Install LibreNMS Network Monitoring Tool on CentOS 8 - CentLinux

Latest

Tuesday, 9 February 2021

Install LibreNMS Network Monitoring Tool on CentOS 8

Install LibreNMS Network Monitoring Tool on CentOS 8

LibreNMS is a community supported fork of Observium. In this article, you will learn how to install LibreNMS network monitoring tool on CentOS 8.

 

Table of Contents:

     

    What is LibreNMS?:

    LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring software, which includes support for a wide range of network hardware and operating systems including Cisco, Linux, Juniper, Foundry, and many more.

    LibreNMS is free, open source and community supported software, that was originally forked from the last GPL-licensed version of Observium.

     

    LibreNMS Features:

    Here's a brief list of LibreNMS supported features.

    • Auto discovery
    • Alerting
    • Multiple environment sensors support
    • Multiple protocols data collection (STP, OSPF, BGP etc)
    • VLAN, ARP and FDB table collection
    • Customizable Dashboards
    • Device Backup integration (Oxidized, RANCID)
    • Distributed Polling
    • Multiple Authentication Methods (MySQL, LDAP, Active Directory, HTTP)
    • NetFlow, sFlow, IPFIX (NfSen)
    • Service monitoring (Nagios Plugins)
    • Syslog (Integrated, Graylog)
    • Traffic Billing (Quota, 95th Percentile)
    • Two Factor Authentication
    • API
    • Auto Updating

     

    Environment Specification:

    We are using a minimal CentOS 8 virtual machine with following specifications.

    • CPU - 3.4 Ghz (2 cores)
    • Memory - 2 GB
    • Storage - 20 GB
    • Operating System - CentOS Stream 8.0
    • Hostname – librenms-01.centlinux.com
    • IP Address - 192.168.116.230 /24

     

    Updating your Linux Operating System:

    You can use PuTTY (or another SSH tool) for connecting with librenms-01.centlinux.com as root user.

    Build cache for installed yum repositories by using following Linux command.

    [root@librenms-01 ~]# dnf makecache CentOS Stream 8 - AppStream 2.6 kB/s | 4.4 kB 00:01 CentOS Stream 8 - BaseOS 4.1 kB/s | 3.9 kB 00:00 CentOS Stream 8 - Extras 938 B/s | 1.5 kB 00:01 Metadata cache created.

    After updating yum cache, you can now update your Linux operating system as follows.

    [root@librenms-01 ~]# dnf update -y ... Upgraded: NetworkManager-1:1.30.0-0.7.el8.x86_64 NetworkManager-libnm-1:1.30.0-0.7.el8.x86_64 NetworkManager-team-1:1.30.0-0.7.el8.x86_64 NetworkManager-tui-1:1.30.0-0.7.el8.x86_64 cpio-2.12-10.el8.x86_64 device-mapper-8:1.02.175-1.el8.x86_64 device-mapper-event-8:1.02.175-1.el8.x86_64 device-mapper-event-libs-8:1.02.175-1.el8.x86_64 device-mapper-libs-8:1.02.175-1.el8.x86_64 kexec-tools-2.0.20-43.el8.x86_64 kmod-25-17.el8.x86_64 kmod-libs-25-17.el8.x86_64 libblkid-2.32.1-27.el8.x86_64 libfdisk-2.32.1-27.el8.x86_64 libmount-2.32.1-27.el8.x86_64 libnfsidmap-1:2.3.3-41.el8.x86_64 libpcap-14:1.9.1-5.el8.x86_64 libsmartcols-2.32.1-27.el8.x86_64 libsss_autofs-2.4.0-6.el8.x86_64 libsss_certmap-2.4.0-6.el8.x86_64 libsss_idmap-2.4.0-6.el8.x86_64 libsss_nss_idmap-2.4.0-6.el8.x86_64 libsss_sudo-2.4.0-6.el8.x86_64 libuuid-2.32.1-27.el8.x86_64 lvm2-8:2.03.11-1.el8.x86_64 lvm2-libs-8:2.03.11-1.el8.x86_64 sssd-client-2.4.0-6.el8.x86_64 sssd-common-2.4.0-6.el8.x86_64 sssd-kcm-2.4.0-6.el8.x86_64 sssd-nfs-idmap-2.4.0-6.el8.x86_64 sudo-1.8.29-6.el8_3.1.x86_64 tzdata-2021a-1.el8.noarch util-linux-2.32.1-27.el8.x86_64 Installed: libibverbs-32.0-3.el8.x86_64 rdma-core-32.0-3.el8.x86_64 Complete!

    Verify the Linux Kernel and Linux distro that we are using in this installation guide.

