diff --git a/agent2/rhel/.dockerignore b/agent2/rhel/.dockerignore new file mode 100644 index 000000000..88a84e55a --- /dev/null +++ b/agent2/rhel/.dockerignore @@ -0,0 +1 @@ +build.sh diff --git a/agent2/rhel/Dockerfile b/agent2/rhel/Dockerfile new file mode 100644 index 000000000..9a50cce68 --- /dev/null +++ b/agent2/rhel/Dockerfile @@ -0,0 +1,143 @@ +FROM registry.access.redhat.com/ubi8/ubi +MAINTAINER Alexey Pustovalov + +ARG MAJOR_VERSION=5.0 +ARG RELEASE=3 +ARG ZBX_VERSION=${MAJOR_VERSION}.3 + +ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git +ENV ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} +ENV TINI_VERSION=v0.19.0 + +LABEL name="zabbix/zabbix-agent2-50" \ + maintainer="alexey.pustovalov@zabbix.com" \ + vendor="Zabbix LLC" \ + version="${MAJOR_VERSION}" \ + release="${RELEASE}" \ + summary="Zabbix agent" \ + description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \ + url="https://www.zabbix.com/" \ + run="docker run --name zabbix-agent2 --link zabbix-server:zabbix-server -p 10050:10050 -d registry.connect.redhat.com/zabbix/zabbix-agent2-50:${ZBX_VERSION}" \ + io.k8s.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \ + io.k8s.display-name="Zabbix Agent 2" \ + io.openshift.expose-services="10050:10050" \ + io.openshift.tags="zabbix,zabbix-agent" \ + org.label-schema.name="zabbix-agent2-rhel" \ + org.label-schema.vendor="Zabbix LLC" \ + org.label-schema.url="https://zabbix.com/" \ + org.label-schema.description="Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications" \ + org.label-schema.vcs-ref="${VCS_REF}" \ + org.label-schema.build-date="${BUILD_DATE}" \ + org.label-schema.schema-version="1.0" \ + org.label-schema.license="GPL v2.0" \ + org.label-schema.usage="https://www.zabbix.com/documentation/${MAJOR_VERSION}/manual/installation/containers" \ + org.label-schema.version="${ZBX_VERSION}" \ + org.label-schema.vcs-url="${ZBX_SOURCES}" \ + org.label-schema.docker.cmd="docker run --name zabbix-agent2 --link zabbix-server:zabbix-server -p 10050:10050 -d registry.connect.redhat.com/zabbix/zabbix-agent2-50:${ZBX_VERSION}" + +STOPSIGNAL SIGTERM + +COPY ["licenses", "/licenses"] + +RUN set -eux && INSTALL_PKGS="bash \ + tzdata \ + iputils \ + pcre \ + libcurl" && \ + REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ + dnf -y update-minimal --disablerepo "*" --enablerepo ubi-8-baseos --setopt=tsflags=nodocs \ + --security --sec-severity=Important --sec-severity=Critical && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + groupadd -g 1995 --system zabbix && \ + adduser -r --shell /sbin/nologin \ + -g zabbix -G root \ + -d /var/lib/zabbix/ -u 1997 \ + zabbix && \ + mkdir -p /etc/zabbix && \ + mkdir -p /etc/zabbix/zabbix_agentd.d && \ + mkdir -p /var/lib/zabbix && \ + mkdir -p /var/lib/zabbix/enc && \ + mkdir -p /var/lib/zabbix/modules && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini -o /sbin/tini && \ + curl -L https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc -o /tmp/tini.asc && \ + export GNUPGHOME="$(mktemp -d)" && \ + for server in $(shuf -e ha.pool.sks-keyservers.net \ + hkp://p80.pool.sks-keyservers.net:80 \ + ipv4.pool.sks-keyservers.net \ + keyserver.ubuntu.com \ + keyserver.pgp.com \ + pgp.mit.edu) ; do \ + gpg --keyserver "$server" --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 && break || : ; \ + done && \ + gpg --batch --verify /tmp/tini.asc /sbin/tini && \ + rm -r "$GNUPGHOME" /tmp/tini.asc && \ + chmod +x /sbin/tini && \ + dnf -y clean all && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +RUN set -eux && REPOLIST="rhel-8-for-x86_64-baseos-rpms,rhel-8-for-x86_64-appstream-rpms" && \ + INSTALL_PKGS="autoconf \ + automake \ + libcurl-devel \ + openssl-devel \ + openldap-devel \ + golang \ + gcc \ + pcre-devel \ + make \ + git \ + binutils" && \ + dnf -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=install_weak_deps=False --best \ + --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ + cd /tmp/ && \ + git clone ${ZBX_SOURCES} --branch ${ZBX_VERSION} --depth 1 --single-branch zabbix-${ZBX_VERSION} && \ + cd /tmp/zabbix-${ZBX_VERSION} && \ + zabbix_revision=`git rev-parse --short HEAD` && \ + sed -i "s/{ZABBIX_REVISION}/$zabbix_revision/g" src/go/pkg/version/version.go && \ + ./bootstrap.sh && \ + export CFLAGS="-fPIC -pie -Wl,-z,relro -Wl,-z,now" && \ + export GOPATH=/tmp/zabbix-${ZBX_VERSION}/go && \ + ./configure \ + --datadir=/usr/lib \ + --libdir=/usr/lib/zabbix \ + --prefix=/usr \ + --sysconfdir=/etc/zabbix \ + --prefix=/usr \ + --with-openssl \ + --enable-ipv6 \ + --enable-agent2 \ + --enable-agent \ + --silent && \ + make -j"$(nproc)" -s && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/bin/zabbix_agent2 /usr/sbin/zabbix_agent2 && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_get/zabbix_get /usr/bin/zabbix_get && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/zabbix_sender/zabbix_sender /usr/bin/zabbix_sender && \ + cp /tmp/zabbix-${ZBX_VERSION}/src/go/conf/zabbix_agent2.conf /etc/zabbix/zabbix_agent2.conf && \ + strip /usr/sbin/zabbix_agent2 && \ + strip /usr/bin/zabbix_get && \ + strip /usr/bin/zabbix_sender && \ + cd /tmp/ && \ + rm -rf /tmp/zabbix-${ZBX_VERSION}/ && \ + dnf -y history undo `dnf history list last -q | sed -n 3p |column -t | cut -d' ' -f1` && \ + dnf -y clean all && \ + chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ + chgrp -R 0 /etc/zabbix/ /var/lib/zabbix/ && \ + chmod -R g=u /etc/zabbix/ /var/lib/zabbix/ && \ + rm -rf /var/cache/yum /var/lib/yum/yumdb/* /usr/lib/udev/hwdb.d/* && \ + rm -rf /var/cache/dnf /etc/udev/hwdb.bin /root/.pki + +EXPOSE 10050/TCP 31999/TCP + +WORKDIR /var/lib/zabbix + +VOLUME ["/var/lib/zabbix/enc"] + +COPY ["docker-entrypoint.sh", "/usr/bin/"] + +ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/docker-entrypoint.sh"] + +USER 1997 + +CMD ["/usr/sbin/zabbix_agent2", "--foreground", "-c", "/etc/zabbix/zabbix_agent2.conf"] diff --git a/agent2/rhel/README.md b/agent2/rhel/README.md new file mode 100644 index 000000000..43c571dfb --- /dev/null +++ b/agent2/rhel/README.md @@ -0,0 +1,213 @@ +![logo](https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png) + +# What is Zabbix? + +Zabbix is an enterprise-class open source distributed monitoring solution. + +Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers excellent reporting and data visualisation features based on the stored data. This makes Zabbix ideal for capacity planning. + +For more information and related downloads for Zabbix components, please visit https://hub.docker.com/u/zabbix/ and https://zabbix.com + +# What is Zabbix agent 2? + +Zabbix agent 2 is deployed on a monitoring target to actively monitor local resources and applications (hard drives, memory, processor statistics etc). + +# Zabbix agent 2 images + +These are the only official Zabbix agent 2 Docker images. They are based on Alpine Linux v3.12 images. The available versions of Zabbix agent 2 are: + + Zabbix agent 2 4.4 (tags: alpine-4.4-latest, alpine-latest, latest) (unsupported) + Zabbix agent 2 4.4.