zabbix: refactor packaging #28238
Open
zabbix: refactor packaging #28238
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
Author
|
Now reworking to reduce the number of variants (compiles) but keeping the same 'flavours'. EDIT: Done |
danielfdickinson
force-pushed
the
zabbix-enhancements
branch
2 times, most recently
from
aacc269 to
827881f
Compare
Addresses the issue pointed out in openwrt#28165, which is that zabbix_agentd always creates a PidFile and has no option to disable PidFile creation. Therefore update the configuration file to default to create a PidFile where we want it. Close openwrt#28165 Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
Adds an initscript for zabbix_server, and related helper files + uses a zabbix_server uci conf to enable/disable startup + updates the default zabbix_server.conf to work with initscript + add a sysctl.d conf to set max-files more appropriate for zabbix_server Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
Bump Zabbix to the latest released 7.0.x LTS version. Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
danielfdickinson
force-pushed
the
zabbix-enhancements
branch
2 times, most recently
from
c4f7ff3 to
344634f
Compare
We enable a number of previously disabled features, and in order to avoid an explosion of 'flavours' of Zabbix, we refactor the packaging as follows: 1. There are a total of four variants: tiny, small, ssl, and full 2. agentd, sender, get, and proxy all have a tiny flavour 3. agentd, sender, get, proxy, and server all have an ssl flavour 4. proxy and server have a 'small' flavour 5. agentd, server, proxy and frontend have full flavours 6. For the frontend there are two flavours: plain and extra-auth All tiny variants omit SSL and have only the base functionality for the binary. In addition the proxy tiny variant is built against SQLite as the database. Small versions also omit SSH and only have base functionality for the binary, but use PostgreSQL or MariaDB for the database. SSL flavour of OpenSSL vs. GnuTLS is now a configuration option, with OpenSSL as the default. When building against GnuTLS the agentd, proxy and server full versions have the following notes: 1. Net-SNMP uses the nossl versions 2. cURL functionality is provided by libcurl-gnutls The full server version uses OpenSSL version of Net-SNMP and the default SSL backend for cURL on OpenWrt (curl package defaults to mbedtls). Both SSL versions use OpenLDAP from OpenWrt. Default database for the servers and frontends remains PostgresQL. The 'extra-auth' frontend has the PHP modules necessary to do LDAP as well as SAML and MFA. Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
danielfdickinson
force-pushed
the
zabbix-enhancements
branch
from
344634f to
8a0a993
Compare
danielfdickinson
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
📦 Package Details
Maintainer: @danielfdickinson
Description:
This changeset will likely need discussion, so creating this draft PR as a Request for Comments.EDIT: I am happy with this, unless there are objections to the removal of the -openssl and -gnutls packages and replacing with just -ssl which defaults to openssl, but can be compiled as GnuTLS if so desired.
The first two commits are from #28041 , which is not yet merged.
The third commit is just a simple version bump.
The fourth commit is where the action is (EDIT: and is now v3 of the refactor)
We enable a number of previously disabled features, and in order to
avoid an explosion of 'flavours' of Zabbix, we refactor the packaging
as follows:
All tiny variants omit SSL and have only the base functionality for
the binary. In addition the proxy tiny variant is built against SQLite
as the database.
Small versions also omit SSL and only have base functionality for the
binary, but use PostgreSQL or MariaDB for the database.
SSL flavour of OpenSSL vs. GnuTLS is now a configuration option, with
OpenSSL as the default.
When building against GnuTLS the agentd and server full versions have
the following notes:
The full server and proxy versions uses OpenSSL version of Net-SNMP and the
default SSL backend for cURL on OpenWrt. (curl packages uses mbedtls by default).
Both SSL versions use OpenLDAP from OpenWrt.
Default database for the servers and frontends remains PostgresQL.
The 'extra-auth' frontend has the PHP modules necessary to do LDAP as
well as SAML and MFA.
🧪 Run Testing Details
Rebuilt my personal network Zabbix server and frontend using this. It works well.
✅ Formalities