    [root@librenms-01 ~]# uname -r 4.18.0-269.el8.x86_64 [root@librenms-01 ~]# cat /etc/redhat-release CentOS Stream release 8

     

    Installing EPEL yum Repository on CentOS 8:

    Some of the software packages, as required by LibreNMS, are not available in default yum repositories. Therefore you must add EPEL (Extra Packages for Enterprise Linux) yum repository before installing LibreNMS software.

    [root@librenms-01 ~]# dnf -y install epel-release Last metadata expiration check: 0:03:02 ago on Sun 31 Jan 2021 10:59:58 AM PKT. Dependencies resolved. ================================================================================ Package Architecture Version Repository Size ================================================================================ Installing: epel-release noarch 8-8.el8 extras 23 k Transaction Summary ================================================================================ Install 1 Package Total download size: 23 k Installed size: 32 k Downloading Packages: epel-release-8-8.el8.noarch.rpm 23 kB/s | 23 kB 00:00 -------------------------------------------------------------------------------- Total 2.2 kB/s | 23 kB 00:10 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : epel-release-8-8.el8.noarch 1/1 Running scriptlet: epel-release-8-8.el8.noarch 1/1 Verifying : epel-release-8-8.el8.noarch 1/1 Installed: epel-release-8-8.el8.noarch Complete!

     

    Installing LibreNMS Prerequisite Software:

    Reset PHP module in yum repository to default stream.

    [root@librenms-01 ~]# dnf module reset php Extra Packages for Enterprise Linux Modular 8 - 65 kB/s | 537 kB 00:08 Extra Packages for Enterprise Linux 8 - x86_64 263 kB/s | 8.8 MB 00:34 Last metadata expiration check: 0:00:02 ago on Sun 31 Jan 2021 11:03:58 AM PKT. Dependencies resolved. Nothing to do. Complete!

    LibreNMS requires PHP 7.3, therefore, you should enable PHP 7.3 stream by using dnf command.

    [root@librenms-01 ~]# dnf module enable -y php:7.3 Last metadata expiration check: 0:01:13 ago on Sun 31 Jan 2021 11:03:58 AM PKT. Dependencies resolved. ================================================================================ Package Architecture Version Repository Size ================================================================================ Enabling module streams: httpd 2.4 nginx 1.14 php 7.3 Transaction Summary ================================================================================ Complete!

    Now, execute the following dnf command to install all the prerequisite software packages, as required by LibreNMS networking monitoring tool.

