如何在CentOS 8/Rhel 8上安装Librenms

时间:2020-02-23 14:30:46  来源:igfitidea点击:

欢迎到今天如何在RHEL 8/CentOS上安装和配置Librenms的教程8. Librenms是一种基于PHP,MySQL和SNMP的开源自动发现网络监控工具。

Librenms包括支持各种网络硬件和操作系统,包括瞻博网络,思科,Linux,铸造,FreeBSD,Brocade,HP,Windows等。
它是"舞台"监测工具的叉子。

LibreNMS的特点

Librenms Monitoring工具的最高特征是:

具有自动发现 - 它将使用CDP,FDP,LLDP,OSPF,BGP,SNMP和ARPAPI访问自动发现整个网络 - Librenms提供全部API来管理,图形和从安装中检索数据通过新功能和错误修复自动保持最新状态。
可拨打的警报 - 高度灵活的警报系统,通过电子邮件,IRC,Slack等通知通过水平缩放的分布式轮询,随着网络抄量系统而来 - 轻松生成带宽账单对于基于用法或者传输的网络上的端口.Android和iOS应用程序 - 有一个本机/android应用程序,提供核心功能.Multiple Authentication方法:MySQL,HTTP,LDAP,RADIUS,NFSEN的Active Directory integration支持,吸烟,腐臭,氧化

按照以下步骤安装和配置RHEL/CentOS 8上的Librenms 8.在开始此安装之前,请确保我们在RHEL/CentOS 8上安装了EPEL存储库。

第1步:安装所需的依赖项

我们始终以应用程序所需的依赖项启动安装。
使用下面的教程将EPEL存储库添加到RHEL/CONTOS 8.

如何在Rhel/CentOS 8上安装Epel存储库

打开终端并运行命令下面的命令以安装所需的依赖项。

sudo dnf -y install yum-utils
sudo dnf -y install zip unzip git cronie wget fping net-snmp net-snmp-utils  jwhois mtr rrdtool  nmap

第2步:安装PHP和Apache

安装Apache Web服务器,PHP和Librenms所需的扩展。

sudo yum install @httpd @php php-{cli,common,curl,gd,mbstring,mysqlnd,process,snmp,xml,zip}

启动Apache和PHP FPM服务。

sudo systemctl enable --now php-fpm httpd

检查服务状态。

$sudo systemctl status php-fpm httpd
 ● php-fpm.service - The PHP FastCGI Process Manager
    Loaded: loaded (/usr/lib/systemd/system/php-fpm.service; enabled; vendor preset: disabled)
    Active: active (running) since Sat 2016-12-29 11:30:09 EAT; 9s ago
  Main PID: 353 (php-fpm)
    Status: "Ready to handle connections"
     Tasks: 6 (limit: 11510)
    Memory: 25.2M
    CGroup: /system.slice/php-fpm.service
            ├─353 php-fpm: master process (/etc/php-fpm.conf)
            ├─359 php-fpm: pool www
            ├─360 php-fpm: pool www
            ├─361 php-fpm: pool www
            ├─362 php-fpm: pool www
            └─363 php-fpm: pool www
 Dec 29 11:30:09 rhel8.local systemd[1]: Starting The PHP FastCGI Process Manager…
 Dec 29 11:30:09 rhel8.local systemd[1]: Started The PHP FastCGI Process Manager.
 ● httpd.service - The Apache HTTP Server
    Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Drop-In: /usr/lib/systemd/system/httpd.service.d
            └─php-fpm.conf
    Active: active (running) since Sat 2016-12-29 11:30:10 EAT; 8s ago
      Docs: man:httpd.service(8)
  Main PID: 365 (httpd)
    Status: "Started, listening on: port 443, port 80"
     Tasks: 213 (limit: 11510)
    Memory: 33.4M
    CGroup: /system.slice/httpd.service
            ├─365 /usr/sbin/httpd -DFOREGROUND
            ├─367 /usr/sbin/httpd -DFOREGROUND
            ├─368 /usr/sbin/httpd -DFOREGROUND
            ├─369 /usr/sbin/httpd -DFOREGROUND
            └─370 /usr/sbin/httpd -DFOREGROUND
 Dec 29 11:30:10 rhel8.local systemd[1]: Starting The Apache HTTP Server…
 Dec 29 11:30:10 rhel8.local httpd[365]: Server configured, listening on: port 443, port 80
 Dec 29 11:30:10 rhel8.local systemd[1]: Started The Apache HTTP Server.

