华股街网站
监控配置手册
华股街网站运维点点滴滴,Cacti、Nagios安装与详
细配置,以及二者的整合。
2010-8-20
Cacti安装配置指南
一 系统环境:CentOS 5.4
二 安装编译基本环境:
使用yum命令安装所需rpm包
[root@bogon ~]# rpm --import http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
[root@bogon ~]# yum -y install ntp vim-enhanced gcc gcc-c++ gcc-g77 flex bison utoconf
automake bzip2-devel ncurses-devel zlib-devel libjpeg-devel libpng-devel libtiff-devel
freetype-devel libXpm-devel gettext-devel pam-devel kernel
[root@bogon ~]# yum -y install net-snmp*
编译安装所需源码包,我准备好的安装包都放在/usr/local/src
1、安装GD库
[root@bogon ~]# cd /usr/local/src
[root@bogon src]# tar -zxvf gd-2.0.35.tar.gz
[root@localhost src]# cd gd-2.0.35
[root@localhost gd-2.0.35]# ./configure --prefix=/usr/local/gd2
[root@localhost gd-2.0.35]# make
[root@localhost gd-2.0.35]# make install
2、安装libxml2
[root@localhost gd-2.0.35]# cd ..
[root@localhost src]# tar -zxvf libxml2-2.6.29.tar.gz
[root@localhost src]# cd libxml2-2.6.29
[root@localhost libxml2-2.6.29]# ./configure --prefix=/usr/local/libxml2
[root@localhost libxml2-2.6.29]# make
[root@localhost libxml2-2.6.29]# make install
3、安装libmcrypt
[root@localhost libxml2-2.6.29]# cd ..
[root@localhost src]# tar -zxvf libmcrypt-2.5.7.tar.gz
[root@localhost src]# cd libmcrypt-2.5.7
[root@localhost libmcrypt-2.5.7]# ./configure --prefix=/usr/local/libmcrypt
[root@localhost libmcrypt-2.5.7]# make
[root@localhost libmcrypt-2.5.7]# make install
4、安装openssl和openssh
[root@localhost libmcrypt-2.5.7]# cd ..
[root@localhost src]# tar -zxvf openssl-0.9.8k.tar.gz
[root@localhost src]# cd openssl-0.9.8k
[root@localhost openssl-0.9.8k]# ./config --prefix=/usr/local/openssl
[root@localhost openssl-0.9.8k]# make
[root@localhost openssl-0.9.8k]# make test
[root@localhost openssl-0.9.8k]# make install
[root@localhost openssl-0.9.8k]# cd ..
[root@localhost src]# tar -zxvf openssh-5.1p1.tar.gz
[root@localhost src]# cd openssh-5.1p1
[root@localhost openssh-5.1p1]# ./configure \
>”--prefix=/usr” \
>”--with-pam” \
>”--with-zlib” \
>”--sysconfdir=/etc/ssh” \
>”--with-ssl-dir=/usr/local/openssl” \
>”--with-md5-passwords”
[root@localhost openssh-5.1p1]# make
[root@localhost openssh-5.1p1]# make install
5、配置openssl和openssh
a、禁用ssh v1协议
[root@localhost openssh-5.1p1]# vi /etc/ssh/sshd_config
找到#Protocol 2,1改为:Protocol 2
b、禁用服务器端GSSAPI
找到以下两行,并将它们注释:
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
c、禁用 DNS 名称解析
找到UseDNS yea改为:UseDNS no
保存退出
d、禁用客户端GSSAPI
[root@localhost openssh-5.1p1]# vi /etc/ssh/ssh_config
找到GSSAPIAuthentication yes并将这行注释掉
保存退出,确认修改正确后重新启势SSH 服务
[root@localhost openssh-5.1p1]# service sshd restart
[root@localhost openssh-5.1p1]# ssh –v
确认openssl和openssh版本正确
三、编译安装LAMP环境
1、检查安装环境
[root@localhost openssh-5.1p1]# rpm -qa |grep httpd
系统已经安装了apache的rpm包,为了后面结合其他源码包编译和管理,我这里卸载它并
安装apache源码包
[root@localhost openssh-5.1p1]# rpm -e httpd --nodeps
[root@localhost openssh-5.1p1]# rpm -qa |grep php
[root@localhost openssh-5.1p1]# rpm -qa |grep mysql
2、安装apache
[root@localhost openssh-5.1p1]# cd ..
