centos7下搭建cacti
cacti
什么是Cacti?
Cacti 在英文中的意思是仙人掌的意思,Cacti是一套基于PHP,MySQL,SNMP及RRDTool开发的网络流量监测图形分析工具。它通过snmpget来获取数据,使用 RRDtool绘画图形,而且你完全可以不需要了解RRDtool复杂的参数。它提供了非常强大的数据和用户管理功能,可以指定每一个用户能查看树状结构、host以及任何一张图,还可以与LDAP结合进行用户验证,同时也能自己增加模板,功能非常强大完善。Cacti 的发展是基于让 RRDTool 使用者更方便使用该软件,除了基本的 Snmp 流量跟系统资讯监控外,Cacti 也可外挂 Scripts 及加上 Templates 来作出各式各样的监控图。
cacti是用php语言实现的一个软件,它的主要功能是用snmp服务获取数据,然后用rrdtool储存和更新数据,当用户需要查看数据的时候用rrdtool生成图表呈现给用户。因此,snmp和rrdtool是cacti的关键。Snmp关系着数据的收集,rrdtool关系着数据存储和图表的生成。
Mysql配合PHP程序存储一些变量数据并对变量数据进行调用,如:主机名、主机ip、snmp团体名、端口号、模板信息等变量。
snmp抓到数据不是存储在mysql中,而是存在rrdtool生成的rrd文件中(在cacti根目录的rra文件夹下)。rrdtool对数据的更新和存储就是对rrd文件的处理,rrd文件是大小固定的档案文件(Round Robin Archive),它能够存储的数据笔数在创建时就已经定义。关于RRDTool的知识请参阅RRDTool教学。
什么是SNMP?
snmp(Simple Network Management Protocal, 简单网络管理协议)在架构体系的监控子系统中将扮演重要角色。大体上,其基本原理是,在每一个被监控的主机或节点上 (如交换机)都运行了一个 agent,用来收集这个节点的所有相关的信息,同时监听 snmp 的 port,也就是 UDP 161,并从这个端口接收来自监控主机的指令(查询和设置)。
如果安装 net-snmp,被监控主机需要安装 net-snmp(包含了 snmpd 这个 agent),而监控端需要安装 net-snmp-utils,若接受被监控端通过trap-communicate发来的信息的话,则需要安装net-snmp,并启用trap服务。如果自行编译,需要 beecrypt(libbeecrypt)和 elf(libraryelf)的库。
什么是RRDtools?
RRDtool是指Round Robin Database 工具(环状数据库)。Round robin是一种处理定量数据、以及当前元素指针的技术。想象一个周边标有点的圆环--这些点就是时间存储的位置。从圆心画一条到圆周的某个点的箭头--这就是指针。就像我们在一个圆环上一样,没有起点和终点,你可以一直往下走下去。过来一段时间,所有可用的位置都会被用过,该循环过程会自动重用原来的位置。这样,数据集不会增大,并且不需要维护。RRDtool处理RRD数据库。它用向RRD数据库存储数据、从RRD数据库中提取数据。
工作原理:
snmp关系着数据的收集,rrdtool关系数据存储和图表的生成,snmp抓取的数据不是存储在数据库中,而是存储在rrdtool生成的rrd文件中,简单原理图如下:
实验
1.搭建lamp环境
(1)配置apache
[root@cacti-server ~]# yum -y install httpd
[root@cacti-server ~]# systemctl start httpd
[root@cacti-server ~]# systemctl enable httpd
[root@cacti-server ~]# firewall-cmd --permanent --add-service=http
success
[root@cacti-server ~]# firewall-cmd --reload
success
(2)配置mariadb
[root@cacti-server ~]# yum -y install mariadb-server mysql-devel
[root@cacti-server ~]# systemctl start mariadb
[root@cacti-server ~]# mysql_secure_installation
Set root password? [Y/n]
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] y
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y
[root@cacti-server ~]# mysql -u root -p
MariaDB [(none)]> grant all privileges on *.* to test@localhost identified by 'redhat'; #创建用于测试php和mariadb连通性的用户
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> flush privileges;
[root@cacti-server ~]# systemctl restart mariadb
[root@cacti-server ~]# systemctl enable mariadb
[root@cacti-server ~]# firewall-cmd --permanent --add-port=3306/tcp
success
[root@cacti-server ~]# firewall-cmd --reload
success
(3)配置php
[root@cacti-server ~]# yum -y install php php-mysql php-gd php-pear
[root@cacti-server ~]# vim /etc/php.ini
date.timezone =PRC #修改时区
[root@cacti-server ~]# vim /var/www/html/index.php #编辑测试页面
$conn=mysql_connect('localhost','test','redhat');
if ($conn)
echo "database connect ok";
else
echo "database connect failure";
?>
phpinfo()
?>
[root@cacti-server ~]# systemctl restart httpd
(4)测试
2.安装配置cacti
(1)下载软件
[root@cacti-server ~]# cd /usr/local/src/
[root@cacti-server src]# wget http://www.cacti.net/downloads/cacti-0.8.8f.tar.gz
[root@cacti-server src]# tar zxvf cacti-0.8.8f.tar.gz
[root@cacti-server src]# mv cacti-0.8.8f /var/www/html/cacti
(2)创建cacti数据库和cacti用户,赋予权限
[root@cacti-server ~]# mysql -u root -p
MariaDB [(none)]> create database cacti default character set utf8;
MariaDB [(none)]> grant all privileges on cacti.* to cacti@localhost identified by 'redhat';
MariaDB [(none)]> flush privileges;
(3)把cacti.sql导入数据库
[root@cacti-server cacti]# mysql -ucacti -predhat cacti < /var/www/html/cacti/cacti.sql
