Latest

Friday, 9 December 2022

Install Cacti Monitoring Server on Rocky Linux 9

Install Cacti Monitoring Server on Rocky Linux 9

This configuration guide is about how to install Cacti Monitoring Server on Rocky Linux 9 and other Red Hat based Linux distros.

 

Table of Contents:

     

    What is Cacti?:

    Cacti is an open-source, web-based network monitoring and graphing tool designed as a front-end application for the open-source, industry-standard data logging tool RRDtool. Cacti allows a user to poll services at predetermined intervals and graph the resulting data. It is generally used to graph time-series data of metrics such as CPU load and network bandwidth utilization. A common usage is to monitor network traffic by polling a network switch or router interface via Simple Network Management Protocol (SNMP).

    The front end can handle multiple users, each with their own graph sets, so it is sometimes used by web hosting providers (especially dedicated server, virtual private server, and colocation providers) to display bandwidth statistics for their customers. It can be used to configure the data collection itself, allowing certain setups to be monitored without any manual configuration of RRDtool. Cacti can be extended to monitor any source via shell scripts and executables.

    Cacti can use one of two back ends: "cmd.php", a PHP script suitable for smaller installations, or "Spine" (formerly Cactid), a C-based poller which can scale to thousands of hosts.

    Install Cacti Monitoring Server on Rocky Linux 9

     

    Environment Specification:

    We are using a minimal Rocky Linux 9 virtual machine with following specifications.

    • CPU - 3.4 Ghz (2 cores)
    • Memory - 2 GB
    • Storage - 20 GB
    • Operating System - Rocky Linux release 9.1 (Blue Onyx)
    • Hostname – cacti-01.centlinux.com
    • IP Address - 192.168.116.135/24

     

    Preparing Your Rocky Linux Server:

    By using a ssh client, Login to cacti-01.centlinux.com as root user.

    Set a FQDN (Fully Qualified Domain Name) for your Linux Server.

    # hostnamectl set-hostname cacti-01.centlinux.com

    Refresh your yum cache by executing following command at Linux Bash prompt.

    # dnf makecache
    Rocky Linux 9 - BaseOS                          261 kB/s | 1.7 MB     00:06
    Rocky Linux 9 - AppStream                       408 kB/s | 6.4 MB     00:16
    Rocky Linux 9 - Extras                          2.4 kB/s | 7.0 kB     00:02
    Metadata cache created.

    Update software packages in your Linux operating system with the help of dnf command.

    # dnf update -y

    Sometimes, above command also updates the Linux Kernel. In such scenario, you should reboot your Linux operating system before continue with Cacti server installation.

    # reboot

    Aftrer reboot, check the versions of your Linux operating system and Kernel, that are being used in this tutorial.

    # cat /etc/rocky-release
    Rocky Linux release 9.1 (Blue Onyx)
    
    # uname -r
    5.14.0-162.6.1.el9_1.0.1.x86_64

     

    Installing Cacti Prerequisites:

    There is a long list of dependencies of Cacti Monitoring software including apache, php and mariadb.

    We have aggregated these prerequisites in a single command for you, to install all of them in one shot.

    # dnf install -y httpd httpd-devel mariadb-server \
    > php-fpm php-common php-mysqlnd php-xml php-ldap php-json \
    > php-cli php-gd php-gmp php-mbstring php-process php-intl \
    > net-snmp php-snmp net-snmp-utils rrdtool libicu

    Enable and start prerequisite services as follows.

    # systemctl enable --now httpd mariadb php-fpm snmpd
    Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
    Created symlink /etc/systemd/system/mysql.service → /usr/lib/systemd/system/mariadb.service.
    Created symlink /etc/systemd/system/mysqld.service → /usr/lib/systemd/system/mariadb.service.
    Created symlink /etc/systemd/system/multi-user.target.wants/mariadb.service → /usr/lib/systemd/system/mariadb.service.
    Created symlink /etc/systemd/system/multi-user.target.wants/php-fpm.service → /usr/lib/systemd/system/php-fpm.service.
    Created symlink /etc/systemd/system/multi-user.target.wants/snmpd.service → /usr/lib/systemd/system/snmpd.service.

