■前提条件
- CentOS7のインストールが完了している
- ネットワーク設定が完了している
■導入するもの
- mysql-5.7 <= 5.6以下だとcacti1.1に怒られる
- cacti-1.1
##■やること
■mariadbの削除
# rpm -qa | grep maria
コマンドライン
[root@localhost ~]# rpm -qa | grep maria
mariadb-libs-5.5.52-1.el7.x86_64
[root@localhost ~]#
# yum -y remove mariadb-libs
コマンドライン
[root@localhost ~]# yum -y remove mariadb-libs
~ 長いので割愛 ~
完了しました!
■mysql5.7用リポジトリ追加
# yum -y localinstall http://dev.mysql.com/get/mysql57-community-release-el7-7.noarch.rpm
コマンドライン
[root@localhost ~]# yum -y localinstall http://dev.mysql.com/get/mysql57-community-release-el7-7.noarch.rpm
~ 長いので割愛 ~
完了しました!
■必要なパッケージのインストール
# yum -y install httpd php net-snmp mysql-community-server rrdtool
コマンドライン
yum -y install httpd php net-snmp mysql-community-server rrdtool
~ 長いので割愛 ~
完了しました!
[root@localhost ~]#
■mysql起動
# systemctl start mysqld
# systemctl status mysqld
コマンドライン
[root@localhost ~]# systemctl start mysqld
[root@localhost ~]#
[root@localhost ~]# systemctl status mysqld
● mysqld.service - MySQL Server
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
Active: active (running) since 木 2017-10-12 15:36:24 JST; 1s ago
Docs: man:mysqld(8)
http://dev.mysql.com/doc/refman/en/using-systemd.html
Process: 10751 ExecStart=/usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid $MYSQLD_OPTS (code=exited, status=0/SUCCESS)
Process: 10677 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)
Main PID: 10753 (mysqld)
CGroup: /system.slice/mysqld.service
mq10753 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
10月 12 15:36:19 localhost.localdomain systemd[1]: Starting MySQL Server...
10月 12 15:36:24 localhost.localdomain systemd[1]: Started MySQL Server.
[root@localhost ~]#
■cacti用リポジトリ追加
# yum -y localinstall http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-10.noarch.rpm
コマンドライン
[root@localhost ~]# yum -y localinstall http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-10.noarch.rpm
~ 長いので割愛 ~
完了しました!
[root@localhost ~]#
■cacti1.1のインストール
# yum -y install cacti
コマンドライン
[root@localhost ~]# yum -y install cacti
~ 長いので割愛 ~
完了しました!
[root@localhost ~]#
■mysql初期パスワード確認
# grep password /var/log/mysqld.log
末尾12桁が初期パスワード
コマンドライン
[root@localhost ~]# grep password /var/log/mysqld.log
2017-10-12T06:36:21.124489Z 1 [Note] A temporary password is generated for root@localhost: XXXXXXXXXXXX
[root@localhost ~]#
■mysql初期設定
# /usr/bin/mysql_secure_installation
入力する項目
- Enter password for user root: ← 初期パスワードを入力
- New password: ← 新しいパスワードを入力(ポリシーに違反すると突き返される)
- Re-enter new password: ← 新しいパスワードを再入力
- Change the password for root ? ((Press y|Y for Yes, any other key for No) : n
- Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
- Disallow root login remotely? (Press y|Y for Yes, any other key for No) : n
- Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
- Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
コマンドライン
[root@localhost ~]# /usr/bin/mysql_secure_installation
Securing the MySQL server deployment.
Enter password for user root: XXXX
The existing password for the user account root has expired. Please set a new password.
New password: XXXX
Re-enter new password: XXXX
The 'validate_password' plugin is installed on the server.
The subsequent steps will run with the existing configuration
of the plugin.
Using existing password for root.
Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) : n
... skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : n
... skipping.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.
All done!