    [root@librenms-01 ~]# dnf install -y bash-completion \ > cronie fping git ImageMagick \ > mariadb-server mtr net-snmp \ > net-snmp-utils nginx nmap \ > php-fpm php-cli php-common \ > php-curl php-gd php-json \ > php-mbstring php-process \ > php-snmp php-xml php-zip \ > php-mysqlnd python3 \ > python3-PyMySQL python3-redis \ > python3-memcached python3-pip \ > rrdtool unzip ... Installed: ImageMagick-6.9.10.86-1.el8.x86_64 ImageMagick-libs-6.9.10.86-1.el8.x86_64 LibRaw-0.19.5-2.el8.x86_64 OpenEXR-libs-2.2.0-12.el8.x86_64 adobe-mappings-cmap-20171205-3.el8.noarch adobe-mappings-cmap-deprecated-20171205-3.el8.noarch adobe-mappings-pdf-20180407-1.el8.noarch atk-2.28.1-1.el8.x86_64 avahi-libs-0.7-20.el8.x86_64 cairo-1.15.12-3.el8.x86_64 cups-libs-1:2.2.6-38.el8.x86_64 dejavu-fonts-common-2.35-7.el8.noarch dejavu-sans-mono-fonts-2.35-7.el8.noarch emacs-filesystem-1:26.1-5.el8.noarch fftw-libs-double-3.3.5-11.el8.x86_64 fontconfig-2.13.1-3.el8.x86_64 fontpackages-filesystem-1.44-22.el8.noarch fping-4.2-2.el8.x86_64 fribidi-1.0.4-8.el8.x86_64 gd-2.2.5-7.el8.x86_64 gdk-pixbuf2-2.36.12-5.el8.x86_64 gdk-pixbuf2-modules-2.36.12-5.el8.x86_64 git-2.27.0-1.el8.x86_64 git-core-2.27.0-1.el8.x86_64 git-core-doc-2.27.0-1.el8.noarch google-droid-sans-fonts-20120715-13.el8.noarch graphite2-1.3.10-10.el8.x86_64 graphviz-2.40.1-40.el8.x86_64 gtk-update-icon-cache-3.22.30-6.el8.x86_64 gtk2-2.24.32-5.el8.x86_64 harfbuzz-1.7.5-3.el8.x86_64 hicolor-icon-theme-0.17-2.el8.noarch httpd-filesystem-2.4.37-30.module_el8.3.0+462+ba287492.0.1.noarch ilmbase-2.2.0-13.el8.x86_64 jasper-libs-2.0.14-4.el8.x86_64 jbig2dec-libs-0.16-1.el8.x86_64 jbigkit-libs-2.1-14.el8.x86_64 lcms2-2.9-2.el8.x86_64 libICE-1.0.9-15.el8.x86_64 libSM-1.2.3-1.el8.x86_64 libX11-1.6.8-4.el8.x86_64 libX11-common-1.6.8-4.el8.noarch libXau-1.0.9-3.el8.x86_64 libXaw-1.0.13-10.el8.x86_64 libXcomposite-0.4.4-14.el8.x86_64 libXcursor-1.1.15-3.el8.x86_64 libXdamage-1.1.4-14.el8.x86_64 libXext-1.3.4-1.el8.x86_64 libXfixes-5.0.3-7.el8.x86_64 libXft-2.3.3-1.el8.x86_64 libXi-1.7.10-1.el8.x86_64 libXinerama-1.1.4-1.el8.x86_64 libXmu-1.1.3-1.el8.x86_64 libXpm-3.5.12-8.el8.x86_64 libXrandr-1.5.2-1.el8.x86_64 libXrender-0.9.10-7.el8.x86_64 libXt-1.1.5-12.el8.x86_64 libXxf86misc-1.0.4-1.el8.x86_64 libXxf86vm-1.1.4-9.el8.x86_64 libdatrie-0.2.9-7.el8.x86_64 libfontenc-1.1.3-8.el8.x86_64 libgs-9.27-1.el8.x86_64 libidn-1.34-5.el8.x86_64 libijs-0.35-5.el8.x86_64 libjpeg-turbo-1.5.3-10.el8.x86_64 libmcpp-2.7.2-20.el8.x86_64 libpaper-1.1.24-22.el8.x86_64 libraqm-0.7.0-4.el8.x86_64 librsvg2-2.42.7-4.el8.x86_64 libthai-0.1.27-2.el8.x86_64 libtiff-4.0.9-18.el8.x86_64 libwebp-1.0.0-1.el8.x86_64 libwmf-lite-0.2.9-8.el8_0.x86_64 libxcb-1.13.1-1.el8.x86_64 libzip-1.5.2-1.module_el8.2.0+314+53b99e08.x86_64 lm_sensors-libs-3.4.0-22.20180522git70f7e08.el8.x86_64 mariadb-3:10.3.27-3.module_el8.3.0+599+c587b2e7.x86_64 mariadb-backup-3:10.3.27-3.module_el8.3.0+599+c587b2e7.x86_64 mariadb-common-3:10.3.27-3.module_el8.3.0+599+c587b2e7.x86_64 mariadb-connector-c-3.1.11-2.el8_3.x86_64 mariadb-connector-c-config-3.1.11-2.el8_3.noarch mariadb-errmsg-3:10.3.27-3.module_el8.3.0+599+c587b2e7.x86_64 mariadb-gssapi-server-3:10.3.27-3.module_el8.3.0+599+c587b2e7.x86_64 mariadb-server-3:10.3.27-3.module_el8.3.0+599+c587b2e7.x86_64 mariadb-server-utils-3:10.3.27-3.module_el8.3.0+599+c587b2e7.x86_64 mcpp-2.7.2-20.el8.x86_64 mtr-2:0.92-3.el8.x86_64 net-snmp-1:5.8-20.el8.x86_64 net-snmp-agent-libs-1:5.8-20.el8.x86_64 net-snmp-libs-1:5.8-20.el8.x86_64 net-snmp-utils-1:5.8-20.el8.x86_64 nginx-1:1.14.1-9.module_el8.0.0+184+e34fea82.x86_64 nginx-all-modules-1:1.14.1-9.module_el8.0.0+184+e34fea82.noarch nginx-filesystem-1:1.14.1-9.module_el8.0.0+184+e34fea82.noarch nginx-mod-http-image-filter-1:1.14.1-9.module_el8.0.0+184+e34fea82.x86_64 nginx-mod-http-perl-1:1.14.1-9.module_el8.0.0+184+e34fea82.x86_64 