Centos7 cacti percona nginx

 

centos 7 에서 cacti 설치시 의존성 패키지로 httpd 가 설치 되며 db.php 파일의 권한이 apache 로 되어 있습니다.

db.php 파일의 권한변경이 필요 합니다.

 

apache web-server 가 아닌 nginx web-server 이용시 /etc/nginx/conf.d/default.conf 설정에 아래 내용을 추가 합니다.

[root@centos74 conf.d]# vi default.conf

# cacti settings
 location /cacti {
 alias /usr/share/cacti;
 index index.php;
 }

location ~ ^/cacti.+\.php$ {
 # fastcgi_pass unix:/var/run/php-fpm.sock;
 fastcgi_pass 127.0.0.1:9000;
 fastcgi_index index.php;

fastcgi_split_path_info ^/cacti(.+\.php)(.*)$;
 fastcgi_param SCRIPT_FILENAME /usr/share/cacti/$fastcgi_script_name;
 include /etc/nginx/fastcgi_params;
 }

 

별도의 Domain 이용시 아래 내용참고

[root@centos74 conf.d]# vi cacti.conf
server {
    listen       80;
    server_name  cacti.test2.com;
    root   /usr/share;
    index  index.php index.html index.htm;
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

#    error_page   500 502 503 504  /50x.html;
#    location = /50x.html {
#        root   /usr/share/cacti;
#    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

 

default.conf 파일 수정

[root@centos74 ~]# vi /etc/nginx/conf.d/default.conf
    #access_log  /var/log/nginx/host.access.log  main;

        root   /usr/share/nginx/html;
        index  index.php index.html index.htm;
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }
    location /server-status {
        stub_status on;
        allow 127.0.0.1;
        #deny all;
    }

location /server-status 추가

 

nginx 재시작

[root@centos74 conf.d]# systemctl restart nginx

 

server-status 확인

[root@centos74 ~]# curl http://localhost/server-status
Active connections: 1
server accepts handled requests
 2 2 2
Reading: 0 Writing: 1 Waiting: 0
[root@centos74 ~]#

 

db.php 권한 설정

[root@centos74 ~]# ls -al /etc/cacti/db.php
-rw-r----- 1 cacti apache 3137 Dec 27 01:29 /etc/cacti/db.php
[root@centos74 ~]# chown cacti:nginx /etc/cacti/db.php

db.php 권한을 apache 에서 nginx 로 변경 하지 않을 경우 cacti 웹 인스톨을 진행할수 없습니다.

 

참고사항: nginx 로 cacti 설정시 아래와 같이 권한 설정 부분에서 Writable 권한 설정 페이지가 출력됩니다.

 

 

디렉토리 권한 변경

[root@centos74 ~]# chown -R nginx:nginx /usr/share/cacti/resource/
[root@centos74 ~]# chown -R nginx:nginx /usr/share/cacti/scripts/
[root@centos74 ~]# chown -R nginx:nginx /usr/share/cacti/cache/
[root@centos74 ~]# chown -R nginx:nginx /usr/share/cacti/log/

 

권한 변경후 확인

 

percona temp 설치 

[root@centos74 ~]# wget https://www.percona.com/downloads/percona-monitoring-plugins/percona-monitoring-plugins-1.1.7/binary/redhat/7/x86_64/percona-cacti-templates-1.1.7-2.noarch.rpm
[root@centos74 ~]# yum install -y percona-cacti-templates-1.1.7-2.noarch.rpm

 

Nginx 템플릿 추가

[root@centos74 ~]# php /usr/share/cacti/cli/import_template.php --filename=/usr/share/cacti/resource/percona/templates/cacti_host_template_percona_nginx_server_ht_0.8.6i-sver1.1.7.xml
Read 42607 bytes of XML data
Import ResultsCacti has imported the following items for the Template:
CDEF
[success] Percona Turn Into Bits CDEF [new]
[success] Percona Negate CDEF [new]
GPRINT Preset
[success] Percona Nginx Server Checksum c5c20ca1d61ee9ccbb45854a46ce6fe8 [new]
[success] Percona Nginx Server Version t1.1.7:s1.1.7 [new]
[success] Percona Normal [new]
Data Input Method
[success] Percona Get Nginx Stats/Nginx Requests IM [new]
[success] Percona Get Nginx Stats/Nginx Accepts/Handled IM [new]
[success] Percona Get Nginx Stats/Nginx Scoreboard IM [new]
Data Template
[success] Percona Nginx Requests DT [new]
[success] Percona Nginx Accepts/Handled DT [new]
[success] Percona Nginx Scoreboard DT [new]
Graph Template
[success] Percona Nginx Requests GT [new]
[success] Percona Nginx Accepts/Handled GT [new]
[success] Percona Nginx Scoreboard GT [new]
Device Template
[success] Percona Nginx Server HT [new]
[root@centos74 ~]#

 

Data Collection -> Data Input Methods  로 이동합니다.

Nginx 를 검색하여 Input String 을 수정 합니다.

 

수정전

<path_php_binary> -q <path_cacti>/scripts/ss_get_by_ssh.php --host <hostname> --type nginx --items hx,hy --server <server> --url <url> --http-user <http-user> --http-password <password>

 

수정후

<path_php_binary> -q <path_cacti>/scripts/ss_get_by_ssh.php --host <hostname> --type nginx --items hx,hy --server <server> --url <url> --http-user <http-user> --http-password <password>

 

–server <server> –url <url> –http-user <http-user> –http-password <password> 옵션을 삭제 하시면 됩니다.

 

Management -> Device 로 이동하여 nginx device 를 생성 합니다.

Device Template 에서 Percona Nginx Server HT 를 선택 합니다.

 

ss_get_by_ssh.php 설정의 경우 apache 설정과 동일하게 설정 하시면 됩니다.

참고: http://dev.crois.net/2017/12/23/monitoring-centos7-cacti-percona-apache/

 

 

스크립트 동작 확인

[root@centos74 scripts]# su - cacti
Last login: Wed Dec 27 17:19:05 KST 2017 from localhost on pts/1
-bash-4.2$  php /usr/share/cacti/scripts/ss_get_by_ssh.php --type nginx --host 127.0.0.1 --items hw,hx
hw:1 hx:6
-bash-4.2$

 

Create Graphs for this Device 를 클릭하여 그래프를 생성 합니다.

 

 

약 5~10 분이 지나면 아래와 같은 그래프를 볼수 있습니다.

 

 

 

 

 

Centos7 LEMP install

Nginx php mariadb install

 

 

nginx 설치전 system update 를 진행 합니다.

[root@centos74 ~]# yum update -y

 

 

nginx repo file 생성

[root@centos74 ~]# vi /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1

참고페이지: http://nginx.org/en/linux_packages.html#stable

 

yum list 확인

[root@centos74 ~]# yum clean all && yum list
[root@centos74 ~]# yum search nginx
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: ftp.neowiz.com
 * extras: ftp.neowiz.com
 * updates: ftp.neowiz.com
============================================================================================================================= N/S matched: nginx ==============================================================================================================================
nginx-debug.x86_64 : debug version of nginx
nginx-debuginfo.x86_64 : Debug information for package nginx
nginx-module-geoip.x86_64 : nginx GeoIP dynamic modules
nginx-module-geoip-debuginfo.x86_64 : Debug information for package nginx-module-geoip
nginx-module-image-filter.x86_64 : nginx image filter dynamic module
nginx-module-image-filter-debuginfo.x86_64 : Debug information for package nginx-module-image-filter
nginx-module-njs.x86_64 : nginx nginScript dynamic modules
nginx-module-njs-debuginfo.x86_64 : Debug information for package nginx-module-njs
nginx-module-perl.x86_64 : nginx Perl dynamic module
nginx-module-perl-debuginfo.x86_64 : Debug information for package nginx-module-perl
nginx-module-xslt.x86_64 : nginx xslt dynamic module
nginx-module-xslt-debuginfo.x86_64 : Debug information for package nginx-module-xslt
nginx-nr-agent.noarch : New Relic agent for NGINX and NGINX Plus
pcp-pmda-nginx.x86_64 : Performance Co-Pilot (PCP) metrics for the Nginx Webserver
nginx.x86_64 : High performance web server

  Name and summary matches only, use "search all" for everything.
[root@centos74 ~]#

