1. 安裝基礎軟件
基本環境介紹:1.1安裝基礎軟件包
安裝 Cacti 需要 Mysql,PHP,RRDTool,net-snmp 和 支持 PHP 的 Web服務器,如 Apache,Nginx 或 IIS等。 軟件版本要求:
PHP 5.4+ https://php.net/MySQL 5.6+ https://mysql.com/RRDtool 1.3+, 1.5+ recommended http://oss.oetiker.ch/rrdtool/NET-SNMP 5.5+Web Server with PHP support安裝mysql數據庫配置MariaDB官方yum源,這裏安裝mariadb10.3.5版本:
[root@localhost ~]# vim /etc/yum.repos.d/MariaDB.repo
[mariadb]
name=MariaDB
baseurl= http://yum.mariadb.org/10.3.5/centos74-amd64/
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
安裝mariadb server和mariadb client
[root@localhost ~]# yum install -y MariaDB-server MariaDB-client MariaDB-devel
Installed:
MariaDB-client.x86_64 0:10.3.5-1.el7.centos
MariaDB-devel.x86_64 0:10.3.5-1.el7.centos
MariaDB-server.x86_64 0:10.3.5-1.el7.centos
安裝httpd和php# yum install -y httpd php
這裏安裝Apache/2.4.6和php5.4.16
[root@cacti ~]# httpd -v
Server version: Apache/2.4.6 (CentOS)
Server built: Jun 27 2018 13:48:59
[root@cacti ~]# php -v
PHP 5.4.16 (cli) (built: Apr 12 2018 19:02:01)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies
安裝php擴展# yum install –y php-mysql php-snmp php-xml php-ldap php-gd php-mbstring php-posix
安裝net-snmp簡單網絡管理協議# yum install –y net-snmp net-snmp-libs net-snmp-utils net-snmp-devel net-snmp-perl
安裝RRDTool 繪圖工具# yum install –y rrdtool rrdtool-devel rrdtool-php rrdtool-perl perl-devel perl-CPAN perl-YAML
1.2 配置webserver
查看httpd.conf配置文件,確保包含以下內容:
[root@cacti ~]# vim /etc/httpd/conf/httpd.conf
# Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
配置php.conf配置文件,末尾添加以下內容:
[root@cacti ~]# vim /etc/httpd/conf.d/php.conf
..
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
LoadModule php5_module modules/libphp5.so
#
# Cause the PHP interpreter to handle files with a .php extension.
AddHandler php5-script .php
AddType text/html .php
#
# Add index.php to the list of files that will be served as directory
# indexes.
DirectoryIndex index.php
啟動httpd服務並設為開機啟動
# systemctl start httpd && systemctl enable httpd
1.3 配置PHP
請確保為以下PHP擴展模塊內置或安裝了PHP支持: • mysql (For configuration, see note below) • SNMP (For configuration, see note below) • XML • Session • Sockets • LDAP (Required only when using LDAP authentication) • GD (Required only for some Plugins) 您可以運行以下命令來獲取所有可用PHP模塊的列表:php –m 修改php.ini配置文件,添加或找到如下內容 關閉安全模式並修改時區
[root@localhost ~]# vim /etc/php.ini
[PHP]
safe_mode = Off
……
date.timezone = Asia/Shanghai
測試php與apache解析是否正常,創建php測試頁面
[root@cacti ~]# vim /var/www/html/index.php
<?php
phpinfo();
?>
如果cacti目錄不在apache目錄下,參考如下設置,這裏省略。
In case you do not install Cacti to the default web directory, put the following as cacti.conf into /etc/httpd/conf.d. Change /your/cacti/dir to your cacti directory name. Change the Allow from 127.0.0.1 directive to whatever you need (e.g. the subnets in your company). Follow the hints given in the comments, especially when using SELinux!