nginx-mod-http-xslt-filter-1:1.14.1-9.module_el8.0.0+184+e34fea82.x86_64 nginx-mod-mail-1:1.14.1-9.module_el8.0.0+184+e34fea82.x86_64 nginx-mod-stream-1:1.14.1-9.module_el8.0.0+184+e34fea82.x86_64 nmap-2:7.70-5.el8.x86_64 nmap-ncat-2:7.70-5.el8.x86_64 openjpeg2-2.3.1-6.el8.x86_64 pango-1.42.4-6.el8.x86_64 perl-Carp-1.42-396.el8.noarch perl-DBD-MySQL-4.046-3.module_el8.3.0+419+c2dec72b.x86_64 perl-DBI-1.641-3.module_el8.3.0+413+9be2aeb5.x86_64 perl-Data-Dumper-2.167-399.el8.x86_64 perl-Digest-1.17-395.el8.noarch perl-Digest-MD5-2.55-396.el8.x86_64 perl-Encode-4:2.97-3.el8.x86_64 perl-Errno-1.28-419.el8.x86_64 perl-Error-1:0.17025-2.el8.noarch perl-Exporter-5.72-396.el8.noarch perl-File-Path-2.15-2.el8.noarch perl-File-Temp-0.230.600-1.el8.noarch perl-Getopt-Long-1:2.50-4.el8.noarch perl-Git-2.27.0-1.el8.noarch perl-HTTP-Tiny-0.074-1.el8.noarch perl-IO-1.38-419.el8.x86_64 perl-IO-Socket-IP-0.39-5.el8.noarch perl-IO-Socket-SSL-2.066-4.module_el8.4.0+517+be1595ff.noarch perl-MIME-Base64-3.15-396.el8.x86_64 perl-Math-BigInt-1:1.9998.11-7.el8.noarch perl-Math-Complex-1.59-419.el8.noarch perl-Mozilla-CA-20160104-7.module_el8.3.0+416+dee7bcef.noarch perl-Net-SSLeay-1.88-1.module_el8.4.0+517+be1595ff.x86_64 perl-PathTools-3.74-1.el8.x86_64 perl-Pod-Escapes-1:1.07-395.el8.noarch perl-Pod-Perldoc-3.28-396.el8.noarch perl-Pod-Simple-1:3.35-395.el8.noarch perl-Pod-Usage-4:1.69-395.el8.noarch perl-Scalar-List-Utils-3:1.49-2.el8.x86_64 perl-Socket-4:2.027-3.el8.x86_64 perl-Storable-1:3.11-3.el8.x86_64 perl-Term-ANSIColor-4.06-396.el8.noarch perl-Term-Cap-1.17-395.el8.noarch perl-TermReadKey-2.37-7.el8.x86_64 perl-Text-ParseWords-3.30-395.el8.noarch perl-Text-Tabs+Wrap-2013.0523-395.el8.noarch perl-Time-Local-1:1.280-1.el8.noarch perl-URI-1.73-3.el8.noarch perl-Unicode-Normalize-1.25-396.el8.x86_64 perl-constant-1.33-396.el8.noarch perl-interpreter-4:5.26.3-419.el8.x86_64 perl-libnet-3.11-3.el8.noarch perl-libs-4:5.26.3-419.el8.x86_64 perl-macros-4:5.26.3-419.el8.x86_64 perl-parent-1:0.237-1.el8.noarch perl-podlators-4.11-1.el8.noarch perl-threads-1:2.21-2.el8.x86_64 perl-threads-shared-1.58-2.el8.x86_64 php-cli-7.3.20-1.module_el8.2.0+498+4deef2f1.x86_64 php-common-7.3.20-1.module_el8.2.0+498+4deef2f1.x86_64 php-fpm-7.3.20-1.module_el8.2.0+498+4deef2f1.x86_64 php-gd-7.3.20-1.module_el8.2.0+498+4deef2f1.x86_64 php-json-7.3.20-1.module_el8.2.0+498+4deef2f1.x86_64 php-mbstring-7.3.20-1.module_el8.2.0+498+4deef2f1.x86_64 php-mysqlnd-7.3.20-1.module_el8.2.0+498+4deef2f1.x86_64 php-pdo-7.3.20-1.module_el8.2.0+498+4deef2f1.x86_64 php-pecl-zip-1.15.4-1.module_el8.2.0+314+53b99e08.x86_64 php-process-7.3.20-1.module_el8.2.0+498+4deef2f1.x86_64 php-snmp-7.3.20-1.module_el8.2.0+498+4deef2f1.x86_64 php-xml-7.3.20-1.module_el8.2.0+498+4deef2f1.x86_64 pixman-0.38.4-1.el8.x86_64 psmisc-23.1-5.el8.x86_64 python3-PyMySQL-0.8.0-10.module_el8.3.0+389+6a62c88d.noarch python3-memcached-1.58-8.el8.noarch python3-pip-9.0.3-19.el8.noarch python3-redis-3.5.3-1.el8.noarch python3-setuptools-39.2.0-6.el8.noarch python36-3.6.8-2.module_el8.3.0+389+6a62c88d.x86_64 rrdtool-1.7.0-16.el8.x86_64 unzip-6.0-44.el8.x86_64 urw-base35-bookman-fonts-20170801-10.el8.noarch urw-base35-c059-fonts-20170801-10.el8.noarch urw-base35-d050000l-fonts-20170801-10.el8.noarch urw-base35-fonts-20170801-10.el8.noarch urw-base35-fonts-common-20170801-10.el8.noarch urw-base35-gothic-fonts-20170801-10.el8.noarch urw-base35-nimbus-mono-ps-fonts-20170801-10.el8.noarch urw-base35-nimbus-roman-fonts-20170801-10.el8.noarch urw-base35-nimbus-sans-fonts-20170801-10.el8.noarch urw-base35-p052-fonts-20170801-10.el8.noarch urw-base35-standard-symbols-ps-fonts-20170801-10.el8.noarch urw-base35-z003-fonts-20170801-10.el8.noarch xorg-x11-font-utils-1:7.5-40.el8.x86_64 xorg-x11-fonts-ISO8859-1-100dpi-7.5-19.el8.noarch xorg-x11-server-utils-7.7-27.el8.x86_64 Complete!

