cacti

什么是Cacti?

Cacti 在英文中的意思是仙人掌的意思,Cacti是一套基于PHP,MySQL,SNMPRRDTool开发的网络流量监测图形分析工具。它通过snmpget来获取数据,使用 RRDtool绘画图形,而且你完全可以不需要了解RRDtool复杂的参数。它提供了非常强大的数据和用户管理功能,可以指定每一个用户能查看树状结构、host以及任何一张图,还可以与LDAP结合进行用户验证,同时也能自己增加模板,功能非常强大完善。Cacti 的发展是基于让 RRDTool 使用者更方便使用该软件,除了基本的 Snmp 流量跟系统资讯监控外,Cacti 也可外挂 Scripts 及加上 Templates 来作出各式各样的监控图。

cacti是用php语言实现的一个软件,它的主要功能是用snmp服务获取数据,然后用rrdtool储存和更新数据,当用户需要查看数据的时候用rrdtool生成图表呈现给用户。因此,snmprrdtoolcacti的关键。Snmp关系着数据的收集,rrdtool关系着数据存储和图表的生成。

Mysql配合PHP程序存储一些变量数据并对变量数据进行调用,如:主机名、主机ipsnmp团体名、端口号、模板信息等变量。

snmp抓到数据不是存储在mysql中,而是存在rrdtool生成的rrd文件中(在cacti根目录的rra文件夹下)。rrdtool对数据的更新和存储就是对rrd文件的处理,rrd文件是大小固定的档案文件(Round Robin Archive),它能够存储的数据笔数在创建时就已经定义。关于RRDTool的知识请参阅RRDTool教学。

 

什么是SNMP?

snmp(Simple Network Management Protocal, 简单网络管理协议)在架构体系的监控子系统中将扮演重要角色。大体上,其基本原理是,在每一个被监控的主机或节点上 (如交换机)都运行了一个 agent,用来收集这个节点的所有相关的信息,同时监听 snmp port,也就是 UDP 161,并从这个端口接收来自监控主机的指令(查询和设置)

如果安装 net-snmp,被监控主机需要安装 net-snmp(包含了 snmpd 这个 agent),而监控端需要安装 net-snmp-utils,若接受被监控端通过trap-communicate发来的信息的话,则需要安装net-snmp,并启用trap服务。如果自行编译,需要 beecrypt(libbeecrypt)elf(libraryelf)的库。

 

 

什么是RRDtools?

RRDtool是指Round Robin Database 工具(环状数据库)。Round robin是一种处理定量数据、以及当前元素指针的技术。想象一个周边标有点的圆环--这些点就是时间存储的位置。从圆心画一条到圆周的某个点的箭头--这就是指针。就像我们在一个圆环上一样,没有起点和终点,你可以一直往下走下去。过来一段时间,所有可用的位置都会被用过,该循环过程会自动重用原来的位置。这样,数据集不会增大,并且不需要维护。RRDtool处理RRD数据库。它用向RRD数据库存储数据、从RRD数据库中提取数据。


centos7下搭建cacti_第1张图片

 

工作原理:

snmp关系着数据的收集,rrdtool关系数据存储和图表的生成,snmp抓取的数据不是存储在数据库中,而是存储在rrdtool生成的rrd文件中,简单原理图如下:

centos7下搭建cacti_第2张图片 

 

实验

 

1.搭建lamp环境

 

(1)配置apache

[root@cacti-server ~]# yum -y install httpd

[root@cacti-server ~]# systemctl start httpd

[root@cacti-server ~]# systemctl enable httpd

[root@cacti-server ~]# firewall-cmd --permanent --add-service=http

success

[root@cacti-server ~]# firewall-cmd --reload

success

 

(2)配置mariadb

[root@cacti-server ~]# yum -y install mariadb-server mysql-devel

[root@cacti-server ~]# systemctl start mariadb

[root@cacti-server ~]# mysql_secure_installation

Set root password? [Y/n]

Remove anonymous users? [Y/n] y

Disallow root login remotely? [Y/n] y

Remove test database and access to it? [Y/n] y

Reload privilege tables now? [Y/n] y

 