* (tags: alpine-4.4.*) (unsupported) + Zabbix agent 2 5.0 (tags: alpine-5.0-latest) + Zabbix agent 2 5.0.* (tags: alpine-5.0.*) + Zabbix agent 2 5.2 (tags: alpine-trunk) + +Images are updated when new releases are published. The image with ``latest`` tag is based on Alpine Linux. + +# How to use this image + +## Start `zabbix-agent2` + +Start a Zabbix agent 2 container as follows: + + docker run --name some-zabbix-agent -e ZBX_HOSTNAME="some-hostname" -e ZBX_SERVER_HOST="some-zabbix-server" -d zabbix/zabbix-agent2:tag + +Where `some-zabbix-agent2` is the name you want to assign to your container, `some-hostname` is the hostname, it is Hostname parameter in Zabbix agent 2 configuration file, `some-zabbix-server` is IP or DNS name of Zabbix server or proxy and `tag` is the tag specifying the version you want. See the list above for relevant tags, or look at the [full list of tags](https://hub.docker.com/r/zabbix/zabbix-agent2/tags/). + +## Connects from Zabbix server or Zabbix proxy in other containers (Passive checks) + +This image exposes the standard Zabbix agent 2 port (``10050``) to perform passive checks, so container linking makes Zabbix agent 2 instance available to Zabbix server and Zabbix proxy containers. Start your application container like this in order to link it to the Zabbix agent 2 container: + +```console +$ docker run --name some-zabbix-server --link some-zabbix-agent:zabbix-agent2 -d zabbix/zabbix-server:latest +``` + +## Connect to Zabbix server or Zabbix proxy containers (Active checks) + +This image supports perform active checks, so container linking makes Zabbix server and Zabbix proxy containers available to Zabbix agent 2 instance. Start your application container like this in order to link Zabbix agent 2 to Zabbix server or Zabbix proxy containterns: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -d zabbix/zabbix-agent2:latest +``` + +## Container shell access and viewing Zabbix agent 2 logs + +The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `zabbix-agent2` container: + +```console +$ docker exec -ti some-zabbix-agent /bin/bash +``` + +The Zabbix agent 2 log is available through Docker's container log: + +```console +$ docker logs some-zabbix-agent +``` + +## Privileged mode + +By default, Docker containers are "unprivileged" and do not have access to the most of host resources. Zabbix agent 2 is designed to monitor system resources, to do that Zabbix agent 2 container must be privileged or you may mount some system-wide volumes. For example: + +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server --privileged -d zabbix/zabbix-agent2:latest +``` +```console +$ docker run --name some-zabbix-agent --link some-zabbix-server:zabbix-server -v /dev/sdc:/dev/sdc -d zabbix/zabbix-agent2:latest +``` + +## Environment Variables + +When you start the `zabbix-agent2` image, you can adjust the configuration of the Zabbix agent 2 by passing one or more environment variables on the `docker run` command line. + +### `ZBX_HOSTNAME` + +This variable is unique, case sensitive hostname. By default, value is `hostname` of the container. It is ``Hostname`` parameter in ``zabbix_agent2.conf``. + +### `ZBX_SERVER_HOST` + +This variable is IP or DNS name of Zabbix server or Zabbix proxy. By default, value is `zabbix-server`. It is ``Server`` parameter in ``zabbix_agent2.conf``. It is allowed to specify Zabbix server or Zabbix proxy port number using ``ZBX_SERVER_PORT`` variable. It make