本篇是介紹網路監控,只要您的設備如果有支援 SNMP 服務的話,那就可以利用這一套監控系統來監看目前設備是否有異常
安裝 nginx 服務
yum install nginx -y
啟用 web 服務
systemctl start nginx ; systemctl enable nginx
新增加MariaDB安裝檔
vim /etc/yum.repos.d/MariaDB.repo
# MariaDB 10.4 CentOS repository list - created 2019-07-31 08:16 UTC
# http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.4/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
yum install MariaDB-server MariaDB-client -y
systemctl start mariadb ; systemctl enable mariadb # 啟動資料庫服
mysql_secure_installation # 設定資料庫的root密碼
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): 第一次設定,直接按 Enter 鍵即可
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] 按 Y 設定資料庫 root 密碼
New password: 輸入新密碼
Re-enter new password: 再次輸入新密碼
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] 按 Y 移除anonymous users
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] 按 Y 關閉 root 遠端登入
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] 按 Y 移除資料表 test
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] 按 Y 重新載入資料表權限
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
mysql -u root -p # 登入資料庫裡設定資表及權限
CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'librenms'@'localhost' IDENTIFIED BY 'password'; #密碼修改成要登入的密碼
GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
FLUSH PRIVILEGES;
exit
vim /etc/my.cnf
[mysqld]
innodb_file_per_table=1
lower_case_table_names=0
systemctl restart mariadb
yum install -y epel-release yum-utils
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
yum-config-manager --disable remi-php54
yum-config-manager --enable remi-php73
yum install -y cronie fping git ImageMagick jwhois mtr MySQL-python net-snmp net-snmp-utils nmap php-fpm php-cli php-common php-curl php-gd php-mbstring php-process php-snmp php-xml php-zip php-memcached php-mysqlnd python-memcached rrdtool
useradd librenms -d /opt/librenms -M -r
usermod -a -G librenms nginx
cd /opt
git clone https://github.com/librenms/librenms.git
chown -R librenms:librenms /opt/librenms
chmod 770 /opt/librenms
setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
chgrp apache /var/lib/php/session/
su - librenms
./scripts/composer_wrapper.php install --no-dev
exit
vim /etc/php.ini」 設定檔修改時區
[Date]
修改前
;date.timezone =
修改後
date.timezone = Asia/Taipei
存檔
:wq
vim /etc/php-fpm.d/www.conf」;user = apache
user = nginx
group = apache ; keep group as apache
;listen = 127.0.0.1:9000
listen = /run/php-fpm/php-fpm.sock
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
systemctl enable php-fpm ; systemctl restart php-fpm
vim /etc/nginx/conf.d/librenms.conf
server_name 設定檔server {
listen 80;
server_name librenms.example.com;
root /opt/librenms/html;
index index.php;
charset utf-8;
gzip on;
gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location /api/v0 {
try_files $uri $uri/ /api_v0.php?$query_string;
}
location ~ \.php {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
systemctl restart nginx
cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf
vim /etc/snmp/snmpd.conf
curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
chmod +x /usr/bin/distro
systemctl enable snmpd ; systemctl restart snmpd
cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms
cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms
http://該服務的ip/install.php
填入要登入的系統管理員的帳號、密碼及電子郵件
正在產生設定檔
在安裝目錄下新增一個檔案 「'config.php'」並且將下面的產生出來的設定檔都複製起來並且填入該設定檔裡,在新版的安裝流程已經不需在手動增加設定檔,系統會自動產生設定檔。
config.php手動在librenms安裝位置創建文件,將屏幕上顯示的內容複製到文件中。如果必須這樣做,請記住在將屏幕內容複製到文件後設置config.php的權限chown librenms:librenms /opt/librenms/config.php
cd /opt/librenms
./validate.php
iThome鐵人賽
看影片追技術