[root@cacti-server ~]# mysql -u root -p

MariaDB [(none)]> grant all privileges on *.* to test@localhost identified by 'redhat'; #创建用于测试phpmariadb连通性的用户

Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges;

 

[root@cacti-server ~]# systemctl restart mariadb

[root@cacti-server ~]# systemctl enable mariadb

[root@cacti-server ~]# firewall-cmd --permanent --add-port=3306/tcp

success

[root@cacti-server ~]# firewall-cmd --reload

success

 

(3)配置php

[root@cacti-server ~]# yum -y install php php-mysql php-gd php-pear

[root@cacti-server ~]# vim /etc/php.ini  

date.timezone =PRC    #修改时区

 

[root@cacti-server ~]# vim /var/www/html/index.php    #编辑测试页面

    $conn=mysql_connect('localhost','test','redhat');

    if ($conn)

       echo "database connect ok";

    else

       echo "database connect failure";

?>

    phpinfo()

?>

 

[root@cacti-server ~]# systemctl restart httpd

 

(4)测试

wKiom1jP8F6T754ZAAAeyiQFris858.png 

 

 

2.安装配置cacti

 

(1)下载软件

[root@cacti-server ~]# cd /usr/local/src/

[root@cacti-server src]# wget http://www.cacti.net/downloads/cacti-0.8.8f.tar.gz

[root@cacti-server src]# tar zxvf cacti-0.8.8f.tar.gz

[root@cacti-server src]# mv cacti-0.8.8f /var/www/html/cacti

 

(2)创建cacti数据库和cacti用户,赋予权限

[root@cacti-server ~]# mysql -u root -p

MariaDB [(none)]> create database cacti default character set utf8;

MariaDB [(none)]> grant all privileges on cacti.* to cacti@localhost identified by 'redhat';

MariaDB [(none)]> flush privileges;

 

(3)把cacti.sql导入数据库

[root@cacti-server cacti]# mysql -ucacti -predhat cacti < /var/www/html/cacti/cacti.sql

 

(4)编辑config.php和global.php

[root@cacti-server cacti]# vim /var/www/html/cacti/include/config.php|global.php

$database_type = "mysql";

$database_default = "cacti";

$database_hostname = "localhost";

$database_username = "cacti";

$database_password = "redhat";

$database_port = "3306";

$database_ssl = false;

 

5)安装rrdtool以生成图像

[root@cacti-server src]# yum -y install rrdtool rrdtool-devel rrdtool-php rrdtool-perl

[root@cacti-server src]# yum -y install gd gd-devel php-gd    #rrdtool绘制图像需要的图形库

 

(6)安装snmp服务

[root@cacti-server cacti]# yum -y install net-snmp net-snmp-utils php-snmp net-snmp-libs

 

(7)编辑配置文件

[root@cacti-server ~]# vim /etc/snmp/snmpd.conf

41  com2sec notConfigUser  127.0.0.1       public

62  access  notConfigGroup ""   any     noauth    exact  all none none

85  view all    included  .1          80

 

[root@cacti-server ~]# systemctl restart snmpd.service

[root@cacti-server ~]# systemctl enable snmpd.service

 

(8)授权目录权限

[root@cacti-server ~]# useradd -r -M cacti

[root@cacti-server ~]# chown -R cacti /var/www/html/cacti/rra/

[root@cacti-server ~]# chown -R cacti /var/www/html/cacti/log/

 

(9)配置一个抓图的计划任务

[root@cacti-server ~]# crontab -e

*/5 * * * * /usr/bin/php  /var/www/html/cacti/poller.php >> /tmp/cacti_rrdtool.log

 

(10)浏览器访问cacti管理页面进行安装

 

(11)测试

[root@cacti-server ~]# /usr/bin/php /var/www/html/cacti/poller.php

OK u:0.00 s:0.01 r:0.80

OK u:0.00 s:0.02 r:1.21

OK u:0.00 s:0.02 r:1.39

OK u:0.00 s:0.02 r:1.50

OK u:0.00 s:0.02 r:1.87

10/21/2016 04:02:32 PM - SYSTEM STATS: Time:1.4211 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:5 RRDsProcessed:5