sense in case of non-default port for active checks. + +### `ZBX_PASSIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of passive checks. By default, value is `true`. + +### `ZBX_PASSIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. + +### `ZBX_ACTIVE_ALLOW` + +This variable is boolean (``true`` or ``false``) and enables or disables feature of active checks. By default, value is `true`. + +### `ZBX_ACTIVESERVERS` + +The variable is comma separated list of allowed Zabbix server or proxy hosts for connections to Zabbix agent 2 container. You may specify port of Zabbix server or Zabbix proxy in such syntax: ``zabbix-server:10061,zabbix-proxy:10072``. + +### `ZBX_DEBUGLEVEL` + +The variable is used to specify debug level. By default, value is ``3``. It is ``DebugLevel`` parameter in ``zabbix_agent2.conf``. Allowed values are listed below: +- ``0`` - basic information about starting and stopping of Zabbix processes; +- ``1`` - critical information +- ``2`` - error information +- ``3`` - warnings +- ``4`` - for debugging (produces lots of information) +- ``5`` - extended debugging (produces even more information) + +### `ZBX_TIMEOUT` + +The variable is used to specify timeout for processing checks. By default, value is ``3``. + +### Other variables + +Additionally the image allows to specify many other environment variables listed below: + +``` +ZBX_ENABLEPERSISTENTBUFFER=false # Available since 5.0.0 +ZBX_PERSISTENTBUFFERPERIOD=1h # Available since 5.0.0 +ZBX_ENABLESTATUSPORT= +ZBX_SOURCEIP= +ZBX_ENABLEREMOTECOMMANDS=0 # Deprecated since 5.0.0 +ZBX_LOGREMOTECOMMANDS=0 +ZBX_STARTAGENTS=3 +ZBX_HOSTNAMEITEM=system.hostname +ZBX_METADATA= +ZBX_METADATAITEM= +ZBX_REFRESHACTIVECHECKS=120 +ZBX_BUFFERSEND=5 +ZBX_BUFFERSIZE=100 +ZBX_MAXLINESPERSECOND=20 +ZBX_LISTENIP= +ZBX_UNSAFEUSERPARAMETERS=0 +ZBX_TLSCONNECT=unencrypted +ZBX_TLSACCEPT=unencrypted +ZBX_TLSCAFILE= +ZBX_TLSCRLFILE= +ZBX_TLSSERVERCERTISSUER= +ZBX_TLSSERVERCERTSUBJECT= +ZBX_TLSCERTFILE= +ZBX_TLSKEYFILE= +ZBX_TLSPSKIDENTITY= +ZBX_TLSPSKFILE= +ZBX_DENYKEY=system.run[*] # Available since 5.0.0 +ZBX_ALLOWKEY= # Available since 5.0.0 +``` + +Default values of these variables are specified after equal sign. + +The allowed variables are identical of parameters in official ``zabbix_agent2.conf`` configuration file. For example, ``ZBX_REFRESHACTIVECHECKS`` = ``RefreshActiveChecks``. + +Please use official documentation for [``zabbix_agent2.conf``](https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_agent2) to get more information about the variables. + +## Allowed volumes for the Zabbix agent 2 container + +### ``/etc/zabbix/zabbix_agentd.d`` + +The volume allows include ``*.conf`` files and extend Zabbix agent 2 using ``UserParameter`` feature. + +### ``/var/lib/zabbix/enc`` + +The volume is used to store TLS related files. These file names are specified using ``ZBX_TLSCAFILE``, ``ZBX_TLSCRLFILE``, ``ZBX_TLSKEY_FILE`` and ``ZBX_TLSPSKFILE`` variables. + +### ``/var/lib/zabbix/buffer`` + +The volume is used to store the file, where Zabbix Agent2 should keep SQLite database. To enable the feature specify ``ZBX_ENABLEPERSISTENTBUFFER=true``. Available since 5.0.0. + +# The image variants + +The `zabbix-agent2` images come in many flavors, each designed for a specific use case. + +## `zabbix-agent2:alpine-` + +This image is based on the popular [Alpine Linux project](http://alpinelinux.org), available in [the `alpine` official image](https://hub.docker.com/_/alpine). Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general. + +This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](http://www.musl-libc.org) instead of [glibc and friends](http://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. + +To minimize image size, it's uncommon for additional related tools (such as `git` or `bash`) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the [`alpine` image description](https://hub.docker.com/_/alpine/) for examples of how to install packages if you are unfamiliar). + +# Supported Docker versions + +This image is officially supported on Docker version 1.12.0. + +Support for older versions (down to 1.6) is provided on a best-effort basis. + +Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon. + +# User Feedback + +## Documentation + +Documentation for this image is stored in the [`agent2/` directory](https://github.com/zabbix/zabbix-docker/tree/4.4/agent2) of the [`zabbix/zabbix-docker` GitHub repo](https://github.com/zabbix/zabbix-docker/). Be sure to familiarize yourself with the [repository's `README.md` file](https://github.com/zabbix/zabbix-docker/blob/master/README.md) before attempting a pull request. + +## Issues + +If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues). + +### Known issues + +Currently it is not allowed to specify ``ZBX_ALIAS`` environment variable. Please use ``/etc/zabbix/zabbix_agent.d`` volume with additional configuration files with ``Alias`` options. + +## Contributing + +You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. + +Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/zabbix/zabbix-docker/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing. diff --git a/agent2/rhel/build.sh b/agent2/rhel/build.sh new file mode 120000 index 000000000..fcb4d4ee7 --- /dev/null +++ b/agent2/rhel/build.sh @@ -0,0 +1 @@ +../../build.sh \ No newline at end of file diff --git a/agent2/rhel/docker-entrypoint.sh b/agent2/rhel/docker-entrypoint.sh new file mode 100755 index 000000000..5cad1e570 --- /dev/null +++ b/agent2/rhel/docker-entrypoint.sh @@ -0,0 +1,217 @@ +#!/bin/bash + +set -o pipefail + +set +e + +# Script trace mode +if [ "${DEBUG_MODE}" == "true" ]; then + set -o xtrace +fi + +# Default Zabbix installation name +# Default Zabbix server host +: ${ZBX_SERVER_HOST:="zabbix-server"} +# Default Zabbix server port number +: ${ZBX_SERVER_PORT:="10051"} + +# Default directories +# User 'zabbix' home directory +ZABBIX_USER_HOME_DIR="/var/lib/zabbix" +# Configuration files directory +ZABBIX_ETC_DIR="/etc/zabbix" + +escape_spec_char() { + local var_value=$1 + + var_value="${var_value//\\/\\\\}" + var_value="${var_value//[$'\n']/}" + var_value="${var_value//\//\\/}" + var_value="${var_value//./\\.}" + var_value="${var_value//\*/\\*}" + var_value="${var_value//^/\\^}" + var_value="${var_value//\$/\\\$}" + var_value="${var_value//\&/\\\&}" + var_value="${var_value//\[/\\[}" + var_value="${var_value//\]/\\]}" + + echo "$var_value" +} + +update_config_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + local is_multiple=$4 + + local masklist=("TLSPSKIdentity") + + if [ ! -f "$config_path" ]; then + echo "**** Configuration file '$config_path' does not exist" + return + fi + + if [[ " ${masklist[@]} " =~ " $var_name " ]] && [ ! -z "$var_value" ]; then + echo -n "** Updating '$config_path' parameter \"$var_name\": '****'. Enable DEBUG_MODE to view value ..." + else + echo -n "** Updating '$config_path' parameter \"$var_name\": '$var_value'..." + fi + + # Remove configuration parameter definition in case of unset parameter value + if [ -z "$var_value" ]; then + sed -i -e "/^$var_name=/d" "$config_path" + echo "removed" + return + fi + + # Remove value from configuration parameter in case of double quoted parameter value + if [ "$var_value" == '""' ]; then + sed -i -e "/^$var_name=/s/=.