 

nginx 

nginx install

[root@centos74 ~]# yum install -y nginx

 

 php71 

php71 install

[root@centos74 ~]# yum install -y epel-release
[root@centos74 ~]# rpm -Uvh http://rpms.remirepo.net/enterprise/remi-release-7.rpm
[root@centos74 ~]# yum clean all && yum list
[root@centos74 ~]# yum update -y
[root@centos74 ~]# init 6
[root@centos74 ~]# yum-config-manager --enable remi-php71
[root@centos74 ~]# yum install -y php php-opcache php-mysql php-fpm php-gd \
php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-soap curl curl-devel

 

mariadb

 

mariadb repo 확인 https://downloads.mariadb.org/mariadb/repositories/#mirror=kaist&distro=CentOS&distro_release=centos7-amd64–centos7&version=10.1

mariadb.repo 생성

[root@centos74 ~]# vi /etc/yum.repos.d/mariadb.repo
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.1/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
[root@centos74 ~]# yum clean all && yum list

 

mariadb 10.1 설치

[root@centos74 ~]# yum install -y mariadb mariadb-server

 

mariadb 10.1 start & enable 

[root@centos74 ~]# systemctl start mariadb.service
[root@centos74 ~]# systemctl enable mariadb.service

 

mariadb secure_installation 실행

[root@centos74 ~]# /usr/bin/mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!
[root@centos74 ~]#

 

nginx 

 

nginx enable & start

[root@centos74 ~]# systemctl enable nginx
[root@centos74 ~]# systemctl start nginx

 

nginx 동작 확인

[root@centos74 ~]# systemctl status nginx
● nginx.service - nginx - high performance web server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2017-12-24 13:57:28 KST; 2min 16s ago
     Docs: http://nginx.org/en/docs/
 Main PID: 27786 (nginx)
   CGroup: /system.slice/nginx.service
           ├─27786 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
           └─27787 nginx: worker process

Dec 24 13:57:28 centos74 systemd[1]: Starting nginx - high performance web server...
Dec 24 13:57:28 centos74 nginx[27782]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Dec 24 13:57:28 centos74 nginx[27782]: nginx: configuration file /etc/nginx/nginx.conf test is successful
Dec 24 13:57:28 centos74 systemd[1]: Started nginx - high performance web server.
[root@centos74 ~]#

 

접속 확인

 

nginx 설정

nginx.conf 파일 

위치: /etc/nginx/nginx.conf (nginx main 설정 파일)

[root@centos74 nginx]# cat nginx.conf

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}
[root@centos74 nginx]#

 

 

 

default.conf 파일

위치: /etc/nginx/conf.d/default.conf (nginx Default Server 설정 파일)

추가 도메인이 있을경우 /etc/nginx/conf.d/ 디렉토리에 $file_name.conf 로 파일을 생성하시면 됩니다.

[root@centos74 ~]# cat /etc/nginx/conf.d/default.conf
server {
    listen       80;
    server_name  localhost;

    #charset koi8-r;
    #access_log  /var/log/nginx/host.access.log  main;
        root   /usr/share/nginx/html;
        index  index.php index.html index.htm;
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }


    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        #fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;

    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}


[root@centos74 ~]#

sock 방식을 사용할 경우 해당 라인의 주석을 제거합니다. fastcgi_pass unix:/run/php-fpm/php-fpm.sock;

www.conf 파일을  listen = /run/php-fpm/php-fpm.sock; 로 listen = 127.0.0.1:9000 라인을 수정 해야 합니다.

 

php-fpm 설정

[root@centos74 html]# vi /etc/php-fpm.d/www.conf
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx


listen.owner = nginx
listen.group = nginx
listen.mode = 0666
[root@centos74 ~]# systemctl enable php-fpm.service
[root@centos74 ~]# systemctl start php-fpm.service
[root@centos74 ~]# systemctl restart nginx

 

phpinfo() 확인

[root@centos74 ~]# vi /usr/share/nginx/html/info.php
<?php phpinfo(); ?>

 

 

VirtualHost 

default 파일 수정

[root@centos74 ~]# vi /etc/nginx/conf.d/default.conf
server {
    listen       80 default_server;
    server_name  localhost;

 

/etc/nginx/sites-enabled 디렉토리 생성 없이 /etc/nginx/conf.d 디렉토리에 $domain.conf 파일로 생성 합니다.

test2.com 파일을 생성 합니다.

[root@centos74 ~]# vi /etc/nginx/conf.d/test2.conf
server {
    listen       80;
    server_name  www.test2.com test2.com;
    root   /var/www/test2.com;
    index  index.php index.html index.htm;
    location / {
        try_files $uri $uri/ /index.php?$query_string;
        autoindex on;
    }

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /var/www/test2.com;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

 

test2.com 의 root 디렉토리는 /home/test/public_html 입니다.

phpinfo 페이지 파일을 생성 합니다.

[root@centos74 ~]# vi /var/www/test2.com/test.php
<?php phpinfo(); ?>

 

nginx 재시작후 확인 합니다.

[root@centos74 ~]# systemctl restart nginx

 

 

 

 

Cacti Debug mode

 

 

cacti 를 사용시 logs 메뉴에서 아래와 같이 log 파일을 확인 할수 있습니다.

일반적인 로그의 경우 아래와 같이 5분주기로 RRDtool 을 이용하여 그래프를 생성 했다는 메시지만 출력이 됩니다.

 

 

 

log 확인시 Detail한 정보를 확인하기 위해서는 Cacti Debug mode 를 활성화 하여 조금더 많은 정보를 확인 할수 있습니다.

Management -> Devices 로 이동후 문제가 있는 Device 를 클릭 합니다.

Enable Device Debug 를 클릭 한후 Save 버튼을 클릭 합니다.

(Debug mode 를 Disable 하기위해서는 Disable Device Debug 클릭후 Save 버튼을 클릭 하시면 됩니다.)

 

Logs 버튼을 클릭하여 log 를 확인 합니다.

 

 

스크립트 오류의 경우 logs 디렉토리의 cacti.log 를 확인 하여 정상적으로 Poller 가 작동하였는지 확인 할수 있습니다.

[root@centos74 ~]# cd /usr/share/cacti/log/
[root@centos74 log]# cat cacti.log |grep -i ss_get_by_ssh

 

비정상인 경우

2017-12-23 19:05:01 - SPINE: Poller[1] Device[5] TH[1] DS[34] SCRIPT: /bin/php -q /usr/share/cacti/scripts/ss_get_by_ssh.php --host 'localhost' --type apache --items gi,gj, 
output: gi:-1 gj:-1
2017-12-23 19:06:01 - SPINE: Poller[1] Device[5] TH[1] DS[30] SCRIPT: /bin/php -q /usr/share/cacti/scripts/ss_get_by_ssh.php --host 'localhost' --type apache --items 
gh, output: gh:-1

비정상인 경우 -1 값이 출력됩니다.

 

 

정상인경우

2017-12-23 19:15:01 - SPINE: Poller[1] Device[5] TH[1] DS[34] SCRIPT: /bin/php -q /usr/share/cacti/scripts/ss_get_by_ssh.php --host 'localhost' --type apache --items gi,gj, 
output: gi:223 gj:1
2017-12-23 19:16:01 - SPINE: Poller[1] Device[5] TH[1] DS[30] SCRIPT: /bin/php -q /usr/share/cacti/scripts/ss_get_by_ssh.php --host 'localhost' --type apache --items gh, 
output: gh:6156288

 

Snmpd Daemon이 정상적으로 작동하지 않을 경우 아래와 같은 Log를 확인 할수 있습니다.

 

 

Cacti percona apache Monitoring

 

Cacti percona template 을 이용하여 apache24 Web-Server  를 모니터링 할수 있습니다.

 

Mariadb 에서 percona-cacti-templates.version.rpm 을 설치 하였다면 아래 내용은 Skip 합니다.

2017.12.22일 기준

percona-cacti-templates Down 및 설치

[root@centos74 ~]# wget https://www.percona.com/downloads/percona-monitoring-plugins/percona-monitoring-plugins-1.1.7/binary/redhat/7/x86_64/percona-cacti-templates-1.1.7-2.noarch.rpm

[root@centos74 ~]# yum install percona-cacti-templates-1.1.7-2.noarch.rpm

perl-Digest , perl-Digest-MD5 Package 필요합니다.