 

 

3.安装Spine

 

注:由于cacti默认使用cmd.php来轮询数据,速度会很慢,特别是在监控节点比较多的情况下,cmd.php就更显不足了,因此我们采用Spine来轮询数据。cacti-spine是一个由C语言开发的,用于替代cmd.php的快速获取数据的引擎。

(1)编译安装spine

[root@cacti-server ~]# cd /usr/local/src/

[root@cacti-server src]#wget http://www.cacti.net/downloads/spine/cacti-spine-0.8.8f.tar.gz

[root@cacti-server src]# tar zxvf cacti-spine-0.8.8f.tar.gz

[root@cacti-server cacti-spine-0.8.8f]# ./configure

[root@cacti-server cacti-spine-0.8.8f]# make

[root@cacti-server cacti-spine-0.8.8f]# make install

 

(2)拷贝snmp的配置文件

[root@cacti-server ~]# cp /usr/local/spine/etc/spine.conf.dist /etc/spine.conf

注:spine默认配置文件需要放在/etc才会生效,否则测试时会报如下错误:
SPINE: Poller[0] FATAL: Unable to read configuration file! (Spine init)

 

(3)编辑配置文件

[root@cacti-server ~]# vim /etc/spine.conf

DB_Host         localhost

DB_Database     cacti

DB_User         cacti

DB_Pass         redhat

DB_Port         3306

 

(4)测试

[root@cacti-server ~]# /usr/local/spine/bin/spine

SPINE: Using spine config file [/etc/spine.conf]

SPINE: Version 0.8.8f starting

SPINE: Time: 0.1278 s, Threads: 5, Hosts: 2

 

(5)修改web的设置

进入Cacti页面设置spine路径

Console -> Configuration -> Settings -> Paths -> Alternate Poller Path -> Spine Poller File Path->/usr/local/spine/bin/spine

 

(6)修改Cacti使用的Poller Type
Console -> Configuration -> Settings ->Poller->Poller Type->
spine

 

(7)查看日志

[root@cacti-server ~]# cat /var/www/html/cacti/log/cacti.log

10/22/2016 12:45:50 AM - SYSTEM STATS: Time:0.1146 Method:spine Processes:1 Threads:1 Hosts:2 HostsPerProcess:2 DataSources:0 RRDsProcessed:0

 

 

4.添加被监控主机

 

(1)安装snmp服务

[root@cacti-client ~]# yum -y install net-snmp net-snmp-devel net-snmp-utils

 

(2)编辑配置文件

[root@cacti-client ~]# vim /etc/snmp/snmpd.conf

41  com2sec notConfigUser  192.168.23.156       public

62  access  notConfigGroup ""   any     noauth    exact  all none none

85  view all    included  .1                     80

 

[root@cacti-client ~]# systemctl restart snmpd

[root@cacti-client ~]# systemctl enabled snmpd

 

(3)配置防火墙

[root@cacti-client ~]# firewall-cmd --permanent --add-port=161/udp

success

[root@cacti-client ~]# firewall-cmd --reload

success

 

 

5.监控apache

 

客户端的配置

 

(1)编辑apache的配置文件,加入server-status模块的设置

[root@cacti-client ~]# vim /etc/httpd/conf/httpd.conf

ExtendedStatus On

  SetHandler server-status

  Order deny,allow

  Deny from all

  Allow from all

[root@cacti-client ~]# systemctl restart httpd

[root@cacti-client ~]# systemctl enable httpd

 

(2)查看apache加载的模块

[root@cacti-client ~]# apachectl -t -D DUMP_MODULES|grep status

 status_module (shared)

 

(3)访问http://192.168.23.157/server-status查看模块的详细信息

 centos7下搭建cacti_第3张图片

[root@cacti-client ~]# firewall-cmd --permanent --add-service=http

success

[root@cacti-client ~]# firewall-cmd --reload

success

 

服务端的配置

 

(1)安装监控apache的php页面

[root@cacti-server ~]# cd /usr/local/src/

[root@cacti-serversrc]#wget http://forums.cacti.net/download/file.php?id=18576&sid=8d429b69af5be45179d928e1303f2077