[root@localhost src]# tar -zxvf httpd-2.2.13.tar.gz
[root@localhost src]# cd httpd-2.2.13
[root@localhost httpd-2.2.13]# ./configure --prefix=/usr/local/apache2 --with-included-apr
--enable-so --enable-deflate=shared --enable-expires=shared --with-rewrite=shared
--enable-static-support --disable-userdir
[root@localhost httpd-2.2.13]# make
[root@localhost httpd-2.2.13]# make install
[root@localhost httpd-2.2.13]# echo “/usr/local/apache2/bin/apachectl start” >> /etc/rc.local
3、安装mysql
这里建议安装mysql的rpm包,为方便后面cacti插件安装时候lib库查找,否则单个安装会
因版本不匹配带来很多麻烦
[root@localhost httpd-2.2.13]# yum -y install mysql*
[root@localhost httpd-2.2.13]# service mysqld start
4、编译安装php
[root@localhost httpd-2.2.13]# cd ..
[root@localhost src]# tar –xjvf php-5.2.11.tar.bz2
[root@localhost src]# cd php-5.2.11
[root@localhost php-5.2.11]# ./configure \
>”--prefix=/usr/local/php” \
>”--with-apxs2=/usr/local/apache2/bin/apxs” \
>”--with-config-file-path=/usr/local/php/etc” \
>”--with-libxml-dir=/usr/local/libxml2/bin” \
>”--with-gd=/usr/local/gd2” \
>”--with-jpeg-dir” \
>”--with-png-dir” \
>”--with-bz2” \
>”--with-xmlrpc” \
>”--with-freetype-dir” \
>”--with-zlib-dir” \
>”--with-openssl=/usr/local/openssl” \
>”--with-mcrypt=/usr/local/libmcrypt” \
>”--enable-sysvsem” \
>”--enable-inline-optimization” \
>”--enable-soap” \
>”--enable-gd-native-ttf” \
>”--enable-ftp” \
>”--enable-mbstring” \
>”--enable-exif” \
>”--disable-debug” \
>”--disable-ipv6” \
>”--enable-sockets” \
>”--disable-cgi” \
>”--with-snmp” \
>”--with-mysql” \
>”--with-pdo-mysql”
[root@localhost php-5.2.11]# make
[root@localhost php-5.2.11]# make install
[root@localhost php-5.2.11]# cp php.ini-dist /usr/local/php/etc/php.ini
注意:./configure如果出现报错:
请安装libxml2-devel的rpm包
出现报错:
configure: error: snmp.h not found. Check your SNMP installation.
检查是否安装net-snmp*包
5、整合apache与php
[root@localhost php-5.2.11]# vi /usr/local/apache2/conf/httpd.conf
找到AddType application/x-gzip .gz .tgz
在该行下面添加AddType application/x-httpd-php .php
找到
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
将该行改为
<IfModule dir_module>
DirectoryIndex index.html index.htm index.php
</IfModule>
修改完成后保存退
[root@localhost php-5.2.11]# /usr/local/apache2/bin/apachectl restart
查看确认LAMP环境信息
在网站根目录放置 info.php 脚本,检查phpinfo中的各项信息是否正确
[root@localhost php-5.2.11]# vi /usr/local/apache2/htdocs/info.php
写入以下信息,保存退出
<?php
phpinfo();
?>
访问页面http://IP/info.php,出现PHP环境信息,则LAMP正常
新建 Bitmap 图像.bmp
四、安装rrdtool
我这里安装的是rpm包
[root@localhost php-5.2.11]# cd ..
[root@localhost src]# wget
http://www.express.org/~wrl/rrdtool/rrdtool-1.3.9-1.el5.wrl.i386.rpm
[root@localhost src]# rpm –ivh rrdtool-1.3.9-1.el5.wrl.i386.rpm
若出现错误:
则下载安装:
[root@localhost src]# yum -y install ruby
[root@localhost src]# wget
http://www.express.org/~wrl/rrdtool/rrdtool-perl-1.3.9-1.el5.wrl.i386.rpm
[root@localhost src]# wget
http://www.express.org/~wrl/rrdtool/rrdtool-devel-1.3.9-1.el5.wrl.i386.rpm
[root@localhost src]# rpm -ivh rrdtool-perl-1.3.9-1.el5.wrl.i386.rpm
rrdtool-devel-1.3.9-1.el5.wrl.i386.rpm rrdtool-1.3.9-1.el5.wrl.i386.rpm
五、安装cacti
[root@localhost src]# tar -zxvf cacti-0.8.7e.tar.gz
[root@localhost src]# mv cacti-0.8.7e /usr/local/apache2/htdocs/cacti
[root@localhost src]# cd /usr/local/apache2/htdocs/cacti
配置账户及mysql数据库
[root@localhost cacti]# groupadd cactiuser
[root@localhost cacti]# useradd -g cactiuser cactiuser
[root@localhost cacti]# mysql -uroot –p
mysql> create database cactidb;
mysql> grant all on cactidb.* to root;
mysql> grant all on cactidb.* to root@localhost;