 

Percona Directory 

/usr/share/cacti/resource/percona
[root@centos74 ~]# ls -al /usr/share/cacti/resource/percona/templates/
total 1896
drwxr-xr-x 2 root root   4096 Dec 22 16:57 .
drwxr-xr-x 6 root root     65 Dec 22 16:57 ..
-rw-r--r-- 1 root root  74554 Dec 10  2016 cacti_host_template_percona_apache_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root 104933 Dec 10  2016 cacti_host_template_percona_galera_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root 273814 Dec 10  2016 cacti_host_template_percona_gnu_linux_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root  54091 Dec 10  2016 cacti_host_template_percona_jmx_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root  76166 Dec 10  2016 cacti_host_template_percona_memcached_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root  93264 Dec 10  2016 cacti_host_template_percona_mongodb_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root 888147 Dec 10  2016 cacti_host_template_percona_mysql_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root  42607 Dec 10  2016 cacti_host_template_percona_nginx_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root 169753 Dec 10  2016 cacti_host_template_percona_openvz_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root  99944 Dec 10  2016 cacti_host_template_percona_rds_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root  37873 Dec 10  2016 cacti_host_template_percona_redis_server_ht_0.8.6i-sver1.1.7.xml
[root@centos74 ~]#

 

server-status 설정

[root@centos74 ~]# vi /etc/httpd/conf/httpd.conf

<Location /server-status>
SetHandler server-status
 
Order Deny,Allow
Deny from all
Allow from localhost
</Location>

[root@centos74 ~]# systemctl restart httpd

 

apache server-status 확인

[root@centos74 ~]# curl http://localhost/server-status
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html><head>
<title>Apache Status</title>
</head><body>
<h1>Apache Server Status for localhost (via ::1)</h1>

<dl><dt>Server Version: Apache/2.4.6 (CentOS) PHP/7.1.12</dt>
<dt>Server MPM: worker</dt>
<dt>Server Built: Oct 19 2017 20:39:16
</dt></dl><hr /><dl>
<dt>Current Time: Saturday, 23-Dec-2017 17:53:02 KST</dt>
<dt>Restart Time: Saturday, 23-Dec-2017 17:34:16 KST</dt>
<dt>Parent Server Config. Generation: 1</dt>
<dt>Parent Server MPM Generation: 0</dt>
<dt>Server uptime:  18 minutes 46 seconds</dt>
<dt>Server load: 0.01 0.02 0.01</dt>
<dt>Total accesses: 20 - Total Traffic: 378 kB</dt>
<dt>CPU Usage: u.27 s.06 cu0 cs0 - .0293% CPU load</dt>
<dt>.0178 requests/sec - 343 B/second - 18.9 kB/request</dt>
<dt>1 requests currently being processed, 223 idle workers</dt>
</dl><pre>________________________________________________________________
_W______________________________________________________________
________________________________................................
................................________________________________
________________________________................................
~중략

curl 을 이용하여 apache server-status 를 확인합니다.

 

Percona Apache 템플릿을 import 합니다.

[root@centos74 ~]# php /usr/share/cacti/cli/import_template.php --filename=/usr/share/cacti/resource/percona/templates/cacti_host_template_percona_apache_server_ht_0.8.6i-sver1.1.7.xml
Read 74554 bytes of XML data
Import ResultsCacti has imported the following items for the Template:
CDEF
[success] Percona Turn Into Bits CDEF [unchanged]
[success] Percona Negate CDEF [unchanged]
GPRINT Preset
[success] Percona Apache Server Checksum c3ed3746e08aa02111016407424dea59 [new]
[success] Percona Apache Server Version t1.1.7:s1.1.7 [new]
[success] Percona Normal [unchanged]
Data Input Method
[success] Percona Get Apache Stats/Apache Requests IM [new]
[success] Percona Get Apache Stats/Apache Bytes IM [new]
[success] Percona Get Apache Stats/Apache CPU Load IM [new]
[success] Percona Get Apache Stats/Apache Workers IM [new]
[success] Percona Get Apache Stats/Apache Scoreboard IM [new]
Data Template
[success] Percona Apache Requests DT [new]
[success] Percona Apache Bytes DT [new]
[success] Percona Apache CPU Load DT [new]
[success] Percona Apache Workers DT [new]
[success] Percona Apache Scoreboard DT [new]
Graph Template
[success] Percona Apache Requests GT [new]
[success] Percona Apache Bytes GT [new]
[success] Percona Apache CPU Load GT [new]
[success] Percona Apache Workers GT [new]
[success] Percona Apache Scoreboard GT [new]
Device Template
[success] Percona Apache Server HT [new]
[root@centos74 ~]#

 

ss_get_by_ssh.php 사용을 위한 .ssh 디렉토리 생성

위치 /usr/share/cacti/.ssh/id_rsa

[root@centos74 cacti]# cd /usr/share/cacti/
[root@centos74 cacti]# mkdir .ssh
[root@centos74 cacti]# chown cacti:cacti .ssh/

ss_get_by_ssh.php 퍼미션변경
[root@centos74 ~]# cd /usr/share/cacti/scripts/
[root@centos74 scripts]# chown cacti:cacti ss_get_by_ssh.php

 

cacti User 의 shell 변경 및 ssh-keygen 생성

[root@centos74 cacti]# chsh cacti
Changing shell for cacti.
New shell [/sbin/nologin]: /bin/bash
Shell changed.
[root@centos74 cacti]# su - cacti
-bash-4.2$ pwd
/usr/share/cacti
-bash-4.2$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/usr/share/cacti/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /usr/share/cacti/.ssh/id_rsa.
Your public key has been saved in /usr/share/cacti/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:zPCJ7lAgw+l+whEHg8QJVsDYka/NDsThFIxMvB//dL8 cacti@centos74
The key's randomart image is:
+---[RSA 2048]----+
|@XO=             |
|=B*+             |
| +Boo .          |
| o+*.. * .       |
| .++o o S        |
| oooo+ . .       |
|  +oo + . .      |
|   o.o .   .     |
|      .    E.    |
+----[SHA256]-----+
-bash-4.2$ cd .ssh/
-bash-4.2$ cat id_rsa.pub >> authorized_keys
-bash-4.2$ chmod 600 authorized_keys

 

ssh-keygen 확인

[root@centos74 scripts]# su - cacti
Last login: Sat Dec 23 17:22:33 KST 2017 on pts/0
-bash-4.2$ ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is SHA256:8Bd7pSELT4CL6EJH/pt7GoxUVSA9K+ggXSMyI0uy67Q.
ECDSA key fingerprint is MD5:cb:85:04:a0:75:5c:e2:40:b6:a0:a1:73:c2:0c:1a:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
Last login: Sat Dec 23 17:25:51 2017
-bash-4.2$ logout
Connection to localhost closed.
-bash-4.2$

(cacti 유저로 변경후 정상적으로 password 없이 로그인 할수 있는지 확인 합니다.)

 

ss_get_by_ssh.php 스크립트 테스트

-bash-4.2$ php /usr/share/cacti/scripts/ss_get_by_ssh.php --type apache --host 127.0.0.1 --items gg,gh
gg:1 gh:8192
-bash-4.2$

비정상일 경우 gg:-1 , gh: -1 로 값이 표기 됩니다.

 

cacti 설정

Templates -> Data Source 에서 apache 템플릿을 검색 합니다.

 

Percona Apache Template 를 수정 합니다. 아래와 같이 Custom Data 부분의 Hostname 부분을 localhost 로 변경 하면 됩니다.

 

Management -> Devices 로 이동후 새로운 Device 를 추가 합니다.

+ 버튼을 클릭하면 새로운 Device 를 추가 할수 있습니다.

 

새로운 Device 를 아래와 같이 추가 합니다.

Description : Web-Server

Hostname : ip 또는 hostname

Device Template : Percona Apache Server HT

Create 버튼을 클릭하여 설정을 저장 합니다.

 

화면상단의 Create Graphs for this Device 버튼을 클릭하여 그래프를 생성 합니다.

 

모니터링을 진행할 템플릿을 선택 합니다. Test 를 위하여 전부다 선택 하였습니다. 🙂

Create 버튼을 클릭하여 템플릿을 생성 합니다.

 

Graphs -> List View 로 이동 합니다.  새로 추가한 Web-Server Device 를 확인 할수 있습니다.

모니터링할 템플릿을 선택후 View 버튼을 클릭합니다.

 

Preview 로 이동후 Device 항목에서 Web-Server 를 선택 합니다.

최초 그래프 생성시까지 약 5~10 분 정도 시간이 소요 됩니다.

