部署cacti监控软件

cacti

Cacti是一套基于PHP,MySQL,SNMP及RRDTool开发的网络流量监测图形分析工具

官网

http://www.cacti.net/

一,cacti部署环境要求

Cacti requires that the following software is installed on your system.

  • RRDTool 1.0.49 or greater, 1.4+ recommended
  • MySQL 5.x or greater
  • PHP 5.1 or greater
  • Web Server that supports PHP e.g. Apache or IIS

拓扑图:

role ip comments
cacti服务端 192.168.1.210 监控端
cacti客户端 192.168.1.200 被监控端,Linux (web)
cacti客户端 192.168.1.2 被监控端,win7/2008(web)

cacti服务端系统环境

[root@localhost ~]# cat /etc/redhat-release

CentOS release 6.6 (Final)

[root@localhost ~]# uname -m

x86_64

[root@localhost ~]# uname -r

2.6.32-504.el6.x86_64

二,开始安装

cacti服务端需要安装的软件

snmp,LAMP, RDDtool

cacti客户端需要安装的软件

除了LAMP之外(既然是监控流量,比如web的,那就是需要的),被监控的机器一定要有snmp

 


#安装snmp相关的软件
yum install net-snmp* -y

#查看默认的配置文件
[root@Cacti ~]# ll /etc/snmp/snmpd.conf 
-rw------- 1 root root 18861 Oct 18 07:18 /etc/snmp/snmpd.conf

#编辑snmp配置文件
cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.sav
cat >/etc/snmp/snmpd.conf<<EFO
com2sec local     localhost           public
com2sec mynetwork  192.168.1.0/24   public
group MyRWGroup v1         local
group MyRWGroup v2c        local
group MyRWGroup usm        local
group MyROGroup v1         mynetwork
group MyROGroup v2c        mynetwork
group MyROGroup usm        mynetwork
view all    included  .1                               80
access MyROGroup ""      any       noauth    exact  all    none   none 
access MyRWGroup ""      any       noauth    exact  all    all    none 
syslocation teddylu.info 
syscontact Me <admin@126.com>
proc mountd 
proc ntalkd 4 
proc sendmail 10 1 
proc httpd 10 1 
exec echotest /bin/echo hello world 
exec disk_used_shell  /bin/sh  /root/current_disk_used.sh 
exec httpd_proc  /bin/sh  /root/current_httpd_proc.sh 
disk /       10000 
disk /boot   10000 
load 12 14 14
EOF

#检查配置文件
cat -n /etc/snmp/snmpd.conf

#启动snmp
[root@Cacti ~]# /etc/init.d/snmpd start
Starting snmpd:                                            [  OK  ]
[root@Cacti ~]# netstat -lnt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State      
tcp        0      0 127.0.0.1:199               0.0.0.0:*                   LISTEN      
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      
tcp        0      0 :::22                       :::*                        LISTEN      
[root@Cacti ~]# lsof -i:199
COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
snmpd   1331 root    8u  IPv4  10862      0t0  TCP localhost:smux (LISTEN)

#检查snmp服务是否正常运行
[root@Cacti ~]# snmpget -v 1 -c public localhost system.sysUpTime.0
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (45258) 0:07:32.58

2.2安装RRDTool
#安装libart_lgpl
  tar zxf libart_lgpl-2.3.17.tar.gz 
  cd libart_lgpl-2.3.17
  ./configure 
  make
  make install
  /bin/cp -r /usr/local/include/libart-2.0/ /usr/include/

#安装rrdtool
yum install perl-ExtUtils-CBuilder perl-ExtUtils-MakeMaker
yum -y install gcc gcc-c++

tar zxf rrdtool-1.2.30.tar.gz 
cd rrdtool-1.2.30
./configure 
make
make install

[root@Cacti rrdtool-1.2.30]# ls -l /usr/local/bin/rrdtool
ls: cannot access /usr/local/bin/rrdtool: No such file or directory
#需要做个软链接,否则cacti会找不到rrdtool的命令路径
[root@Cacti rrdtool-1.2.30]# ls -l /usr/local/rrdtool-1.2.30/bin/rrdtool &&ln -s /usr/local/rrdtool-1.2.30/bin/rrdtool /usr/local/bin/rrdtool
-rwxr-xr-x 1 root root 4915 Feb 17 23:26 /usr/local/rrdtool-1.2.30/bin/rrdtool
[root@Cacti rrdtool-1.2.30]# ls -l /usr/local/bin/rrdtool 
lrwxrwxrwx 1 root root 37 Feb 17 23:30 /usr/local/bin/rrdtool -> /usr/local/rrdtool-1.2.30/bin/rrdtool

3.1安装lamp环境
yum install cairo pabgo zlib zlib-devel freetype freetype-devel gd gd-devel –y

yum install zlib libxml libjpg freetype libpng gd curl libiconv zlib-devel libxml2-devel libjpg-devel freetype-devel libpng-devel gd-devel curl-devel libxslt-devel -y

yum install mysql* httpd* php* --skip-broken -y

#配置Apache
cd /etc/httpd/conf
cp httpd.conf httpd.conf.sav
sed -i 's#\#ServerName www.example.com:80#ServerName 127.0.0.1:80#' httpd.conf
sed -i 's#DirectoryIndex index.html index.html.var#DirectoryIndex index.php index.html index.html.var#' httpd.conf
egrep "127.0.0.1|index.php" httpd.conf