     

    Create Linux User and Directory for LibreNMS Software:

    Create a Linux user to own LibreNMS software files and processes.

    [root@librenms-01 ~]# useradd librenms -d /opt/librenms -M -r -s /bin/bash

     

    Downloading LibreNMS Network Monitoring Tool:

    Now, clone the LibreNMS GitHub repository by using git command.

    [root@librenms-01 ~]# cd /opt [root@librenms-01 opt]# git clone https://github.com/librenms/librenms.git Cloning into 'librenms'... remote: Enumerating objects: 7, done. remote: Counting objects: 100% (7/7), done. remote: Compressing objects: 100% (7/7), done. remote: Total 174397 (delta 0), reused 0 (delta 0), pack-reused 174390 Receiving objects: 100% (174397/174397), 183.77 MiB | 175.00 KiB/s, done. Resolving deltas: 100% (122858/122858), done. Updating files: 100% (11584/11584), done.

    Adjust permissions on the cloned directory by executing following commands at Linux Bash prompt.

    [root@librenms-01 opt]# chown -R librenms:librenms /opt/librenms [root@librenms-01 opt]# chmod 771 /opt/librenms [root@librenms-01 opt]# setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/ [root@librenms-01 opt]# setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/

    Connect as librenms user and install PHP libraries as required by LibreNMS network monitoring software.

    [root@librenms-01 opt]# su - librenms Last login: Sun Jan 31 11:16:07 PKT 2021 on pts/0 [librenms@librenms-01 ~]$ ./scripts/composer_wrapper.php install --no-dev ... Discovered Package: darkghosthunter/larapoke Discovered Package: fideloper/proxy Discovered Package: fruitcake/laravel-cors Discovered Package: laravel/tinker Discovered Package: laravel/ui Discovered Package: librenms/laravel-vue-i18n-generator Discovered Package: nesbot/carbon Discovered Package: oriceon/toastr-5-laravel Discovered Package: tightenco/ziggy Discovered Package: wpb/string-blade-compiler Package manifest generated successfully. 55 packages you are using are looking for funding. Use the `composer fund` command to find out more! > LibreNMS\ComposerHelper::postInstall setfacl -R -m g::rwx rrd/ logs/ storage/ bootstrap/cache/ setfacl -d -m g::rwx rrd/ logs/ storage/ bootstrap/cache/ > Illuminate\Foundation\ComposerScripts::postInstall > @php artisan vue-i18n:generate --multi-locales --format=umd > @php artisan view:cache Compiled views cleared! Blade templates cached successfully! > @php artisan optimize Configuration cache cleared! Configuration cached successfully! Route cache cleared! Routes cached successfully! Files cached successfully! > @php artisan config:clear Configuration cache cleared! > scripts/check_requirements.py || pip3 install --user -r requirements.txt || : [librenms@librenms-01 ~]$ exit logout

     

    Installing Composer on CentOS 8 Server:

    Install latest stable version of Composer on your Linux server.

    [root@librenms-01 opt]# wget https://getcomposer.org/composer-stable.phar --2021-01-31 12:42:00-- https://getcomposer.org/composer-stable.phar Resolving getcomposer.org (getcomposer.org)... 54.36.53.46, 2001:41d0:302:1100::8:104f Connecting to getcomposer.org (getcomposer.org)|54.36.53.46|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 2205196 (2.1M) [application/octet-stream] Saving to: âcomposer-stable.pharâ composer-stable.pha 100%[===================>] 2.10M 196KB/s in 9.6s 2021-01-31 12:42:11 (224 KB/s) - âcomposer-stable.pharâ saved [2205196/2205196]

    Rename the downloaded file and grant execution permissions on it.

