��Ĳ�

Table of Contents

Installation with OpenShift

Installation with OpenShift

Overview

��Ĳ� helps you to do a real-time monitoring of millions of metrics collected from tens of thousands of servers, virtual machines and network devices. The ��Ĳ� Operator allows users to easily deploy, manage, and maintain ��Ĳ� deployments on OpenShift. By installing this integration you will be able to deploy ��Ĳ� server/proxies and other components with a single command.

Supported features

��Ĳ� Operator comes with a few possible installation options:

��Ĳ� server - a simple ��Ĳ� installation with included ��Ĳ� server, ��Ĳ� web interface and ��Ĳ� Java gateway with MySQL database support. The feature does not provide MySQL service and requires an external MySQL database.
��Ĳ� server (full) - a ��Ĳ� installation with included ��Ĳ� server, ��Ĳ� web interface, ��Ĳ� Java gateway and MySQL server instance.
��Ĳ� proxy (SQLite3) - a very simple way to gain power of ��Ĳ� proxy. The feature has SQLite3 support for ��Ĳ� proxies and allows to specify the amount of proxies.
��Ĳ� proxy (MySQL) - another option of ��Ĳ� proxy. This option supports and delivers a MySQL database. It is possible to use a built-in MySQL database instance or an external one.
��Ĳ� agent - a ��Ĳ� agent can be deployed on each available node for stability and performance monitoring on remote nodes. It allows to gather metrics with full automation!
��Ĳ� appliance - a ��Ĳ� appliance is a very simple way to test and check ��Ĳ� features. This option provides all the core components in one solution. It includes ��Ĳ� server, ��Ĳ� Java gateway, ��Ĳ� web interface and MySQL server in deployment. It is very useful for testing ��Ĳ� features!

Currently ��Ĳ� Operator is based on the ��Ĳ� 6.0 LTS version and supports OpenShift 4.1, 4.2, 4.3, 4.4, 4.5, and 4.6.

Installing ��Ĳ� Operator

Using RedHat Marketplace

The installation of ��Ĳ� Operator using Red Hat Marketplace requires the OpenShift cluster to be registered in the Marketplace Portal, including the roll out of the PullSecret in your cluster. Failure to do so will result in an image pull authentication failure with the Red Hat registry.

1. Select the OperatorHub from the Operators submenu and search for ��Ĳ�.

Choose the RedHat Marketplace option.

2. Select "��Ĳ� Operator" and click on Purchase.

Openshift needs to be registered with the Red Hat Marketplace portal.

3. Select the most suitable install option.

4. Specify the product configuration to fit your needs.

5. Navigate to your software within Red Hat Marketplace and install the ��Ĳ� Operator software as specified in the image.

6. Install the Operator. Set the update approval strategy to Automatic to ensure that you always have the latest version of ��Ĳ� components installed.

7. The ��Ĳ� Operator is now installed into your specified cluster.

8. Go to Operators �� Installed Operators.

9. Open the "��Ĳ� Operator" configuration page.

Using OperatorHub

If you have installed OpenShift in AWS ensure that the requisite ports are opened for the worker nodes�� security group.

1. Select OperatorHub from the Operators submenu and search for ��Ĳ�.

2. Select ��Ĳ� Operator and click on Install.

3. Select the installation options.

4. Go to Operators �� Installed Operators.

5. Open the "��Ĳ� Operator" configuration page.

Configuration

Some of the operands (installation options) require additional resources to be created before. The following section describes these prerequisites. All possible configuration options are available during operand deployment. For example, ��Ĳ� proxy (MySQL):

The YAML section provides all available options with default values:

��Ĳ� server

This operand has a few prerequisites:

1. An existing MySQL database entry point - a MySQL database/cluster must be created before running the "��Ĳ� Server" operand. For example, a standalone MySQL server with persistent volume:

apiVersion: v1
       kind: PersistentVolumeClaim
       metadata:
         name: mysql-pv-claim
       spec:
         accessModes:
           - ReadWriteOnce
         resources:
           requests:
             storage: 20Gi
       ---
       apiVersion: apps/v1
       kind: Deployment
       metadata:
         name: mysql
       spec:
         selector:
           matchLabels:
             app: mysql
         strategy:
           type: Recreate
         template:
           metadata:
             labels:
               app: mysql
           spec:
             containers:
             - image: mysql:8.0
               name: mysql
               args:
                 - mysqld
                 - '--character-set-server=utf8'
                 - '--collation-server=utf8_bin'
                 - '--default-authentication-plugin=mysql_native_password'
               env:
                 # Use secret in real usage
               - name: MYSQL_ROOT_PASSWORD
                 value: Welcome1!
               ports:
               - containerPort: 3306
                 name: mysql
               volumeMounts:
               - name: mysql-persistent-storage
                 mountPath: /var/lib/mysql
             volumes:
             - name: mysql-persistent-storage
               persistentVolumeClaim:
                 claimName: mysql-pv-claim
       ---
       apiVersion: v1
       kind: Service
       metadata:
         name: mysql
       spec:
         ports:
         - port: 3306
         selector:
           app: mysql
         clusterIP: None

Please, note that ��Ĳ� does not support a utf8_mb4 charset and default caching_sha2_password authentication plugin.

