Linux
LibreNMS 安裝教程

LibreNMS 安裝教程

今天在這篇文章中,我將談論 LibreNms,一個開源網絡監控工具。在這裡,我將解釋什麼是 LibreNms 以及如何安裝它。

什麼是 LibreNMS?
LibreNms 是一個類似於 cacti、Nagios 的網絡監控工具。它是在 GPLv3 下發布的免費開源工具。此外,這是非常用戶友好的,這就是為什麼任何人都可以輕鬆理解和使用 LibreNms。

簡單地說,LibreNms 工作並支持 SNMP、LLDP、OSPF、ARP、CDP、BGP 和 FDP 等協議來自動發現網絡。您還可以使用 LibreNms 來監控許多網絡硬件(例如 Cisco、Juniper、Foundry、FreeBSD、Brocade)甚至操作系統,例如 Windows、Linux 和 FreeBSD。

由於 LibreNms 的功能包括可定制的警報、API 訪問和移動應用程序(Android 和 iOS)。

安裝 LibreNMS

Ubuntu 20.04.3 更新

sudo apt update
sudo apt upgrade

接下來,我們將安裝必需的軟件包。這將為 LibreNms 安裝所需的軟件包,例如 apache、MariaDB-server 和 python。所以我們不需要分別安裝apache和MariaDB。

sudo apt install software-properties-common
sudo add-apt-repository universe
sudo apt update
sudo apt install acl curl apache2 composer fping git graphviz imagemagick libapache2-mod-fcgid mariadb-client mariadb-server mtr-tiny nmap php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-json php7.4-mbstring php7.4-mysql php7.4-snmp php7.4-xml php7.4-zip rrdtool snmp snmpd whois python3-pymysql python3-dotenv python3-redis python3-setuptools

默認情況下,MariaDB 的 root 用戶不會收到密碼。現在讓我們輸入密碼並進行其他基本配置。

sudo mysql_secure_installation

鍵入此內容並按 Enter 後,將出現如下所示的列表。您可以根據需要將其更改為 Y 或 N。
 在這裡,我對一切都給予 Yes (Y)。

  1.  為 root 用戶輸入一個好的密碼。
  2. 刪除匿名用戶。
  3. 禁止遠程 root 日誌。
  4. 刪除測試數據庫。
  5. 重新加載權限表。
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

接下來,我們添加 librenms 用戶。

sudo useradd librenms -d /opt/librenms -M -r -s "$(which bash)"

現在轉到 /opt 位置,然後下載 LibreNMS。

cd /opt
sudo git clone https://github.com/librenms/librenms.git

接下來,您需要將 /opt/librenms 目錄中的權限授予 librenms 用戶。

sudo chown -R librenms:librenms /opt/librenms
sudo chmod 771 /opt/librenms
sudo setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
sudo setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/

接下來,我們應該登錄到 librenms 用戶並安裝 PHP 依賴項。

sudo su - librenms
./scripts/composer_wrapper.php install --no-dev
exit

如果您使用代理,它可能無法像前面提到的那樣工作。那時你應該手動安裝 composer 包。

sudo wget https://getcomposer.org/composer-stable.phar
sudo mv composer-stable.phar /usr/bin/composer
sudo chmod +x /usr/bin/composer

接下來,您應該創建一個時區。首先,轉到此鏈接(https://php.net/manual/en/timezones.php)並檢查匹配的時區(例如 -:“America / New_York”、“Australia / Brisbane”、“Etc / UTC”) . 現在把它放在底部 php.ini 文件中的 date.timezone 前面。正確使用時區非常重要,因為諸如係統警報之類的事情需要準確的時間。

sudo nano /etc/php/7.4/fpm/php.ini
sudo nano /etc/php/7.4/cli/php.ini

兩個檔案中可搜尋 date 找到,記得把行手分號刪除,Ctrl+W=搜尋,Ctrl+X=存檔退出。

date.timezone = Asia/Taipei

設定系統時區

sudo timedatectl set-timezone Asia/Taipei

現在您需要配置 MariaDB 並創建一個數據庫。
要配置 MariaDB,您應該登錄到 50-server.conf 文件。

sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf

然後在 [mysqld]次行添加下列語法。

innodb_file_per_table=1
lower_case_table_names=0

其中bind-address是數據庫地址“127.0.0.1”。那是因為這個 VPS 在這裡有相同的數據庫。如果您使用單獨的數據庫服務器,請在那裡添加服務器 IP 地址。

現在你應該重新啟動數據庫

sudo systemctl enable mariadb
sudo systemctl restart mariadb

接下來,我們通過提供 root 使用之前給出的密碼登錄到數據庫。

sudo mysql -u root

接下來,您應該創建一個數據庫。在第二行尾“Password”請自定義密碼並妥善記住密碼。

CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'librenms'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
FLUSH PRIVILEGES;
exit

接下來,您需要配置 PHP-FPM(FastCGI 進程管理器)。
這裡我們首先需要創建 librenms.conf 文件。

sudo cp /etc/php/7.4/fpm/pool.d/www.conf /etc/php/7.4/fpm/pool.d/librenms.conf
sudo nano /etc/php/7.4/fpm/pool.d/librenms.conf