 

수고하셨습니다. 이상으로 모든 설정이 완료 되었습니다. 🙂

 

약 5~10분 정도 지나면 아래와 같은 그래프를 확인 할수 있습니다.

 

Cacti percona mariadb Monitoring

Cacti percona template 을 이용하여 mariadb 를 모니터링 할수 있습니다.

자세한 정보는 아래 사이트에서 확인하실수 있습니다.

Percona PDF 매뉴얼 site:  https://www.percona.com/software/database-tools/percona-monitoring-plugins

site: https://www.percona.com/doc/percona-monitoring-plugins/LATEST/cacti/index.html

percona-cacti-templates 설치 파일의 경우 https://www.percona.com/downloads/percona-monitoring-plugins/ 에서 Down 할수 있습니다.

 

2017.12.22일 기준

percona-cacti-templates Down 및 설치

[root@centos74 ~]# wget https://www.percona.com/downloads/percona-monitoring-plugins/percona-monitoring-plugins-1.1.7/binary/redhat/7/x86_64/percona-cacti-templates-1.1.7-2.noarch.rpm

[root@centos74 ~]# yum install percona-cacti-templates-1.1.7-2.noarch.rpm

perl-Digest , perl-Digest-MD5 Package 필요합니다.

 

 

Percona Directory 

/usr/share/cacti/resource/percona
[root@centos74 ~]# ls -al /usr/share/cacti/resource/percona/templates/
total 1896
drwxr-xr-x 2 root root   4096 Dec 22 16:57 .
drwxr-xr-x 6 root root     65 Dec 22 16:57 ..
-rw-r--r-- 1 root root  74554 Dec 10  2016 cacti_host_template_percona_apache_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root 104933 Dec 10  2016 cacti_host_template_percona_galera_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root 273814 Dec 10  2016 cacti_host_template_percona_gnu_linux_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root  54091 Dec 10  2016 cacti_host_template_percona_jmx_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root  76166 Dec 10  2016 cacti_host_template_percona_memcached_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root  93264 Dec 10  2016 cacti_host_template_percona_mongodb_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root 888147 Dec 10  2016 cacti_host_template_percona_mysql_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root  42607 Dec 10  2016 cacti_host_template_percona_nginx_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root 169753 Dec 10  2016 cacti_host_template_percona_openvz_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root  99944 Dec 10  2016 cacti_host_template_percona_rds_server_ht_0.8.6i-sver1.1.7.xml
-rw-r--r-- 1 root root  37873 Dec 10  2016 cacti_host_template_percona_redis_server_ht_0.8.6i-sver1.1.7.xml
[root@centos74 ~]#

 

 

ss_get_mysql_stats.php 스크립트 수정

[root@centos74 ~]# cd /usr/share/cacti/scripts/
[root@centos74 scripts]# vi ss_get_mysql_stats.php
$mysql_user = 'cacti';
$mysql_pass = 'password';
$mysql_port = 3306;

 

mariadb cacti User 설정

[root@centos74 scripts]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 356
Server version: 10.1.29-MariaDB MariaDB Server

Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> GRANT SUPER, PROCESS ON *.* TO 'cacti'@'%' IDENTIFIED BY "password";
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> quit;
Bye
[root@centos74 scripts]#

 

mysql 템플릿 추가

[root@centos74 ~]# php /usr/share/cacti/cli/import_template.php --filename=/usr/share/cacti/resource/percona/templates/cacti_host_template_percona_mysql_server_ht_0.8.6i-sver1.1.7.xml
Read 888147 bytes of XML data
Import ResultsCacti has imported the following items for the Template:
CDEF
[success] Percona Turn Into Bits CDEF [new]
[success] Percona Negate CDEF [new]
GPRINT Preset
[success] Percona MySQL Server Checksum 837598bec663319c08a1041f6749996a [new]
[success] Percona MySQL Server Version t1.1.7:s1.1.7 [new]
[success] Percona Normal [new]
Data Input Method
[success] Percona Get MySQL Stats/MyISAM Indexes IM [new]
[success] Percona Get MySQL Stats/MyISAM Key Cache IM [new]
[success] Percona Get MySQL Stats/InnoDB Buffer Pool IM [new]
[success] Percona Get MySQL Stats/InnoDB I/O IM [new]
[success] Percona Get MySQL Stats/InnoDB Insert Buffer IM [new]
[success] Percona Get MySQL Stats/InnoDB Insert Buffer Usage IM [new]
[success] Percona Get MySQL Stats/InnoDB Semaphores IM [new]
[success] Percona Get MySQL Stats/InnoDB Row Operations IM [new]
[success] Percona Get MySQL Stats/MySQL Table Locks IM [new]
[success] Percona Get MySQL Stats/MySQL Connections IM [new]
[success] Percona Get MySQL Stats/MySQL Replication IM [new]
[success] Percona Get MySQL Stats/MySQL Query Cache IM [new]
[success] Percona Get MySQL Stats/MySQL Query Cache Memory IM [new]
[success] Percona Get MySQL Stats/MySQL Command Counters IM [new]
[success] Percona Get MySQL Stats/MySQL Select Types IM [new]
[success] Percona Get MySQL Stats/MySQL Sorts IM [new]
[success] Percona Get MySQL Stats/MySQL Temporary Objects IM [new]
[success] Percona Get MySQL Stats/MySQL Network Traffic IM [new]
[success] Percona Get MySQL Stats/InnoDB Buffer Pool Activity IM [new]
[success] Percona Get MySQL Stats/InnoDB I/O Pending IM [new]
[success] Percona Get MySQL Stats/InnoDB Log IM [new]
[success] Percona Get MySQL Stats/MySQL Binary/Relay Logs IM [new]
[success] Percona Get MySQL Stats/InnoDB Transactions IM [new]
[success] Percona Get MySQL Stats/InnoDB Transactions Active/Locked IM [new]
[success] Percona Get MySQL Stats/MySQL Files and Tables IM [new]
[success] Percona Get MySQL Stats/MySQL Threads IM [new]
[success] Percona Get MySQL Stats/InnoDB Memory Allocation IM [new]
[success] Percona Get MySQL Stats/InnoDB Adaptive Hash Index IM [new]
[success] Percona Get MySQL Stats/InnoDB Internal Hash Memory Usage IM [new]
[success] Percona Get MySQL Stats/InnoDB Tables In Use IM [new]
[success] Percona Get MySQL Stats/InnoDB Current Lock Waits IM [new]
[success] Percona Get MySQL Stats/InnoDB Lock Structures IM [new]
[success] Percona Get MySQL Stats/InnoDB Checkpoint Age IM [new]
[success] Percona Get MySQL Stats/InnoDB Row Lock Time IM [new]
[success] Percona Get MySQL Stats/InnoDB Row Lock Waits IM [new]
[success] Percona Get MySQL Stats/InnoDB Semaphore Waits IM [new]
[success] Percona Get MySQL Stats/InnoDB Semaphore Wait Time IM [new]
[success] Percona Get MySQL Stats/MySQL Processlist IM [new]
[success] Percona Get MySQL Stats/MySQL Transaction Handler IM [new]
[success] Percona Get MySQL Stats/MySQL Handlers IM [new]
[success] Percona Get MySQL Stats/MySQL Query Time Histogram (Count) IM [new]
[success] Percona Get MySQL Stats/MySQL Query Response Time (Microseconds) IM [new]
[success] Percona Get MySQL Stats/InnoDB Buffer Pool Efficiency IM [new]
Data Template
[success] Percona MyISAM Indexes DT [new]
[success] Percona MyISAM Key Cache DT [new]
[success] Percona InnoDB Buffer Pool DT [new]
[success] Percona InnoDB I/O DT [new]
[success] Percona InnoDB Insert Buffer DT [new]
[success] Percona InnoDB Insert Buffer Usage DT [new]
[success] Percona InnoDB Semaphores DT [new]
[success] Percona InnoDB Row Operations DT [new]
[success] Percona MySQL Table Locks DT [new]
[success] Percona MySQL Connections DT [new]
[success] Percona MySQL Replication DT [new]
[success] Percona MySQL Query Cache DT [new]
[success] Percona MySQL Query Cache Memory DT [new]
[success] Percona MySQL Command Counters DT [new]
[success] Percona MySQL Select Types DT [new]
[success] Percona MySQL Sorts DT [new]
[success] Percona MySQL Temporary Objects DT [new]
[success] Percona MySQL Network Traffic DT [new]
[success] Percona InnoDB Buffer Pool Activity DT [new]
[success] Percona InnoDB I/O Pending DT [new]
[success] Percona InnoDB Log DT [new]
[success] Percona MySQL Binary/Relay Logs DT [new]
[success] Percona InnoDB Transactions DT [new]
[success] Percona InnoDB Transactions Active/Locked DT [new]
[success] Percona MySQL Files and Tables DT [new]
[success] Percona MySQL Threads DT [new]
[success] Percona InnoDB Memory Allocation DT [new]
[success] Percona InnoDB Adaptive Hash Index DT [new]
[success] Percona InnoDB Internal Hash Memory Usage DT [new]
[success] Percona InnoDB Tables In Use DT [new]
[success] Percona InnoDB Current Lock Waits DT [new]
[success] Percona InnoDB Lock Structures DT [new]
[success] Percona InnoDB Checkpoint Age DT [new]
[success] Percona InnoDB Row Lock Time DT [new]
[success] Percona InnoDB Row Lock Waits DT [new]
[success] Percona InnoDB Semaphore Waits DT [new]
[success] Percona InnoDB Semaphore Wait Time DT [new]
[success] Percona MySQL Processlist DT [new]
[success] Percona MySQL Transaction Handler DT [new]
[success] Percona MySQL Handlers DT [new]
[success] Percona MySQL Query Time Histogram (Count) DT [new]
[success] Percona MySQL Query Response Time (Microseconds) DT [new]
[success] Percona InnoDB Buffer Pool Efficiency DT [new]
Graph Template
[success] Percona MyISAM Indexes GT [new]
[success] Percona MyISAM Key Cache GT [new]
[success] Percona InnoDB Buffer Pool GT [new]
[success] Percona InnoDB I/O GT [new]
[success] Percona InnoDB Insert Buffer GT [new]
[success] Percona InnoDB Insert Buffer Usage GT [new]
[success] Percona InnoDB Semaphores GT [new]
[success] Percona InnoDB Row Operations GT [new]
[success] Percona MySQL Table Locks GT [new]
[success] Percona MySQL Connections GT [new]
[success] Percona MySQL Replication GT [new]
[success] Percona MySQL Query Cache GT [new]
[success] Percona MySQL Query Cache Memory GT [new]
[success] Percona MySQL Command Counters GT [new]
[success] Percona MySQL Select Types GT [new]
[success] Percona MySQL Sorts GT [new]
[success] Percona MySQL Temporary Objects GT [new]
[success] Percona MySQL Network Traffic GT [new]
[success] Percona InnoDB Buffer Pool Activity GT [new]
[success] Percona InnoDB I/O Pending GT [new]
[success] Percona InnoDB Log GT [new]
[success] Percona MySQL Binary/Relay Logs GT [new]
[success] Percona InnoDB Transactions GT [new]
[success] Percona InnoDB Transactions Active/Locked GT [new]
[success] Percona MySQL Files and Tables GT [new]
[success] Percona MySQL Threads GT [new]
[success] Percona InnoDB Memory Allocation GT [new]
[success] Percona InnoDB Adaptive Hash Index GT [new]
[success] Percona InnoDB Internal Hash Memory Usage GT [new]
[success] Percona InnoDB Tables In Use GT [new]
[success] Percona InnoDB Current Lock Waits GT [new]
[success] Percona InnoDB Lock Structures GT [new]
[success] Percona InnoDB Checkpoint Age GT [new]
[success] Percona InnoDB Row Lock Time GT [new]
[success] Percona InnoDB Row Lock Waits GT [new]
[success] Percona InnoDB Semaphore Waits GT [new]
[success] Percona InnoDB Semaphore Wait Time GT [new]
[success] Percona MySQL Processlist GT [new]
[success] Percona MySQL Transaction Handler GT [new]
[success] Percona MySQL Handlers GT [new]
[success] Percona MySQL Query Time Histogram (Count) GT [new]
[success] Percona MySQL Query Response Time (Microseconds) GT [new]
[success] Percona InnoDB Buffer Pool Efficiency GT [new]
Device Template
[success] Percona MySQL Server HT [new]
[root@centos74 ~]#