2. MySQL credentials using secret - must be secret with mysql_root_password, mysql_zabbix_username and mysql_zabbix_password data. For example:

kind: Secret
       apiVersion: v1
       metadata:
         name: zabbix-server-secrets
       data:
         mysql_root_password: V2VsY29tZTEh
         mysql_zabbix_password: emFiYml4X3N1cGVyIQ==
         mysql_zabbix_username: emFiYml4
       type: Opaque

where all fields are encoded using base64. For example:

# echo -n "zabbix" | base64
       emFiYml4Cg

An example of "��Ĳ� Server" operand configuration:

All configuration options are available using the form view, but it is possible to use the YAML view as well. For example:

Finally, the operand will create multiple pods. It is possible to examine them in the Workloads �� Pods section:

The route for ��Ĳ� web interface is located under Networking �� Routes. The URL provides access to the ��Ĳ� web interface. In the following example it is http://zabbix-server-zabbix.apps-crc.testing/:

��Ĳ� full

This operand has a few prerequisites:

1. MySQL volume claim - must be persistent volume claim. For example:

apiVersion: v1
       kind: PersistentVolumeClaim
       metadata:
         name: zabbix-database
         namespace: zabbix
       spec:
         accessModes:
           - ReadWriteOnce
         volumeMode: Filesystem
         resources:
           requests:
             storage: 50Gi

2. MySQL credentials using secret - must be secret with mysql_root_password, mysql_zabbix_username and mysql_zabbix_password data. For example:

kind: Secret
       apiVersion: v1
       metadata:
         name: zabbix-full-secrets
       data:
         mysql_root_password: V2VsY29tZTEh
         mysql_zabbix_password: emFiYml4X3N1cGVyIQ==
         mysql_zabbix_username: emFiYml4
       type: Opaque

where all fields are encoded using base64. For example:

# echo -n "zabbix" | base64
       emFiYml4Cg

An example of "��Ĳ� Full" operand configuration:

All configuration options are available using the form view, but it is possible to use the YAML view as well. For example:

Finally, the operand will create multiple pods. It is possible to examine them in the Workloads �� Pods section:

The route for ��Ĳ� web interface is located under Networking �� Routes. The URL provides access to the ��Ĳ� web interface. In the following example it is http://zabbix-full-zabbix.apps-crc.testing/:

��Ĳ� proxy (SQLite3)

An example of "��Ĳ� proxy (SQLite3)" operand configuration:

Finally, the operand will create multiple pods. It is possible to examine them in the Workloads �� Pods section:

Additional information

Creating new secret

The following procedure describes how to create a new secret using Openshift Console.

1. Open the Workloads �� Secrets section and switch project to the ��Ĳ� Operator project (by default, "zabbix").

2. Create a new secret using the From YAML option.

SSL certificates for HTTPS

It is possible to enable HTTPS directly in the ��Ĳ� web interface pods. In this case create the following secret using the YAML option:

kind: Secret
       apiVersion: v1
       metadata:
         name: zabbix-web-sslsecret
       data:
         ssl.crt: >-
          < ssl.crt data>
         ssl.key: >-
            < ssl.key data >
         dhparam.pem: >-
          <  dhparam.pem data >

The names of certificates and DH Parameters file are static. Please use the listed in the above example only!

MySQL database certificate base encryption

MySQL database side:

apiVersion: v1
       data:
        root-ca.pem: >-
         < root-ca.pem data>
        server-cert.pem: >-
         < server-cert.pem data>
        server-key.pem: >-
         < server-key.pem data>
       kind: Secret
       metadata:
        name: zabbix-db-server-tls-secret
       type: Opaque

��Ĳ� components side:

apiVersion: v1
       data:
        client-cert.pem: >-
         < client-cert.pem data>
        client-key.pem: >-
         < client-key.pem data>
        root-ca.pem: >-
         < root-ca.pem data>
       kind: Secret
       metadata:
        name: zabbix-db-client-tls-secret
       type: Opaque

Certificates must include "-----BEGIN RSA PRIVATE KEY-----" and "-----END RSA PRIVATE KEY-----". For example:

Then, during deployment, in the ��Ĳ� component section and MySQL server (if using built-in server) choose the proper "TLS connection to database" option value and the "MySQL database certificates (client)" secret value.

Known issues

��Ĳ� agent does not have the possibility to determine proper node name. It always has dynamic hostname.

�����Ĳ�

Documentation

Installation with OpenShift

Overview

Supported features

Installing �����Ĳ� Operator

Using RedHat Marketplace

Using OperatorHub

Configuration

�����Ĳ� server

�����Ĳ� full

�����Ĳ� proxy (SQLite3)

Additional information

Creating new secret

SSL certificates for HTTPS

MySQL database certificate base encryption

Known issues

��Ĳ�

Installing ��Ĳ� Operator

��Ĳ� server

��Ĳ� full

��Ĳ� proxy (SQLite3)