验证PHP版本和加载的模块。

$php -v
PHP 7.2.11 (cli) (built: Oct  9 2016 15:09:36) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2016 Zend Technologies
$php -m

在内部设置PHP TimeZone /etc/php.ini文件。

$grep date.timezone /etc/php.ini 
; http://php.net/date.timezone
date.timezone = Africa/Nairobi

防火墙上允许HTTP和HTTPS端口。

sudo firewall-cmd --add-service={http,https} --permanent
sudo firewall-cmd --reload

第3步:安装和配置数据库服务器

使用下面的教程在RHEL/CONTOS 8上安装MARIADB数据库服务器。

我们可以选择使用MySQL或者MariaDB数据库服务器。
如果我们没有安装,则以下教程应该有所帮助。

如何在Rhel 8/CentOS 8上安装MariaDB

如何在RHEL 8/CentOS 8上安装MySQL 8.0

在数据库服务器安装后,为Librenms监控工具创建数据库和用户。

$mysql -u root -p
CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'librenms'@'localhost' IDENTIFIED BY 'StrongDBPassword';
GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
FLUSH PRIVILEGES;
exit

编辑 my.cnf文件并在下面添加以下行 [mysqld]部分:

$sudo vim /etc/my.cnf.d/mariadb-server.cnf

在这内 [mysqld]请补充:

innodb_file_per_table=1
lower_case_table_names=0

重新启动MariaDB服务

sudo systemctl enable mariadb
sudo systemctl restart mariadb

服务状态应显示运行。

$systemctl status mariadb
 ● mariadb.service - MariaDB 10.3 database server
    Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
    Active: active (running) since Sat 2016-12-29 11:45:07 EAT; 10s ago
      Docs: man:mysqld(8)
            https://mariadb.com/kb/en/library/systemd/
   Process: 2340 ExecStartPost=/usr/libexec/mysql-check-upgrade (code=exited, status=0/SUCCESS)
   Process: 2271 ExecStartPre=/usr/libexec/mysql-prepare-db-dir mariadb.service (code=exited, status=0/SUCCESS)
   Process: 2245 ExecStartPre=/usr/libexec/mysql-check-socket (code=exited, status=0/SUCCESS)
  Main PID: 2309 (mysqld)
    Status: "Taking your SQL requests now…"
     Tasks: 30 (limit: 11510)
    Memory: 74.9M
    CGroup: /system.slice/mariadb.service
            └─2309 /usr/libexec/mysqld --basedir=/usr
 Dec 29 11:45:06 rhel8.local systemd[1]: Starting MariaDB 10.3 database server…
 Dec 29 11:45:06 rhel8.local mysql-prepare-db-dir[2271]: Database MariaDB is probably initialized in /var/lib/mysql already, nothing is done.
 Dec 29 11:45:06 rhel8.local mysql-prepare-db-dir[2271]: If this is not the case, make sure the /var/lib/mysql is empty before running mysql-prepare-db>
 Dec 29 11:45:07 rhel8.local mysqld[2309]: 2016-12-29 11:45:07 0 [Note] /usr/libexec/mysqld (mysqld 10.3.10-MariaDB) starting as process 2309 …
 Dec 29 11:45:07 rhel8.local mysqld[2309]: 2016-12-29 11:45:07 0 [Warning] Could not increase number of max_open_files to more than 1024 (request: 4182)
 Dec 29 11:45:07 rhel8.local mysqld[2309]: 2016-12-29 11:45:07 0 [Warning] Changed limits: max_open_files: 1024  max_connections: 151 (was 151)  table_>
 Dec 29 11:45:07 rhel8.local systemd[1]: Started MariaDB 10.3 database server.

第4步:安装和配置Rhel/CentOS 8上的Librenms

添加Librenms用户

sudo useradd librenms -d /opt/librenms -M -r
sudo usermod -a -G librenms apache

从Github克隆Librenms项目

cd /opt
sudo git clone https://github.com/librenms/librenms.git
sudo chown librenms:librenms -R /opt/librenms

安装PHP依赖项

cd /opt/librenms
./scripts/composer_wrapper.php install --no-dev

安装成功的安装应具有类似于以下的

复制和配置SNMP配置模板:

sudo cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf
sudo vim /etc/snmp/snmpd.conf

通过替换设置社区字符串 RANDOMSTRINGGOESHERE

com2sec readonly  default  MyInternalNetwork

下载分发版标识符脚本

sudo curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
sudo chmod +x /usr/bin/distro

然后启动和启用 snmpd服务

$sudo systemctl enable snmpd
$sudo systemctl restart snmpd
$sudo systemctl status snmpd
 ● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
    Loaded: loaded (/usr/lib/systemd/system/snmpd.service; enabled; vendor preset: disabled)
    Active: active (running) since Sat 2016-12-29 12:07:23 EAT; 5s ago
  Main PID: 2747 (snmpd)
     Tasks: 1 (limit: 11510)
    Memory: 5.4M
    CGroup: /system.slice/snmpd.service
            └─2747 /usr/sbin/snmpd -LS0-6d -f
 Dec 29 12:07:23 rhel8.local systemd[1]: Starting Simple Network Management Protocol (SNMP) Daemon….
 Dec 29 12:07:23 rhel8.local snmpd[2747]: NET-SNMP version 5.8
 Dec 29 12:07:23 rhel8.local systemd[1]: Started Simple Network Management Protocol (SNMP) Daemon..