/etc/init.d/httpd start
echo -e "<?php \nphpinfo();\n?>" >/var/www/html/index.php

QQ20150302095343

#启动mysql
/etc/init.d/mysqld start

[root@localhost conf]# netstat -lnt|grep 3306
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN

#创建cacti数据库
mysql> create database cacti;
Query OK, 1 row affected (0.04 sec)

mysql> show databases like 'cacti';
+------------------+
| Database (cacti) |
+------------------+
| cacti            |
+------------------+
1 row in set (0.00 sec)
#创建用户cactiuser(密码:123456)并授权

mysql> GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.20 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

4.1安装cacti
#解压cacti
[root@localhost cacti_tools]# tar zxf cacti-0.8.8a.tar.gz 
[root@localhost cacti_tools]# cd cacti-0.8.8a

#初始化cacti数据库
[root@localhost cacti-0.8.8a]# mysql cacti 

#修改cacti配置文件
vim include/config.php
确保下面的配置内容与实际的一致:
$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cactiuser";
$database_password = "123456";
$database_port = "3306";

#授权apache用户访问cacti的rra和log目录

mv ../cacti-0.8.8a /var/www/html/cacti
chown -R apache.apache cacti/

#测试定时收集数据php文件
[root@localhost html]# /usr/bin/php /var/www/html/cacti/poller.php
sh: -q: command not found
sh: -: command not found

chmod 755 poller.php

[root@localhost cacti]# /usr/bin/php poller.php 
[root@localhost cacti]# /usr/bin/php poller.php 
[root@localhost cacti]# /usr/bin/php poller.php 
[root@localhost cacti]# /usr/bin/php poller.php
提示:如果不出任何内容,但是也不报错也没关系
#将收集数据命令加入系统crontab任务
[root@localhost cacti]# echo '*/5 * * * * /usr/bin/php /var/www/html/cacti/poller.php > /dev/null 2>&1' >>/var/spool/cron/root
[root@localhost cacti]# crontab -l
*/5 * * * * /usr/bin/php /var/www/html/cacti/poller.php > /dev/null 2>&1

#开始配置cacti,打开http://192.168.1.210/cacti/
QQ20150302095929QQ20150302095959QQ20150302100029
#默认是admin/admin,第一次登陆要求改密码
QQ20150302100919#创建device

QQ20150302101143QQ20150302101631QQ20150302101655QQ20150302101721
提示:如果在一切都设置好了的情况下,还是无法出图,原因有很多种
1)rrdtool这个画图工具没有安装正确或者被安装好了之后无意中被删掉了相关的画图软件
2)监控主机和被监控主机的time不同步导致的,我就是这一种
#当一切都配置好了之后,就可以出图了:
QQ20150302102925#监控windows主机
#1)在windows 上设置snmp
QQ201503021032372)在cacti服务端上设置

QQ20150302103637
#通过cacti监控不同的网络状态并发连接数
netstat -n|awk '/^tcp/ {++teddy[$NF]} END{for(a in teddy)print a,teddy[a]}'

常用TCP网络状态及说明

ESTABLISHED	
The socket has an established connection	socket
有一个建立的连接,表示处于连接状态

SYN_SENT	
The socket is actively attempting to establish a connection	
socket正在积极尝试建立一个连接

SYN_RECV	
A connection request has been received from the network.	
已经收到一个连接请求

FIN_WAIT1	
The socket is closed, and the connection is shutting down	
socket已经关闭,连接正在关闭

FIN_WAIT2	
Connection  is  closed, and the socket is waiting for a shutdown from the remote end	
连接关闭了,socket正在等待远端结束

TIME_WAIT	
The socket is waiting after close to handle packets still in the network
socket正在等待关闭处理仍在网络上的数据包

CLOSED
The socket is not being used
socket已经不再使用

CLOSE_WAIT
The remote end has shut down, waiting for the socket to close
远端已经结束,等待socket关闭


LAST_ACK
The remote end has shut down, and the socket is closed. Waiting for acknowledgement
远端已经结束,socket关闭,等待回复确认


我们也可以通过cacti来实现图形化界面来监控tcp的各种状态及连接数

部署cacti监控不同的网络状态并发连接数的插件
1)解压
[root@localhost cacti_tools]# unzip get_netstat_conn.zip 
Archive:  get_netstat_conn.zip
  inflating: get_netstat_conn/cacti_graph_template_snmp_get_netstat_connection_oldboytrainning.xml  
  inflating: get_netstat_conn/get_netstat_tcp_oldboytrainning.pl  
 extracting: get_netstat_conn/read.txt
	
2)将get_netstat_conn/get_netstat_tcp_oldboytrainning.pl复制到cacti根目录的scripts下,并授权755
cp /soft/cacti_tools/get_netstat_conn/get_netstat_tcp_oldboytrainning.pl /var/www/html/cacti/scripts/
chmod 755 get_netstat_tcp_oldboytrainning.pl

3)测试脚本是否能正常返回连接状态数据
[root@localhost get_netstat_conn]# perl get_netstat_tcp_oldboytrainning.pl 127.0.0.1 2c public 161 500
established:2 listen:0 timewait:0 timeclose:0 finwait1:0 finwait2:0 synsent:0 synrecv:0 closewait:0

4)配置模板
QQ20150302105920QQ20150302105933
#模板导入成功之后,为被监控主机添加一个图形,并开启它
QQ20150302110304

5)查看效果图

QQ20150302110316

 

 

此条目发表在监控分类目录,贴了标签。将固定链接加入收藏夹。