Zabbix Autoregistration - ZCP Day 3 PDF

Autoregistration 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved 30 minutes 4 AUTOREGISTRATION New active agent hosts can be added without configuring them manually Useful for cloud-like and dynamic environments Hosts are created automatically based on both Data received from host Action configuration Autoregistration is supported by Zabbix Server and Proxies Autoregistration can be encrypted Hostname, Metadata Autoregistration Condition Host name = Hostname Metadata = Linux Operation Create Host Assign Template New device arrives 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved Theory 5 USING HOST METADATA Host's metadata can be used to send information from Zabbix agent OS, installed software, location, etc. Host's metadata is configured in the agent configuration file Two ways of specifying host metadata: HostMetadata and HostMetadataItem HostMetadataItem is only used when HostMetadata is not defined Examples: HostMetadata=Linux, Apache, MySQL Result: Linux, Apache, MySQL HostMetadataItem=system.uname Result: Linux server1.zabbix.com 3.10.0-514.10.2.el7.x86_64 … HostMetadataItem=system.run[uname] Result: Linux 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved Theory 6 USING HOST INTERFACE HostInterface parameter can be used to specify custom value for the host interface If the host should be autoregistered with a DNS name rather than its IP address, the DNS name should be specified or returned as the value If the value of one of the two parameters changes, the interface of autoregistered host is updated Useful for monitoring of added hosts with passive checks Two ways to specify host's interface: HostInterface and HostInterfaceItem HostInterfaceItem is only used when HostInterface is not defined Examples: HostInterface=dbserver1.zabbix.lan HostInterfaceItem=system.hostname 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved Theory 7 AUTOREGISTRATION NOTES An attempt happens every time when active agent updates configuration: Configuration request on startup Configuration update every 2 minutes by default At least one autoregistration action must be enabled: Event source for an action must be “Autoregistration” Action conditions must match to the received metadata Auto de-registration actions can also be created Based on received metadata, a host can be removed The lost hosts are not removed automatically They can be deleted manually or by using API scripts 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved Theory 8 AUTOREGISTRATION EXECUTION Autoregistration is executed only: When a previously unknown active agent asks for a configuration New Zabbix agent is installed and started Hostname has been changed in the existing agent configuration If the host metadata information changes: HostMetadata was changed and the agent has been restarted Value returned by HostMetadataItem is changed If autoregistration attempt for an existing host comes from a different Zabbix proxy: ServerActive configuration parameter has been changed in the agent configuration If a host was manually moved to another proxy in Zabbix frontend, it would be registered back ! If action operations are changed - auto-registration action must be triggered again 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved Theory 9 AUTOREGISTRATION ACTION CONDITIONS Action conditions Host name / Metadata Match / does not match Contains / does not contain Proxy Equals / does not equal Type of calculation And Or And / Or Custom 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved Theory 10 AUTOREGISTRATION ACTION OPERATIONS Flexible operations during registration Add / Remove host Assign / Unassign host group Link / Unlink templates Send message To user To user group Remote command On Zabbix server, agent or proxy On current or another host Enable / Disable host Set host inventory mode Automatic, manual or disabled This overrides global inventory mode ! No option to control step execution order 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved Theory 11 HOW TO AUTOREGISTER HOST Create Autoregistration action: Define matching action conditions Define operations (create host, link template etc.): "Add to host group" operation will create new host automatically In this case, operation "Add host" can be omitted Set up Zabbix Agent in active mode: Install Zabbix agent Configure agent parameters (ServerActive, Hostname) Optionally specify additional parameters HostMetadata or HostMetadataItem HostInterface or HostInterfaceItem Start the agent: Autoregistration events are generated on Zabbix Server Action reacts to these events and executes operations 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved Theory 12 AUTOREGISTRATION OF PASSIVE CHECKS Active agent autoregistration also supports registering the hosts with passive checks. Agent sends the following configuration parameters ListenIP (If not specified, then, IP of incoming