# Cacti - the complete rrdtool-based graphing solution
#
# Allows only localhost by default
#
# Allowing cacti to anyone other than localhost should be considered
# dangerous unless properly secured by SSL
# Make sure, that httpd can read your cacti directories.
# At minimum, you need
# chmod ugo+r -R /your/cacti/dir
# Make sure to replace with your directories
# When using SELinux, set the following:
# chcon -R -h -t httpd_sys_content_t /your/cacti/dir
# when using SELinux and you private homedir, enable
# setsebool -P httpd_enable_homedirs 1
# setsebool -P httpd_read_user_content 1
Alias /cacti /your/cacti/dir
<Directory /your/cacti/dir>
AllowOverride None
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from ::1
Options Indexes Includes FollowSymLinks
</Directory>
# These directories do not require access over HTTP
#
<Directory /your/cacti/dir/cli>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
1.4配置MYSQL
啟動mysql數據庫服務並設為開機啟動
[root@localhost ~]# systemctl start mariadb && systemctl enable mariadb
初始化MariaDB數據庫,主要創建mysql數據庫密碼,然後全部Y下一步:
[root@localhost ~]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): //當前數據庫密碼為空,直接按回車鍵
OK, successfully used password, moving on
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] Y //輸入要為root管理員設置的密碼(數據庫root非linux root)
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y //刪除匿名賬號
Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y //禁止root管理員從遠程登錄
Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y //刪除test數據庫並取消對它的訪問權限
- Dropping test database
Success!
- Removing privileges on test database
Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y //刷新授權表,讓初始化後的設定立即生效
Success!
Cleaning up
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
這裏在上面初始化過程中數據庫root密碼設置為123456,登陸數據庫驗證密碼設置是否正確
[root@cacti ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 15
Server version: 10.3.5-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]>
修改mysql配置文件,在[server]下增加如下內容
[root@cacti ~]# vim /etc/my.cnf.d/server.cnf
[server]
# this is only for the mysqld standalone daemon
character_set_server = utf8mb4
collation-server = utf8mb4_unicode_ci
max_heap_table_size = 256M
max_allowed_packet = 16777216
tmp_table_size = 64M
join_buffer_size = 64M
innodb_file_per_table = ON
innodb_buffer_pool_size = 1024M
innodb_doublewrite = OFF
#innodb_additional_mem_pool_size = 96M
innodb_flush_log_at_timeout = 3
innodb_read_io_threads = 32
innodb_write_io_threads =16
數據庫與PHP測試:
[root@cacti ~]# vim /var/www/html/linkdb.php
<?php
$a=mysql_connect("localhost","root","123456");
if($a){echo "ok";}else{echo "err";}
?>
測試
[root@cacti ~]# yum install –y elinks
[root@cacti ~]# elinks dump http://localhost/linkdb.php
ok
1.5 配置SNMP
修改snmp配置文件,找到如下內容修改
# vim /etc/snmp/snmpd.conf
//修改default為本機ip,修改public為自己的團體名(可以不改),42行
com2sec notConfigUser default public
//把systemview改成all ,供所有snmp 訪問權限 64行
access notConfigGroup "" any noauth exact all none none
//去掉此行注釋
view all included .1 80 // 去掉#號 85行
重啟snmp服務
# systemctl restart snmpd.service && systemctl enable snmpd.service
本機測試snmp數據(修改monit為配置的團體名),查看是否能夠獲取數據
snmpwalk -v 2c -c public localhost system
遠程測試snmp數據(修改ip為服務器ip,snmpwalk命令需要安裝net-snmp)
snmpwalk -v 2c -c public ip system
2. 安裝和配置cacti
官網下載:https://www.cacti.net/downloads/cacti-1.1.38.tar.gz 官網無法訪問時可以在github下載
1.下載Cacti 安裝包# wget https://github.com/Cacti/cacti/archive/release/1.1.38.tar.gz
# tar -zxvf 1.1.38.tar.gz
# cp -R cacti-release-1.1.38/ /var/www/html/cacti
2.創建 cacti 數據庫 創建cacti數據庫,創建數據庫用戶cactiuser,設置用戶相關授權
[root@cacti ~]# mysql –u root -p
MariaDB [(none)]> create database cacti;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all on cacti.* to cactiuser@localhost identified by "cactiuser";
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT SELECT ON mysql.time_zone_name TO 'cactiuser'@'localhost' IDENTIFIED BY 'cactiuser';
Query OK, 0 rows affected (0.00 sec)
MariaDB [cacti]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
注意這裏的數據庫用戶名密碼全部為cactiuser,可以自定義。
3.導入 Cacti 默認數據庫MariaDB [(none)]> use cacti;
Database changed
MariaDB [cacti]> source /var/www/html/cacti/cacti.sql;
………………
MariaDB [cacti]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
MariaDB [cacti]> quit
Bye
配置數據庫時區:
[root@cacti ~]# mysql_tzinfo_to_sql /usr/share/zoneinfo/ | mysql -u root -p mysql
Enter password:
Warning: Unable to load '/usr/share/zoneinfo//leapseconds' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo//tzdata.zi' as time zone. Skipping it.
