編碼的世界 / 優質文選 / 文明

CentOS7.5安裝Cacti1.1.38

2021年11月22日
-   

1. 安裝基礎軟件
基本環境介紹:
1.1安裝基礎軟件包
安裝 Cacti 需要 Mysql,PHP,RRDTool,net-snmp 和 支持 PHP 的 Web服務器,如 Apache,Nginx 或 IIS等。 軟件版本要求:
  • PHP 5.4+ https://php.net/
  • MySQL 5.6+ https://mysql.com/
  • RRDtool 1.3+, 1.5+ recommended http://oss.oetiker.ch/rrdtool/
  • NET-SNMP 5.5+
  • Web Server with PHP support

    • 安裝mysql數據庫配置MariaDB官方yum源,這裏安裝mariadb10.3.5版本:
    [root@localhost ~]# vim /etc/yum.repos.d/MariaDB.repo
    [mariadb]
    name=MariaDB
    baseurl= http://yum.mariadb.org/10.3.5/centos74-amd64/
    gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
    gpgcheck=1

    安裝mariadb server和mariadb client
    [root@localhost ~]# yum install -y MariaDB-server MariaDB-client MariaDB-devel
    Installed:
    MariaDB-client.x86_64 0:10.3.5-1.el7.centos
    MariaDB-devel.x86_64 0:10.3.5-1.el7.centos
    MariaDB-server.x86_64 0:10.3.5-1.el7.centos

    安裝httpd和php
    # yum install -y httpd php

    這裏安裝Apache/2.4.6和php5.4.16
    [root@cacti ~]# httpd -v
    Server version: Apache/2.4.6 (CentOS)
    Server built: Jun 27 2018 13:48:59
    [root@cacti ~]# php -v
    PHP 5.4.16 (cli) (built: Apr 12 2018 19:02:01)
    Copyright (c) 1997-2013 The PHP Group
    Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies

    安裝php擴展
    # yum install –y php-mysql php-snmp php-xml php-ldap php-gd php-mbstring php-posix

    安裝net-snmp簡單網絡管理協議
    # yum install –y net-snmp net-snmp-libs net-snmp-utils net-snmp-devel net-snmp-perl

    安裝RRDTool 繪圖工具
    # yum install –y rrdtool rrdtool-devel rrdtool-php rrdtool-perl perl-devel perl-CPAN perl-YAML

    1.2 配置webserver
    查看httpd.conf配置文件,確保包含以下內容:
    [root@cacti ~]# vim /etc/httpd/conf/httpd.conf
    # Load config files in the "/etc/httpd/conf.d" directory, if any.
    IncludeOptional conf.d/*.conf

    配置php.conf配置文件,末尾添加以下內容:
    [root@cacti ~]# vim /etc/httpd/conf.d/php.conf
    ..
    # PHP is an HTML-embedded scripting language which attempts to make it
    # easy for developers to write dynamically generated webpages.
    LoadModule php5_module modules/libphp5.so
    #
    # Cause the PHP interpreter to handle files with a .php extension.
    AddHandler php5-script .php
    AddType text/html .php
    #
    # Add index.php to the list of files that will be served as directory
    # indexes.
    DirectoryIndex index.php

    啟動httpd服務並設為開機啟動
    # systemctl start httpd && systemctl enable httpd

    1.3 配置PHP
    請確保為以下PHP擴展模塊內置或安裝了PHP支持: • mysql (For configuration, see note below) • SNMP (For configuration, see note below) • XML • Session • Sockets • LDAP (Required only when using LDAP authentication) • GD (Required only for some Plugins) 您可以運行以下命令來獲取所有可用PHP模塊的列表:php –m 修改php.ini配置文件,添加或找到如下內容 關閉安全模式並修改時區
    [root@localhost ~]# vim /etc/php.ini
    [PHP]
    safe_mode = Off
    ……
    date.timezone = Asia/Shanghai

    測試php與apache解析是否正常,創建php測試頁面
    [root@cacti ~]# vim /var/www/html/index.php
    <?php
     phpinfo();
    ?>