    [root@librenms-01 opt]# mv composer-stable.phar /usr/bin/composer [root@librenms-01 opt]# chmod +x /usr/bin/composer

     

    Set Timezone for LibreNMS:

    You need to set a common timezone in PHP and Linux operating system.

    First edit PHP configuration file.

    [root@librenms-01 opt]# vi /etc/php.ini

    Find and set following variable in PHP configuration file.

    date.timezone = America/New_York

    Now, set the same timezone in Linux operating system. You can use the following Linux command for this purpose.

    [root@librenms-01 opt]# timedatectl set-timezone America/New_York

     

    Configure MySQL server for LibreNMS:

    Open MySQL configuration file in vim editor.

    [root@librenms-01 opt]# vi /etc/my.cnf.d/mariadb-server.cnf

    Add following directives under [mysqld] section.

    innodb_file_per_table=1 lower_case_table_names=0

    Enable and start MySQL database service.

    [root@librenms-01 opt]# systemctl enable --now mariadb.service Created symlink /etc/systemd/system/mysql.service â /usr/lib/systemd/system/mariadb.service. Created symlink /etc/systemd/system/mysqld.service â /usr/lib/systemd/system/mariadb.service. Created symlink /etc/systemd/system/multi-user.target.wants/mariadb.service â /usr/lib/systemd/system/mariadb.service.

    Configure MySQL database server for the first time by executing following command at Linux bash prompt.

    [root@librenms-01 opt]# mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MariaDB root user without the proper authorisation. Set root password? [Y/n] Y New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] Y ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] Y ... Success! By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] Y - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] Y ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB!

    Login to MySQL shell as root user.

    [root@librenms-01 opt]# mysql -u root -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 16 Server version: 10.3.27-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]>

    Create a MySQL database for LibreNMS software. This database will be used by LibreNMS application as it's backend repository.

    MariaDB [(none)]> CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci; Query OK, 1 row affected (0.001 sec)

    Create a MySQL database user.

    MariaDB [(none)]> CREATE USER 'librenms'@'localhost' IDENTIFIED BY 'Str0ngPa55w0rd'; Query OK, 0 rows affected (0.001 sec)

    Grant complete permissions on librenms database to librenms user.

    MariaDB [(none)]> GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost'; Query OK, 0 rows affected (0.000 sec)

    Reload privileges tables and exit from MySQL shell.

    MariaDB [(none)]> FLUSH PRIVILEGES; Query OK, 0 rows affected (0.000 sec) MariaDB [(none)]> exit Bye

     

    Configure PHP-FPM Service for LibreNMS:

    To configure php-fpm service, create a copy of default configuration file and rename it as librenms.conf.

    [root@librenms-01 opt]# cp /etc/php-fpm.d/www.conf /etc/php-fpm.d/librenms.conf

    Edit this file in Linux vim editor.

    [root@librenms-01 opt]# vi /etc/php-fpm.d/librenms.conf

    Locate and Change [www] to [librenms]

    Also set following directives therein.

    user = librenms group = librenms listen = /run/php-fpm-librenms.sock

     

    Configure Nginx Web Server for LibreNMS:

    Create a Nginx configuration file for LibreNMS and edit it in vim text editor.

    [root@librenms-01 opt]# vi /etc/nginx/conf.d/librenms.conf

    Add following lines in this file.

    server { listen 80; server_name librenms-01.centlinux.com; root /opt/librenms/html; index index.php; charset utf-8; gzip on; gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon; location / { try_files $uri $uri/ /index.php?$query_string; } location ~ [^/]\.php(/|$) { fastcgi_pass unix:/run/php-fpm-librenms.sock; fastcgi_split_path_info ^(.+\.php)(/.+)$; include fastcgi.conf; } location ~ /\.(?!well-known).* { deny all; } }

    Edit Nginx default configuration file in Linux vim editor.

    [root@librenms-01 opt]# vi /etc/nginx/nginx.conf

    Find and comment complete 'Server' section in this file.

    Enable and start php-fpm and nginx services.

    [root@librenms-01 opt]# systemctl enable --now nginx.service php-fpm.service Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service â /usr/lib/systemd/system/nginx.service. Created symlink /etc/systemd/system/multi-user.target.wants/php-fpm.service â /usr/lib/systemd/system/php-fpm.service.

