnian ssl]# vim /usr/local/nginx/conf/nginx.conf //修改server .............. server { listen 443 ssl; server_name www.a.com; ssl_certificate /usr/local/nginx/ssl/nginx.crt; ssl_certificate_key /usr/local/nginx/ssl/nginx.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; .............. //修改好了,重讀下配置檔案 [root@longnian ssl]# nginx -s reload
訪問網頁
成功訪問到了網頁,到此https就配置完了!
2. zabbix監控狀態介面
2.1 開啟狀態介面
//修改配置檔案
//新增以下內容:
..............
location /status {
stub_status on; //開啟
allow 192.168.159.0/24; //允許159網段的可以訪問!
deny all;
}
..............
//重讀配置檔案
[root@longnian ssl]# nginx -s reload
在網頁上訪問
2.2 取出狀態的值
在伺服器上用curl來訪問
[root@longnian ~]# curl -k https://192.168.159.144/status
Active connections: 2
server accepts handled requests
132 132 132
Reading: 0 Writing: 1 Waiting: 1
因為我這裡想監控的是requests的值、Reading的值和Writing的值,所以得先取出它們的值,然後寫到腳本里去
//取出requests的值 [root@longnian ~]# curl -k https://192.168.159.144/status Active connections: 1 server accepts handled requests 134 134 134 Reading: 0 Writing: 1 Waiting: 0 [root@longnian ~]# curl -k -s https://192.168.159.144/status | awk 'NR==3{print $3}' 135 //取出Reading的值 [root@longnian ~]# curl -k https://192.168.159.144/status Active connections: 1 server accepts handled requests 138 138 138 Reading: 0 Writing: 1 Waiting: 0 [root@longnian ~]# curl -k -s https://192.168.159.144/status | awk 'NR==4{print $2}' 0 //取出Writing的值 [root@longnian ~]# curl -k https://192.168.159.144/status Active connections: 1 server accepts handled requests 140 140 140 Reading: 0 Writing: 1 Waiting: 0 [root@longnian ~]# curl -k -s https://192.168.159.144/status | awk 'NR==4{print $4}' 1
2.3 建立監控指令碼
//建立個指令碼目錄
//建立監控requests的指令碼
[root@longnian ~]# mkdir /script
[root@longnian ~]# cd /script/
[root@longnian script]# vim check_requests.sh
[root@longnian script]# cat check_requests.sh
#!/bin/bash
if [ `curl -k -s https://192.168.159.144/status | awk 'NR==3{print \$3}'` -ne 0 ];then
echo "0"
else
echo "1"
fi
[root@longnian script]# ls
check_requests.sh
//執行下指令碼,看有沒有問題
[root@longnian script]# ./check_requests.sh
0
//建立監控Reading的指令碼
[root@longnian script]# vim check_Reading.sh
[root@longnian script]# cat check_Reading.sh
#!/bin/bash
if [ `curl -k -s https://192.168.159.144/status | awk 'NR==4{print \$2}'` -eq 0 ];then
echo "0"
else
echo "1"
fi
[root@longnian script]# ls
check_Reading.sh check_requests.sh
//執行下指令碼,看有沒有問題
[root@longnian script]# ./check_Reading.sh
0
//建立監控Writing的指令碼
[root@longnian script]# vim check_Writing.sh
[root@longnian script]# cat check_Writing.sh
#!/bin/bash
if [ `curl -k -s https://192.168.159.144/status | awk 'NR==4{print \$4}'` -ne 0 ];then
echo "0"
else
echo "1"
fi
[root@longnian script]# chmod +x check_*
[root@longnian script]# ll
total 12
-rwxr-xr-x 1 root root 134 Jul 31 21:06 check_Reading.sh
-rwxr-xr-x 1 root root 134 Jul 31 21:01 check_requests.sh
-rwxr-xr-x 1 root root 134 Jul 31 21:11 check_Writing.sh
//執行下指令碼,看有沒有問題
[root@longnian script]# ./check_Writing.sh
0
2.4 安裝zabbix(客戶端)
| 主機 | IP地址 | 所需服務 |
|---|---|---|
| Server端 | 192.168.159.135 | lnmp、zabbix |
| Client端 | 192.168.159.144 | zabbix (agent) |
配置server端的lnmp和zabbix,我這裡就不過多闡述了,有疑問可以參考Linux專案之部署lnmp架構和Linux監控服務之zabbix
Client端zabbix安裝和配置
//安裝zabbix
//安裝一些常用的工具
[root@slave ~]# yum -y install vim wget gcc gcc-c++ net-snmp-devel libevent-devel
//下載zabbix安裝包,進行編譯、安裝
[root@longnian ~]# cd /usr/src/
[root@longnian src]# ls
debug kernels zabbix-4.4.7 zabbix-4.4.7.tar.gz
[root@longnian src]# cd zabbix-4.4.7
[root@longnian zabbix-4.4.7]# ./configure --enable-agent
[root@longnian zabbix-4.4.7]# make install
//修改配置檔案
[root@longnian ~]# cd /usr/local/etc/
[root@longnian etc]# ls
zabbix_agentd.conf zabbix_agentd.conf.d
[root@longnian etc]# vim zabbix_agentd.conf
..........
Server=192.168.159.135
..........
ServerActive=192.168.159.135
..........
Hostname=Zabbix client
..........
UnsafeUserParameters=1
..........
//建立zabbix使用者
[root@longnian ~]# useradd -r -M -s /sbin/nologin zabbix
[root@longnian ~]# id zabbix
uid=996(zabbix) gid=994(zabbix) groups=994(zabbix)
[root@longnian ~]# zabbix_agentd
[root@longnian ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:9000 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 *:443 *:*
LISTEN 0 128 *:10050 *:*
LISTEN 0 80 :::3306 :::*
LISTEN 0 100 :::8080 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 1 ::ffff:127.0.0.1:8005 :::*
//新增指令碼資訊到配置檔案中去
[root@longnian ~]# vim /usr/local/etc/zabbix_agentd.conf
.............
UserParameter=check_status-one[*],/bin/bash /script/check_requests.sh $1
UserParameter=check_status-two[*],/bin/bash /script/check_Reading.sh $1
UserParameter=check_status-three[*],/bin/bash /script/check_Writing.sh $1
//在server端,手動測試指令碼有沒有問題
[root@longnian ~]# zabbix_get -s 192.168.159.144 -k check_status-one
0
[root@longnian ~]# zabbix_get -s 192.168.159.144 -k check_status-two
0
[root@longnian ~]# zabbix_get -s 192.168.159.144 -k check_status-three
0
//能看到0就是沒錯的!!
3. 配置監控
3.1 建立主機組,新增主機
3.2 新增監控項
3.3 新增觸發器
3.4 檢視監控狀態
3.5 同樣把另外兩個也監控起來
3.6 再次檢視監控狀態
到此,實驗就完成啦!如需發郵件,只需要再配置媒介和動作就行!具體想了解的可以檢視這篇Linux專案之zabbix監控腦裂裡面有寫到發郵件!