十年网站开发经验 + 多家企业客户 + 靠谱的建站团队
量身定制 + 运营维护+专业推广+无忧售后,网站问题一站解决
1.软件安装
1.1 更新系统
成都创新互联公司专注于丰都企业网站建设,响应式网站,电子商务商城网站建设。丰都网站建设公司,为丰都等地区提供建站服务。全流程按需定制制作,专业设计,全程项目跟踪,成都创新互联公司专业和态度为您提供的服务
yum -y install wget vim-enhanced
mkdir /etc/yum.repos.d/backup
mv /etc/yum.repos.d/{*.repo,backup}
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.163.com/.help/CentOS7-Base-163.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
rm -rf /var/cache/yum
rm -rf /var/cache/man
yum makecache
yum update
1.2 安装 Cacti 部署环境所需软件包
1.2.1 添加 MariaDB YUM 仓库,执行以下脚本
echo '# MariaDB 10.2 CentOS repository list - created 2017-07-03 06:59 UTC
#http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = https://ipv4.mirrors.ustc.edu.cn/mariadb/yum/10.2/centos7-amd64
gpgkey=https://ipv4.mirrors.ustc.edu.cn/mariadb/yum/RPM-GPG-KEY-MariaDB
gpgcheck=1
'>/etc/yum.repos.d/Mariadb.repo
1.2.2 安装软件环境
yum install -y httpd mariadb mariadb-server mariadb-devel net-snmp net-snmp-utils net-snmp-libs net-snmp-agent-libs net-snmp-devel php php-snmp php-ldap php-pdo php-MySQL php-devel php-pear php-common php-gd php-mbstring php-xml php-process rrdtool rrdtool-php rrdtool-perl rrdtool-devel gcc openssl-devel dos2unix autoconf automake binutils libtool cpp postfix glibc-headers kernel-headers glibc-devel gd gd-devel help2man ntpdate wget patch
2.环境配置
2.1 配置 PHP
修改 PHP 主配置文件 /etc/php.ini
关闭安全模式,以支持 rrdtool,允许 exec() 访问
[PHP]
safe_mode = Off
设置时区
[Date]
date.timezone = Asia/Shanghai
2.2 配置 Web 服务器 Apache httpd
编辑 /etc/httpd/conf.d/php.conf 配置文件,确保文件含有
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
LoadModule php5_module modules/libphp5.so
#
# Cause the PHP interpreter to handle files with a .php extension.
AddHandler php5-script .php
2.3 配置数据库 MariaDB
为安全起见,设置数据库 root 用户密码
systemctl start mariadb
mysqladmin -uroot password xxx123
导入时区数据到 mysql 数据库
mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -uroot mysql -p
修改 /etc/my.cnf.d/server.cnf 文件,确保文件含有
[mysqld]
character_set_server = utf8mb4
collation_server = utf8mb4_unicode_ci
character_set_client = utf8mb4
max_connections = 100
max_heap_table_size = 4096M
max_allowed_packet = 16777216
join_buffer_size = 64M
tmp_table_size = 64M
innodb_file_per_table = ON
innodb_buffer_pool_size = 25600M
innodb_doublewrite = OFF
innodb_lock_wait_timeout = 50
innodb_flush_log_at_timeout = 3
innodb_read_io_threads = 32
innodb_write_io_threads = 16
2.4 配置 SNMP
配置 net-snmp-agent, 修改配置文件 /etc/snmp/snmpd.conf
将41行
com2sec notConfigUser default public
改为
com2sec notConfigUser 127.0.0.1 public
将62行
access notConfigGroup "" any noauth exact systemview none none
改为
access notConfigGroup "" any noauth exact all none none
将85行
#view all included .1 80
改为
view all included .1 80
3.安装配置 Cacti
3.1 下载解压 Cacti 安装包
useradd -r -M cacti
cd /var/www/html/
wget https://github.com/Cacti/cacti/archive/release/1.1.38.tar.gz
tar -zxvf 1.1.38.tar.gz
cp -R cacti-release-1.1.38/ /var/www/html/cacti
cd /var/www/html/cacti
3.2 创建 cacti 数据库,创建 cactiuser 用户,设置相关授权
