[Zabbix] Vyos 설치 및 Zabbix 연동

1. vyos를 설치한다 (vagrant로 설치)
2. Rocky8 Zabbix 6.4 서버에 vyOS를 연동한다.

Zabbix서버 테스트 및 설치환경

구분	Vagrant로 설치	IP
Zabbix 서버	cfg.vm.box = "generic/rocky8" https://app.vagrantup.com/generic/boxes/rocky8	192.168.56.220
vyOS	cfg.vm.box = "vyos/current" https://app.vagrantup.com/vyos/boxes/current	192.168.56.235

 

• Zabbix서버 Vagrant파일  샘플 (Vagrant 설치방법은 https://hwpform.tistory.com/category/vagrant) 참조
• cfg.vm.box 값( https://app.vagrantup.com/vyos/boxes/current ) 말고는 본인의 PC 환경에 맞게 수정 하면됨

VyOs 설치  / HOST 이름을 vyos253으로 함

• Vagrantfile

# -*- mode: ruby -*-
# vi: set ft=ruby :

Vagrant.configure("2") do |config|
  config.vm.define "vyos_current" do |cfg|
    cfg.vm.box = "vyos/current"
    cfg.vm.provider "virtualbox" do |vb|
      vb.name = "vyos253"
     vb.customize ["modifyvm", :id, "--groups", "/default_group"]
    end
    cfg.vm.host_name = "vyos253"
    cfg.vm.network "public_network", ip: "192.168.56.253"
    cfg.vm.network "forwarded_port", guest: 22, host: 60253, auto_correct: true, id: "ssh"
    cfg.vm.network "private_network", virtualbox__intnet: "eth2", auto_config: false
    cfg.vm.network "private_network", virtualbox__intnet: "eth3", auto_config: false    
    cfg.vm.synced_folder "../data", "/vagrant", disabled: true 
  end
end

• Vagrant up 

PS C:\Users\shim> vagrant up
Bringing machine 'vm_define_vyos_current' up with 'virtualbox' provider...
==> vm_define_vyos_current: Importing base box 'vyos/current'...
==> vm_define_vyos_current: Matching MAC address for NAT networking...
==> vm_define_vyos_current: Checking if box 'vyos/current' version '20240325.00.19' is up to date...
==> vm_define_vyos_current: Setting the name of the VM: vyos254
==> vm_define_vyos_current: Clearing any previously set network interfaces...
==> vm_define_vyos_current: Preparing network interfaces based on configuration...
    vm_define_vyos_current: Adapter 1: nat
    vm_define_vyos_current: Adapter 2: bridged
    vm_define_vyos_current: Adapter 3: intnet
    vm_define_vyos_current: Adapter 4: intnet
==> vm_define_vyos_current: Forwarding ports...
    vm_define_vyos_current: 22 (guest) => 2222 (host) (adapter 1)
==> vm_define_vyos_current: Booting VM...
==> vm_define_vyos_current: Waiting for machine to boot. This may take a few minutes...
    vm_define_vyos_current: SSH address: 127.0.0.1:2222
    vm_define_vyos_current: SSH username: vyos
    vm_define_vyos_current: SSH auth method: private key
    vm_define_vyos_current: Warning: Connection aborted. Retrying...
    vm_define_vyos_current: Warning: Connection reset. Retrying...
    vm_define_vyos_current: Warning: Connection reset. Retrying...
    vm_define_vyos_current: Warning: Authentication failure. Retrying...
    vm_define_vyos_current: Warning: Authentication failure. Retrying...
    vm_define_vyos_current: Warning: Authentication failure. Retrying...
    vm_define_vyos_current: Warning: Authentication failure. Retrying...
    vm_define_vyos_current: Warning: Authentication failure. Retrying...
    vm_define_vyos_current: Warning: Authentication failure. Retrying...
    vm_define_vyos_current: Warning: Authentication failure. Retrying...
    vm_define_vyos_current: Warning: Authentication failure. Retrying...
    vm_define_vyos_current: Warning: Authentication failure. Retrying...
Timed out while waiting for the machine to boot. This means that
Vagrant was unable to communicate with the guest machine within
the configured ("config.vm.boot_timeout" value) time period.

If you look above, you should be able to see the error(s) that
Vagrant had when attempting to connect to the machine. These errors
are usually good hints as to what may be wrong.

If you're using a custom box, make sure that networking is properly
working and you're able to connect to the machine. It is a common
problem that networking isn't setup properly in these boxes.
Verify that authentication configurations are also setup properly,
as well.

