LibreNMS - Zana Iliyoangaziwa Kabisa ya Kufuatilia Mtandao kwa ajili ya Linux
LibreNMS ni chanzo huria, chenye nguvu na chenye vipengele vingi vya kugundua kiotomatiki mfumo wa ufuatiliaji wa mtandao wa PHP unaotumia itifaki ya SNMP. Inasaidia anuwai ya mifumo ya uendeshaji ikijumuisha Linux, FreeBSD, na vifaa vya mtandao ikijumuisha Cisco, Juniper, Brocade, Foundry, HP na mengine mengi.
- Inagundua mtandao mzima kiotomatiki kwa kutumia itifaki hizi: CDP, FDP, LLDP, OSPF, BGP, SNMP na ARP.
- Ina Kiolesura cha Wavuti cha rununu, kilicho na dashibodi zinazoweza kugeuzwa kukufaa.
- Inasaidia wakala wa Unix.
- Huruhusu kuongeza mlalo ili kupanua na mtandao wako.
- Hutumia mfumo wa arifa unaonyumbulika sana na unaoweza kugeuzwa kukufaa; hutuma arifa kupitia barua pepe, irc, slack na zaidi.
- Hutumia API ya kudhibiti, kuchora na kurejesha data kutoka kwa mfumo wako.
- Inatoa mfumo wa utozaji wa trafiki.
- Pia inaauni programu za Android na iOS ambazo hutoa utendaji wa kimsingi.
- Inasaidia ujumuishaji na NfSen, iliyokusanywa, SmokePing, RANCID na Iliyooksidishwa.
- Inaauni mbinu nyingi za uthibitishaji kama vile MySQL, HTTP, LDAP, Radius na Saraka Inayotumika.
- Huruhusu kusasisha kiotomatiki na vipengele vingine vingi.
Onyesho la mtandaoni linapatikana ili ujaribu kabla ya kusakinisha LibreNMS kwenye mifumo ya Linux.
Demo URL: https://demo.librenms.org/ Username: demo Password: demo
- Ubuntu 16.04 iliyo na LEMP Stack
- CentOS 7 iliyo na Rafu ya LEMP
Katika somo hili tutajifunza jinsi ya kusakinisha Zana ya Ufuatiliaji ya Mtandao ya LibreNMS kwenye Ubuntu au CentOS Linux iliyosakinishwa upya (maagizo sawa pia yanafanya kazi kwenye usambazaji wa Debian na RHEL).
KUMBUKA: Maagizo haya yote kwenye kifungu hiki yanapaswa kuendeshwa kama mtumiaji wa mizizi, ikiwa sio, tumia amri ya sudo kupata haki za mtumiaji wa mizizi.
Hatua ya 1: Sakinisha Vifurushi Vinavyohitajika
1. Kwanza anza kwa kusakinisha vifurushi vyote vinavyohitajika kwa kutumia kidhibiti chaguo-msingi cha kifurushi kama inavyoonyeshwa.
$ sudo apt install composer fping git graphviz imagemagick mariadb-client mariadb-server mtr-tiny nginx-full nmap php7.0-cli php7.0-curl php7.0-fpm php7.0-gd php7.0-mcrypt php7.0-mysql php7.0-snmp php7.0-xml php7.0-zip python-memcache python-mysqldb rrdtool snmp snmpd whois
# yum install epel-release # rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm # yum install composer cronie fping git ImageMagick jwhois mariadb mariadb-server mtr MySQL-python net-snmp net-snmp-utils nginx nmap php72w php72w-cli php72w-common php72w-curl php72w-fpm php72w-gd php72w-mysql php72w-process php72w-snmp php72w-xml php72w-zip python-memcached rrdtool
2. Mara tu vifurushi vyote vitakaposakinishwa, huduma za nginx, php-fpm, mariadb na snmp zitaanzishwa na kuwezeshwa kuanza kiotomatiki wakati wa kuwasha (hii ni kawaida kwa Ubuntu), vinginevyo, unaweza kuendesha amri hapa chini ili kuanza na kuwawezesha.
