1. Software Installation
1.1 Update System
yum -y install wget vim-enhanced
mkdir /etc/yum.repos.d/backup
mv /etc/yum.repos.d/{*.repo,backup}
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.163.com/.help/CentOS7-Base-163.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
rm -rf /var/cache/yum
rm -rf /var/cache/man
yum makecache
yum update1.2 Install packages required for the Cacti deployment environment
1.2.1 Add the MariaDB YUM repository and execute the following script
echo '# MariaDB 10.2 CentOS repository list - created 2017-07-03 06:59 UTC #http://downloads.mariadb.org/mariadb/repositories/ [mariadb] name = MariaDB baseurl = https://ipv4.mirrors.ustc.edu.cn/mariadb/yum/10.2/centos7-amd64 gpgkey=https://ipv4.mirrors.ustc.edu.cn/mariadb/yum/RPM-GPG-KEY-MariaDB gpgcheck=1 '>/etc/yum.repos.d/Mariadb.repo
1.2.2 Installation Software Environment
yum install -y httpd mariadb mariadb-server mariadb-devel net-snmp net-snmp-utils net-snmp-libs net-snmp-agent-libs net-snmp-devel php php-snmp php-ldap php-pdo php-mysql php-devel php-pear php-common php-gd php-mbstring php-xml php-process rrdtool rrdtool-php rrdtool-perl rrdtool-devel gcc openssl-devel dos2unix autoconf automake binutils libtool cpp postfix glibc-headers kernel-headers glibc-devel gd gd-devel help2man ntpdate wget patch
2. Environment Configuration
2.1 Configure PHP
Modify PHP Main Profile/etc/php.ini
Turn off security mode to support rrdtool and allow exec() access
[PHP] safe_mode = Off
timezone
[Date] date.timezone = Asia/Shanghai
2.2 Configuring Web Server Apache httpd
Edit the/etc/httpd/conf.d/php.conf configuration file to ensure that it contains
# PHP is an HTML-embedded scripting language which attempts to make it # easy for developers to write dynamically generated webpages. LoadModule php5_module modules/libphp5.so # # Cause the PHP interpreter to handle files with a .php extension. AddHandler php5-script .php
2.3 Configuration Database MariaDB
For security reasons, set the database root user password
systemctl start mariadb mysqladmin -uroot password xxx123
Import time zone data to mysql database
mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -uroot mysql -p
Modify the / etc/my.cnf.d/server.cnf file to ensure it contains
[mysqld] character_set_server = utf8mb4 collation_server = utf8mb4_unicode_ci character_set_client = utf8mb4 max_connections = 100 max_heap_table_size = 4096M max_allowed_packet = 16777216 join_buffer_size = 64M tmp_table_size = 64M innodb_file_per_table = ON innodb_buffer_pool_size = 25600M innodb_doublewrite = OFF innodb_lock_wait_timeout = 50 innodb_flush_log_at_timeout = 3 innodb_read_io_threads = 32 innodb_write_io_threads = 16
2.4 Configure SNMP
Configure net-snmp-agent, modify configuration file/etc/snmp/snmpd.conf
Will be 41 lines
com2sec notConfigUser default public
Change to
com2sec notConfigUser 127.0.0.1 public
Will be 62 lines
access notConfigGroup "" any noauth exact systemview none none
Change to
access notConfigGroup "" any noauth exact all none none
Will be 85 lines
#view all included .1 80
Change to
view all included .1 80
3. Install Configuration Cacti
3.1 Download the unzipped Cacti installation package
useradd -r -M cacti cd /var/www/html/ wget https://github.com/Cacti/cacti/archive/release/1.1.38.tar.gz tar -zxvf 1.1.38.tar.gz cp -R cacti-release-1.1.38/ /var/www/html/cacti cd /var/www/html/cacti
3.2 Create a cacti database, create a cactiuser, and set authorizations
mysql -u root -p CREATE database cacti default character set utf8; create user 'cacti'@'localhost' identified by 'xxx3'; grant all privileges on cacti.* to cacti@localhost; grant select on mysql.time_zone_name to 'cacti'@'localhost' identified by 'xxx3'; flush privileges;