 

ss_get_mysql_stats.php 스크립트 테스트

[root@centos74 ~]# php -q /usr/share/cacti/scripts/ss_get_mysql_stats.php --host localhost --items mm,mw,mx,my
mm:48885 mw:0 mx:0 my:0
[root@centos74 ~]#

 

Cacti 설정

http://ip-addr/cacti 로 접속 합니다.

Templates -> Device 매뉴에 보면  추가된 Percona MySQL Server HT 항목을 확인할수 있습니다.

 

Data Source 수정

Templates -> Data Source 로 이동하여 Percona Template 를 검색합니다.

 

Custom Data 항목을 수정합니다.

mariadb cacti 계정정보  를 입력 합니다.

Hostname: localhost
Password: password
Port: 3306
Serviceid: 공란
Username: cacti

 

 

Management -> Devices 로 이동하여 새로운 Device 를 추가합니다.

화면 상단에 있는 Add 버튼을 클릭하여 새로운 Device 를 생성 할수 있습니다.

 

신규 Device 생성 Ex)

General Device Options

Description : Service 명 또는 Device name 입력

Hostname : hostname 또는 ip 주소 입력

Device Template : Percona MySQL Server HT 입력

하단에 있는 Create 버튼을 클릭하여 신규 Device 설정을 마무리 합니다.

 

mariadb 그래프 생성

화면 상단에 있는 Create Graphs for this Device 를 클릭합니다.

모니터링 항목을 선택 합니다.

ex)

Percona InnoDB Buffer Pool GT
Percona InnoDB I/O GT
Percona InnoDB Transactions GT
Percona MySQL Connections GT
Percona MySQL Handlers GT
Percona MySQL Query Cache GT

Create 버튼을 클릭하여 그래프를 생성 합니다.

 

Graphs -> List View 로  이동하여 생성한 그래프를 추가 합니다.

View 버튼을 눌러 설정을 마무리 합니다.

Device 항목에서 : mariadb Device 를 선택한후 10분 정도후 부터 생성된 그래프를 볼수 있습니다.

 

5 ~ 15분이 지나면 아래와 같은 그래프를 확인 할수 있습니다.

DB 모니터링의 경우 System 모니터링보다 시간이 걸립니다.

수고 하셨습니다. 🙂

 

 

 

 

 

 

 

 

 

Centos7 cacti install

 

cacti-spine 설치시 mariadb 10.2 Version 에서 컴파일 오류가 발생 합니다. 

다른방법을 찾지 못하여 mariadb 10.2 를 삭제 하고 mariadb 10.1 로 테스트후 설치를 진행 하였습니다.

cacti-spine 을 사용하시지 않는다면 아래 내용은 skip 하셔도 무방합니다.

[root@centos74 mariadb]# yum remove mariadb
MariaDB-client
MariaDB-server


[root@centos74 ~]# cat /etc/yum.repos.d/mariadb.repo
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.1/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
[root@centos74 ~]# yum clean all && yum list

[root@centos74 ~]# yum install -y mariadb-server

참고 내용: https://forums.cacti.net/viewtopic.php?f=2&t=57563&start=15

 

패키지 설치

[root@centos74 ~]# yum install -y httpd httpd-devel mariadb-server php-mysql php-pear php-common php-gd \
php-devel php php-mbstring php-cli php-snmp net-snmp-utils net-snmp-libs rrdtool cacti

 

Service Start & enable 

[root@centos74 ~]# systemctl start httpd
[root@centos74 ~]# systemctl start mariadb
[root@centos74 ~]# systemctl start snmpd
[root@centos74 ~]# systemctl enable httpd
[root@centos74 ~]# systemctl enable mariadb
[root@centos74 ~]# systemctl enable snmpd

 

db 생성

[root@centos74 ~]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 8
Server version: 10.2.11-MariaDB MariaDB Server

Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> create database cacti;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT ALL ON cacti.* TO cacti@localhost IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> FLUSH privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> quit;
Bye
[root@centos74 ~]#

 

cacti db 작업

[root@centos74 ~]# rpm -ql cacti | grep cacti.sql
/usr/share/doc/cacti-1.1.28/cacti.sql
[root@centos74 ~]#

[root@centos74 ~]# mysql -u root -p cacti < /usr/share/doc/cacti-1.1.28/cacti.sql
Enter password:
[root@centos74 ~]#



[root@centos74 ~]# vi /etc/cacti/db.php
$database_type     = 'mysql';
$database_default  = 'cacti';
$database_hostname = 'localhost';
$database_username = 'cacti';
$database_password = 'password';
$database_port     = '3306';

 

apache 설정 및 crond 설정

Apache 설정
[root@centos74 ~]# vi /etc/httpd/conf.d/cacti.conf

Require all granted
Allow from 192.168.0.0/24

[root@centos74 ~]# systemctl restart httpd

crond 설정  # 주석을 제거 합니다.
[root@centos74 ~]# cat /etc/cron.d/cacti
*/5 * * * *    cacti   /usr/bin/php /usr/share/cacti/poller.php > /dev/null 2>&1
[root@centos74 ~]#

 

 

cacti 설정을 진행 합니다. http://serverip/cacti 로 접속 하시면 됩니다.