請將[www]改成 [librenms]

[librenms]

將下列兩行也一併修改

user = librenms 
group = librenms

請修改listen的值

listen = /run/php-fpm-librenms.sock

; Start a new pool named 'www'.
; the variable $pool can be used in any directive and will be replaced by the
; pool name ('www' here)
[librenms]

; Per pool prefix
; It only applies on the following directives:
; - 'access.log'
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
; - 'chdir'
; - 'php_values'
; - 'php_admin_values'
; When not set, the global prefix (or /usr) applies instead.
; Note: This directive can also be relative to the global prefix.
; Default Value: none
;prefix = /path/to/pools/$pool

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
;       will be used.
user = librenms
group = librenms

; The address on which to accept FastCGI requests.
; Valid syntaxes are:
;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 addre>
;                            a specific port;
;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 addre>
;                            a specific port;
;   'port'                 - to listen on a TCP socket to all addresses
;                            (IPv6 and IPv4-mapped) on a specific port;
;   '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /run/php-fpm-librenms.sock

接下來,我們需要配置網絡服務器。我首先安裝了 Apache Web Server,因此我對其進行了配置。

首先,您應該創建 librenms.conf 文件。

sudo nano /etc/apache2/sites-available/librenms.conf

讓我們配置那個文件。如果你想要服務器名稱,你可以知道服務器的名稱。

<VirtualHost *:80> 
   DocumentRoot /opt/librenms/html/ 
   ServerName librenms.example.com

   AllowEncodedSlashes NoDecode
   <Directory "/opt/librenms/html/">
     Require all granted 
     AllowOverride All
     Options FollowSymLinks MultiViews
   </Directory>

  # Enable http authorization headers
  <IfModule setenvif_module>
    SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
  </IfModule>

  <FilesMatch ".+\.php$">
    SetHandler "proxy:unix:/run/php-fpm-librenms.sock|fcgi://localhost"
  </FilesMatch>
</VirtualHost>

接下來,禁用默認站點並啟用 librenms 站點。然後重新啟動 Apache Web 服務器。

sudo a2dissite 000-default
sudo a2enmod proxy_fcgi setenvif rewrite
sudo a2ensite librenms.conf
sudo systemctl restart apache2
sudo systemctl restart php7.4-fpm

接下來,讓我們啟用命令完成的行。

這使您可以像鍵入 Linux 命令時的普通選項卡一樣完成行命令類型。

sudo ln -s /opt/librenms/lnms /usr/bin/lnms
sudo cp /opt/librenms/misc/lnms-completion.bash /etc/bash_completion.d/

接下來,讓我們配置 SNMP。這將在此安裝的 VPS 上啟用 SNMP。

sudo cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf
sudo nano /etc/snmp/snmpd.conf

編輯顯示RANDOMSTRINGGOESHERE 並設置您自己的社區字符串的文本 ,追加紫色值並修改系統位置與技術聯絡人電子郵件

  GNU nano 4.8                  /etc/snmp/snmpd.conf
# Change RANDOMSTRINGGOESHERE to your preferred SNMP community string
com2sec readonly  default         RANDOMSTRINGGOESHERE

group MyROGroup v2c        readonly
view all    included  .1                               80
access MyROGroup ""      any       noauth    exact  all    none   none

rocommunity public
syslocation Rack, Room, Building, City, Country [Lat, Lon]
syscontact Your Name <your@email.address>

#OS Distribution Detection
extend distro /usr/bin/distro

#Hardware Detection
# (uncomment for x86 platforms)
#extend manufacturer '/bin/cat /sys/devices/virtual/dmi/id/sys_vendor'
#extend hardware '/bin/cat /sys/devices/virtual/dmi/id/product_name'
#extend serial '/bin/cat /sys/devices/virtual/dmi/id/product_serial'

# (uncomment for ARM platforms)
#extend hardware '/bin/cat /sys/firmware/devicetree/base/model'
#extend serial '/bin/cat /sys/firmware/devicetree/base/serial-number'

下載 libreNMS 用來偵測作業系統的腳本,然後重啟 snmpd

sudo curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
sudo chmod +x /usr/bin/distro
sudo systemctl enable snmpd
sudo systemctl restart snmpd

可以利用指令測試 snmpd 是否正常運作

sudo snmpwalk -v 2c -c public 127.0.0.1

設定定時維護 cronjob

sudo cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms

設定清除舊紀錄檔 logrotate,會減少 log 使用的空間

sudo cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms

檢查各項配置

sudo su - librenms
./validate.php

首次Web安裝程序,請用瀏覽器進入後點擊下方藍色圓紐

輸入librenms密碼,其他設定不需更動

點擊 Build Database

點擊下圖藍色圓紐Key

自定義Admin密碼與郵件聯絡人後點擊Add User,隨後打勾。

點擊 validate your install,輸入剛自定義的帳密登入系統

可以無視Configuration警告,之後添加設備後即會消除

修正資料庫日期與時間

修正系統錯誤

sudo cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms

修正Config.php權限

sudo chown librenms:librenms /opt/librenms/config.php
Tags :

發佈留言