3.3 Import Cacti Default Database
use cacti; source /var/www/html/cacti/cacti.sql; flush privileges; quit
3.4 Edit/var/www/html/cacti/include/config.php
$database_type = "mysql"; $database_default = "cacti"; $database_hostname = "localhost"; $database_username = "cacti"; $database_password = "xxx3" /* load up old style plugins here */ $plugins = array(); //$plugins[] = 'thold';
3.5 Create a cacti system user and set graph/log directory permissions
chown -R apache.apache /var/www/html/
chown -R cacti /var/www/html/
chown -R apache.apache /var/www/html/cacti/
chown -R cacti /var/www/html/cacti/{rra,log}/
chmod -R 777 /var/www/html/cacti/{rra,log}/3.6 Add Timed Tasks
crontab -e */1 * * * * /usr/bin/php /var/www/html/cacti/poller.php > /dev/null 2>&1
4. Configure the firewall
4.1 Configure firewalld firewall
firewall-cmd --permanent --add-port=3306/tcp firewall-cmd --permanent --add-service=http firewall-cmd --permanent --add-port=161/udp firewall-cmd --permanent --add-port=162/udp firewall-cmd --reload
4.2 Close selinux
setenforce 0 sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
5. Install spine
5.1 Download the Spine source installation package with the same version number as Acti
cd /usr/local/src wget http://www.cacti.net/downloads/spine/cacti-spine-1.1.38.tar.gz tar xf cacti-spine-1.1.38.tar.gz
5.2 Source Compilation Installation spine
ln -s /usr/lib64/libmysqlclient.so.18.0.0 /usr/lib64/libmysqlclient.so ntpdate ntp.sjtu.edu.cn cd cacti-spine-1.1.38 ./configure && make && make install
5.3 Copy Modify Profile
cp /usr/local/spine/etc/spine.conf.dist /etc/spine.conf vim /etc/spine.conf DB_Host localhost DB_Database cacti DB_User cacti DB_Pass xxx3 DB_Port 3306 RDB_Host localhost RDB_Database cacti RDB_User cacti RDB_Pass xxx3 RDB_Port 3306
5.4 Test
/usr/local/spine/bin/spine
The following results will appear
SPINE: Using spine config file [/etc/spine.conf]
SPINE: Version 1.1.38 starting
SPINE: Time: 0.0429 s, Threads: 5, Devices: 0
6. Set up restart, power on and start related services
systemctl restart httpd systemctl restart mariadb systemctl restart crond systemctl restart snmpd systemctl enable httpd systemctl enable mariadb systemctl enable crond systemctl enable snmpd
7. Log on to Cacti WEB page to modify Cacti configuration
Console -> Settings -> Paths -> Fill the profile path/usr/local/spine/bin/spine in the Spring Binary File Location text box, Fill the profile path/usr/local/spine/etc/spine.conf in the Spring Config File Path box, and click Save.
Console -> Settings -> Poller -> Select spine in the Poller Type drop-down box and click Save.
8. Special Tips
After adding devices and graphics, you need to rebuild the collector cache.
Console -> System Tools -> Rebuild Poller Cache
Attachment:
For example, the cacti platform requires changing the default port number (for example, 10010) and whitelist restrictions (for example, only IP address 123.123.123 is allowed to log in). The relevant settings are as follows
1. Change port number
vim /etc/httpd/conf/httpd.conf
Modify Listen:80 to Listen:10010 under line 137 and save to exit.
2. Firewall Release Port 10010
vim /etc/sysconfig/iptables
Add Firewall Rules
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
Restart Firewall Service
service iptables restart
3. Whitelist Access Restrictions
vim /etc/httpd/conf/httpd.conf
Under line 318, add the following in <Directory'/var/www/html'> and save to exit
Order allow,deny
Allow from 123.123.123.123
Restart httpd service
service httpd restart