CentOS Stream 8
Sponsored Link

Cacti : Install2021/06/07

 
Install Cacti to monitor system status.
[1]
[2]
[3]
[4] Install Cacti and SNMP.
# install from EPEL

[root@dlp ~]#
dnf --enablerepo=epel -y install cacti net-snmp net-snmp-utils php-mysqlnd php-snmp php-bcmath rrdtool
[5] Configure SNMP (Simple Network Management Protocol).
[root@dlp ~]#
vi /etc/snmp/snmpd.conf
# line 41 : comment out
#com2sec notConfigUser  default       public

# line 74,75 : uncomment and change
# change [mynetwork] to your own network
# change comunity name except public, private (for security reason)
##       sec.name  source          community
com2sec local     localhost       Serverworld
com2sec mynetwork 10.0.0.0/24     Serverworld

# line 78,79 : uncomment and change
##     group.name sec.model  sec.name
group MyRWGroup  v2c        local
group MyROGroup  v2c        mynetwork

# line 85 : uncomment
##           incl/excl subtree                          mask
view all    included  .1                               80

# line 93,94 : uncomment and change
##                context sec.model sec.level prefix read   write  notif
access MyROGroup ""      v2c       noauth    exact      all    none   none
access MyRWGroup ""      v2c       noauth    exact      all    all    all

[root@dlp ~]#
systemctl enable --now snmpd
# verify settings

# replace [Serverworld] to the comunity name you set

[root@dlp ~]#
snmpwalk -v2c -c Serverworld localhost system

SNMPv2-MIB::sysDescr.0 = STRING: Linux dlp.srv.world 4.18.0-305.el8.x86_64 #1 SMP Tue May 18 14:52:12 UTC 2021 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1250) 0:00:12.50
SNMPv2-MIB::sysContact.0 = STRING: Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
SNMPv2-MIB::sysName.0 = STRING: dlp.srv.world
.....
.....
[6] Change MariaDB settings to Cacti required or recommended settings.
[root@dlp ~]#
vi /etc/my.cnf.d/mariadb-server.cnf
# add into [mysqld] section

[mysqld]
.....
.....
default-time-zone='Asia/Tokyo'
character-set-server=utf8mb4
character_set_client=utf8mb4
collation-server=utf8mb4_unicode_ci

max_heap_table_size=128M
tmp_table_size=128M
join_buffer_size=256M
innodb_file_format=Barracuda
innodb_large_prefix=1
innodb_buffer_pool_size=2048M
innodb_flush_log_at_timeout=3
innodb_read_io_threads=32
innodb_write_io_threads=16
innodb_buffer_pool_instances=17
innodb_io_capacity=5000
innodb_io_capacity_max=10000

# apply timezone setting

[root@dlp ~]#
mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql

Enter password:
Warning: Unable to load '/usr/share/zoneinfo/leapseconds' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/tzdata.zi' as time zone. Skipping it.
[root@dlp ~]#
systemctl restart mariadb
[7] Create a Database for Cacti and import tables.
[root@dlp ~]#
mysql -u root -p

Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 12
Server version: 10.3.28-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

# create [Cacti] database
# replace [password] to any password
MariaDB [(none)]> create database cacti; 
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all privileges on cacti.* to cacti@'localhost' identified by 'password'; 
Query OK, 0 rows affected (0.00 sec)

# add [select] right to [time_zone_name] table in [mysql] DB for Cacti requirements
MariaDB [(none)]> grant select on mysql.time_zone_name to cacti@'localhost'; 

MariaDB [(none)]> exit 
Bye

[root@dlp ~]#
mysql -u cacti -p cacti < /usr/share/doc/cacti/cacti.sql

Enter password:  
# cacti user password
[8] If SELinux is enabled, change policy.
[root@dlp ~]#
setsebool -P httpd_can_network_connect on

[root@dlp ~]#
setsebool -P httpd_unified on

[root@dlp ~]#
setsebool -P domain_can_mmap_files on

[root@dlp ~]#
vi cacti-phpfpm.te
# create new

module cacti-phpfpm 1.0;

require {
        type admin_home_t;
        type httpd_t;
        type httpd_log_t;
        class file { getattr map open read unlink write };
        class dir { remove_name };
}

#============= httpd_t ==============
allow httpd_t admin_home_t:file map;
allow httpd_t admin_home_t:file { getattr open read };
allow httpd_t httpd_log_t:dir remove_name;
allow httpd_t httpd_log_t:file { unlink write };

[root@dlp ~]#
checkmodule -m -M -o cacti-phpfpm.mod cacti-phpfpm.te

checkmodule: loading policy configuration from cacti-phpfpm.te
checkmodule: policy configuration loaded
checkmodule: writing binary representation (version 19) to cacti-phpfpm.mod
[root@dlp ~]#
semodule_package --outfile cacti-phpfpm.pp --module cacti-phpfpm.mod

[root@dlp ~]#
semodule -i cacti-phpfpm.pp

[9] Configure Cacti and others.
[root@dlp ~]#
vi /etc/cron.d/cacti
# uncomment

*/5 * * * *     apache  /usr/bin/php /usr/share/cacti/poller.php > /dev/null 2>&1

[root@dlp ~]#
vi /usr/share/cacti/include/config.php
// line 29 : change to the connection info to MariaDB

$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "
cacti
";
$database_password = "
password
";
$database_port = "3306";
$database_ssl = false;
[root@dlp ~]#
vi /etc/php.ini
;; line 388 : change to Cacti recommended

max_execution_time =
60
;; line 409 : change to Cacti recommended

memory_limit =
512M
;; line 923 : set default timezone (replace to your own one)

date.timezone =
Asia/Tokyo
[root@dlp ~]#
vi /etc/httpd/conf.d/cacti.conf
# line 17 : add access permission if you need

Require host localhost
Require ip 10.0.0.0/24
[root@dlp ~]#
systemctl restart httpd php-fpm

Matched Content