------------ On Debian/Ubuntu ------------ $ sudo systemctl nginx start php7.0-fpm mysql snmp $ sudo systemctl enable nginx php7.0-fpm mysql snmp ------------ On CentOS/RHEL ------------ # systemctl nginx start php-fpm mariadb snmpd # systemctl enable nginx php-fpm mariadb snmpd
Hatua ya 2: Sakinisha Zana ya Ufuatiliaji ya LibreNMS
3. Ifuatayo, unda mtumiaji wa mfumo aitwaye librenms, kwa amri ya useradd; ambapo alama ya -M huzima uundaji wa saraka ya nyumbani ya mtumiaji, na -r huwezesha kuunda akaunti ya mfumo. Kisha ongeza mtumiaji wa librenms kwenye kikundi www-data (kwenye Ubuntu) au nginx (kwenye CentOS) kama ifuatavyo.
------------ On Debian/Ubuntu ------------ $ sudo useradd librenms -d /opt/librenms -M -r $ sudo usermod -a -G librenms www-data ------------ On CentOS/RHEL ------------ # useradd librenms -d /opt/librenms -M -r # usermod -a -G librenms nginx
4. Kisha usakinishe LibreNMS kupitia amri ya mtunzi kama inavyoonyeshwa.
------------ On Debian/Ubuntu ------------ $ cd /opt $ sudo composer create-project --no-dev --keep-vcs librenms/librenms librenms dev-master ------------ On CentOS/RHEL ------------ # cd /opt # composer create-project --no-dev --keep-vcs librenms/librenms librenms dev-master
Hatua ya 3: Unda Hifadhidata ya LibreNMS
5. Kabla ya kuanza kutumia seva ya MariaDB, unahitaji kulinda usakinishaji wako, endesha hati ya usalama iliyotolewa kwenye kifurushi cha binary. Itakuuliza uweke nenosiri la msingi, uondoe watumiaji wasiojulikana, uzime kuingia kwa mizizi kwa mbali na uondoe hifadhidata ya majaribio.
Unaweza kuzindua hati kwa kutoa amri iliyo hapa chini na kujibu maswali yote kwa ndiyo/y.
$ sudo mysql_secure_installation [On Debian/Ubuntu] # mysql_secure_installation [On CentOS/RHEL]
6. Kisha ingia kwenye hifadhidata ya MariaDB ili kuunda hifadhidata ya LibreNMS (kumbuka kutumia nenosiri thabiti/salama katika mazingira ya uzalishaji).
$ sudo mysql -u root -p MariaDB [(none)]> CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci; MariaDB [(none)]> CREATE USER 'librenms'@'localhost' IDENTIFIED BY '[email !#@%$libre'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost'; MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> exit
7. Baadaye, zima hali kali ya MySQL kwa sasa (upatanifu na modi kali ya MySQL bado haujaongezwa).
$ sudo vim /etc/mysql/mariadb.conf.d/50-server.cnf [On Debian/Ubuntu] # vi /etc/my.cnf [On CentOS/RHEL]
Ndani ya sehemu ya [mysqld] tafadhali ongeza.
innodb_file_per_table=1 sql-mode="" lower_case_table_names=0
Kisha anzisha tena seva ya hifadhidata ili kufanya mabadiliko.
$ sudo systemctl restart mysql [On Debian/Ubuntu] # systemctl restart mariadb [On CentOS/RHEL]
Hatua ya 4: Sanidi na Anzisha PHP-FPM
8. Kisha, weka date.timezone yako katika php.ini kwa saa za eneo lako, kwa mfano \Africa/Kampala, kama inavyoonyeshwa kwenye picha ya skrini ifuatayo.
