Kubernetes 集群搭建 Zabbix 监控平台详细指南
一、环境准备
1.1 先决条件
# 确认集群状态
kubectl cluster-info
kubectl get nodes
# 确认存储类可用
kubectl get storageclass
1.2 创建专用命名空间
# zabbix-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: zabbix
labels:
name: zabbix
kubectl apply -f zabbix-namespace.yaml
二、部署 MySQL/MariaDB 数据库
2.1 创建数据库配置
# mysql-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: mysql-secret
namespace: zabbix
type: Opaque
data:
# echo -n 'password' | base64
mysql-root-password: cGFzc3dvcmQ= # password
mysql-password: cGFzc3dvcmQ= # password
# mysql-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: mysql-config
namespace: zabbix
data:
my.cnf: |
[mysqld]
character-set-server=utf8mb4
collation-server=utf8mb4_bin
innodb_file_per_table=1
innodb_log_file_size=512M
innodb_buffer_pool_size=1G
max_connections=500
max_allowed_packet=64M
2.2 部署 MySQL StatefulSet
# mysql-statefulset.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mysql
namespace: zabbix
spec:
serviceName: mysql
replicas: 1
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:8.0
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: mysql-root-password
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: mysql-password
- name: MYSQL_DATABASE
value: zabbix
- name: MYSQL_USER
value: zabbix
ports:
- containerPort: 3306
volumeMounts:
- name: mysql-config
mountPath: /etc/mysql/conf.d
- name: mysql-data
mountPath: /var/lib/mysql
resources:
requests:
memory: "1Gi"
cpu: "500m"
limits:
memory: "2Gi"
cpu: "1000m"
volumes:
- name: mysql-config
configMap:
name: mysql-config
volumeClaimTemplates:
- metadata:
name: mysql-data
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 20Gi
# mysql-service.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql
namespace: zabbix
spec:
selector:
app: mysql
ports:
- port: 3306
targetPort: 3306
clusterIP: None # Headless service
三、部署 Zabbix Server
3.1 创建 Zabbix Server 配置
# zabbix-server-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: zabbix-secret
namespace: zabbix
type: Opaque
data:
# echo -n 'Admin' | base64
zabbix-admin-user: QWRtaW4=
# echo -n 'zabbix' | base64
zabbix-admin-password: emFiYml4
3.2 部署 Zabbix Server
# zabbix-server-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: zabbix-server
namespace: zabbix
labels:
app: zabbix-server
spec:
replicas: 1
selector:
matchLabels:
app: zabbix-server
template:
metadata:
labels:
app: zabbix-server
spec:
containers:
- name: zabbix-server
image: zabbix/zabbix-server-mysql:ubuntu-6.4-latest
env:
- name: DB_SERVER_HOST
value: "mysql.zabbix.svc.cluster.local"
- name: MYSQL_DATABASE
value: "zabbix"
- name: MYSQL_USER
value: "zabbix"
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: mysql-password
- name: ZBX_LISTENPORT
value: "10051"
ports:
- containerPort: 10051
name: server
resources:
requests:
memory: "1Gi"
cpu: "500m"
limits:
memory: "2Gi"
cpu: "1000m"
livenessProbe:
tcpSocket:
port: 10051
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
tcpSocket:
port: 10051
initialDelaySeconds: 5
periodSeconds: 5
volumeMounts:
- name: zabbix-export
mountPath: /var/lib/zabbix/export
volumes:
- name: zabbix-export
persistentVolumeClaim:
claimName: zabbix-server-pvc
# zabbix-server-service.yaml
apiVersion: v1
kind: Service
metadata:
name: zabbix-server
namespace: zabbix
spec:
selector:
app: zabbix-server
ports:
- name: server
port: 10051
targetPort: 10051
type: ClusterIP
四、部署 Zabbix Web UI
4.1 部署 Zabbix Web
# zabbix-web-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: zabbix-web
namespace: zabbix
labels:
app: zabbix-web
spec:
replicas: 2
selector:
matchLabels:
app: zabbix-web
template:
metadata:
labels:
app: zabbix-web
spec:
containers:
- name: zabbix-web
image: zabbix/zabbix-web-apache-mysql:ubuntu-6.4-latest
env:
- name: ZBX_SERVER_HOST
value: "zabbix-server"
- name: DB_SERVER_HOST
value: "mysql.zabbix.svc.cluster.local"
- name: MYSQL_DATABASE
value: "zabbix"
- name: MYSQL_USER
value: "zabbix"
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: mysql-password
- name: PHP_TZ
value: "Asia/Shanghai"
ports:
