開源網路裝置管理系統 LibreNMS

這是一套從 Jason Cheng大看到文章發現到還不錯用監控軟體。

安裝環境為 CentOS 7 系統運行


系統:CentOS 7
Web服務:Nginx
網頁服務:PHP 7.3
資料庫服務:Mariadb 10.4

安裝 web 服務


此安裝方式請參考本知識庫所記錄的文章 啟用Nginx 支援到 OpenSSL TLS1.3 安全協定

安裝資料庫


  • 在來源庫目錄下新增加 MariaDB.repo 增加上去
新增加MariaDB安裝檔
vim /etc/yum.repos.d/MariaDB.repo
  • 再填入內容為以下
# MariaDB 10.4 CentOS repository list - created 2019-07-31 08:16 UTC
# http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.4/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
  • 增加完畢後在下命令安裝
yum install MariaDB-server MariaDB-client -y
  • 資料庫安裝及設定
systemctl start mariadb ; systemctl enable mariadb   # 啟動資料庫服
mysql_secure_installation   # 設定資料庫的root密碼

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): 第一次設定,直接按 Enter 鍵即可
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] 按 Y 設定資料庫 root 密碼
New password: 輸入新密碼
Re-enter new password: 再次輸入新密碼
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] 按 Y 移除anonymous users
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] 按 Y 關閉 root 遠端登入
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] 按 Y 移除資料表 test
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] 按 Y 重新載入資料表權限
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

mysql -u root -p   # 登入資料庫裡設定資表及權限

CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'librenms'@'localhost' IDENTIFIED BY 'password'; #密碼修改成要登入的密碼
GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
FLUSH PRIVILEGES;
exit
  • 在 my.cnf 檔手動增加以下內容
vim /etc/my.cnf

[mysqld]
innodb_file_per_table=1
lower_case_table_names=0
  • 重啟資料庫
systemctl restart mariadb

安裝必要套件


yum install -y epel-release yum-utils

rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
yum-config-manager --disable remi-php54
yum-config-manager --enable remi-php73

yum install -y cronie fping git ImageMagick jwhois mtr MySQL-python net-snmp net-snmp-utils nmap php-fpm php-cli php-common php-curl php-gd php-mbstring php-process php-snmp php-xml php-zip php-memcached php-mysqlnd python-memcached rrdtool

新增加 librenms 使用者


useradd librenms -d /opt/librenms -M -r
usermod -a -G librenms nginx

下載 Librenms 服務


cd /opt
git clone https://github.com/librenms/librenms.git

設定權限

chown -R librenms:librenms /opt/librenms
chmod 770 /opt/librenms
setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
chgrp apache /var/lib/php/session/

安裝 PHP 依賴套件

su - librenms
./scripts/composer_wrapper.php install --no-dev
exit

安裝 php 服務

  • 安裝好 PHP 要去修改 「vim /etc/php.ini」 設定檔
修改時區
[Date]
修改前
;date.timezone = 
修改後
date.timezone = Asia/Taipei
存檔
:wq
  • 設定「php-fpm」「vim /etc/php-fpm.d/www.conf
;user = apache
user = nginx

group = apache   ; keep group as apache

;listen = 127.0.0.1:9000
listen = /run/php-fpm/php-fpm.sock

listen.owner = nginx
listen.group = nginx
listen.mode = 0660
  • 設定開機自動啟動及重啟服務
systemctl enable php-fpm ; systemctl restart php-fpm

Web服務設定


  • 設定 NGINX 服務設定檔
vim /etc/nginx/conf.d/librenms.conf
  • 新增一個設定檔, 編輯 server_name 設定檔
server {
 listen      80;
 server_name librenms.example.com;
 root        /opt/librenms/html;
 index       index.php;

 charset utf-8;
 gzip on;
 gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
 location / {
  try_files $uri $uri/ /index.php?$query_string;
 }
 location /api/v0 {
  try_files $uri $uri/ /api_v0.php?$query_string;
 }
 location ~ \.php {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    #fastcgi_pass 127.0.0.1:9000;
    fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
 }
 location ~ /\.ht {
  deny all;
 }
}
  • 重啟服務
systemctl restart nginx

設定SNMP


  • 針對 Librenms 設定如下
cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf

vim /etc/snmp/snmpd.conf
  • 編輯將 「RANDOMSTRINGGOESHERE」 修改或預設 public
curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
chmod +x /usr/bin/distro
systemctl enable snmpd ; systemctl restart snmpd

設定排程


  • 從 Librenms 目錄下複製到 cron.d 裡面
cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms
  • 複製預設的設定檔
cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms

開始安裝 LibreNMS


  • 開啟瀏灠器照著下面輸入
http://該服務的ip/install.php
  1. 檢測安裝環境是否有正常,如果出現異常要把缺的套件都安裝起來才能正常運行 image-1553070938215.png

  2. 填入要連接的資料庫名稱及登入帳號及密碼 image-1553070978604.png

  3. 會自動建立資料庫裡面表單 image-1553071018971.png

  4. 填入要登入的系統管理員的帳號、密碼及電子郵件 image-1553071047363.png

  5. 正在產生設定檔 image-1553071085344.png

  6. 在安裝目錄下新增一個檔案 「'config.php'」並且將下面的產生出來的設定檔都複製起來並且填入該設定檔裡,108.12.14(在新版的安裝流程已經不需在手動增加設定檔,系統會自動產生設定檔。) image-1553071129105.png

  • Web安裝程序可能會提示您config.php手動在librenms安裝位置創建文件,將屏幕上顯示的內容複製到文件中。如果必須這樣做,請記住在將屏幕內容複製到文件後設置config.php的權限
chown librenms:librenms /opt/librenms/config.php
  1. 這樣子就安裝完成,接下來就可以正常登入系統了 image-1553071200776.png

最後確認 Final steps


  • 如果安裝有問題,請在「librenms」目錄下以「root」身份運行「 validate.php 」
cd /opt/librenms
./validate.php



參考相關網頁