(4)编辑config.php和global.php
[root@cacti-server cacti]# vim /var/www/html/cacti/include/config.php|global.php
$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cacti";
$database_password = "redhat";
$database_port = "3306";
$database_ssl = false;
(5)安装rrdtool以生成图像
[root@cacti-server src]# yum -y install rrdtool rrdtool-devel rrdtool-php rrdtool-perl
[root@cacti-server src]# yum -y install gd gd-devel php-gd #rrdtool绘制图像需要的图形库
(6)安装snmp服务
[root@cacti-server cacti]# yum -y install net-snmp net-snmp-utils php-snmp net-snmp-libs
(7)编辑配置文件
[root@cacti-server ~]# vim /etc/snmp/snmpd.conf
41 com2sec notConfigUser 127.0.0.1 public
62 access notConfigGroup "" any noauth exact all none none
85 view all included .1 80
[root@cacti-server ~]# systemctl restart snmpd.service
[root@cacti-server ~]# systemctl enable snmpd.service
(8)授权目录权限
[root@cacti-server ~]# useradd -r -M cacti
[root@cacti-server ~]# chown -R cacti /var/www/html/cacti/rra/
[root@cacti-server ~]# chown -R cacti /var/www/html/cacti/log/
(9)配置一个抓图的计划任务
[root@cacti-server ~]# crontab -e
*/5 * * * * /usr/bin/php /var/www/html/cacti/poller.php >> /tmp/cacti_rrdtool.log
(10)浏览器访问cacti管理页面进行安装
(11)测试
[root@cacti-server ~]# /usr/bin/php /var/www/html/cacti/poller.php
OK u:0.00 s:0.01 r:0.80
OK u:0.00 s:0.02 r:1.21
OK u:0.00 s:0.02 r:1.39
OK u:0.00 s:0.02 r:1.50
OK u:0.00 s:0.02 r:1.87
10/21/2016 04:02:32 PM - SYSTEM STATS: Time:1.4211 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:5 RRDsProcessed:5
3.安装Spine
注:由于cacti默认使用cmd.php来轮询数据,速度会很慢,特别是在监控节点比较多的情况下,cmd.php就更显不足了,因此我们采用Spine来轮询数据。cacti-spine是一个由C语言开发的,用于替代cmd.php的快速获取数据的引擎。
(1)编译安装spine
[root@cacti-server ~]# cd /usr/local/src/
[root@cacti-server src]#wget http://www.cacti.net/downloads/spine/cacti-spine-0.8.8f.tar.gz
[root@cacti-server src]# tar zxvf cacti-spine-0.8.8f.tar.gz
[root@cacti-server cacti-spine-0.8.8f]# ./configure
[root@cacti-server cacti-spine-0.8.8f]# make
[root@cacti-server cacti-spine-0.8.8f]# make install
(2)拷贝snmp的配置文件
[root@cacti-server ~]# cp /usr/local/spine/etc/spine.conf.dist /etc/spine.conf
注:spine默认配置文件需要放在/etc才会生效,否则测试时会报如下错误:
SPINE: Poller[0] FATAL: Unable to read configuration file! (Spine init)
(3)编辑配置文件
[root@cacti-server ~]# vim /etc/spine.conf
DB_Host localhost
DB_Database cacti
DB_User cacti
DB_Pass redhat
DB_Port 3306
(4)测试
[root@cacti-server ~]# /usr/local/spine/bin/spine
SPINE: Using spine config file [/etc/spine.conf]
SPINE: Version 0.8.8f starting
SPINE: Time: 0.1278 s, Threads: 5, Hosts: 2
(5)修改web的设置
进入Cacti页面设置spine路径
Console -> Configuration -> Settings -> Paths -> Alternate Poller Path -> Spine Poller File Path->/usr/local/spine/bin/spine
(6)修改Cacti使用的Poller Type
Console -> Configuration -> Settings ->Poller->Poller Type->spine
(7)查看日志
[root@cacti-server ~]# cat /var/www/html/cacti/log/cacti.log
10/22/2016 12:45:50 AM - SYSTEM STATS: Time:0.1146 Method:spine Processes:1 Threads:1 Hosts:2 HostsPerProcess:2 DataSources:0 RRDsProcessed:0
4.添加被监控主机
(1)安装snmp服务
[root@cacti-client ~]# yum -y install net-snmp net-snmp-devel net-snmp-utils
(2)编辑配置文件
[root@cacti-client ~]# vim /etc/snmp/snmpd.conf
41 com2sec notConfigUser 192.168.23.156 public
62 access notConfigGroup "" any noauth exact all none none
85 view all included .1 80
[root@cacti-client ~]# systemctl restart snmpd
[root@cacti-client ~]# systemctl enabled snmpd
(3)配置防火墙
[root@cacti-client ~]# firewall-cmd --permanent --add-port=161/udp
success
[root@cacti-client ~]# firewall-cmd --reload
success
5.监控apache
客户端的配置
(1)编辑apache的配置文件,加入server-status模块的设置