connection is used) ListenPort (10050 by default) HostInterface or HostInterfaceItem Template with Zabbix Agent passive checks can be linked by action Host is autoregistered, but monitoring is performed using passive checks Zabbix Agent ### Active checks related section Hostname = Production DB ServerActive = <Zabbix server IP> HostInterface = db.prod.local Zabbix Server Autoregistration Passive checks Autoregistration Action: Add to host group Link template (passive checks) ### Passive checks related section Server = <Zabbix server IP> ! Add to host group operation includes Add host 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved Theory 13 ENCRYPTION A secure autoregistration is possible by configuring PSK-based authentication. Initial registration request is already encrypted Authentication by PSK is verified by Zabbix server before adding a host Autoregistration settings can be defined to accept requests using: No encryption PSK authentication only Both modes If successful: The host is added Connections from/to the host are set to 'PSK' The identity/pre-shared key is the same as in the global autoregistration setting ! If a host is registered through Zabbix Proxy, Server-Proxy connection should also be secured 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved Theory 14 PRACTICAL SETUP 1) Setup PSK auto-registration options: PSK identity: Zabbix training PSK key: 9ff4efc7b866918b33e33a5d09332adf 2) Create an "Auto registration " action: Condition: HostMetadata match=Training Add the registered hosts to the "Training/Servers" host group Link template: "Zabbix agent active" 3) Configure agent: Add all the training VM (including trainer) IPs to "ServerActive=" Hostname=Training-VM-XX HostMetadata=Training HostInterfaceItem=system.hostname Configure TLSPSK options 4) Check the "Hosts" for the registered agents: All the training servers must be autoregistered Fix encryption settings for the previously created hosts 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved 20 minutes Practical task No: 18 15 Network Discovery 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved 30 minutes 16 NETWORK DISCOVERY Zabbix offers network discovery functionality that is effective and very flexible. Speeds up deployment: Scans the network segments to detect monitored services Gets the templates assigned based on discovery results Makes administration easier: Discovery actions will be performed automatically Supports dynamic environments: Hosts are created or removed automatically based on discovery results Network discovery Condition Service = SSH Device status = up Uptime = 3600s Action Add to Host group Assign Template Network scan New device arrives i https://www.zabbix.com/documentation/6.0/manual/discovery/network_discovery 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved Theory 17 NETWORK DISCOVERY - HOW IT WORKS Zabbix periodically scans IP ranges defined in the network discovery rule: Scanning frequency is configurable for each rule individually For each rule, one or multiple checks can be defined Zabbix agent ,SNMP, TCP port etc. Once a host or a service is discovered, a discovery event (or several events) are generated: Discovered Lost Up Down Service/host is discovered for the first time or is up after a downtime Service/host is down after being up Every time service/host is detected Every time the service/host cannot be detected Based on events, one or multiple discovery actions are executed: Create / Remove host Add / Remove from a host group Link / Unlink Template Send message 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved Theory 18 DISCOVERY CONFIGURATION Creation of New Discovery rule: Name Proxy IP ranges Comma separated list CIDR notation supported Update interval Device uniqueness criteria Hostname Visible name Checks: Information from Zabbix agent Information from SNMP Availability of external services FTP, SSH, WEB, POP3, IMAP, TCP, etc. 6.0 Certified Professional ● Day 3 © 2023 by Zabbix. All rights reserved Theory 19 HOW NETWORK DISCOVERY WORKS Each time a service is detected as Up or Down, new events are generated: Events are generated for a host and additionally for each service Normally only "Up" or "Down" events are generated "Discovered" + "Up" and "Lost" + "Down" events are generated when discovery status changes Discovery rule looks for both HTTP and SSH services in the example below: Service events Device events WEB server At least one service up 1 HTTP service events SSH service events Up 1 Discovered Up 1 1 Up 0 Lost Down 1 Up 1 Up 1 Discovered Up 1 Up Down 0 Lost Down 0 Down 0 Down 0 Up 0 Down 1 Up 1 Up 1 All services down 0 At least one service up 1 Discovered Lost 0 Discovered 1 6.0 Certified Professional ● Day 3 Discovered © 2023 by Zabbix. All rights reserved Discovered Lost Up Down Down Discovered Up Up Theory 20

Zabbix Autoregistration - ZCP Day 3 PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue