Zabbix – Recognize bare-metal and virtual machines

Long time no see!

Recently I’ve acquired a decently specced Dell R620 machine as a part of my homelab. I decided to on-board it. As a part of the on-boarding, it automatically checked into Zabbix. When I checked it’s status, I’ve realized that so far I have not implemented a way for auto-registering clients to identify themselves as either bare-metal or virtual machines. Therefore, I couldn’t easily add it a policy that would monitor stuff you wouldn’t otherwise monitor on a VM.

This afternoon was spent on searching for ways to auto-register clients and assign them into different policies based on whether they’re virtual or not and, to my surprise, I couldn’t find an out-of-the-box way of achieving this with Zabbix (if there is, please let me know if comments. I might’ve re-introduced a wheel then).

After looking into different Zabbix agent calls and modules, I found a way I could use to reliably tell whether it’s a baremetal machine or not. I realize it might not be the most elegant or efficient way of doing it, but I didn’t find a better way to do it. If you do know better ways of achieving the same effect (excluding network checks and checks generally based on network addressing), please let me know.

The check

Let’s add a new action for auto-registering clients. Head to Configuration > Actions and from Event source in the top right corner select “Auto registration” and press “Create action“:

Now, before we go any further, please bear in mind you will probably need a long and safe string that will allow you to uniquely identify auto-registering clients. The string will not be unique for every client, but it will be unique for the group of clients we will be registering into Zabbix. Think of it as a safety measure.

Now, fill out the form as follows:

As you can see, the Action will check for two conditions – if the Metadata coming from client contains word “bm” (bare-metal) and if it also contains “your_secure_string_1234567890“. If those two conditions are not satisfied, the client will not be registered by this action.

Head to “Operations” tab now and fill out the “Operations” field as follows, replacing Host Groups and Templates with your own ones accordingly:

After that’s done, we can press “Add” to add our action.

We should now see our action enabled:

The client config

Okay, but how will we actually provide Zabbix with “bm” and the secure string using metadata?

Metadata is handled by /etc/zabbix/zabbix_agentd.conf file. The line responsible for the value starts with HostMetadataitem. Metadata is very flexible, allowing us to use either predefined strings or use agent modules to do stuff for us and provide Zabbix with the result. Thanks to that mechanism, we can add following line:

HostMetadataItem=system.run["if grep -q 'hypervisor' /proc/cpuinfo; then echo \"vm your_secure_string_1234567890\"; else echo \"bm your_secure_string_1234567890\"; fi"]

With this line, my config looks as follows:

PidFile=/var/run/zabbix/zabbix_agentd.pid
LogFile=/var/log/zabbix/zabbix_agentd.log
LogFileSize=0
EnableRemoteCommands=1
Server=REDACTED
ServerActive=REDACTED
Hostname=someserver.tecden.co.uk
Include=/etc/zabbix/zabbix_agentd.d/*.conf
HostMetadataItem=system.run["if grep -q 'hypervisor' /proc/cpuinfo; then echo \"vm your_secure_string_1234567890\"; else echo \"bm your_secure_string_1234567890\"; fi"]

Let’s save the file and restart the Zabbix agent. Zabbix agent has to be restarted every time we make changes to this config file as otherwise it wont apply changes:

sudo systemctl restart zabbix-agent

That’s it! After the restart, you should be able to see your host register into Zabbix successfully and have appropriate templates assigned to it. The HostMetadataItem line we added also allows us to recognize VMs (because of the vm your_secure_string_1234567890 text it prints if it detects it runs under a hypervisor) so you can also create an additional Action to handle those separately. I won’t show it in this article as it follows the same principle, but the metadata text we will be looking for will be replaced by “vm” instead of “bm”.

Credits

The method I used to check if a machine is a VM was suggested by “Jan Henke” in this StackOverflow post.

Leave a Reply

Your email address will not be published. Required fields are marked *

Navigation