[root@cacti-client ~]# vim /etc/httpd/conf/httpd.conf
ExtendedStatus On
SetHandler server-status
Order deny,allow
Deny from all
Allow from all
[root@cacti-client ~]# systemctl restart httpd
[root@cacti-client ~]# systemctl enable httpd
(2)查看apache加载的模块
[root@cacti-client ~]# apachectl -t -D DUMP_MODULES|grep status
status_module (shared)
(3)访问http://192.168.23.157/server-status查看模块的详细信息
[root@cacti-client ~]# firewall-cmd --permanent --add-service=http
success
[root@cacti-client ~]# firewall-cmd --reload
success
服务端的配置
(1)安装监控apache的php页面
[root@cacti-server ~]# cd /usr/local/src/
[root@cacti-serversrc]#wget http://forums.cacti.net/download/file.php?id=18576&sid=8d429b69af5be45179d928e1303f2077
[root@cacti-server src]# unzip ApacheStats_0.8.2.zip
[root@cacti-server src]# cd ApacheStats_0.8.2/
[root@cacti-serverApacheStats_0.8.2]#cp ss_apache_stats.php /var/www/html/cacti/scripts/
(2)导入模板
在Cacti Web界面导入cacti_host_template_webserver_-_apache.xml模板:
点击Import/Export->Import Templates,上传模板即可
(3)添加服务器并创建图表
登录Cacti Web界面,添加被监控apache服务器设备,并创建相应图表:
Devices->Add->WebServer-Apache模板->Create New Graphs,添加所需图表即可。等待一段时间就会出图
6.监控mariadb
(1)创建用于监控主机连接mariadb进行监控的用户
[root@cacti-client ~]# mysql -uroot -predhat
MariaDB [(none)]> grant process,super,replication client on *.*to 'mysqltest'@'192.168.23.156' identified by 'redhat';
MariaDB [(none)]> flush privileges;
[root@cacti-client ~]# systemctl restart mariadb
(2)配置防火墙
[root@cacti-client ~]# firewall-cmd --permanent --add-port=3306/tcp
success
[root@cacti-client ~]# firewall-cmd --reload
success
(3)安装监控mariadb的php页面文件
[root@cacti-server ~]# cd /usr/local/src/
[root@cacti-serversrc]#wget https://www.percona.com/downloads/percona-monitoring-plugins/1.1.6/percona-monitoring-plugins-1.1.6.tar.gz
[root@cacti-server src]# tar zxvf percona-monitoring-plugins-1.1.6
[root@cacti-server src]# cd percona-monitoring-plugins-1.1.6/cacti/scripts/
[root@cacti-serverscripts]#cpss_get_mysql_stats.php /var/www/html/cacti/scripts/
(4)编辑页面文件
[root@cacti-server scripts]# vim /var/www/html/cacti/scripts/ss_get_mysql_stats.php
$mysql_user = 'mysqltest'; #用于监控主机连接mariadb的用户
$mysql_pass = 'redhat'; #用户密码
(5)导入模板
在Cacti Web界面导入cacti_host_template_percona_mysql_server_ht_0.8.6i-sver1.1.6.xml模板:
点击Import/Export->Import Templates,上传模板即可
(6)添加服务器并创建图表
登录Cacti Web界面,添加被监控mariabdb服务器设备,并创建相应图表:
Devices->Add->dbServer-Mysql模板->Create New Graphs,添加所需图表即可。等待一段时间就会出图
7.邮件报警
(1)下载插件
[root@cacti-server ~]# cd /usr/local/src/
[root@cacti-server src]# tar zxvf settings-v0.71-1.tgz
[root@cacti-server src]# mv settings /var/www/html/cacti/plugins/
[root@cacti-server src]# tar zxvf thold-v0.5.0.tgz
[root@cacti-server src]# mv thold /var/www/html/cacti/plugins/
(2)访问cacti管理页面安装插件
(3)测试
(4)告警被触发,查看邮件
[root@cacti-server ~]# cat /var/spool/mail/root
..................................
..................................
To: root@192.168.23.156
Subject: ALERT: test - Used Space - / [hdd_used] [hdd_used] went above threshold of 25 with 36.8871
From: Cacti
Date: Mon, 24 Oct 2016 14:00:03 +0800
..................................
An alert has been issued that requires your attention.
..................................
Host: test (192.168.23.157)
URL: http://192.168.23.156/cacti//graph.php?local_graph_id=103&rra_id=1
Message: ALERT: test - Used Space - / [hdd_used] [hdd_used] went above threshold of 25 with 36.8871
..................................
Content-Type: p_w_picpath/jpg
Content-Disposition: inline; filename="103.jpg"
...................................
...................................