Deploy Zabbix + Grafana + Keycloak + PostgreSQL on Podman (Complete Infrastructure Stack Setup 2025)
🚀 Deploy Zabbix + Grafana + Keycloak + PostgreSQL on Podman
Complete step-by-step deployment guide for Zabbix monitoring with integrated Grafana dashboards, Keycloak authentication, and PostgreSQL database — powered by Podman containers and systemd automation.
📋 1. Prerequisites
- OS: RHEL / CentOS 9 or Ubuntu 22.04+
- Podman installed (
podman --version) - Python3 and pip for podman-compose
- Sudo / root privileges
- Basic Firewall & SELinux knowledge
📁 2. Create Project Directory
mkdir -p ~/zabbix-stack/db ~/zabbix-stack/grafana cd ~/zabbix-stack
⚙️ 3. Install Podman Compose
sudo pip install podman-compose which podman-compose
Example output:
/usr/local/bin/podman-compose
🧩 4. Create podman-compose.yml
Use the following YAML configuration file:
version: "3.9"
networks:
zbxnet:
driver: bridge
services:
zabbix-db:
image: docker.io/postgres:15
container_name: zabbix-db
restart: always
environment:
POSTGRES_USER: zabbix
POSTGRES_PASSWORD: zabbixpass
POSTGRES_DB: zabbix
volumes:
- ./db:/var/lib/postgresql/data:Z
networks:
- zbxnet
zabbix-server:
image: docker.io/zabbix/zabbix-server-pgsql:alpine-latest
container_name: zabbix-server
restart: always
depends_on:
- zabbix-db
environment:
DB_SERVER_HOST: zabbix-db
POSTGRES_USER: zabbix
POSTGRES_PASSWORD: zabbixpass
networks:
- zbxnet
zabbix-web:
image: docker.io/zabbix/zabbix-web-nginx-pgsql:alpine-latest
container_name: zabbix-web
restart: always
depends_on:
- zabbix-server
environment:
DB_SERVER_HOST: zabbix-db
POSTGRES_USER: zabbix
POSTGRES_PASSWORD: zabbixpass
ZBX_SERVER_HOST: zabbix-server
PHP_TZ: Asia/Kolkata
ports:
- "8080:8080"
networks:
- zbxnet
grafana:
image: docker.io/grafana/grafana:latest
container_name: grafana
restart: always
volumes:
- ./grafana:/var/lib/grafana:Z
ports:
- "3000:3000"
networks:
- zbxnet
keycloak:
image: quay.io/keycloak/keycloak:25.0
container_name: keycloak
restart: always
command: start-dev
environment:
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: adminpass
ports:
- "8081:8080"
networks:
- zbxnet
🔐 5. Set Permissions
sudo chown 999:999 ~/zabbix-stack/db sudo chown 472:472 ~/zabbix-stack/grafana sudo chmod 755 ~/zabbix-stack/db ~/zabbix-stack/grafana
▶️ 6. Start the Stack
cd ~/zabbix-stack podman-compose up -d podman ps
Once containers are up, check access using your server IP and respective ports.
🛠️ 7. Configure systemd Service
Create the following systemd unit file:
sudo nano /etc/systemd/system/zabbix-stack.service
Paste this content:
[Unit] Description=Zabbix Stack (Podman Compose) After=network.target Wants=network.target [Service] Type=oneshot RemainAfterExit=yes WorkingDirectory=/root/zabbix-stack ExecStart=/usr/local/bin/podman-compose up -d ExecStop=/usr/local/bin/podman-compose down TimeoutStartSec=0 [Install] WantedBy=multi-user.target
Enable and Start the Service
sudo systemctl daemon-reload sudo systemctl enable zabbix-stack.service sudo systemctl start zabbix-stack.service sudo systemctl status zabbix-stack.service
🌐 8. Access Web Interfaces
| Service | URL | Default Credentials |
|---|---|---|
| Zabbix Web | http://<server-ip>:8080 | Admin / zabbix |
| Grafana | http://<server-ip>:3000 | admin / admin |
| Keycloak | http://<server-ip>:8081/admin | admin / adminpass |
📈 9. Optional: Zabbix Monitoring Setup
- Add hosts for Grafana, Keycloak, Zabbix server, and PostgreSQL DB.
- Use ICMP, TCP, HTTP, or Zabbix agent templates.
- Create dashboards and configure alerting.
🧰 10. Maintenance & Notes
- 🗃️ Backup:
~/zabbix-stack/db(Postgres) and~/zabbix-stack/grafana - 📜 Logs:
podman logs <container> - 🔥 Firewall: Open ports 8080, 3000, 8081, 10051
- 🧩 SELinux: Keep
:Zflag on volumes - ⬆️ Update:
podman-compose pull && podman-compose up -d
📚 References
© 2025 • IT Infrastructure Deployment Guide — Zabbix + Grafana + Keycloak + PostgreSQL on Podman ⚙️Sidhesh D.
Comments
Post a Comment