     

    Configure SELinux Policies for LibreNMS:

    Since, we are using a minimal CentOS 8 Linux server. Therefore, to configure SELinux, you have to install SELinux tools as follows.

    [root@librenms-01 opt]# dnf install -y policycoreutils-python-utils Last metadata expiration check: 1:54:43 ago on Sun 31 Jan 2021 06:03:58 AM UTC. Dependencies resolved. ================================================================================ Package Arch Version Repo Size ================================================================================ Installing: policycoreutils-python-utils noarch 2.9-9.el8 baseos 251 k Installing dependencies: checkpolicy x86_64 2.9-1.el8 baseos 348 k python3-audit x86_64 3.0-0.17.20191104git1c2f876.el8 baseos 86 k python3-libsemanage x86_64 2.9-4.el8 baseos 127 k python3-policycoreutils noarch 2.9-9.el8 baseos 2.2 M python3-setools x86_64 4.3.0-2.el8 baseos 626 k Transaction Summary ================================================================================ Install 6 Packages Total download size: 3.6 M Installed size: 11 M Downloading Packages: (1/6): python3-audit-3.0-0.17.20191104git1c2f87 41 kB/s | 86 kB 00:02 (2/6): policycoreutils-python-utils-2.9-9.el8.n 96 kB/s | 251 kB 00:02 (3/6): checkpolicy-2.9-1.el8.x86_64.rpm 102 kB/s | 348 kB 00:03 (4/6): python3-libsemanage-2.9-4.el8.x86_64.rpm 97 kB/s | 127 kB 00:01 (5/6): python3-setools-4.3.0-2.el8.x86_64.rpm 156 kB/s | 626 kB 00:04 (6/6): python3-policycoreutils-2.9-9.el8.noarch 352 kB/s | 2.2 MB 00:06 -------------------------------------------------------------------------------- Total 358 kB/s | 3.6 MB 00:10 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : python3-setools-4.3.0-2.el8.x86_64 1/6 Installing : python3-libsemanage-2.9-4.el8.x86_64 2/6 Installing : python3-audit-3.0-0.17.20191104git1c2f876.el8.x86_64 3/6 Installing : checkpolicy-2.9-1.el8.x86_64 4/6 Installing : python3-policycoreutils-2.9-9.el8.noarch 5/6 Installing : policycoreutils-python-utils-2.9-9.el8.noarch 6/6 Running scriptlet: policycoreutils-python-utils-2.9-9.el8.noarch 6/6 Verifying : checkpolicy-2.9-1.el8.x86_64 1/6 Verifying : policycoreutils-python-utils-2.9-9.el8.noarch 2/6 Verifying : python3-audit-3.0-0.17.20191104git1c2f876.el8.x86_64 3/6 Verifying : python3-libsemanage-2.9-4.el8.x86_64 4/6 Verifying : python3-policycoreutils-2.9-9.el8.noarch 5/6 Verifying : python3-setools-4.3.0-2.el8.x86_64 6/6 Installed: checkpolicy-2.9-1.el8.x86_64 policycoreutils-python-utils-2.9-9.el8.noarch python3-audit-3.0-0.17.20191104git1c2f876.el8.x86_64 python3-libsemanage-2.9-4.el8.x86_64 python3-policycoreutils-2.9-9.el8.noarch python3-setools-4.3.0-2.el8.x86_64 Complete!

    Now execute following command at Linux bash prompt to configure SELinux for LibreNMS.

    [root@librenms-01 opt]# semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/html(/.*)?' [root@librenms-01 opt]# semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/(logs|rrd|storage)(/.*)?' [root@librenms-01 opt]# restorecon -RF /opt/librenms [root@librenms-01 opt]# setsebool -P httpd_can_sendmail=1 [root@librenms-01 opt]# setsebool -P httpd_execmem 1 [root@librenms-01 opt]# chcon -t httpd_sys_rw_content_t /opt/librenms/.env

    Create a SELinux policy to allow fping by httpd_t context types.

    [root@librenms-01 opt]# cd [root@librenms-01 ~]# vi http_fping.tt

    Add following lines therein.

    module http_fping 1.0; require { type httpd_t; class capability net_raw; class rawip_socket { getopt create setopt write read }; } #============= httpd_t ============== allow httpd_t self:capability net_raw; allow httpd_t self:rawip_socket { getopt create setopt write read };

    Load and apply this SELinux policy on your Linux server.

    [root@librenms-01 ~]# checkmodule -M -m -o http_fping.mod http_fping.tt [root@librenms-01 ~]# semodule_package -o http_fping.pp -m http_fping.mod [root@librenms-01 ~]# semodule -i http_fping.pp

     

    Configure Linux Firewall for LibreNMS:

    LibreNMS uses default HTTP ports for its web service. Therefore, execute following commands to allow these ports in Linux Firewall.