[root@localhost ~]#
■cactiパラメータ修正
# vi /etc/httpd/conf.d/cacti.conf
17行目をコメントアウト
18行名に以下の内容を追記
Require all granted
/etc/httpd/conf.d/cacti.conf
[root@localhost ~]# cat /etc/httpd/conf.d/cacti.conf
#
# Cacti: An rrd based graphing tool
#
# For security reasons, the Cacti web interface is accessible only to
# localhost in the default configuration. If you want to allow other clients
# to access your Cacti installation, change the httpd ACLs below.
# For example:
# On httpd 2.4, change "Require host localhost" to "Require all granted".
# On httpd 2.2, change "Allow from localhost" to "Allow from all".
Alias /cacti /usr/share/cacti
<Directory /usr/share/cacti/>
<IfModule mod_authz_core.c>
# httpd 2.4
# Require host localhost
Require all granted
</IfModule>
~ 長いので割愛 ~
</Directory>
[root@localhost ~]#
■mysqlタイムゾーン設定
# mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql
Warningは無視してOK
コマンドライン
[root@localhost ~]# mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql
Enter password:
Warning: Unable to load '/usr/share/zoneinfo/iso3166.tab' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/zone.tab' as time zone. Skipping it.
[root@localhost ~]#
# vi /etc/my.cnf
最下行の以下の内容を追記
設定しておかないとcactiに怒られる
default-time-zone = Asia/Tokyo
max_heap_table_size = 48M
max_allowed_packet = 16777216
tmp_table_size = 64M
join_buffer_size = 64M
innodb_buffer_pool_size = 238M
innodb_doublewrite = OFF
innodb_flush_log_at_timeout = 3
innodb_read_io_threads = 32
innodb_write_io_threads = 16
/etc/my.cnf
[root@localhost ~]# cat /etc/my.cnf
# For advice on how to change settings please see
# http://dev.mysql.com/doc/refman/5.7/en/server-configuration-defaults.html
[mysqld]
#
# Remove leading # and set to the amount of RAM for the most important data
# cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%.
# innodb_buffer_pool_size = 128M
#
# Remove leading # to turn on a very important data integrity option: logging
# changes to the binary log between backups.
# log_bin
#
# Remove leading # to set options mainly useful for reporting servers.
# The server defaults are faster for transactions and fast SELECTs.
# Adjust sizes as needed, experiment to find the optimal values.
# join_buffer_size = 128M
# sort_buffer_size = 2M
# read_rnd_buffer_size = 2M
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
default-time-zone = Asia/Tokyo
max_heap_table_size = 48M
max_allowed_packet = 16777216
tmp_table_size = 64M
join_buffer_size = 64M
innodb_buffer_pool_size = 238M
innodb_doublewrite = OFF
innodb_flush_log_at_timeout = 3
innodb_read_io_threads = 32
innodb_write_io_threads = 16
[root@localhost ~]#
■mysql再起動
# systemctl restart mysqld
# systemctl status mysqld
コマンドライン
[root@localhost ~]# systemctl restart mysqld
[root@localhost ~]#
[root@localhost ~]# systemctl status mysqld
● mysqld.service - MySQL Server
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
Active: active (running) since 木 2017-10-12 15:39:59 JST; 12s ago
Docs: man:mysqld(8)
http://dev.mysql.com/doc/refman/en/using-systemd.html
Process: 10880 ExecStart=/usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid $MYSQLD_OPTS (code=exited, status=0/SUCCESS)
Process: 10862 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)
Main PID: 10883 (mysqld)
CGroup: /system.slice/mysqld.service
mq10883 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
10月 12 15:39:59 localhost.localdomain systemd[1]: Starting MySQL Server...
10月 12 15:39:59 localhost.localdomain systemd[1]: Started MySQL Server.