mysql> grant all on cactidb.* to cactiuser;
mysql> grant all on cactidb.* to cactiuser@localhost identified by ‘123456’;
mysql> flush privileges;
mysql> exit
导入数据库并配置连接文件
[root@localhost cacti]# mysql -uroot -p cactidb < cacti.sql
[root@localhost cacti]# chown -R cactiuser rra/ log/
[root@localhost cacti]# chmod -R 777 rra/ log/
[root@localhost cacti]# vi include/config.php
在此处填写数据库的连接信息
配置让系统每五分钟去取一次snmp数据
[root@localhost cacti]# crontab -u cactiuser -e //注意要用cactiuser就是你刚刚建立的那个
帐号去运行crontab
*/5 * * * * /usr/local/php/bin/php /usr/local/apache2/htdocs/cacti/poller.php > /dev/null 2>&1
六、客户端配置
[root@bogon ~]# yum -y install net-snmp*
[root@bogon ~]# vi /etc/snmp/snmpd.conf
#SNMP configfile for linux servers
com2sec local 127.0.0.1 public
com2sec local 监控机器IP/掩码 public
group MyROGroup v1 local
group MyROGroup v2c local
group MyROGroup usm local
view all included .1 80
access MyROGroup “” any noauth exact all none nones
syslocation (/etc/snmpd/snmpd.conf)
syscontact Me (email)
保存退出,重启SNMP
[root@bogon ~]# service snmpd restart
七、配置完成
在浏览器输入http://IP/cacti
next下一步,选择new install
检查路径是否正确,需写明执行文件的详细路径,红色处PHP Binary Path,即为:
/usr/local/php/bin/php
SNMP Utility Version选择net-snmp 5.x,RRDTool Utility Version选择RRDTool
1.3.x 点击Finish完成。
输入默认用户名和密码(用户名密码均为admin)
提示修改密码,修改完成,用新密码登陆。到此,Cacti的安装完成。
Cacti各插件安装配置
配置完Cacti,默认只有console、graphs。Cacti的各项功能需要结合各种插件来实现,如thold
实现报警功能,weathermap可以自定义网络拓扑结构,syslogs采集记录客户端日志。根据
需求,下面我们安装monitor、thold、weathermap、syslogs、discover插件。
一、安装插件管理cacti-plugin
[root@localhost ~]# cd /usr/local/src
[root@localhost src]# unzip cacti-plugin-0.8.7d-PA-v2.4.zip
[root@localhost src]# cp -R /usr/local/apache2/htdocs/cacti /usr/local/apache2/htdocs/cacti_bak
\\备份cacti目录
[root@localhost src]# cd files-0.8.7d/
[root@localhost files-0.8.7d]# cp -rf * /usr/local/apache2/htdocs/cacti/
导入数据
[root@localhost files-0.8.7d]# cd ..
[root@localhost src]# mysql -ucactiuser -p123456 cactidb < pa.sql
更改访问路径
[root@localhost src]# vi /usr/local/apache2/htdocs/cacti/include/global.php
$config['url_path'] = '/cacti/';
访问http://IP/cacti
console—Utilities—User Management—admin—Realm Permissions,勾选Plugin Management;保存
此时在console—Configuration下面多出Plugin Management选项。
二、安装monitor
[root@localhost src]# tar -zxvf monitor-0.8.2.tar.gz
[root@localhost src]# mv ./monitor /usr/local/apache2/htdocs/cacti/plugins/
[root@localhost src]# cd /usr/local/apache2/htdocs/cacti/plugins/monitor/
导入数据
[root@localhost monitor]# mysql -ucactiuser -p123456 cactidb < monitor.sql
修改配置文件,启用插件
[root@localhost monitor]# vi /usr/local/apache2/htdocs/cacti/include/global.php
在//$plugins[] = 'thold';下面加入$plugins[] = 'monitor';
访问http://IP/cacti
console—Utilities—User Management—admin—Realm Permissions,勾选View Monitoring;保存
三、安装thold
[root@localhost monitor]# cd /usr/local/src
[root@localhost src]# mkdir thold
[root@localhost src]# mv thold.zip ./thold
[root@localhost src]# cd thold
[root@localhost thold]# unzip thold.zip
[root@localhost thold]# cd ..
[root@localhost src]# mv ./thold /usr/local/apache2/htdocs/cacti/plugins/
[root@localhost src]# vi /usr/local/apache2/htdocs/cacti/include/global.php
去掉//$plugins[] = ‘thold’;前面注释//
WEB页面console—Configuration—Plugin Management—thold—Install—Enable
现在配置监控的是交换机端口流量大于10M,那么自动会发email和MSN信息给指定人
console—Configuration—settings—Alerting/Thold
注意修改的地方有:
Base URL 填写cacti访问路径
Syslogging勾选
Dead Hosts Notifications 勾选Dead Hosts Notifications
Dead Host Notifications Email 填写接受报警的邮箱
From Email Address 填写发送报警的邮箱
From Name 发送报警邮箱名称