------------ On Debian/Ubuntu ------------ $ sudo vim /etc/php/7.0/fpm/php.ini $ sudo vim /etc/php/7.0/cli/php.ini ------------ On CentOS/RHEL ------------ # vi /etc/php.ini
9. Kisha wezesha moduli ya mcrypt PHP katika Ubuntu na uanze upya php-fpm kama inavyoonyeshwa.
------------ On Debian/Ubuntu ------------ $ sudo phpenmod mcrypt $ sudo systemctl restart php7.0-fpm
10. Kwenye CentOS/RHEL unahitaji kufanya mabadiliko yafuatayo katika faili ya usanidi ya php-fpm.
# vi /etc/php-fpm.d/www.conf
Fanya mabadiliko yafuatayo.
;user = apache user = nginx group = apache ; keep group as apache ;listen = 127.0.0.1:9000 listen = /var/run/php-fpm/php7.2-fpm.sock listen.owner = nginx listen.group = nginx listen.mode = 0660
11. Anzisha upya huduma ya php-fpm kama inavyoonyeshwa.
# systemctl restart php-fpm
Hatua ya 5: Sanidi Nginx kwa LibreNMS
12. Katika hatua hii, unahitaji kusanidi kizuizi cha seva cha Nginx kwa librenms ili kufikia UI ya wavuti. Unda faili ya .conf kama inavyoonyeshwa.
$ sudo vim /etc/nginx/conf.d/librenms.conf [On Debian/Ubuntu] # vi /etc/nginx/conf.d/librenms.conf [On CentOS/RHEL]
Ongeza usanidi ufuatao, hariri server_name inavyohitajika.
server {
listen 80;
server_name librenms.example.com;
root /opt/librenms/html;
index index.php;
charset utf-8;
gzip on;
gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location /api/v0 {
try_files $uri $uri/ /api_v0.php?$query_string;
}
location ~ \.php {
include fastcgi.conf;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
13. Kisha uhifadhi na uondoke faili. Pia ondoa usanidi chaguo-msingi wa kuzuia seva na uanze tena seva ya Nginx.
------------ On Debian/Ubuntu ------------ $ sudo rm /etc/nginx/sites-enabled/default $ sudo systemctl restart nginx ------------ On CentOS/RHEL ------------ # systemctl restart nginx
KUMBUKA: Kwenye CentOS/RHEL, utahitaji kuzima sehemu ya tovuti chaguo-msingi, ikiwa hii ndiyo tovuti pekee unayopangisha. Futa sehemu ya seva kutoka /etc/nginx/nginx.conf faili.
14. Pia kwenye CentOS/RHEL, unahitaji kusakinisha zana ya sera ya SELinux na Usanidi miktadha inayohitajika na LibreNMS kwa kutumia amri zifuatazo.
------------ On CentOS/RHEL ------------ # yum install policycoreutils-python # semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/logs(/.*)?' # semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/logs(/.*)?' # restorecon -RFvv /opt/librenms/logs/ # semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/rrd(/.*)?' # semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/rrd(/.*)?' # restorecon -RFvv /opt/librenms/rrd/ # setsebool -P httpd_can_sendmail=1 # setsebool -P httpd_execmem 1
15. Ruhusu fping kwa kuunda faili http_fping.tt na maudhui yafuatayo.
module http_fping 1.0;
require {
type httpd_t;
class capability net_raw;
class rawip_socket { getopt create setopt write read };
}
#============= httpd_t ==============
allow httpd_t self:capability net_raw;
allow httpd_t self:rawip_socket { getopt create setopt write read };
16. Kisha endesha amri hizi.
------------ On CentOS/RHEL ------------ # checkmodule -M -m -o http_fping.mod http_fping.tt # semodule_package -o http_fping.pp -m http_fping.mod # semodule -i http_fping.pp