[root@cacti-server src]# unzip ApacheStats_0.8.2.zip

[root@cacti-server src]# cd ApacheStats_0.8.2/

[root@cacti-serverApacheStats_0.8.2]#cp ss_apache_stats.php /var/www/html/cacti/scripts/

 

(2)导入模板

Cacti Web界面导入cacti_host_template_webserver_-_apache.xml模板:

点击Import/Export->Import Templates,上传模板即可

 

(3)添加服务器并创建图表

登录Cacti Web界面,添加被监控apache服务器设备,并创建相应图表

Devices->Add->WebServerApache模板->Create New Graphs,添加所需图表即可。等待一段时间就会出图

 

 

6.监控mariadb

 

(1)创建用于监控主机连接mariadb进行监控的用户

[root@cacti-client ~]# mysql -uroot -predhat

MariaDB [(none)]> grant process,super,replication client on *.*to 'mysqltest'@'192.168.23.156' identified by 'redhat';  

MariaDB [(none)]> flush privileges;

[root@cacti-client ~]# systemctl restart mariadb

 

(2)配置防火墙

[root@cacti-client ~]# firewall-cmd --permanent --add-port=3306/tcp

success

[root@cacti-client ~]# firewall-cmd --reload

success

 

(3)安装监控mariadb的php页面文件

[root@cacti-server ~]# cd /usr/local/src/

[root@cacti-serversrc]#wget https://www.percona.com/downloads/percona-monitoring-plugins/1.1.6/percona-monitoring-plugins-1.1.6.tar.gz

[root@cacti-server src]# tar zxvf percona-monitoring-plugins-1.1.6

[root@cacti-server src]# cd percona-monitoring-plugins-1.1.6/cacti/scripts/

[root@cacti-serverscripts]#cpss_get_mysql_stats.php  /var/www/html/cacti/scripts/

 

(4)编辑页面文件

[root@cacti-server scripts]# vim /var/www/html/cacti/scripts/ss_get_mysql_stats.php

$mysql_user = 'mysqltest';   #用于监控主机连接mariadb的用户

$mysql_pass = 'redhat';    #用户密码

 

(5)导入模板

Cacti Web界面导入cacti_host_template_percona_mysql_server_ht_0.8.6i-sver1.1.6.xml模板:

点击Import/Export->Import Templates,上传模板即可

 

(6)添加服务器并创建图表

登录Cacti Web界面,添加被监控mariabdb服务器设备,并创建相应图表:

Devices->Add->dbServerMysql模板->Create New Graphs,添加所需图表即可。等待一段时间就会出图

 

 

7.邮件报警

 

(1)下载插件

[root@cacti-server ~]# cd /usr/local/src/

[root@cacti-server src]# tar zxvf settings-v0.71-1.tgz

[root@cacti-server src]# mv settings /var/www/html/cacti/plugins/

[root@cacti-server src]# tar zxvf thold-v0.5.0.tgz

[root@cacti-server src]# mv thold /var/www/html/cacti/plugins/

 

(2)访问cacti管理页面安装插件

 

 

(3)测试

 

wKiom1jP8Pfy2AHGAAA_iFyKtak004.png

wKioL1jP8Pqg195uAABXfSJak9E944.png

 

(4)告警被触发,查看邮件

[root@cacti-server ~]# cat  /var/spool/mail/root

..................................

..................................

To: [email protected]

Subject: ALERT: test - Used Space - / [hdd_used] [hdd_used] went above threshold of 25 with 36.8871

From: Cacti

Date: Mon, 24 Oct 2016 14:00:03 +0800

..................................

An alert has been issued that requires your attention.

..................................

Host: test (192.168.23.157)

URL: http://192.168.23.156/cacti//graph.php?local_graph_id=103&rra_id=1

Message: ALERT: test - Used Space - / [hdd_used] [hdd_used] went above threshold of 25 with 36.8871

..................................

Content-Type: p_w_picpath/jpg

Content-Disposition: inline; filename="103.jpg"

...................................

...................................