[root@localhost ~]#
■テーブル参照権限付与
# mysql -u root -p
# show variables like '%time_zone%';
# grant select on mysql.time_zone_name to 'cactiuser'@'localhost' identified by '[任意のパスワード]';
コマンドライン
[root@localhost ~]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.19 MySQL Community Server (GPL)
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show variables like '%time_zone%';
+------------------+------------+
| Variable_name | Value |
+------------------+------------+
| system_time_zone | JST |
| time_zone | Asia/Tokyo |
+------------------+------------+
2 rows in set (0.00 sec)
mysql> grant select on mysql.time_zone_name to 'cactiuser'@'localhost' identified by 'XXXX';
Query OK, 0 rows affected, 1 warning (0.00 sec)
■cacti用データベース&ユーザ作成
mysql> create database cacti;
mysql> GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'XXXX';
mysql> FLUSH privileges;
mysql> quit
# mysql -u cactiuser -p cacti < /usr/share/doc/cacti-1.1.24/cacti.sql
コマンドライン
mysql> create database cacti;
Query OK, 1 row affected (0.00 sec)
mysql> GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'P@ssw0rd';
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> FLUSH privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> quit
Bye
[root@localhost ~]#
[root@localhost ~]# mysql -u cactiuser -p cacti < /usr/share/doc/cacti-1.1.24/cacti.sql
Enter password:
[root@localhost ~]#
■ディレクトリ権限付与
# chmod -R 777 /usr/share/cacti/plugins
# chmod -R 777 /usr/share/cacti/log
# chmod -R 777 /usr/share/cacti/rra
コマンドライン
[root@localhost ~]# chmod -R 777 /usr/share/cacti/plugins
[root@localhost ~]# chmod -R 777 /usr/share/cacti/log
[root@localhost ~]# chmod -R 777 /usr/share/cacti/rra
[root@localhost ~]#
■php時刻設定
# vi /etc/php.ini
879行目に以下の内容を追記
date.timezone = 'Asia/Tokyo'
/etc/php.ini
;;;;;;;;;;;;;;;;;;;
; Module Settings ;
;;;;;;;;;;;;;;;;;;;
[CLI Server]
; Whether the CLI web server uses ANSI color coding in its terminal output.
cli_server.color = On
[Date]
; Defines the default timezone used by the date functions
; http://php.net/date.timezone
;date.timezone =
date.timezone = 'Asia/Tokyo'
; http://php.net/date.default-latitude
;date.default_latitude = 31.7667
; http://php.net/date.default-longitude
;date.default_longitude = 35.2333
; http://php.net/date.sunrise-zenith
;date.sunrise_zenith = 90.583333
~ 長いので割愛 ~
■cactiユーザ情報変更
# vi /etc/cacti/db.php
31行目を以下の内容に変更
$database_password = '[cactiuserのパスワード]';
/etc/cacti/db.php
<?php
/*
+-------------------------------------------------------------------------+
| Copyright (C) 2004-2017 The Cacti Group |
| |
| This program is free software; you can redistribute it and/or |
| modify it under the terms of the GNU General Public License |
| as published by the Free Software Foundation; either version 2 |
| of the License, or (at your option) any later version. |
| |
| This program is distributed in the hope that it will be useful, |
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| GNU General Public License for more details. |
+-------------------------------------------------------------------------+
| Cacti: The Complete RRDTool-based Graphing Solution |
+-------------------------------------------------------------------------+
| This code is designed, written, and maintained by the Cacti Group. See |
| about.php and/or the AUTHORS file for specific developer information. |
+-------------------------------------------------------------------------+
| http://www.cacti.net/ |
+-------------------------------------------------------------------------+
*/
/* make sure these values reflect your actual database/host/user/password */
$database_type = 'mysql';
$database_default = 'cacti';
$database_hostname = 'localhost';
$database_username = 'cactiuser';
$database_password = 'XXXX';
$database_port = '3306';
$database_ssl = false;
~ 長いので割愛 ~
■cron設定
# vi /etc/cron.d/cacti
コメントアウトを削除
/etc/cron.d/cacti
*/5 * * * * cacti /usr/bin/php /usr/share/cacti/poller.php > /dev/null 2>&1
■ファイアウォール設定
# firewall-cmd --add-service=http --permanent
# firewall-cmd --reload
コマンドライン
[root@localhost ~]# firewall-cmd --add-service=http --permanent
success
[root@localhost ~]# firewall-cmd --reload
success
[root@localhost ~]#
■Mysql再起動
# systemctl restart mysqld
■色々起動
# systemctl start chronyd
# systemctl start snmpd
# systemctl start httpd
■色々自動起動設定
# systemctl enable httpd
# systemctl enable mysqld
# systemctl enable snmpd
■秘儀
su -s /bin/bash cacti
/usr/bin/php /usr/share/cacti/poller.php