4.測試使用cactiuser用戶登錄cacti數據庫使用自己設置的用戶名密碼登錄
[root@cacti ~]# mysql -ucactiuser -pcactiuser
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 16
Server version: 5.5.56-MariaDB MariaDB Server
Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]>
5. 創建cacti配置文件config.php主要修改數據庫用戶名密碼,和cacti路徑,這裏全部默認,根據個人配置進行修改
[root@cacti ~]# cp /var/www/html/cacti/include/{config.php.dist,config.php}
[root@cacti ~]# vim /var/www/html/cacti/include/config.php
[root@cacti include]# vim config.php
………………
$database_type = 'mysql';
$database_default = 'cacti';
$database_hostname = 'localhost';
$database_username = 'cactiuser';
$database_password = 'cactiuser';
$database_port = '3306';
$database_ssl = false;
……………
$url_path = '/cacti/';
6.創建 cacti 系統用戶,設置目錄權限[root@cacti ~]# useradd -r -M cacti
[root@cacti ~]# chown -R cacti /var/www/html/cacti/{rra,log}/
[root@cacti ~]# chown -R apache.apache /var/www/html/cacti/{resource,cache,scripts}/
[root@cacti ~]# chmod -R 777 /var/www/html/cacti/
7. 添加定時任務將每5分鐘執行一次的數據獲取腳本加入crontab
[root@cacti ~]# crontab -e
no crontab for root - using an empty one
*/5 * * * * cactiuser php /var/www/html/cacti/poller.php > /dev/null 2>&1
8.重新啟動相關服務# systemctl restart httpd && systemctl restart mariadb
# systemctl restart crond && systemctl restart snmpd
3. 安裝spine
cacti默認使用cmd.php來輪詢數據,速度會很慢,因此我們采用Spine來輪詢數據。cacti-spine是一個由C語言開發的,用於替代cmd.php的快速獲取速度的引擎。(也可以不裝)
安裝spine高速數據采集插件# wget https://www.cacti.net/downloads/spine/cacti-spine-1.1.38.tar.gz
# yum install -y mysql-devel dos2unix autoconf automake binutils libtool gcc cpp glibc-headers glibc-devel help2man
# tar zxvf cacti-spine-1.1.38.tar.gz
# cp -R cacti-spine-1.1.38 /usr/local/spine
# cd /usr/local/spine
# ln -s /usr/lib64/libmysqlclient.so.18.0.0 /usr/lib64/libmysqlclient.so
# sh bootstrap
# ./configure
# make && make install
# chown root:root /usr/local/spine/bin/spine
# chmod +s /usr/local/spine/bin/spine
編輯spine.conf:# cp /usr/local/spine/etc/spine.conf.dist /etc/spine.conf
修改/etc/spine.conf如下部分:
# vim /etc/spine.conf
DB_Host localhost
DB_Database cacti
DB_User cactiuser
DB_Pass cactiuser
DB_Port 3306
進行初始化: /usr/local/spine/bin/spine //執行此命令,成功後顯示如下
[root@cacti spine]# /usr/local/spine/bin/spine
SPINE: Using spine config file [/etc/spine.conf]
SPINE: Version 1.1.38 starting
SPINE: Time: 0.0385 s, Threads: 5, Devices: 0
4. 初始化cacti
5. Cacti監控使用
5.1 登陸cacti
5.2 監控本機
如果沒有加載出來,手動執行一次crontab裏面的命令,然後再次刷新頁面 [root@cacti ~]# php /var/www/html/cacti/poller.php > /dev/null 2>&1
5.3 監控Linux客戶端
安裝SNMP
# yum -y install net-snmp net-snmp-utils
修改snmp配置文件
[root@cacticlient ~]# vim /etc/snmp/snmpd.conf
1) 查找以下代碼:
com2sec notConfigUser default public
將"comunity"字段改為你要設置的密碼.比如"public",將“default”改為你想哪台機器可以看到你的snmp信息,如設為cacti監控端ip 192.168.92.56,修改後:
com2sec notConfigUser 192.168.0.8 public
2) 查找以下代碼:
access notConfigGroup "" any noauth exact systemview none none
將"systemview "字段改為all.修改後:
access notConfigGroup "" any noauth exact all none none
3) 查找以下代碼:
#view all included .1 80
將該行前面的"#"去掉.
啟動snmp服務並設為開機啟動:
# systemctl start snmpd.service && systemctl enable snmpd.service
監控Windows客戶端
重啟windows snmp服務,然後訪問cacti添加設備