     

    Installing Cacti Monitoring Tool:

    Latest stable release of Cacti monitoring tool is available in EPEL (Extra Packages for Enterprise Linux) yum repository.

    Therefore, you need to enable EPEL yum repository to install your network monitoring software.

    # dnf install -y epel-release

    Build cache of newly installed yum repository.

    # dnf makecache
    Extra Packages for Enterprise Linux 9 - x86_64  611 kB/s |  12 MB     00:19
    Rocky Linux 9 - BaseOS                          1.0 kB/s | 3.6 kB     00:03
    Rocky Linux 9 - AppStream                       1.7 kB/s | 4.1 kB     00:02
    Rocky Linux 9 - Extras                          982  B/s | 2.9 kB     00:03
    Metadata cache created.

    Search for the cacti software by using dnf command.

    # dnf search cacti
    Last metadata expiration check: 0:00:15 ago on Wed 07 Dec 2022 10:56:39 PM CST.
    ========================= Name Exactly Matched: cacti ==========================
    cacti.noarch : An rrd based graphing tool
    ======================== Name & Summary Matched: cacti =========================
    cacti-spine.x86_64 : Threaded poller for Cacti written in C
    
    # dnf info cacti
    Last metadata expiration check: 0:00:22 ago on Wed 07 Dec 2022 10:56:39 PM CST.
    Available Packages
    Name         : cacti
    Version      : 1.2.22
    Release      : 1.el9
    Architecture : noarch
    Size         : 32 M
    Source       : cacti-1.2.22-1.el9.src.rpm
    Repository   : epel
    Summary      : An rrd based graphing tool
    URL          : https://www.cacti.net/
    License      : GPLv2+
    Description  : Cacti is a complete frontend to RRDTool. It stores all of the
                 : necessary information to create graphs and populate them with
                 : data in a MySQL database. The frontend is completely PHP
                 : driven.

    You can see that, Cacti 1.2.22 is the latest stable release and it is available in EPEL yum repository.

    # dnf install -y cacti

     

    Configure PHP Directives:

    Edit PHP configuration file by using vim text editor.

    # vi /etc/php.ini

    Locate and set following directives in this file.

    date.timezone = "Asia/Karachi"  ; Define timezone to avoid warnings on time/date functions
    file_uploads = On               ; Allow import of templates
    memory_limit = 512M             ; maximum amount of memory a PHP script can consume
    max_execution_time = 60         ; maximum execution time (in seconds) of a PHP script

     

    Configuring MariaDB Database Server:

    Configure your MariaDB database instance by executing mariadb-secure-installation command.

    # mariadb-secure-installation
    
    NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
          SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
    
    In order to log into MariaDB to secure it, we'll need the current
    password for the root user. If you've just installed MariaDB, and
    haven't set the root password yet, you should just press enter here.
    
    Enter current password for root (enter for none):
    OK, successfully used password, moving on...
    
    Setting the root password or using the unix_socket ensures that nobody
    can log into the MariaDB root user without the proper authorisation.
    
    You already have your root account protected, so you can safely answer 'n'.
    
    Switch to unix_socket authentication [Y/n] n
     ... skipping.
    
    You already have your root account protected, so you can safely answer 'n'.
    
    Change the root password? [Y/n] Y
    New password:
    Re-enter new password:
    Password updated successfully!
    Reloading privilege tables..
     ... Success!
    
    
    By default, a MariaDB installation has an anonymous user, allowing anyone
    to log into MariaDB without having to have a user account created for
    them.  This is intended only for testing, and to make the installation
    go a bit smoother.  You should remove them before moving into a
    production environment.
    
    Remove anonymous users? [Y/n] Y
     ... Success!
    
