最近公司新买了一批OVH服务器，这些服务器的硬盘、负载、和实时带宽需要监控。首先想到的就是用Zabbix监控。因为在公司内网中，之前部署过Zabbix监控。只需要在这些OVH服务器上安装zabbix的客户端即可。以下为实现步骤：

1、配置免密登录

1.1、zabbix服务端生成密钥对

[root@localhost ~]# ssh-keygen -f '~/.ssh/id_rsa' -N ''
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:4vyK0ZZVYULr0DpJyiYOycisvFZzMehugAlKpFvcXgM root@localhost.localdomain
The key's randomart image is:
+---[RSA 3072]----+
|       .o o      |
| .  E  . + .     |
|o. ...o o .      |
|Booo.=o= .       |
|OBo.+.B.S        |
|B+ *.= =         |
|..= + *          |
| ..o + .         |
|... . ...        |
+----[SHA256]-----+

1.2、向zabbix客户端传递公钥

可以把需要监控的服务器IP放到一个列表中

[root@localhost ~]# vi /server/scripts/node.sh
#!/bin/bash
ssdzd(){
expect << EOF
set timeout 5
spawn ssh-copy-id centos@$IP
expect {
   "yes/no" { send "yes\n";exp_continue }
   "password" { send "密码\n" }
}
expect eof
EOF
}
for IP in $(cat /root/ip_list)
do
  ssdzd
done

2、安装配置ansible批量操作被监控主机

[root@localhost ~]# yum install ansible -y
[root@localhost ~]# sed -i 's/^#inventory/inventory/' /etc/ansible/ansible.cfg
[root@localhost ~]# sed -i 's/^#host_key_checking/host_key_checking/' /etc/ansible/ansible.cfg

把需要监控的服务器IP写入/etc/ansible/hosts文件

[root@localhost ~]# vi /etc/ansible/hosts
.....
[node]
192.168.1.30
192.168.1.31
192.168.1.32
192.168.1.33
...
.....

测试

[root@localhost ~]# ansible ndoe -u centos -m ping
192.168.1.31 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
    ....

3、编写playbook配置zabbix客户端

[root@localhost ~]# vi /server/scripts/zabbix_agent_install.yml
---
 - hosts:  chia_centos
   remote_user:  centos
   gather_facts: No
   become: yes
   become_method: sudo
   become_user: root
   tasks:
     - name: "stop firewalld"
       service:
         name: firewalld
         state: stopped 
     - name: "copy zabbix.repo"
       copy: src=/etc/yum.repos.d/zabbix.repo
             dest=/etc/yum.repos.d/
       notify: update repolist
     - name: "install zabbix-agent"
       yum:
         name: "zabbix-agent"
         state: installed
     - name: "copy zabbix_agentd.conf"
       copy: src=/root/zabbix_agentd.conf
             dest=/etc/zabbix/
       notify: restart service
   handlers:
     - name: update repolist
       shell: "yum clean all;yum repolist"
     - name: restart service
       service:
         name: zabbix-agent
         state: started
         enabled: yes

检查playbook是否存在语法错误

[root@localhost ~]# ansible-playbook --syntax-check /server/scripts/zabbix_agent_install.yml


playbook: zabbix_agent_install.yml

4、执行playbook

[root@localhost ~]# ansible-playbook /server/scripts/zabbix_agent_install.yml

zabbix客户端安装完成后，在server端创建自动发现规则，或者手动添加被监控主机

备注

由于公司出口IP为动态IP，而zabbix客户端的配置文件中需要写入server端的IP，所以需要定期检测公司的出口IP，如果IP变化后，需要修改客户端的配置文件。以下是实现方法：
通过定时脚本实时检测出口IP，如果有变化就写入本地的配置文件，然后通过上面写好的playbook，将本地的配置文件拷贝到远程被监控主机。

[root@localhost ~]# vi /server/scripts/check_wan_ip.sh
#!/bin/bash
WAN_IP=`curl cip.cc|awk '/http/{print}'|awk -F "/" '{print $4}'`
OLD_IP=`cat /server/scripts/wan_ip`
if [ ${WAN_IP} != ${OLD_IP} ];then
   echo $WAN_IP > /server/scripts/wan_ip
   ansible-playbook /server/scripts/zabbix_agent_install.yml > /dev/null 2>&1
fi