*/=/" "$config_path" + echo "undefined" + return + fi + + # Use full path to a file for TLS related configuration parameters + if [[ $var_name =~ ^TLS.*File$ ]]; then + var_value=$ZABBIX_USER_HOME_DIR/enc/$var_value + fi + + # Escaping characters in parameter value and name + var_value=$(escape_spec_char "$var_value") + var_name=$(escape_spec_char "$var_name") + + if [ "$(grep -E "^$var_name=" $config_path)" ] && [ "$is_multiple" != "true" ]; then + sed -i -e "/^$var_name=/s/=.*/=$var_value/" "$config_path" + echo "updated" + elif [ "$(grep -Ec "^# $var_name=" $config_path)" -gt 1 ]; then + sed -i -e "/^[#;] $var_name=$/i\\$var_name=$var_value" "$config_path" + echo "added first occurrence" + elif [ "$(grep -Ec "^[#;] $var_name=" $config_path)" -gt 0 ]; then + sed -i -e "/^[#;] $var_name=/s/.*/&\n$var_name=$var_value/" "$config_path" + echo "added" + else + sed -i -e '$a\' -e "$var_name=$var_value" "$config_path" + echo "added at the end" + fi + +} + +update_config_multiple_var() { + local config_path=$1 + local var_name=$2 + local var_value=$3 + + var_value="${var_value%\"}" + var_value="${var_value#\"}" + + local IFS=, + local OPT_LIST=($var_value) + + for value in "${OPT_LIST[@]}"; do + update_config_var $config_path $var_name $value true + done +} + +prepare_zbx_agent_config() { + echo "** Preparing Zabbix agent configuration file" + ZBX_AGENT_CONFIG=$ZABBIX_ETC_DIR/zabbix_agent2.conf + + : ${ZBX_PASSIVESERVERS:=""} + : ${ZBX_ACTIVESERVERS:=""} + + [ -n "$ZBX_PASSIVESERVERS" ] && ZBX_PASSIVESERVERS=","$ZBX_PASSIVESERVERS + + ZBX_PASSIVESERVERS=$ZBX_SERVER_HOST$ZBX_PASSIVESERVERS + + [ -n "$ZBX_ACTIVESERVERS" ] && ZBX_ACTIVESERVERS=","$ZBX_ACTIVESERVERS + + ZBX_ACTIVESERVERS=$ZBX_SERVER_HOST":"$ZBX_SERVER_PORT$ZBX_ACTIVESERVERS + + update_config_var $ZBX_AGENT_CONFIG "PidFile" + update_config_var $ZBX_AGENT_CONFIG "LogType" "console" + update_config_var $ZBX_AGENT_CONFIG "LogFile" + update_config_var $ZBX_AGENT_CONFIG "LogFileSize" + update_config_var $ZBX_AGENT_CONFIG "DebugLevel" "${ZBX_DEBUGLEVEL}" + update_config_var $ZBX_AGENT_CONFIG "SourceIP" + update_config_var $ZBX_AGENT_CONFIG "LogRemoteCommands" "${ZBX_LOGREMOTECOMMANDS}" + + : ${ZBX_PASSIVE_ALLOW:="true"} + if [ "$ZBX_PASSIVE_ALLOW" == "true" ]; then + echo "** Using '$ZBX_PASSIVESERVERS' servers for passive checks" + update_config_var $ZBX_AGENT_CONFIG "Server" "${ZBX_PASSIVESERVERS}" + else + update_config_var $ZBX_AGENT_CONFIG "Server" + fi + + update_config_var $ZBX_AGENT_CONFIG "ListenPort" "${ZBX_LISTENPORT}" + update_config_var $ZBX_AGENT_CONFIG "ListenIP" "${ZBX_LISTENIP}" + + : ${ZBX_ACTIVE_ALLOW:="true"} + if [ "$ZBX_ACTIVE_ALLOW" == "true" ]; then + echo "** Using '$ZBX_ACTIVESERVERS' servers for active checks" + update_config_var $ZBX_AGENT_CONFIG "ServerActive" "${ZBX_ACTIVESERVERS}" + else + update_config_var $ZBX_AGENT_CONFIG "ServerActive" + fi + + if [ "$ZBX_ENABLESTATUSPORT" == "true" ]; then + update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "1" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferFile" "$ZABBIX_USER_HOME_DIR/buffer/" + update_config_var $ZBX_AGENT_CONFIG "PersistentBufferPeriod" "${ZBX_PERSISTENTBUFFERPERIOD}" + else + update_config_var $ZBX_AGENT_CONFIG "EnablePersistentBuffer" "0" + fi + + if [ "$ZBX_ENABLESTATUSPORT" == "true" ]; then + update_config_var $ZBX_AGENT_CONFIG "StatusPort" "31999" + fi + +# update_config_var $ZBX_AGENT_CONFIG "HostInterface" "${ZBX_HOSTINTERFACE}" +# update_config_var $ZBX_AGENT_CONFIG "HostInterfaceItem" "${ZBX_HOSTINTERFACEITEM}" + + update_config_var $ZBX_AGENT_CONFIG "Hostname" "${ZBX_HOSTNAME}" + update_config_var $ZBX_AGENT_CONFIG "HostnameItem" "${ZBX_HOSTNAMEITEM}" + update_config_var $ZBX_AGENT_CONFIG "HostMetadata" "${ZBX_METADATA}" + update_config_var $ZBX_AGENT_CONFIG "HostMetadataItem" "${ZBX_METADATAITEM}" + update_config_var $ZBX_AGENT_CONFIG "RefreshActiveChecks" "${ZBX_REFRESHACTIVECHECKS}" + update_config_var $ZBX_AGENT_CONFIG "BufferSend" "${ZBX_BUFFERSEND}" + update_config_var $ZBX_AGENT_CONFIG "BufferSize" "${ZBX_BUFFERSIZE}" + update_config_var $ZBX_AGENT_CONFIG "MaxLinesPerSecond" "${ZBX_MAXLINESPERSECOND}" + # Please use include to enable Alias feature +# update_config_multiple_var $ZBX_AGENT_CONFIG "Alias" ${ZBX_ALIAS} + update_config_var $ZBX_AGENT_CONFIG "Timeout" "${ZBX_TIMEOUT}" + update_config_var $ZBX_AGENT_CONFIG "Include" "/etc/zabbix/zabbix_agentd.d/" + update_config_var $ZBX_AGENT_CONFIG "UnsafeUserParameters" "${ZBX_UNSAFEUSERPARAMETERS}" + update_config_var $ZBX_AGENT_CONFIG "TLSConnect" "${ZBX_TLSCONNECT}" + update_config_var $ZBX_AGENT_CONFIG "TLSAccept" "${ZBX_TLSACCEPT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCAFile" "${ZBX_TLSCAFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSCRLFile" "${ZBX_TLSCRLFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSServerCertIssuer" "${ZBX_TLSSERVERCERTISSUER}" + update_config_var $ZBX_AGENT_CONFIG "TLSServerCertSubject" "${ZBX_TLSSERVERCERTSUBJECT}" + update_config_var $ZBX_AGENT_CONFIG "TLSCertFile" "${ZBX_TLSCERTFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSKeyFile" "${ZBX_TLSKEYFILE}" + update_config_var $ZBX_AGENT_CONFIG "TLSPSKIdentity" "${ZBX_TLSPSKIDENTITY}" + update_config_var $ZBX_AGENT_CONFIG "TLSPSKFile" "${ZBX_TLSPSKFILE}" + + update_config_multiple_var $ZBX_AGENT_CONFIG "DenyKey" "${ZBX_DENYKEY}" + update_config_multiple_var $ZBX_AGENT_CONFIG "AllowKey" "${ZBX_ALLOWKEY}" +} + +prepare_agent() { + echo "** Preparing Zabbix agent" + prepare_zbx_agent_config +} + +################################################# + +if [ "${1#-}" != "$1" ]; then + set -- /usr/sbin/zabbix_agent2 "$@" +fi + +if [ "$1" == '/usr/sbin/zabbix_agent2' ]; then + prepare_agent +fi + +exec "$@" + +################################################# diff --git a/agent2/rhel/hooks/build b/agent2/rhel/hooks/build new file mode 100755 index 000000000..3e0a2f00c --- /dev/null +++ b/agent2/rhel/hooks/build @@ -0,0 +1,13 @@ +#!/bin/bash +# +# Additional information: https://docs.docker.com/docker-cloud/builds/advanced/ +# + +MAJOR_VERSION=$(cat Dockerfile | grep "ARG MAJOR_VERSION" | cut -f2 -d"=") +MINOR_VERSION=$(cat Dockerfile | grep "ARG ZBX_VERSION" | cut -f2 -d".") + +VCS_REF=$MAJOR_VERSION.$MINOR_VERSION +BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ") + +echo "$BUILD_DATE - Building $VCS_REF version..." +docker build --build-arg VCS_REF="$VCS_REF" --build-arg BUILD_DATE="$BUILD_DATE" -t $IMAGE_NAME . diff --git a/agent2/rhel/licenses/gpl-2.0.txt b/agent2/rhel/licenses/gpl-2.0.txt new file mode 100644 index 000000000..d159169d1 --- /dev/null +++ b/agent2/rhel/licenses/gpl-2.0.txt @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License.