    如果cacti目錄不在apache目錄下,參考如下設置,這裏省略。
    In case you do not install Cacti to the default web directory, put the following as cacti.conf into /etc/httpd/conf.d. Change /your/cacti/dir to your cacti directory name. Change the Allow from 127.0.0.1 directive to whatever you need (e.g. the subnets in your company). Follow the hints given in the comments, especially when using SELinux!
    # Cacti - the complete rrdtool-based graphing solution
    #
    # Allows only localhost by default
    #
    # Allowing cacti to anyone other than localhost should be considered
    # dangerous unless properly secured by SSL
    # Make sure, that httpd can read your cacti directories.
    # At minimum, you need
    # chmod ugo+r -R /your/cacti/dir
    # Make sure to replace with your directories
    # When using SELinux, set the following:
    # chcon -R -h -t httpd_sys_content_t /your/cacti/dir
    # when using SELinux and you private homedir, enable
    # setsebool -P httpd_enable_homedirs 1
    # setsebool -P httpd_read_user_content 1
    Alias /cacti /your/cacti/dir
    <Directory /your/cacti/dir>
     AllowOverride None
     Order Deny,Allow
     Deny from all
     Allow from 127.0.0.1
     Allow from ::1
     Options Indexes Includes FollowSymLinks
    </Directory>
    # These directories do not require access over HTTP
    #
    <Directory /your/cacti/dir/cli>
     Order Deny,Allow
     Deny from All
     Allow from None
    </Directory>

    1.4配置MYSQL
    啟動mysql數據庫服務並設為開機啟動
    [root@localhost ~]# systemctl start mariadb && systemctl enable mariadb

    初始化MariaDB數據庫,主要創建mysql數據庫密碼,然後全部Y下一步:
    [root@localhost ~]# mysql_secure_installation
    NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
     SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
    In order to log into MariaDB to secure it, we'll need the current
    password for the root user. If you've just installed MariaDB, and
    you haven't set the root password yet, the password will be blank,
    so you should just press enter here.
    Enter current password for root (enter for none): //當前數據庫密碼為空,直接按回車鍵
    OK, successfully used password, moving on
    Setting the root password ensures that nobody can log into the MariaDB
    root user without the proper authorisation.
    Set root password? [Y/n] Y //輸入要為root管理員設置的密碼(數據庫root非linux root)
    New password:
    Re-enter new password:
    Password updated successfully!
    Reloading privilege tables..
     Success!
    By default, a MariaDB installation has an anonymous user, allowing anyone
    to log into MariaDB without having to have a user account created for
    them. This is intended only for testing, and to make the installation
    go a bit smoother. You should remove them before moving into a
    production environment.
    Remove anonymous users? [Y/n] Y //刪除匿名賬號
     Success!
    Normally, root should only be allowed to connect from 'localhost'. This
    ensures that someone cannot guess at the root password from the network.
    Disallow root login remotely? [Y/n] Y //禁止root管理員從遠程登錄
     Success!
    By default, MariaDB comes with a database named 'test' that anyone can
    access. This is also intended only for testing, and should be removed
    before moving into a production environment.
    Remove test database and access to it? [Y/n] Y //刪除test數據庫並取消對它的訪問權限
     - Dropping test database
     Success!
     - Removing privileges on test database
     Success!
    Reloading the privilege tables will ensure that all changes made so far
    will take effect immediately.
    Reload privilege tables now? [Y/n] Y //刷新授權表,讓初始化後的設定立即生效
     Success!
    Cleaning up
    All done! If you've completed all of the above steps, your MariaDB
    installation should now be secure.
    Thanks for using MariaDB!

    這裏在上面初始化過程中數據庫root密碼設置為123456,登陸數據庫驗證密碼設置是否正確
    [root@cacti ~]# mysql -u root -p
    Enter password:
    Welcome to the MariaDB monitor. Commands end with ; or g.
    Your MariaDB connection id is 15
    Server version: 10.3.5-MariaDB MariaDB Server
    Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
    MariaDB [(none)]>

    修改mysql配置文件,在[server]下增加如下內容
    [root@cacti ~]# vim /etc/my.cnf.d/server.cnf
    [server]
    # this is only for the mysqld standalone daemon
    character_set_server = utf8mb4
    collation-server = utf8mb4_unicode_ci
    max_heap_table_size = 256M
    max_allowed_packet = 16777216
    tmp_table_size = 64M
    join_buffer_size = 64M
    innodb_file_per_table = ON
    innodb_buffer_pool_size = 1024M
    innodb_doublewrite = OFF
    #innodb_additional_mem_pool_size = 96M
    innodb_flush_log_at_timeout = 3
    innodb_read_io_threads = 32
    innodb_write_io_threads =16