    Normally, root should only be allowed to connect from 'localhost'.  This
    ensures that someone cannot guess at the root password from the network.
    
    Disallow root login remotely? [Y/n] Y
     ... Success!
    
    By default, MariaDB comes with a database named 'test' that anyone can
    access.  This is also intended only for testing, and should be removed
    before moving into a production environment.
    
    Remove test database and access to it? [Y/n] Y
     - Dropping test database...
     ... Success!
     - Removing privileges on test database...
     ... Success!
    
    Reloading the privilege tables will ensure that all changes made so far
    will take effect immediately.
    
    Reload privilege tables now? [Y/n] Y
     ... Success!
    
    Cleaning up...
    
    All done!  If you've completed all of the above steps, your MariaDB
    installation should now be secure.
    
    Thanks for using MariaDB!

    Edit MariaDB configuration file by using vim text editor.

    # vi /etc/my.cnf.d/mariadb-server.cnf

    Add following directives under [mysqld] section.

    join_buffer_size=64M
    innodb_file_format=Barracuda
    innodb_buffer_pool_size=512M
    innodb_buffer_pool_instances=1
    innodb_flush_log_at_timeout=3
    innodb_read_io_threads=32
    innodb_write_io_threads=16
    innodb_io_capacity=5000
    innodb_io_capacity_max=10000
    innodb_large_prefix=1
    innodb_doublewrite=OFF
    character_set_client=utf8mb4
    character_set_server=utf8mb4
    collation_server=utf8mb4_unicode_ci
    max_heap_table_size=32M
    tmp_table_size=32M

    Restart MariaDB service to load modified settings.

    # systemctl restart mariadb

    By using mysql command, login to MariaDB database server as root user.

    # mysql -u root -p
    Enter password:
    Welcome to the MariaDB monitor.  Commands end with ; or \g.
    Your MariaDB connection id is 15
    Server version: 10.5.16-MariaDB MariaDB Server
    
    Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
    
    Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
    
    MariaDB [(none)]>

    Load time zone tables by executing the respective script, that was provided with MariaDB software.

    MariaDB [(none)]> use mysql
    Reading table information for completion of table and column names
    You can turn off this feature to get a quicker startup with -A
    
    Database changed
    MariaDB [mysql]> source /usr/share/mariadb/mysql_test_data_timezone.sql;
    Query OK, 6 rows affected (0.001 sec)
    Records: 6  Duplicates: 0  Warnings: 0
    
    Query OK, 5 rows affected (0.000 sec)
    Records: 5  Duplicates: 0  Warnings: 0
    
    Query OK, 393 rows affected (0.030 sec)
    Records: 393  Duplicates: 0  Warnings: 0
    
    Query OK, 31 rows affected (0.001 sec)
    Records: 31  Duplicates: 0  Warnings: 0
    
    Query OK, 22 rows affected (0.001 sec)
    Records: 22  Duplicates: 0  Warnings: 0

    Create a database and user for Cacti Server backend.

    MariaDB [mysql]> create database cactidb;
    Query OK, 1 row affected (0.034 sec)
    
    MariaDB [mysql]> grant all on cactidb.* to cacti@localhost identified by 'P@ssw0rd';
    Query OK, 0 rows affected (0.063 sec)
    
    MariaDB [mysql]> grant select on mysql.time_zone_name to cacti@localhost;
    Query OK, 0 rows affected (0.001 sec)
    
    MariaDB [mysql]> flush privileges;
    Query OK, 0 rows affected (0.001 sec)
    
    MariaDB [mysql]> exit
    Bye

    Locate the cacti.sql. The file is installed with the network monitoring software to create the required objects in Cacti backend database.

    # rpm -ql cacti | grep cacti.sql
    /usr/share/doc/cacti/cacti.sql

    Execute SQL script to create data objects in cactidb database.

    # mysql -u root -p cactidb < /usr/share/doc/cacti/cacti.sql
    Enter password:

    Edit config.php file by using vim text editor to define database credentials.