17. Ikiwa unatumia Firewall kwenye CentOS/RHEL, washa ufikiaji wa HTTP/HTTPS kupitia ngome.
------------ On CentOS/RHEL ------------ # firewall-cmd --zone public --add-service http # firewall-cmd --permanent --zone public --add-service http # firewall-cmd --zone public --add-service https # firewall-cmd --permanent --zone public --add-service https
Hatua ya 6: Sanidi SNMPD kwa LibreNMS
18. Sasa tumia sampuli ya usanidi wa snmp kuunda faili yako ya usanidi na kuifungua kwa kuhaririwa, kama ifuatavyo.
------------ On Debian/Ubuntu ------------ $ sudo cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf $ sudo vim /etc/snmp/snmpd.conf ------------ On CentOS/RHEL ------------ # cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf # vi /etc/snmp/snmpd.conf
Tafuta kamba RANDOMSTRINGGOESHERE na uibadilishe kuwa mfuatano wa jumuiya yako kama inavyoonyeshwa kwenye picha ya skrini.
19. Kisha, pakua hati ya ganda kwenye mfumo wako, ambayo husaidia kugundua OS na ikiwa ni Linux basi itagundua usambazaji wa Linux, unatumia:
------------ On Debian/Ubuntu ------------ $ sudo curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro $ sudo chmod +x /usr/bin/distro $ sudo systemctl restart snmpd ------------ On CentOS/RHEL ------------ # curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro # chmod +x /usr/bin/distro # systemctl restart snmpd
Hatua ya 7: Unda Cron na Usanidi Logrotate
20. Sasa endesha amri iliyo hapa chini ili kusanidi kazi ya cron kwa LibreNMS.
# cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms
21. Kisha, kumbukumbu zote za LibreNMS zinarekodiwa katika /opt/librenms/logs, unaweza kuhitaji kusanidi kumbukumbu hizi kuzungushwa kiotomatiki, kwa kutumia faili ya usanidi ya logrotate iliyotolewa, kama hii.
# cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms
Kisha weka ruhusa zinazofaa kwenye saraka ya mizizi ya usakinishaji ya LibreNMS na faili za logi.
------------ On Debian/Ubuntu ------------ $ sudo chown -R librenms:librenms /opt/librenms $ sudo setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs $ sudo setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs ------------ On CentOS/RHEL ------------ # chown -R librenms:librenms /opt/librenms # setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs # setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs
Hatua ya 8: Fikia Kisakinishi cha Wavuti cha LibreNMS
22. Kisha, tumia URL ifuatayo ili kufikia kisakinishi wavuti na ufuate maagizo kwenye skrini.
http://librenms.tecmint.lan/install.php
Ili anwani hii ifanye kazi kwenye mashine ya karibu nawe, unahitaji kusanidi DNS ya ndani kwa kutumia faili ya seva pangishi (/etc/hosts), kwa utatuzi wa kikoa cha ndani au madhumuni ya majaribio kabla ya kwenda moja kwa moja.
192.168.43.31 tecmint.lan 192.168.43.31 librenms.tecmint.lan
23. Utaona ukurasa wa kukaribisha usakinishaji kama inavyoonyeshwa kwenye picha ya skrini ifuatayo, bofya Hatua Inayofuata ili kuendelea.
24. Kisha ingiza mipangilio (mwenye hifadhidata, bandari, jina la mtumiaji na nenosiri la mtumiaji) kwa hifadhidata ya LibreNMS na ubofye Hatua Inayofuata ili kuendelea.
25. Kisakinishi wavuti sasa kitaanza kuleta hifadhidata ya MySQL, hii itachukua muda. Kumbuka kuwa mchakato utajaribu kusitisha katika sehemu fulani, bofya kwa urahisi Jaribu tena ili kuendelea na mchakato wa uagizaji.
26. Mara baada ya uagizaji wa hifadhidata kukamilika, unapaswa kuona ujumbe \Hifadhidata imesasishwa!, kama inavyoonyeshwa kwenye picha ya skrini iliyo hapa chini. Kisha ubofye Goto Ongeza Mtumiaji ili kuendelea.
27. Kisha, ongeza mtumiaji wa LibreNMS, taja jina la mtumiaji, nenosiri na barua pepe, kisha ubofye Ongeza Mtumiaji ili kutekeleza mabadiliko.