    數據庫與PHP測試:
    [root@cacti ~]# vim /var/www/html/linkdb.php
    <?php
    $a=mysql_connect("localhost","root","123456");
    if($a){echo "ok";}else{echo "err";}
    ?>

    測試
    [root@cacti ~]# yum install –y elinks
    [root@cacti ~]# elinks dump http://localhost/linkdb.php
    ok


    1.5 配置SNMP
    修改snmp配置文件,找到如下內容修改
    # vim /etc/snmp/snmpd.conf
    //修改default為本機ip,修改public為自己的團體名(可以不改),42行
    com2sec notConfigUser default public
    //把systemview改成all ,供所有snmp 訪問權限 64行
    access notConfigGroup "" any noauth exact all none none
    //去掉此行注釋
    view all included .1 80 // 去掉#號 85行

    重啟snmp服務
    # systemctl restart snmpd.service && systemctl enable snmpd.service

    本機測試snmp數據(修改monit為配置的團體名),查看是否能夠獲取數據
    snmpwalk -v 2c -c public localhost system

    遠程測試snmp數據(修改ip為服務器ip,snmpwalk命令需要安裝net-snmp)
    snmpwalk -v 2c -c public ip system

    2. 安裝和配置cacti
    官網下載:https://www.cacti.net/downloads/cacti-1.1.38.tar.gz 官網無法訪問時可以在github下載
    1.下載Cacti 安裝包
    # wget https://github.com/Cacti/cacti/archive/release/1.1.38.tar.gz
    # tar -zxvf 1.1.38.tar.gz
    # cp -R cacti-release-1.1.38/ /var/www/html/cacti

    2.創建 cacti 數據庫 創建cacti數據庫,創建數據庫用戶cactiuser,設置用戶相關授權
    [root@cacti ~]# mysql –u root -p
    MariaDB [(none)]> create database cacti;
    Query OK, 1 row affected (0.00 sec)
    MariaDB [(none)]> grant all on cacti.* to cactiuser@localhost identified by "cactiuser";
    Query OK, 0 rows affected (0.00 sec)
    MariaDB [(none)]> GRANT SELECT ON mysql.time_zone_name TO 'cactiuser'@'localhost' IDENTIFIED BY 'cactiuser'; 
    Query OK, 0 rows affected (0.00 sec)
    MariaDB [cacti]> flush privileges;
    Query OK, 0 rows affected (0.00 sec)

    注意這裏的數據庫用戶名密碼全部為cactiuser,可以自定義。
    3.導入 Cacti 默認數據庫
    MariaDB [(none)]> use cacti;
    Database changed
    MariaDB [cacti]> source /var/www/html/cacti/cacti.sql;
    ………………
    MariaDB [cacti]> flush privileges;
    Query OK, 0 rows affected (0.00 sec)
    MariaDB [cacti]> quit
    Bye

    配置數據庫時區:
    [root@cacti ~]# mysql_tzinfo_to_sql /usr/share/zoneinfo/ | mysql -u root -p mysql
    Enter password:
    Warning: Unable to load '/usr/share/zoneinfo//leapseconds' as time zone. Skipping it.
    Warning: Unable to load '/usr/share/zoneinfo//tzdata.zi' as time zone. Skipping it.

    4.測試使用cactiuser用戶登錄cacti數據庫使用自己設置的用戶名密碼登錄
    [root@cacti ~]# mysql -ucactiuser -pcactiuser
    Welcome to the MariaDB monitor. Commands end with ; or g.
    Your MariaDB connection id is 16
    Server version: 5.5.56-MariaDB MariaDB Server
    Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.
    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
    MariaDB [(none)]>