    [root@librenms-01 ~]# firewall-cmd --zone public --add-service http --add-service https success [root@librenms-01 ~]# firewall-cmd --permanent --zone public --add-service http --add-service https success

     

    Configure Bash Completion for LNMS Command:

    You can enable bash completion for lnms command, just as you would with other Linux commands.

    Execute following commands to configure bash completion for lnms command.

    [root@librenms-01 ~]# ln -s /opt/librenms/lnms /usr/bin/lnms [root@librenms-01 ~]# cp /opt/librenms/misc/lnms-completion.bash /etc/bash_completion.d/

     

    Configure SNMPD on your Linux Server:

    An snmp sample configuration is provided with LibreNMS networking monitoring software. Create a copy of this sample file and then edit it in a Linux text editor.

    [root@librenms-01 ~]# cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf [root@librenms-01 ~]# vi /etc/snmp/snmpd.conf

    Edit the text which says RANDOMSTRINGGOESHERE and set your own community string.

    Download snmp configuration script and place it in /usr/bin directory.

    [root@librenms-01 ~]# curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 4637 100 4637 0 0 3233 0 0:00:01 0:00:01 --:--:-- 3231

    Grant execution privileges to download file.

    [root@librenms-01 ~]# chmod +x /usr/bin/distro

    Enable and start SNMPD service.

    [root@librenms-01 ~]# systemctl enable --now snmpd.service Created symlink /etc/systemd/system/multi-user.target.wants/snmpd.service â /usr/lib/systemd/system/snmpd.service.

    If snmp is new for you then, we recommend that you should buy and read Essential SNMP, Second Edition by Douglas Mauro and Kevin Schmidt.

     

    Setup LibreNMS Cron Jobs:

    LibreNMS network monitoring software also provides a crontab file. Just copy it in crontab directory to setup required cron jobs.

    [root@librenms-01 ~]# cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms

     

    Configure Logrotate for LibreNMS:

    Similarly copy the logrotate configuration file at logrotate directory. This file is also provide in LibreNMS software.

    [root@librenms-01 ~]# cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms

     

    Starting LibreNMS Web Installer:

    Open URL http://librenms-01.centlinux.com/install in Google chrome (or another web browser).

    The web installer might prompt you to create a config.php file in your LibreNMS install location manually, copying the content displayed on-screen to the file. You are also required to set the ownership of this file.

    [root@librenms-01 ~]# vi /opt/librenms/config.php [root@librenms-01 ~]# chown librenms:librenms /opt/librenms/config.php

    The web installer perform a prerequisite check. It won't show any warning if you have followed the above steps correctly.

    01-install-librenms-network-monitoring-tool-centos-prerequisites

    Provide MySQL server connection details and build a database for LibreNMS network monitoring software.

    02-install-librenms-network-monitoring-tool-centos-database

    03-install-librenms-network-monitoring-tool-centos-database

    04-install-librenms-network-monitoring-tool-centos-database

    Create an admin user for LibreNMS software.

    05-install-librenms-network-monitoring-tool-centos-admin-user

    06-install-librenms-network-monitoring-tool-centos-admin-user

    LibreNMS installation is completed successfully.

    07-install-librenms-network-monitoring-tool-centos-finish

    Use admin user to login to LibreNMS web UI.

    08-install-librenms-network-monitoring-tool-centos-login

     

    Validate LibreNMS Installation:

    After installation and configuration of LibreNMS, you can execute validate.php script to check for any issues therein.

    [root@librenms-01 ~]# su - librenms Last login: Sun Jan 31 07:07:41 UTC 2021 on pts/0 [librenms@librenms-01 ~]$ ./validate.php ==================================== Component | Version --------- | ------- LibreNMS | 1.70.1-70-g17f5a3f23 DB Schema | 2020_11_02_164331_add_powerstate_enum_to_vminfo (191) PHP | 7.3.20 Python | 3.6.8 MySQL | 10.3.27-MariaDB RRDTool | 1.7.0 SNMP | NET-SNMP 5.8 ==================================== [OK] Composer Version: 2.0.9 [OK] Dependencies up-to-date. [WARN] You have no devices. [FIX]: Consider adding a device such as localhost: /addhost [OK] Database connection successful [OK] Database schema correct

    Our LibreNMS server has no issues at all.

     

    Conclusion:

    We have successfully installed and configured LibreNMS network monitoring tool on CentOS 8. If you faced difficulty understanding the Linux commands and configurations in this article, then you should buy and read The Linux Command Line, 2nd Edition: A Complete Introduction by William Shotts.

    No comments:

    Post a comment