centos7安装cacti笔记

在安装cacti前,要先安装其它附件

PHP - 模块支持 (必须)
Cacti 的安装对一些PHP 模块有要求. 如果缺少其中任何一个,您将无法继续,直到条件满足.另外, 为了获得更佳的系统性能, Cacti 应该运行在特定的MySQL 配置之下.请根据您的意愿遵循MySQL 配置建议. 如果您有任何问题, 请务必查阅MySQL 文档.
以下PHP 扩展是强制性的, 必须在安装Cacti 之前安装.
所需的PHP 模块
sockets simplexml session pdo_mysql spl standard posix zlib xml PDO pcre gmp gd filter date hash json openssl mbstring ldap ctype
PHP - 模块支持(可选)
建议使用以下PHP 扩展,并应在继续安装Cacti 之前安装.注意: 如果您计划使用IPv6支持的SNMPv3,则此时不应安装php-snmp 模块.
可选模块
snmp gettext TrueType Box TrueType Text

安装基础软件包
Mysql,PHP,RRDTool,net-snmp 和 支持 PHP 的 Web服务器,如 Apache,Nginx 或 IIS等

安装mysql数据库

配置MariaDB官方yum源,这里安装mariadb10.3.5版本:

[root@localhost ~]# vim /etc/yum.repos.d/MariaDB.repo
[mariadb]
name=MariaDB
baseurl= http://yum.mariadb.org/10.3.5/centos74-amd64/
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

安装mariadb server和mariadb client

[root@localhost ~]# yum install -y MariaDB-server MariaDB-client MariaDB-devel
Installed:
MariaDB-client.x86_64 0:10.3.5-1.el7.centos
MariaDB-devel.x86_64 0:10.3.5-1.el7.centos

安装httpd和php
yum install -y httpd php

安装php扩展
yum install –y php-mysql php-snmp php-xml php-ldap php-gd php-mbstring php-posix
装完可用php -m查看

安装net-snmp
yum install -y net-snmp* (注意:这里是net-snmp的所有软件包)

安装RRDTOOL绘图工具
yum install –y rrdtool rrdtool-devel rrdtool-php rrdtool-perl perl-devel perl-CPAN perl-YAML

安装相关lib库
yum install gcc glibcglibc-common cairo pango zlib zlib-devel freetype freetype-devel gd -y

配置webserver

查看httpd.conf配置文件,确保包含以下内容:
[root@cacti ~]# vim /etc/httpd/conf/httpd.conf
#Load config files in the “/etc/httpd/conf.d” directory, if any.
IncludeOptional conf.d/*.conf

配置php.conf配置文件,末尾添加以下内容:

[root@cacti ~]# vim /etc/httpd/conf.d/php.conf

#PHP is an HTML-embedded scripting language which attempts to make it
#easy for developers to write dynamically generated webpages.
LoadModule php5_module modules/libphp5.so

#Cause the PHP interpreter to handle files with a .php extension.
AddHandler php5-script .php
AddType text/html .php

#Add index.php to the list of files that will be served as directory
#indexes.
DirectoryIndex index.php

启动httpd并将其设置为开机自启
systemctl start httpd && systemctl enable httpd

把服务加入防火墙
firewall-cmd --permanent --add-service=http
firewall-cmd --reload

配置php
确保模块已被安装
修改php.ini配置文件,添加或找到如下内容
关闭安全模式并修改时区
[root@localhost ~]# vim /etc/php.ini
[PHP]
safe_mode = Off
……
date.timezone = Asia/Shanghai (#修改时区,记得把时区前的";"拿掉)

测试php与apache解析是否正常,创建php测试页面

[root@cacti ~]# vim /var/www/html/index.php

<?php phpinfo(); ?>

重启httpd并在网页测试
systemctl restart httpd

配置MySQL

启动mysql数据库服务并设为开机启动,同时加入防火墙规则
[root@localhost ~]# systemctl start mariadb && systemctl enable mariadb
firewall-cmd --permanent --add-port=3306/tcp
firewall-cmd --reload

初始化MariaDB数据库,主要创建mysql数据库密码(此root密码设为123456),然后全部Y下一步:

[root@localhost ~]# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we’ll need the current
password for the root user. If you’ve just installed MariaDB, and
you haven’t set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): //当前数据库密码为空,直接按回车键
OK, successfully used password, moving on…

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Y //输入要为root管理员设置的密码(数据库root非linux root)
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables…
… Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y //删除匿名账号
… Success!

Normally, root should only be allowed to connect from ‘localhost’. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y //禁止root管理员从远程登录
… Success!

By default, MariaDB comes with a database named ‘test’ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y //删除test数据库并取消对它的访问权限

  • Dropping test database…
    … Success!
  • Removing privileges on test database…
    … Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y //刷新授权表,让初始化后的设定立即生效
… Success!