    # vi /usr/share/cacti/include/config.php

    Set following directives in this file.

    $database_default  = 'cactidb';
    $database_username = 'cacti';
    $database_password = 'P@ssw0rd';

     

    Configure Apache Web Server:

    Cacti installer also added a configuration file for Apache web server.

    Edit it with the help of vim text editor.

    # vi /etc/httpd/conf.d/cacti.conf

    Find 'Require host localhost' and replace it with 'Require all granted'.

    Similarly, find 'Allow from Localhost' and replace it with 'Allow from 192.168.116.0/24'

    Restart Apache and PHP services to apply changes.

    # systemctl restart httpd.service php-fpm.service

     

    Set Directory Permissions:

    Cacti requires WRITE permissions on /usr/share/cacti/log/ directory.

    Execute following set of commands to make this directory writable by Apache processes.

    # chown -R apache.apache /usr/share/cacti/log/
    # semanage fcontext -m -t httpd_sys_rw_content_t "/var/log/cacti(/.*)?"
    # restorecon -R /var/log/cacti

     

    Enable Poller Cron Job:

    Cacti software adds a cron job during installation.

    This cron job executes Cacti Poller after every 5 minutes.

    But initially this cron job is comment out.

    Therefore, edit this cron job using vim text editor.

    # vi /etc/cron.d/cacti

    There is only one line in this file. Remove the '#' to uncomment it.

    */5 * * * *     apache  /usr/bin/php /usr/share/cacti/poller.php > /dev/null 2>&

     

    Configure Linux Firewall:

    Allow Apache web service in Linux firewall, to make Cacti server accessible across the network.

    # firewall-cmd --permanent --add-service=http
    success
    
    # firewall-cmd --reload
    success

     

    Starting Cacti Server Web Setup:

    Open URL http://cacti-01.centlinux.com/cacti in a web browser to start Cacti web setup.

    01-login-to-cacti-server

    Login by using Cacti default username/password i.e. admin/admin

    02-change-cacti-password

    Since, you are login to Cacti web interface for the first time, therefore, you are required to change the default password of admin user.

    03-cacti-license-agreement

    Read and accept the License Agreement of Cacti network monitoring software.

    04-cacti-pre-installation-check

    The web setup performs pre-installation checks and will inform you about if there is any failure.

    If you have followed the installation steps in this article correctly, then you won't found any warning on this page.

    05-cacti-installation-type-database-connection

    Choose your preferred installation type. Since, this is your first Cacti server therefore, you should select "New Primary Server".

    06-cacti-directory-permission-check

    If you have set the file permissions correctly, then there won't be any warnings.

    07-cacti-critical-binary-location-and-versions

    Setup is checking for required binaries, their locations and required versions.

    08-input-validation-whitelist-protection

    Setup will inform you about a security concern and how to handle it. Accept it and continue.

    09-cacti-default-profile-automation-network

    Adjust your default profile and continue.

    10-cacti-server-template-setup

    Select the required device templates and continue.

    11-cacti-server-database-collation

    Setup is checking the MariaDB server and database collation along with the Table setup.

    Select all tables that required conversion and continue.

    12-cacti-confirm-installation

    If your configurations are correct, then the setup displays this page to confirm installation of your network monitoring tool.

    13-cacti-installation-progress
    14-cacti-installation-completed

    Cacti network monitoring server has been installed on Rocky Linux 9.

    15-cacti-server-dashboard

    After successful installation, you will reached at the Cacti Dashboard.

     

    Conclusion:

    You have successfully installed and configured Cacti network monitoring software on Rocky Linux 9. Before you begin using the Cacti network monitoring server, we recommend that you should read Cacti Beginner's Guide - Second Edition by Packt Publishing. It will be really helpful to understand the Cacti web interface and it's usage.

    If you find this article useful? Consider supporting us by Buy Me A Coffee


    No comments:

    Post a Comment

    © 2022 CentLinux. All Rights Reserved.