mysql -u root -p
CREATE database cacti default character set utf8;
create user 'cacti'@'localhost' identified by 'xxx3';
grant all privileges on cacti.* to cacti@localhost;
grant select on mysql.time_zone_name to 'cacti'@'localhost' identified by 'xxx3';
flush privileges;
3.3 导入 Cacti 默认数据库
use cacti;
source /var/www/html/cacti/cacti.sql;
flush privileges;
quit
3.4 编辑 /var/www/html/cacti/include/config.php
$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cacti";
$database_password = "xxx3"
/* load up old style plugins here */
$plugins = array();
//$plugins[] = 'thold';
3.5 创建 cacti 系统用户,设置 graph/log 目录权限
chown -R apache.apache /var/www/html/
chown -R cacti /var/www/html/
chown -R apache.apache /var/www/html/cacti/
chown -R cacti /var/www/html/cacti/{rra,log}/
chmod -R 777 /var/www/html/cacti/{rra,log}/
3.6 添加定时任务
crontab -e
*/1 * * * * /usr/bin/php /var/www/html/cacti/poller.php > /dev/null 2>&1
4.配置防火墙
4.1 配置 firewalld 防火墙
firewall-cmd --permanent --add-port=3306/tcp
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-port=161/udp
firewall-cmd --permanent --add-port=162/udp
firewall-cmd --reload
4.2 关闭selinux
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
5.安装 spine
5.1 下载解压与 Cacti 相同版本号 Spine 源码安装包
cd /usr/local/src
wget http://www.cacti.net/downloads/spine/cacti-spine-1.1.38.tar.gz
tar xf cacti-spine-1.1.38.tar.gz
5.2 源码编译安装 spine
ln -s /usr/lib64/libmysqlclient.so.18.0.0 /usr/lib64/libmysqlclient.so
ntpdate ntp.sjtu.edu.cn
cd cacti-spine-1.1.38
./configure && make && make install
5.3 复制修改配置文件
cp /usr/local/spine/etc/spine.conf.dist /etc/spine.conf
vim /etc/spine.conf
DB_Host localhost
DB_Database cacti
DB_User cacti
DB_Pass xxx3
DB_Port 3306
RDB_Host localhost
RDB_Database cacti
RDB_User cacti
RDB_Pass xxx3
RDB_Port 3306
5.4 测试
/usr/local/spine/bin/spine
将会出现以下结果
SPINE: Using spine config file [/etc/spine.conf]
SPINE: Version 1.1.38 starting
SPINE: Time: 0.0429 s, Threads: 5, Devices: 0
6.设置重启、开机启动相关服务
systemctl restart httpd
systemctl restart mariadb
systemctl restart crond
systemctl restart snmpd
systemctl enable httpd
systemctl enable mariadb
systemctl enable crond
systemctl enable snmpd
7.登录 Cacti WEB 页面修改 Cacti 配置
Console -> 设置(Cacti Settings) -> Paths -> 在 Spine Binary File Location 文本框内填入配置文件路径 /usr/local/spine/bin/spine ,在 Spine Config File Path 框内填入配置文件路径 /usr/local/spine/etc/spine.conf,点击保存 (Save)。
Console -> 设置(Cacti Settings) -> Poller -> 在 Poller Type 下拉框中选择 spine ,点击保存 (Save)。
8.特别提示
在添加完设备和图形后,需要重建采集器缓存。
Console –> 系统工具 –> Rebuild Poller Cache
附:
比如说cacti平台要求更改默认端口号(例改为10010),且做白名单限制(例只允许IP地址123.123.123.123登录),相关设置如下
1、改端口号
vim /etc/httpd/conf/httpd.conf
在第137行下修改Listen:80为Listen:10010,保存退出。
2、防火墙放行10010端口号
vim /etc/sysconfig/iptables
添加防火墙规则
-A INPUT -m state --state NEW -m tcp -p tcp --dport 10010 -j ACCEPT
重启防火墙服务
service iptables restart
3、做白名单访问限制
vim /etc/httpd/conf/httpd.conf
在第318行下,
Order allow,deny
Allow from 123.123.123.123
重启httpd服务
service httpd restart