配置Apache.

为Librenms创建新的Apache配置文件。

sudo vi /etc/httpd/conf.d/librenms.conf

添加以下配置,编辑 ServerName按要求:

<VirtualHost *:80>
  DocumentRoot /opt/librenms/html/
  ServerName  librenms.example.com
  AllowEncodedSlashes NoDecode
  <Directory "/opt/librenms/html/">
    Require all granted
    AllowOverride All
    Options FollowSymLinks MultiViews
  </Directory>
</VirtualHost>

配置selinux policy.

允许Apache服务于文件 /opt/librenms/html/

sudo semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/logs(/.*)?'
sudo semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/logs(/.*)?'
sudo restorecon -RFvv /opt/librenms/logs/
sudo semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/rrd(/.*)?'
sudo semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/rrd(/.*)?'
sudo restorecon -RFvv /opt/librenms/rrd/
sudo semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/storage(/.*)?'
sudo semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/storage(/.*)?'
sudo restorecon -RFvv /opt/librenms/storage/
sudo semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/bootstrap/cache(/.*)?'
sudo semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/bootstrap/cache(/.*)?'
sudo restorecon -RFvv /opt/librenms/bootstrap/cache/
sudo setsebool -P httpd_can_sendmail=1

允许ping.

创建文件 http_fping.tt具有以下内容。

module http_fping 1.0;
require {
type httpd_t;
class capability net_raw;
class rawip_socket { getopt create setopt write read };
}
#============= httpd_t ==============
allow httpd_t self:capability net_raw;
allow httpd_t self:rawip_socket { getopt create setopt write read };

然后运行这些命令

sudo checkmodule -M -m -o http_fping.mod http_fping.tt
sudo semodule_package -o http_fping.pp -m http_fping.mod
sudo semodule -i http_fping.pp

如果一切看起来不错,请重新启动httpd服务

sudo systemctl restart httpd

配置Cron作业

sudo cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms

复制Logrotate Config.

Librenms让登录登录 /opt/librenms/logs
随着时间的推移,这些可以变大并被旋转。

要旋转旧日志,可以使用提供的Logotate配置文件:

sudo cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms

设置适当的权限

sudo chown -R librenms:librenms /opt/librenms
setfacl -d -m g::rwx /opt/librenms/logs
sudo setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache//opt/librenms/storage/
sudo setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache//opt/librenms/storage/

启动Librenms Web安装程序

在Web浏览器上打开http://librenms.example.com/install.php以完成安装。

确认所有内容 Pre-Install Checks通过并单击"下一阶段 2.根据前面创建的数据库凭据配置数据库凭据。
它将开始导入数据库模式并填充数据。

如果导入成功,则应在下面获取消息。

3.在下一个页面上,我们将被要求配置管理员用户帐户。

4.接下来是配置文件的生成,我们可能必须手动创建文件,其中包含它是否无法创建的内容。
文件路径应该是 /opt/librenms/config.php

<?php
## Have a look in defaults.inc.php for examples of settings you can set here. DO NOT EDIT defaults.inc.php!
### Database config
$config['db_host'] = 'localhost';
$config['db_port'] = '3306';
$config['db_user'] = 'librenms';
$config['db_pass'] = 'StrongDBPassword';
$config['db_name'] = 'librenms';
$config['db_socket'] = '';
//This is the user LibreNMS will run as
//Please ensure this user is created and has the correct permissions to your install
$config['user'] = 'librenms';
### Locations - it is recommended to keep the default
#$config['install_dir']  = "/opt/librenms";
### This should *only* be set if you want to *force* a particular hostname/port
### It will prevent the web interface being usable form any other hostname
#$config['base_url']        = "http://librenms.company.com";
### Enable this to use rrdcached. Be sure rrd_dir is within the rrdcached dir
### and that your web server has permission to talk to rrdcached.
#$config['rrdcached']    = "unix:/var/run/rrdcached.sock";
### Default community
$config['snmp']['community'] = array("public");
### Authentication Model
$config['auth_mechanism'] = "mysql"; # default, other options: ldap, http-auth
#$config['http_auth_guest'] = "guest"; # remember to configure this user if you use http-auth
### List of RFC1918 networks to allow scanning-based discovery
#$config['nets'][] = "10.0.0.0/8";
#$config['nets'][] = "172.16.0.0/12";
#$config['nets'][] = "192.168.0.0/16";
# Update configuration
#$config['update_channel'] = 'release';  # uncomment to follow the monthly release channel
#$config['update'] = 0;  # uncomment to completely disable updates

将文件的所有权更改为Librenms用户:

sudo chown librenms:librenms /opt/librenms/config.php

5.单击"完成安装"按钮以完成Librenms安装。
我们应该与管理员登录页面接受打击。
登录并选择 Validate Installation