Cleaning up…

All done! If you’ve completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

修改mysql配置文件,在[server]下增加如下内容

[root@cacti ~]# vim /etc/my.cnf.d/server.cnf
[server]
#this is only for the mysqld standalone daemon
character_set_server = utf8mb4
collation-server = utf8mb4_unicode_ci
character_set_client = utf8mb4
max_heap_table_size = 256M
max_allowed_packet = 16777216
tmp_table_size = 64M
join_buffer_size = 64M
innodb_file_per_table = ON
#innodb_file_format = Barracuda
#innodb_large_prefix = 1
innodb_buffer_pool_size = 1024M
innodb_doublewrite = OFF
#innodb_additional_mem_pool_size = 96M
innodb_lock_wait_timeout = 55
innodb_flush_log_at_timeout = 3
innodb_flush_log_at_trx_commit = 2
innodb_read_io_threads = 32
innodb_write_io_threads =16

数据库与PHP测试:
[root@cacti ~]# vim /var/www/html/index.php

<?php $a=mysql_connect("localhost","root","123456"); if($a){echo "ok";}else{echo "err";} ?>

重启httpd并在网页中测试

配置SNMP
#vim /etc/snmp/snmpd.conf
//修改default为本机ip,修改public为自己的团体名(可以不改),42行
com2sec notConfigUser 127.0.0.1 public
//把systemview改成all ,供所有snmp 访问权限 64行
access notConfigGroup “” any noauth exact all none none
//去掉此行注释
view all included .1 80 // 去掉#号 85行

重启SNMP
systemctl restart snmpd.service && systemctl enable snmpd.service

测试本地SNMP
snmpwalk -v 2c -c public localhost system
测试远程SNMP
snmpwalk -v 2c -c public ip system

安装和配置cacti
#wget https://github.com/Cacti/cacti/archive/release/1.1.38.tar.gz
#tar -zxvf 1.1.38.tar.gz
#cp -R cacti-release-1.1.38/ /var/www/html/cacti

创建 cacti 数据库
创建cacti数据库,创建数据库用户cactiuser,密码为cactiuser 设置用户相关授权
[root@cacti ~]# mysql –u root -p
MariaDB [(none)]> create database cacti;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all on cacti.* to cactiuser@localhost identified by “cactiuser”;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT SELECT ON mysql.time_zone_name TO ‘cactiuser’@‘localhost’ IDENTIFIED BY ‘cactiuser’;
Query OK, 0 rows affected (0.00 sec)
MariaDB [cacti]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

导入 Cacti 默认数据库

MariaDB [(none)]> use cacti;
Database changed
MariaDB [cacti]> source /var/www/html/cacti/cacti.sql;
………………
MariaDB [cacti]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [cacti]> quit
Bye

配置数据库时区:
[root@cacti ~]# mysql_tzinfo_to_sql /usr/share/zoneinfo/ | mysql -u root -p mysql
Enter password:
Warning: Unable to load ‘/usr/share/zoneinfo//leapseconds’ as time zone. Skipping it.
Warning: Unable to load ‘/usr/share/zoneinfo//tzdata.zi’ as time zone. Skipping it.

创建 cacti 系统用户,设置目录权限
[root@cacti ~]# useradd -r -M cacti
[root@cacti ~]# chown -R cacti /var/www/html/cacti/{rra,log}/
[root@cacti ~]# chown -R apache.apache /var/www/html/cacti/{resource,cache,scripts}/
[root@cacti ~]# chmod -R 777 /var/www/html/cacti/

添加定时任务

将每5分钟执行一次的数据获取脚本加入crontab
配置crontab前,请使用以下命令测试是否可以获取数据
/usr/bin/php /data/www/cacti/poller.php
如果不通过,记得要把/rra里的东西清空

[root@cacti ~]# crontab -e
no crontab for root - using an empty one
*/5 * * * * cactiuser php /var/www/html/cacti/poller.php > /dev/null 2>&1

如果出现You don’t have permission to access / on this server.

修改Apache 目录 (先用su切换到root角色) vim /etc/httpd/conf/httpd.conf 1、修改以下几个地方 a、DocumentRoot “/var/www/html” b、# Further relax access to the default document root: <Directory “/var/www/html”> c、<Directory “/var/www/html”> 2、修改权限,发现只要是节点下的Require all XXXX 改成Require all granted 3、修改权限,<Files “.ht*”> 节点下的Require all XXXX 改成Require all granted 4、给目录设置权限 chmod -R 755 修改的目录 chmod -R 777 修改的目录 执行了目录权限以后在执行以下这个吧(不执行也行,后面错的话就执行下): chmod o+x 修改的目录(这里0可以换为a,表示所有用户,同时修改目录的每一个上级也可以执行一次), 5、关闭selinux服务(同样也要用su切换到root) vi /etc/sysconfig/selinux 把ELINUX=enforcing 改为 SELINUX=disabled 从启

上一篇:cacti的thold插件在自定义时间段修改阈值


下一篇:color a tree