If the box appears to be booting properly, you may want to increase
the timeout ("config.vm.boot_timeout") value.
PS C:\Users\shim>

 

• Oracle VM 에 HOST VM vyos253생성 및 확인

• vyos253 인터페이스 어댑터 변경

- 어댑터 1 : NAT

- 어댑터 2 : 호스트 전용 어댑터

- 어댑터 3 : 내부 네트워크 

- 어댑터 4 : 내부 네트워크 

 

vyos 설정

• HOST VM vyos253 접속

• Loing id/pw는 vyos / vyos 로 접속 

login as: vyos
vyos@192.168.56.253's password:
Welcome to VyOS!

   ┌── ┐
   . VyOS 1.5-rolling-202403250019
   └ ──┘  current

 * Documentation:  https://docs.vyos.io/en/latest
 * Project news:   https://blog.vyos.io
 * Bug reports:    https://vyos.dev

You can change this banner using "set system login banner post-login" command.

VyOS is a free software distribution that includes multiple components,
you can check individual component licenses under /usr/share/doc/*/copyright
Last login: Sun Mar 31 04:06:08 2024 from 192.168.56.1
vyos@vyos:~$

 

• 위에 vagrantfile로 public Network 를 설정했으나 ip설정이 안되어 수동으로 설정함
• ssh 설정
• snmp 설정 (community) 값을 public으로 설정
• snmp 포트 161번 포트 설정

$ vyos / vyos 로 로그인

$ sudo passwd root / root 패스워드 변경    (필요한 경우 설정 root 패스워드 설정 변경)

$ configure
[edit]

# set service ssh port 22

# set service ssh disable-password-authentication

# set service ssh disable-host-validation

# set interfaces ethernet eth1 address 192.168.56.253/24

# set service snmp community public authorization ro

# set service snmp listen-address 192.168.56.254 port 161

# set service snmp v3

# commit
configuration changes to commit
[edit]

# save
[edit]

 

• 전체적인 설정 정보 확인

$ show configuration 또는 configuration 모드로 진입하여 run show configuration

# run show configuration
interfaces {
    ethernet eth0 {
        address dhcp
        hw-id 08:00:27:8d:c0:4d
        speed auto
    }
    ethernet eth1 {
        address 192.168.56.253/24
        hw-id 08:00:27:e3:05:9b
    }
    ethernet eth2 {
        hw-id 08:00:27:9b:97:43
    }
    ethernet eth3 {
        hw-id 08:00:27:5a:40:a5
    }
    loopback lo {
    }
}
service {
    ntp {
        allow-client {
            address 0.0.0.0/0
            address ::/0
        }
        server time1.vyos.net {
        }
        server time2.vyos.net {
        }
        server time3.vyos.net {
        }
    }
    snmp {
        community public {
            authorization ro
        }
        listen-address 192.168.56.253 {
            port 161
        }
        v3 {
        }
    }
    ssh {
        port 22
    }
}
system {
    config-management {
        commit-revisions 100
    }
    conntrack {
        modules {
            ftp
            h323
            nfs
            pptp
            sip
            sqlnet
            tftp
        }
    }
    console {
    }
    host-name vyos
    login {
        user vyos {
            authentication {
                encrypted-password ****************
                plaintext-password ****************
            }
        }
    }
    name-server eth0
    syslog {
        global {
            facility all {
                level notice
            }
            facility local7 {
                level debug
            }
        }
    }
}
[edit]

 

Zabbix 서버 연동 (snmp 연동)

 

• Data collection 에서 Hosts 클릭

 

• 오른쪽 상단에 Create host 클릭

 

• host 등록 - Interfaces 아래 Add -> SNMP 클릭하여 해당정보 입력
• SNMPv2 / SNMP Community는  위에서 설정한 public 또는 {$SNMP_COMMUNITY} 값 입력후 추가 또는 Update

• 추가한 vyos(253) 번이 SNMP가 녹색으로 활성화 되면 정상 동작

 

• Dashboard vyos253번에 대한 eth1 트래픽 정보 확인

 

 

vyos Template VyOS for SNMPv2 추가하기 

 

https://github.com/sever-sever/vyos-zabbix

GitHub - sever-sever/vyos-zabbix

 

• 1. 사이트 접속하여 2개의 xml 파일을 다운받는다
• Template_OS_VyOS_SNMPv2.xml, VyOS-zabbix-agent.xml

 

• 2. Zabbix  메인 홈페이지에서 Configuration => Templates => Import => Template_OS_VyOS_SNMPv2.xml 설치한다

 

• 3. vyos(253) 파일과 Templates Tag 설정

 

• 4. 추가된 Templates 를 Template Groups에 설정 

• 5. 추가된 Templates Tags 설정(vyos / vyos) 

 

• 6. vyOS Host 등록시 vyos Templates 설정한다.

• 7. 등록확인

 

• 8. Zabbix Monitoring -> Hosts 클릭하여 해당 vyos(253) Graphs 7개 생성된것을 확인 

 

• 9. 생성된 Graphs 확인