 

MySQL TimeZone Support

ERROR: Your Cacti database login account does not have access to the MySQL TimeZone database. Please provide the Cacti database account “select” access to the “time_zone_name” table in the “mysql” database, and populate MySQL’s TimeZone information before proceeding.

PHP Timezone Support

ERROR: Your Web Servers PHP Timezone settings have not been set. Please edit php.ini and uncomment the ‘date.timezone’ setting and set it to the Web Servers Timezone per the PHP installation instructions prior to installing Cacti.

 

MySQL TimeZone Support  Error message 

[root@centos74 my.cnf.d]# mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql
Enter password:
Warning: Unable to load '/usr/share/zoneinfo/leapseconds' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/tzdata.zi' as time zone. Skipping it.

[root@centos74 ~]# vi /etc/my.cnf

[mysqld]
default_time_zone=Asia/Seoul


[root@centos74 ~]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.2.11-MariaDB MariaDB Server

Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> GRANT SELECT ON mysql.time_zone_name TO cacti@localhost IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> quit;
Bye
[root@centos74 my.cnf.d]# systemctl restart mariadb

 

 

PHP Timezone Support Error message 

[root@centos74 ~]# vi /etc/php.ini

date.timezone =Asia/Seoul
[root@centos74 ~]# systemctl restart httpd

 

Optional Modules gmp support

[root@centos74 ~]# yum install -y php-gmp
[root@centos74 ~]# systemctl restart httpd

 

 Cacti Recommended MySQL

 

Cacti Recommended 적용

[root@centos74 ~]# cd /etc/my.cnf.d/
[root@centos74 my.cnf.d]# vi server.cnf
[mysqld]
character-set-server=utf8mb4
collation-server = utf8mb4_unicode_ci
max_heap_table_size = 185M
tmp_table_size = 64M
join_buffer_size= 64M
innodb_buffer_pool_size = 925M
innodb_doublewrite = OFF
innodb_flush_log_at_timeout = 3
innodb_read_io_threads = 32
innodb_write_io_threads = 16
max_heap_table_size = 200M
max_allowed_packet = 16777216
innodb_buffer_pool_size = 930M
innodb_additional_mem_pool_size = 85M

[root@centos74 my.cnf.d]# vi mysql-clients.cnf
[mysql]
default-character-set = utf8mb4

[root@centos74 my.cnf.d]# systemctl restart mariadb

 

확인

 

Next 를 눌러 다음을 설정 합니다.

 

Next 를 눌러 다음을 설정 합니다.

cacti-spine 의 경우 Compile 설치를 진행 해야 합니다.

https://www.cacti.net/downloads/spine/ 에서 최신버젼을 확인할수 있습니다.

[root@centos74 ~]# yum install -y gcc mysql-devel net-snmp-devel autoconf automake libtool dos2unix help2man
[root@centos74 ~]# wget https://www.cacti.net/downloads/spine/cacti-spine-1.1.28.tar.gz
[root@centos74 ~]# tar xvf cacti-spine-1.1.28.tar.gz
[root@centos74 ~]# cd cacti-spine-1.1.28/
[root@centos74 cacti-spine-1.1.28]# ./bootstrap
[root@centos74 cacti-spine-1.1.28]# ./configure
[root@centos74 cacti-spine-1.1.28]# make && make install

 

cacti-spine 설정

[root@centos74 ~]# cp /usr/local/spine/etc/spine.conf.dist /usr/local/spine/etc/spine.conf
[root@centos74 ~]# vi /usr/local/spine/etc/spine.conf
DB_Host                 localhost
DB_Database             cacti
DB_User                 cacti
DB_Pass                 password
DB_Port                 3306
[root@centos74 log]# /usr/local/spine/bin/spine
2017-12-22 18:30:34 - SPINE: Poller[1] FATAL: Unable to read configuration file! (Spine init)

[root@centos74 ~]# cp /usr/local/spine/etc/spine.conf /etc/

[root@centos74 ~]# /usr/local/spine/bin/spine
SPINE: Using spine config file [/etc/spine.conf]
SPINE: Version 1.1.28 starting
SPINE: Time: 4.0303 s, Threads: 16, Devices: 1
[root@centos74 ~]#

 

spine 경로를 아래와 같이 바꿔 줍니다.

/usr/local/spine/bin/spine

Next 를 눌러 다음을 설정 합니다.

Next 를 눌러 다음을 설정 합니다.

Finish  를 눌러 설정을 마무리 합니다.

 

admin:admin 으로 로그인 하여 admin  패스워드를 설정 합니다.

 

admin 계정이 사용할 패스워드를 설정 합니다.

패스워드 설정시 대문자 소문자 특수문자로 패스워드를 설정합니다.

 

 

 

Cacti 설정 화면

 

 

Management -> Graphs 로 이동하여 그래프를 삭제 합니다.

 

 

Management -> Devices 에서 기본 Device 를 삭제 합니다.

 

우측상단 + 를 눌러 새로운 Device 를 추가합니다.

 

Description : 장비명이나 서비스명을 입력하시면 됩니다.

Hostname: ip 나 hostname 정보를 입력하시면 됩니다.

Device Template : Net-SNMP Device

SNMP Version : Version 2

 

snmpd 설정

[root@centos74 ~]# vi /etc/snmp/snmpd.conf
#       sec.name  source          community
com2sec public  default       public


#       groupName      securityModel securityName
group   public v1           public
group   public v2c          public

# Make at least  snmpwalk -v 1 localhost -c public system fast again.
#       name           incl/excl     subtree         mask(optional)
#view    systemview    included   .1.3.6.1.2.1.1
#view    systemview    included   .1.3.6.1.2.1.25.1.1
view     all           included    .1


#       group          context sec.model sec.level prefix read   write  notif
#access  notConfigGroup ""      any       noauth    exact  systemview none none
access  public ""      any       noauth    exact  all none none

[root@centos74 ~]# systemctl restart snmpd

확인
[root@centos74 ~]# snmpwalk -v2c -c public 192.168.0.10

 

 

아래와 같이 SNMP Information 이 정상적으로 출력이 되면 됩니다.

SNMP error 발생시 snmpd.conf 설정내역을 한번더 확인하시기 바랍니다.

Create Graphs for this Device 를 클릭하여 그래프를 생성합니다.

 

그래프를 만들 항목을 선택 한후 Create 를 클릭합니다.

 

Graphs -> List View 로 이동후 그래프 항목을 선택후 View 버튼을 클릭합니다.

 

그래프생성시까지 약 5~10분정도의 시간이 걸립니다.

 

cacti log 확인 

 

약10분이 정도 지나면 아래와 같은 그래프를 볼수 있습니다.

 

추가설정

Configuration -> Settings -> Paths에서 Spine config File Path 을 설정합니다.

/usr/local/spine/etc/spine.conf

 

Configuration -> Settings -> Poller 에서 Poller Type 을 변경합니다.

Poller Type : spine 으로 변경

Poller interval : Every Minute 으로 변경

 

Spine Specific Execution Parameters 변경

Maximum Threads per Process 1 -> 16

Number of PHP Script Servers 1 -> 8

 

Save 를 클릭하여 저장을 합니다.

수고 하셨습니다. 🙂

 

 

Centos7 apm install

detail 설정의 경우 별도로 정리할 예정입니다.

