2017年6月7日 星期三

在 CentOS 7 / RHEL 7上,安裝 LibreNMS 服務

學習目標:
  • 安裝 LibreNMS 套件,以利監控系統狀況!
操作流程:
  1. 安裝 DataBase 相關套件:
    # yum install mariadb-server mariadb
    # systemctl start mariadb
    # firewall-cmd --permanent --add-service=mysql
    # firewall-cmd --reload
    # mysql_secure_installation
    
  2. 建立 DataBase 內容:
    # mysql -uroot -p
    MariaDB [(none)]> CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci;
    MariaDB [(none)]> CREATE USER 'librenms'@'localhost' IDENTIFIED BY 'password';
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
    MariaDB [(none)]> FLUSH PRIVILEGES;
    MariaDB [(none)]> exit;
    
  3. 設定 DataBase 相關參數內容:
    # vim /etc/my.cnf.d/server.cnf
    (只新增必要的..)
    [mysqld]
    innodb_file_per_table=1
    sql-mode=""
    :
    
  4. 設定 DataBase 啟動:
    # systemctl enable mariadb  
    # systemctl restart mariadb
    
  5. 安裝與設定 Apache 與相關套件:
    # yum install epel-release
    # rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
    # rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
    
    # yum install php70w php70w-cli php70w-gd php70w-mysql php70w-snmp php70w-pear php70w-curl php70w-common httpd net-snmp mariadb ImageMagick jwhois nmap mtr rrdtool MySQL-python net-snmp-utils cronie php70w-mcrypt fping git
    
    # pear install Net_IPv4-1.3.4
    # pear install Net_IPv6-1.2.2b2
    
  6. 編修 php.ini 時區設定值:
    #vim /etc/php.ini
    date.timezone = "Asia/Taipei"
    
  7. 在系統上新增 LibreNMS 的專屬使用者:
    # useradd librenms -d /opt/librenms -M -r
    # usermod -a -G librenms apache
    
  8. 下載 LibreNMS 套件:
    # cd /opt
    # git clone https://github.com/librenms/librenms.git librenms
    
  9. 設定 Web 站台相關設定:
    #cd /opt/librenms
    #mkdir rrd logs
    #chmod 775 rrd
    # vim /etc/httpd/conf.d/librenms.conf
    <VirtualHost *:80>
      DocumentRoot /opt/librenms/html/
      ServerName  librenms.example.com
      CustomLog /opt/librenms/logs/access_log combined
      ErrorLog /opt/librenms/logs/error_log
      AllowEncodedSlashes NoDecode
      <Directory "/opt/librenms/html/">
        Require all granted
        AllowOverride All
        Options FollowSymLinks MultiViews
      </Directory>
    </VirtualHost>
  10. 更動 SELinux 設定:
    # yum install policycoreutils-python
    # semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/logs(/.*)?'
    # semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/logs(/.*)?'
    # restorecon -RFvv /opt/librenms/logs/
    # setsebool -P httpd_can_sendmail=1
    # setsebool -P httpd_can_network_connect=1
    
  11. 防火牆設定:
    # firewall-cmd --zone=public --add-service=http
    # firewall-cmd --permanent --zone=public --add-service=http
    
  12. 啟動 Apache:
    # systemctl enable httpd
    # systemctl restart httpd
    
  13. 利用 firefox 打開網頁:
    (網址:http://librenms.example.com)

    按下圖中的 Next Stage
  14. 輸入資料庫帳密:

    需要稍等一些時間,讓程式自動建立資料庫內相關表格!

    若無任何錯誤,即可新增使用者!
  15. 使用者新增之後,即可產生設定檔:

  16. 接下來的 config.php 檔案內容,可以手動建立:
    放置目錄 /opt/librenms/

    手動新增檔案後,即可按下 finish !
  17. 接下來即可登入系統:
  18. 登入畫面:

  19. 手動修正 config.php 內容:
    #vim /opt/librenms/config.php
    (加入下列設定...)
    $config['fping'] = "/sbin/fping";
    
  20. 修改 SNMP 設定參數:
    #cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf
    #vim /etc/snmp/snmpd.conf
    (把 RANDOMSTRINGGOESHERE 改成你想要的名稱...)
    com2sec readonly  default    public # 原來是 RANDOMSTRINGGOESHERE
    syslocation Taipei, Taiwan # 原來是 Rack, Room, Building, City, Country [GPSX,Y]
    syscontact root@localhost # 原來是 Your Name 
    
  21. LibreNMS 官方很貼心的準備了一支 Shell Scripts 程式,用來偵作業系統平台,可裝可不裝:
    #curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
    #chmod +x /usr/bin/distro
    #systemctl restart snmpd
    #systemctl enable snmpd
    
  22. LibreNMS 官方也很貼心的準備了一個工作排程Shell Scripts 程式:
    #cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms
    
  23. LibreNMS 官方也很貼心的準備了一個轉檔的Shell Scripts 程式,用來轉出 logs 目錄下的記錄檔:
    #cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms
    
  24. 最後一些小動作:
    #chown -R librenms:librenms /opt/librenms
    #systemctl enable httpd mariadb
    #cd /opt/librenms
    #./validate.php
    
  25. 完成後,記得登入,將 localhost 作為你預設的第一個監控的主機!

    參考文獻:
  • http://docs.librenms.org/Installation/Installation-CentOS-7-Apache/#db-server
  • http://jasontools.blogspot.tw/2017/06/librenms-networkmanager-good.html