28. Sasa bofya kuunda usanidi wa LibreNMS kwa mfumo wako, kwa kubofya Tengeneza Usanidi.
29. Mara tu usanidi unapotolewa, kama inavyoonyeshwa kwenye skrini iliyotangulia, nakili na uihifadhi kwenye saraka ya mizizi ya usakinishaji wako, katika faili inayoitwa /opt/librenms/config.php.
# vi /opt/librenms/config.php
<?php
## Have a look in defaults.inc.php for examples of settings you can set here. DO NOT EDIT defaults.inc.php!
### Database config
$config['db_host'] = 'localhost';
$config['db_port'] = '3306';
$config['db_user'] = 'librenms';
$config['db_pass'] = '[email !#@%$libre';
$config['db_name'] = 'librenms';
$config['db_socket'] = '';
// This is the user LibreNMS will run as
//Please ensure this user is created and has the correct permissions to your install
$config['user'] = 'librenms';
### Locations - it is recommended to keep the default
#$config['install_dir'] = "/opt/librenms";
### This should *only* be set if you want to *force* a particular hostname/port
### It will prevent the web interface being usable form any other hostname
#$config['base_url'] = "http://librenms.company.com";
### Enable this to use rrdcached. Be sure rrd_dir is within the rrdcached dir
### and that your web server has permission to talk to rrdcached.
#$config['rrdcached'] = "unix:/var/run/rrdcached.sock";
### Default community
$config['snmp']['community'] = array("public");
### Authentication Model
$config['auth_mechanism'] = "mysql"; # default, other options: ldap, http-auth
#$config['http_auth_guest'] = "guest"; # remember to configure this user if you use http-auth
### List of RFC1918 networks to allow scanning-based discovery
#$config['nets'][] = "10.0.0.0/8";
#$config['nets'][] = "172.16.0.0/12";
#$config['nets'][] = "192.168.0.0/16";
# Update configuration
#$config['update_channel'] = 'release'; # uncomment to follow the monthly release channel
#$config['update'] = 0; # uncomment to completely disable updates
30. Hifadhi na funga faili. Kisha rudi kwenye kisakinishi cha wavuti ili kuendelea na mchakato wa usakinishaji, kwa kubofya Maliza Kusakinisha.
31. Sasa usakinishaji wako wa LibreNMS umekamilika, unaweza kubofya \halalisha usakinishaji wako na urekebishe masuala yoyote, ukurasa wa kuingia unapaswa kuonekana.
32. Kisha, weka kitambulisho chako cha mtumiaji ili kufikia ukurasa wa uthibitishaji.
33. Kutoka kwa mchakato wa uthibitishaji wa usakinishaji, LibreNMS imegundua masuala mawili, moja ni kwamba vifaa havijaongezwa (hili ni onyo kwa sasa), na pili, hatujaweka ruhusa inayofaa kwenye faili ya usanidi (/opt/librenms). /config.php) ambayo iliongezwa kwa mikono, kama inavyoonyeshwa kwenye picha ya skrini hapa chini.
Sasa endesha amri ifuatayo ili kuweka ruhusa sahihi kwenye faili ya usanidi.
$ sudo chown -R librenms:librenms /opt/librenms/config.php
34. Kuongeza vifaa, nenda kwa: http://librenms.tecmint.lan/addhost. Baada ya kuongeza vifaa, unaweza kwenda kwenye ukurasa wa nyumbani na kuongeza dashibodi mbalimbali.
Hiyo ndiyo! Unaweza kupata maelezo zaidi, ikijumuisha usakinishaji na usanidi kwenye Hati ya LibreNMS katika https://docs.librenms.org/.
LibreNMS ni mfumo kamili wa ufuatiliaji wa mtandao unaoauni maunzi anuwai ya mtandao. Tunatumahi kuwa huu ulikuwa mwongozo mzuri wa usakinishaji, ikiwa una maswali yoyote, wasiliana nasi kupitia fomu ya maoni iliyo hapa chini.