 

 

mariadb 10.2 설치

mariadb repo 확인

https://downloads.mariadb.org/mariadb/repositories/#mirror=kaist&distro=CentOS&distro_release=centos7-amd64–centos7&version=10.2

[root@centos74 ~]# vi /etc/yum.repos.d/mariadb.repo
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.2/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
[root@centos74 ~]# yum clean all && yum list

 

mariadb 10.2 설치 

[root@centos74 ~]# yum install -y mariadb mariadb-server

 

mariadb 10.2 start & enable 

[root@centos74 ~]# systemctl start mariadb.service
[root@centos74 ~]# systemctl enable mariadb.service

 

mariadb secure_installation 실행 (root 패스워드를 설정합니다.)

[root@centos74 ~]# /usr/bin/mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!
[root@centos74 ~]#

 

mariadb status 확인

[root@centos74 ~]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 16
Server version: 10.2.11-MariaDB MariaDB Server

Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> status;
--------------
mysql  Ver 15.1 Distrib 10.2.11-MariaDB, for Linux (x86_64) using readline 5.1

Connection id:          16
Current database:
Current user:           root@localhost
SSL:                    Not in use
Current pager:          stdout
Using outfile:          ''
Using delimiter:        ;
Server:                 MariaDB
Server version:         10.2.11-MariaDB MariaDB Server
Protocol version:       10
Connection:             Localhost via UNIX socket
Server characterset:    latin1
Db     characterset:    latin1
Client characterset:    utf8
Conn.  characterset:    utf8
UNIX socket:            /var/lib/mysql/mysql.sock
Uptime:                 1 min 54 sec

Threads: 7  Questions: 27  Slow queries: 0  Opens: 18  Flush tables: 1  Open tables: 12  Queries per second avg: 0.236
--------------

MariaDB [(none)]>

 

 

apache설치 

[root@centos74 ~]# yum install httpd

 

apache start & enable 

[root@centos74 ~]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@centos74 ~]# systemctl start httpd

 

php 7.1 설치

[root@centos74 ~]# yum install -y epel-release
[root@centos74 ~]# rpm -Uvh http://rpms.remirepo.net/enterprise/remi-release-7.rpm
[root@centos74 ~]# yum clean all && yum list
[root@centos74 ~]# yum update -y
[root@centos74 ~]# init 6
[root@centos74 ~]# yum-config-manager --enable remi-php71
[root@centos74 ~]# yum -y install php php-opcache
[root@centos74 ~]# yum -y install php-mysql
[root@centos74 ~]# yum -y install php-gd php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-soap curl curl-devel

 

phpinfo 확인

[root@centos74 ~]# vi /var/www/html/info.php
<?php phpinfo(); ?>

 

apache 재시작

[root@centos74 ~]# systemctl restart httpd

 

 

 

apache MPM 설정

참고 페이지:https://httpd.apache.org/docs/2.4/ko/mod/prefork.htmlhttps://httpd.apache.org/docs/2.4/ko/mod/worker.html

perfork 와 worker 차이점:

 

확인

[root@centos74 ~]# httpd -V |grep "^Server MPM"
Server MPM:     prefork

확인 Default 는 perfork 입니다.

 

worker 로 변경

[root@centos74 ~]# vi /etc/httpd/conf.modules.d/00-mpm.conf
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so

LoadModule mpm_worker_module modules/mod_mpm_worker.so

[root@centos74 ~]# vi /etc/httpd/conf.modules.d/10-worker.conf
<IfModule mpm_worker_module>
    ServerLimit             250
    StartServers             10
    MinSpareThreads          75
    MaxSpareThreads         250
    ThreadLimit              64
    ThreadsPerChild          32
    MaxClients             8000
    MaxRequestsPerChild   10000
</IfModule>

[root@centos74 ~]# systemctl restart httpd
[root@centos74 ~]# httpd -V |grep "^Server MPM"
Server MPM:     worker

 

apache httpd.conf 설정 

[root@centos74 ~]# vi /etc/httpd/conf/httpd.conf
ServerRoot "/etc/httpd"   / apache root 디렉토리

Listen 80                 / apache Port 

Include conf.modules.d/*.conf  /  apache module 디렉토리

User apache                    / apache 실행유저
Group apache                   / apache 실행구룹


ServerAdmin root@localhost     / Server 관리자 e-mail

ServerName www.test.com:80  / Apache Server Domain:port

<IfModule dir_module>
    DirectoryIndex index.html  /Directory index 설정 
</IfModule>

bind 설치시 만든 test.com domain 사용

 

userdir 설정

Default userdir.conf

<IfModule mod_userdir.c>
    #
    # UserDir is disabled by default since it can confirm the presence
    # of a username on the system (depending on home directory
    # permissions).
    #
    UserDir disabled

    #
    # To enable requests to /~user/ to serve the user's public_html
    # directory, remove the "UserDir disabled" line above, and uncomment
    # the following line instead:
    #
    #UserDir public_html
</IfModule>

#
# Control access to UserDir directories.  The following is an example
# for a site where these directories are restricted to read-only.
#
<Directory "/home/*/public_html">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    Require method GET POST OPTIONS
</Directory>

 

userdir 사용시

    #UserDir disabled
    UserDir public_html

<Directory "/home/*/public_html">
        Options Indexes Includes FollowSymLinks
        Require all granted
</Directory>

참고페이지: http://blog.camilord.com/2014/12/10/centos-7-enable-apache-userdir/

 

VirtualHost 설정

[root@centos74 ~]# cd /etc/httpd/conf.d/
[root@centos74 conf.d]# vi vhost.conf
#NameVirtualHost *:80
<VirtualHost *:80>
       ServerAdmin admin@test.com
       DocumentRoot /var/www/html/test.com/public_html
       ServerName test1.com
       ServerAlias www.test1.com
       ErrorLog logs/test1.com-error_log
       CustomLog logs/test1.com-access_log common
</VirtualHost>
<VirtualHost *:80>
       ServerAdmin admin@test.com
       DocumentRoot /var/www/html
       ServerName test.com
       ServerAlias www.test.com
       ErrorLog logs/test.com-error_log
       CustomLog logs/test.com-access_log common
</VirtualHost>

참고페이지: https://linode.com/docs/web-servers/apache/install-and-configure-apache-on-centos-7/

 

 apache 재시작및 phpinfo 확인

[root@centos74 ~]# systemctl restart httpd
[root@centos74 ~]# mkdir -p /var/www/html/test.com/public_html/
[root@centos74 ~]# vi /var/www/html/test.com/public_html/index.php
<?php phpinfo(); ?>

 

웹페이지확인

 

 

 

 

 

 

 

참고 페이지 : https://www.freebsd.org/doc/handbook/network-dns.html

 

unbound 라는게 있지만 local 에서만 사용이 가능함.

DNS Server Configuration in FreeBSD 10.0 and Later
In FreeBSD 10.0, BIND has been replaced with Unbound. Unbound is a validating caching resolver only. If an authoritative server is needed, many are available from the Ports Collection.

Unbound is provided in the FreeBSD base system. By default, it will provide DNS resolution to the local machine only. While the base system package can be configured to provide resolution services beyond the local machine, it is recommended that such requirements be addressed by installing Unbound from the FreeBSD Ports Collection.

To enable Unbound, add the following to /etc/rc.conf:

local_unbound_enable="YES"

 

 

bind99 install

root@bsd10:~ # whereis bind99
bind99: /usr/ports/dns/bind99
root@bsd10:~ # cd /usr/ports/dns/bind99
root@bsd10:/usr/ports/dns/bind99 # make install clean
root@bsd10:/usr/ports/dns/bind99 # vi /etc/rc.conf

named_enable="YES"
root@bsd10:/usr/ports/dns/bind99 # init 6

 

named Deamon 실행 확인

root@bsd10:~ # sockstat -4 |grep -i named
bind     named      464   20 tcp4   127.0.0.1:53          *:*
bind     named      464   21 tcp4   127.0.0.1:953         *:*
bind     named      464   512 udp4  127.0.0.1:53          *:*
root@bsd10:~ #

 

namedb 디렉토리

/usr/local/etc/namedb
root@bsd10:~ # cd /usr/local/etc/namedb/
root@bsd10:/usr/local/etc/namedb # vi named.conf
//      listen-on       { 127.0.0.1; };
        listen-on       { 127.0.0.1; };

최하단에 추가
include "/usr/local/etc/namedb/named.conf.local";

 

named.conf.local 파일 생성 및 zone 파일생성

root@bsd10:/usr/local/etc/namedb # vi named.conf.local
zone "test.com" {
type master;
file "/usr/local/etc/namedb/working/test.com";
};
root@bsd10:/usr/local/etc/namedb # cd working/
root@bsd10:/usr/local/etc/namedb/working # vi test.com
$TTL 3600        ; 1 hour default TTL
@               IN      SOA      ns.test.com. mail.test.com. (
                                2006051501      ; Serial
                                10800           ; Refresh
                                3600            ; Retry
                                604800          ; Expire
                                300             ; Negative Response TTL
                        )
; DNS Servers
                IN      NS      ns.test.com.
                IN      MX 10   mail.test.com.
                IN      A       192.168.192.200

; Machine Names
ns              IN      A       192.168.192.200
mail            IN      A       192.168.192.200


; Aliases
www             IN      CNAME   test.com.