    5. 創建cacti配置文件config.php主要修改數據庫用戶名密碼,和cacti路徑,這裏全部默認,根據個人配置進行修改
    [root@cacti ~]# cp /var/www/html/cacti/include/{config.php.dist,config.php}
    [root@cacti ~]# vim /var/www/html/cacti/include/config.php
    [root@cacti include]# vim config.php
    ………………
    $database_type = 'mysql';
    $database_default = 'cacti';
    $database_hostname = 'localhost';
    $database_username = 'cactiuser';
    $database_password = 'cactiuser';
    $database_port = '3306';
    $database_ssl = false;
    ……………
    $url_path = '/cacti/';

    6.創建 cacti 系統用戶,設置目錄權限
    [root@cacti ~]# useradd -r -M cacti
    [root@cacti ~]# chown -R cacti /var/www/html/cacti/{rra,log}/
    [root@cacti ~]# chown -R apache.apache /var/www/html/cacti/{resource,cache,scripts}/
    [root@cacti ~]# chmod -R 777 /var/www/html/cacti/

    7. 添加定時任務將每5分鐘執行一次的數據獲取腳本加入crontab
    [root@cacti ~]# crontab -e
    no crontab for root - using an empty one
    */5 * * * * cactiuser php /var/www/html/cacti/poller.php > /dev/null 2>&1

    8.重新啟動相關服務
    # systemctl restart httpd && systemctl restart mariadb
    # systemctl restart crond && systemctl restart snmpd

    3. 安裝spine
    cacti默認使用cmd.php來輪詢數據,速度會很慢,因此我們采用Spine來輪詢數據。cacti-spine是一個由C語言開發的,用於替代cmd.php的快速獲取速度的引擎。(也可以不裝) 安裝spine高速數據采集插件
    # wget https://www.cacti.net/downloads/spine/cacti-spine-1.1.38.tar.gz
    # yum install -y mysql-devel dos2unix autoconf automake binutils libtool gcc cpp glibc-headers glibc-devel help2man
    # tar zxvf cacti-spine-1.1.38.tar.gz
    # cp -R cacti-spine-1.1.38 /usr/local/spine
    # cd /usr/local/spine
    # ln -s /usr/lib64/libmysqlclient.so.18.0.0 /usr/lib64/libmysqlclient.so
    # sh bootstrap
    # ./configure
    # make && make install
    # chown root:root /usr/local/spine/bin/spine
    # chmod +s /usr/local/spine/bin/spine

    編輯spine.conf:
    # cp /usr/local/spine/etc/spine.conf.dist /etc/spine.conf

    修改/etc/spine.conf如下部分:
    # vim /etc/spine.conf
    DB_Host localhost
    DB_Database cacti
    DB_User cactiuser
    DB_Pass cactiuser
    DB_Port 3306

    進行初始化: /usr/local/spine/bin/spine //執行此命令,成功後顯示如下
    [root@cacti spine]# /usr/local/spine/bin/spine
    SPINE: Using spine config file [/etc/spine.conf]
    SPINE: Version 1.1.38 starting
    SPINE: Time: 0.0385 s, Threads: 5, Devices: 0

    4. 初始化cacti






    5. Cacti監控使用
    5.1 登陸cacti



    5.2 監控本機



    如果沒有加載出來,手動執行一次crontab裏面的命令,然後再次刷新頁面 [root@cacti ~]# php /var/www/html/cacti/poller.php > /dev/null 2>&1
    5.3 監控Linux客戶端
    安裝SNMP
    # yum -y install net-snmp net-snmp-utils

    修改snmp配置文件
    [root@cacticlient ~]# vim /etc/snmp/snmpd.conf
    1) 查找以下代碼:
    com2sec notConfigUser default public
    將"comunity"字段改為你要設置的密碼.比如"public",將“default”改為你想哪台機器可以看到你的snmp信息,如設為cacti監控端ip 192.168.92.56,修改後:
    com2sec notConfigUser 192.168.0.8 public
    2) 查找以下代碼:
    access notConfigGroup "" any noauth exact systemview none none
    將"systemview "字段改為all.修改後:
    access notConfigGroup "" any noauth exact all none none
    3) 查找以下代碼:
    #view all included .1 80
    將該行前面的"#"去掉.

    啟動snmp服務並設為開機啟動:
    # systemctl start snmpd.service && systemctl enable snmpd.service




    監控Windows客戶端


    重啟windows snmp服務,然後訪問cacti添加設備

    熱門文章