- containerPort: 8080
name: web
resources:
requests:
memory: "512Mi"
cpu: "250m"
limits:
memory: "1Gi"
cpu: "500m"
readinessProbe:
httpGet:
path: /
port: 8080
initialDelaySeconds: 10
periodSeconds: 10
# zabbix-web-service.yaml
apiVersion: v1
kind: Service
metadata:
name: zabbix-web
namespace: zabbix
spec:
selector:
app: zabbix-web
ports:
- name: http
port: 80
targetPort: 8080
type: ClusterIP
4.2 创建 Ingress 对外暴露
# zabbix-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: zabbix-ingress
namespace: zabbix
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/proxy-body-size: "50m"
spec:
ingressClassName: nginx
rules:
- host: zabbix.example.com # 修改为你的域名
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: zabbix-web
port:
number: 80
五、部署 Zabbix Agent(监控 Kubernetes 节点)
5.1 创建 DaemonSet 监控节点
# zabbix-agent-daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: zabbix-agent
namespace: zabbix
labels:
app: zabbix-agent
spec:
selector:
matchLabels:
app: zabbix-agent
template:
metadata:
labels:
app: zabbix-agent
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: zabbix-agent
image: zabbix/zabbix-agent2:ubuntu-6.4-latest
env:
- name: ZBX_HOSTNAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: ZBX_SERVER_HOST
value: "zabbix-server.zabbix.svc.cluster.local"
- name: ZBX_ACTIVE_ALLOW
value: "true"
securityContext:
privileged: true
runAsUser: 0
ports:
- containerPort: 10050
name: agent
hostPort: 10050
volumeMounts:
- name: host-root
mountPath: /host
readOnly: true
- name: docker-socket
mountPath: /var/run/docker.sock
readOnly: true
- name: kubelet-socket
mountPath: /var/lib/kubelet
readOnly: true
volumes:
- name: host-root
hostPath:
path: /
- name: docker-socket
hostPath:
path: /var/run/docker.sock
- name: kubelet-socket
hostPath:
path: /var/lib/kubelet
tolerations:
- effect: NoSchedule
operator: Exists
六、存储配置(可选)
6.1 创建 PVC
# zabbix-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: zabbix-server-pvc
namespace: zabbix
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: standard # 修改为你的存储类
七、一键部署脚本
#!/bin/bash
# deploy-zabbix.sh
# 创建命名空间
kubectl apply -f zabbix-namespace.yaml
# 创建 Secrets
kubectl apply -f mysql-secret.yaml
kubectl apply -f zabbix-server-secret.yaml
# 部署存储
kubectl apply -f zabbix-pvc.yaml
# 部署数据库
kubectl apply -f mysql-configmap.yaml
kubectl apply -f mysql-service.yaml
kubectl apply -f mysql-statefulset.yaml
# 等待数据库就绪
echo "等待MySQL数据库启动..."
kubectl wait --for=condition=ready pod -l app=mysql -n zabbix --timeout=300s
# 部署Zabbix Server
kubectl apply -f zabbix-server-service.yaml
kubectl apply -f zabbix-server-deployment.yaml
# 部署Zabbix Web
kubectl apply -f zabbix-web-service.yaml
kubectl apply -f zabbix-web-deployment.yaml
# 部署Zabbix Agent
kubectl apply -f zabbix-agent-daemonset.yaml
# 部署Ingress(如果需要)
# kubectl apply -f zabbix-ingress.yaml
echo "部署完成!"
echo "Web访问地址:"
echo "集群内:http://zabbix-web.zabbix.svc.cluster.local"
echo "通过NodePort查看端口:kubectl get svc -n zabbix zabbix-web"
八、验证部署
# 检查所有Pod状态
kubectl get pods -n zabbix -o wide
# 检查服务状态
kubectl get svc -n zabbix
# 查看日志
kubectl logs -f deployment/zabbix-server -n zabbix
kubectl logs -f deployment/zabbix-web -n zabbix
# 访问Web界面
# 默认用户名:Admin
# 默认密码:zabbix
九、高级配置选项
9.1 启用自动发现
在 Zabbix Web 界面配置:
配置 → 自动发现 → 创建发现规则
配置网络发现规则
配置自动注册动作
9.2 配置 Kubernetes 监控
# zabbix-agent-service.yaml(为Agent创建Service)
apiVersion: v1
kind: Service
metadata:
name: zabbix-agent
namespace: zabbix
annotations:
prometheus.io/scrape: 'true'
prometheus.io/port: '10050'
spec:
selector:
app: zabbix-agent
ports:
- name: agent
port: 10050
targetPort: 10050
type: ClusterIP
9.3 配置告警通知
在 Zabbix Web 界面:
管理 → 报警媒介类型
配置邮件、Slack、Webhook等通知方式
配置告警动作
十、清理资源
# 删除整个命名空间(包括所有资源)
kubectl delete namespace zabbix
# 保留数据删除部署
kubectl delete -f zabbix-ingress.yaml
kubectl delete -f zabbix-agent-daemonset.yaml
kubectl delete -f zabbix-web-deployment.yaml
kubectl delete -f zabbix-server-deployment.yaml
kubectl delete -f mysql-statefulset.yaml
注意事项:
生产环境建议使用高可用数据库(如Percona集群)
根据实际需求调整资源限制
定期备份数据库
配置Ingress SSL/TLS加密
设置合适的监控指标和告警阈值
考虑使用持久化存储确保数据安全
