[[380116]]

本文轉(zhuǎn)載自微信公眾號「DBA閑思雜想錄」，作者瀟湘隱者。轉(zhuǎn)載本文請聯(lián)系DBA閑思雜想錄公眾號。   

Zabbix 5.*默認自帶了模板Template Module ICMP Ping。它用來監(jiān)控主機或設(shè)備的存活狀態(tài)以及網(wǎng)絡(luò)情況，主要是監(jiān)控丟包率和響應(yīng)時間兩個指標。Template Module ICMP Ping模板有三個item，如下截圖所示：

Template Module ICMP Ping的配置

1：檢查或安裝fping

Zabbix使用外部命令fping處理ICMP ping的請求，而不是ping命令，而fping不包含在Zabbix的發(fā)行版本中。所以需要額外安裝fping命令的相關(guān)包。

檢查是否安裝了fping命令：

[root@Zabbix ~]# yum list installed | grep fpingfping.x86_64 3.16-1.el8 @zabbix-non-supported

如果沒有安裝過fping，就必須安裝fping。如果沒有配置yum源的話，需要用其它方式安裝，例如可以下載安裝包進行RPM安裝，此處略過。

#yum install fping -y

由于fping默認是root權(quán)限工作，而Zabbix Proxy 或Zabbix Server是zabbix用戶運行的，所以需要對fping程序設(shè)置setuid權(quán)限，如果在自定義key的時候需要用到netstat命令，也同樣要設(shè)置setuid，否則不能獲取到數(shù)據(jù)，而日志中提示權(quán)拒絕。

# locate fping/usr/sbin/fping/usr/sbin/fping6/usr/share/doc/fping/usr/share/doc/fping/COPYING/usr/share/doc/fping/ChangeLog/usr/share/doc/fping/README/usr/share/man/man8/fping.8.gz/usr/share/man/man8/fping6.8.gz#chown root:zabbix /usr/sbin/fping#chmod 4710 /usr/sbin/fping

2：在Zabbix Server和Zabbix Proxy端的配置文件里面打開注釋

在zabbix_server.conf或zabbix_proxy.conf中把FpingLocation或Fping6Location路徑修改為剛安裝的fping命令的路徑。如果安裝路徑和配置文件中FpingLocation/Fping6Location默認的路徑一致，其實也可以不用修改。

默認設(shè)置如下所示：

### Option: FpingLocation# Location of fping.# Make sure that fping binary has root ownership and SUID flag set.## Mandatory: no# Default:# FpingLocation=/usr/sbin/fping ### Option: Fping6Location# Location of fping6.# Make sure that fping6 binary has root ownership and SUID flag set.# Make empty if your fping utility is capable to process IPv6 addresses.## Mandatory: no# Default:# Fping6Location=/usr/sbin/fping6

3：引用模板

在被監(jiān)控的主機或設(shè)備上應(yīng)用這個模板，或者在其他模板中引用這個模板(很多翻譯是“鏈接的模板”，個人感覺這個翻譯怪怪的)，如下所示，在Template OS Windows by Zabbix agent中引用了Template Module ICMP Ping模板，那么只要應(yīng)用模板Template OS Windows by Zabbix agent 就會監(jiān)控主機或設(shè)備了。

Template Module ICMP Ping的選項介紹

在被監(jiān)控的主機或設(shè)備上對應(yīng)的“最新數(shù)據(jù)”(Latest data)——“Status”下面有三個監(jiān)控項

ICMP loss

ICMP ping

ICMP response time

關(guān)于這些item的key，可以參考官方文檔，下面節(jié)選部分內(nèi)容如下：

Defaults, limits and description of values for ICMP check parameters:

ParameterUnitDescriptionFping's flagDefaults set byAllowed limits

by Zabbix

fpingZabbixminmax

packetsnumbernumber of request packets to a target-C

3110000

intervalmillisecondstime to wait between successive packets-p1000

20unlimited

sizebytespacket size in bytes

56 bytes on x86, 68 bytes on x86_64-b56 or 68

2465507

timeoutmillisecondsfping v3.x - timeout to wait after last packet sent, affected by -C flag

fping v4.x - individual timeout for each packet-tfping v3.x - 500

fping v4.x - inherited from -p flag, but not more than 2000

50unlimited

In addition Zabbix uses fping options -i interval ms (do not mix up with the item parameter interval mentioned in the table above, which corresponds to fping option -p) and -S source IP address (or -I in older fping versions). Those options are auto-detected by running checks with different option combinations. Zabbix tries to detect the minimal value in milliseconds that fping allows to use with -i by trying 3 values: 0, 1 and 10. The value that first succeeds is then used for subsequent ICMP checks. This process is done by each ICMP pinger process individually.

Auto-detected fping options are invalidated every hour and detected again on the next attempt to perform ICMP check. Set DebugLevel>=4 in order to view details of this process in the server or proxy log file.

Warning: fping defaults can differ depending on platform and version - if in doubt, check fping documentation.

Zabbix writes IP addresses to be checked by any of three icmpping* keys to a temporary file, which is then passed to fping. If items have different key parameters, only ones with identical key parameters are written to a single file.

All IP addresses written to the single file will be checked by fping in parallel, so Zabbix icmp pinger process will spend fixed amount of time disregarding the number of IP addresses in the file.

ICMP loss掉包的案例截圖：

ICMP ping掉包的案例截圖

ICMP response time 就是時延或者響應(yīng)時間

參考資料：

https://www.zabbix.com/documentation/current/manual/config/items/itemtypes/simple_checks#icmp_pings