 

resolv.conf 변경 및 Ping Test 

root@bsd10:~ # vi /etc/resolv.conf
nameserver 192.168.192.200
root@bsd10:~ # service named restart
Stopping named.
Waiting for PIDS: 2540.
Starting named.
root@bsd10:~ #
root@bsd10:~ # ping test.com
PING test.com (192.168.192.200): 56 data bytes
64 bytes from 192.168.192.200: icmp_seq=0 ttl=64 time=0.023 ms
64 bytes from 192.168.192.200: icmp_seq=1 ttl=64 time=0.036 ms
^C
--- test.com ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.023/0.029/0.036/0.006 ms
root@bsd10:~ #

 

타 System 에서 resolv.conf 파일 변경후 Dig 테스트를 진행합니다.

[root@centos74 named]# dig www.test.com

; <<>> DiG 9.9.4-RedHat-9.9.4-51.el7_4.1 <<>> www.test.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55568
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.test.com.                  IN      A

;; ANSWER SECTION:
www.test.com.           3600    IN      CNAME   test.com.
test.com.               3600    IN      A       192.168.192.200

;; AUTHORITY SECTION:
test.com.               3600    IN      NS      ns.test.com.

;; ADDITIONAL SECTION:
ns.test.com.            3600    IN      A       192.168.192.200

;; Query time: 0 msec
;; SERVER: 192.168.192.200#53(192.168.192.200)
;; WHEN: Fri Dec 22 01:15:34 KST 2017
;; MSG SIZE  rcvd: 104

[root@centos74 named]#

 

 

DNS Server 

BIND Open Source DNS Server

CentOS7 으로 Test  를 진행 하였습니다.

 

 

bind 설치 

[root@centos74 ~]# yum install bind-*

 

bind 설정

[root@centos74 ~]# vi /etc/named.conf
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };

recursion yes;

 

도메인 추가

[root@centos74 ~]# vi /etc/named.rfc1912.zones

zone "test.com" In {
        type master;
        file "test.com";
        allow-update { none; };
};

zone "192.168.192.in-addr.arpa" IN {
        type master;
        file "test.com.rev";
        allow-update { none; };
};

zone "a.com" In {
        type master;
        file "a.com";
        allow-update { none; };
};

#zone "192.168.191.in-addr.arpa" IN {
#       type master;
#       file "a.com.rev";
#       allow-update { none; };
#};

zone "b.com" In {
        type master;
        file "b.com";
        allow-update { none; };
};

 

zone 파일 생성

[root@centos74 ~]# cd /var/named/
[root@centos74 named]# cp named.empty test.com
[root@centos74 named]# cp named.empty a.com
[root@centos74 named]# cp named.empty b.com
[root@centos74 named]# vi test.com
$TTL 3H
@       IN SOA  @ ns.test.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        IN      NS      ns.test.com.
        IN      A       192.168.192.100
ns      IN      A       192.168.192.100
www     IN      A       192.168.192.100

[root@centos74 named]# vi a.com
$TTL 3H
@       IN SOA  @ ns.a.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        IN      NS      ns.a.com.
        IN      A       192.168.192.100
ns      IN      A       192.168.192.100
www     IN      A       192.168.192.100

[root@centos74 named]# vi b.com
$TTL 3H
@       IN SOA  @ ns.b.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        IN      NS      ns.b.com.
        IN      A       192.168.192.100
ns      IN      A       192.168.192.100
www     IN      A       192.168.192.100

 

역방향 설정

[root@centos74 named]# vi test.com.rev
$TTL 1D
@       IN SOA  @ ns.test.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        IN      NS      ns.test.com.
10      IN      PTR     ns.test.com.

 

권한변경

[root@centos74 named]# chown root:named a.com
[root@centos74 named]# chown root:named b.com
[root@centos74 named]# chown root:named test.com
[root@centos74 named]# chown root:named test.com.rev

 

 

named enable & start

[root@centos74 named]# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@centos74 named]# systemctl start named
[root@centos74 named]# systemctl status named
● named.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2017-12-20 10:18:27 KST; 4s ago
  Process: 10934 ExecStop=/bin/sh -c /usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID (code=exited, status=0/SUCCESS)
  Process: 10949 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
  Process: 10946 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
 Main PID: 10951 (named)
   CGroup: /system.slice/named.service
           └─10951 /usr/sbin/named -u named -c /etc/named.conf

Dec 20 10:18:27 centos74 named[10951]: zone test.com/IN: loaded serial 0
Dec 20 10:18:27 centos74 named[10951]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Dec 20 10:18:27 centos74 named[10951]: zone 192.168.192.in-addr.arpa/IN: loaded serial 0
Dec 20 10:18:27 centos74 named[10951]: zone b.com/IN: loaded serial 0
Dec 20 10:18:27 centos74 named[10951]: all zones loaded
Dec 20 10:18:27 centos74 named[10951]: running
Dec 20 10:18:27 centos74 named[10951]: zone test.com/IN: sending notifies (serial 0)
Dec 20 10:18:27 centos74 named[10951]: zone b.com/IN: sending notifies (serial 0)
Dec 20 10:18:27 centos74 named[10951]: zone 192.168.192.in-addr.arpa/IN: sending notifies (serial 0)
Dec 20 10:18:27 centos74 named[10951]: zone a.com/IN: sending notifies (serial 0)
[root@centos74 named]#

 

Ping Test

[root@centos74 named]# vi /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
search localdomain
nameserver 192.168.192.100

 

 

bind-chroot — 차후 Test

 

 

 

Centos7 Apache Source 설치

 

참고페이지:http://publib.boulder.ibm.com/httpserv/manual60/install.html

https://mbrownnyc.wordpress.com/technology-solutions/create-a-secure-linux-web-server/install-and-configure-apache-from-source/

 

 

설치된 Apache 패키지를 제거 합니다.

[root@centos74 ~]# yum remove -y httpd httpd-*

 

Source 설치에 필요한 패키지를 설치 합니다.

[root@centos74 ~]# yum install -y make gcc g++ gcc-c++ autoconf automake libtool pkgconfig findutils oepnssl openssl-devel openldap-devel pcre-devel libxml2-devel lua-devel curl curl-devel libcurl-devel expat-devel flex

 

패키지 다운로드 (http://mirror.apache-kr.org/httpd/ , http://mirror.apache-kr.org/apr/ )

[root@centos74 ~]# wget http://mirror.apache-kr.org/httpd/httpd-2.2.34.tar.gz
[root@centos74 ~]# wget http://mirror.apache-kr.org/apr/apr-1.6.3.tar.gz
[root@centos74 ~]# wget http://mirror.apache-kr.org/apr/apr-util-1.6.1.tar.gz
[root@centos74 ~]# wget http://downloads.sourceforge.net/project/pcre/pcre/8.41/pcre-8.41.tar.gz

 

설치

apr-1.6.3 설치
[root@centos74 ~]# tar xvf apr-1.6.3.tar.gz
[root@centos74 ~]# cd apr-1.6.3/
[root@centos74 apr-1.6.3]# ./configure --prefix=/usr/local/apr
[root@centos74 apr-1.6.3]# make && make install

apr-util-1.6.1 설치
[root@centos74 ~]# tar xvf apr-util-1.6.1.tar.gz
[root@centos74 ~]# cd apr-util-1.6.1/
[root@centos74 apr-util-1.6.1]# ./configure --with-apr=/usr/local/apr/
[root@centos74 apr-util-1.6.1]# make && make install

pcre-8.41 설치
[root@centos74 ~]# tar xvf pcre-8.41.tar.gz
[root@centos74 ~]# cd pcre-8.41/
[root@centos74 pcre-8.41]# ./configure --prefix=/usr/local/pcre
[root@centos74 pcre-8.41]# make && make install

httpd-2.2.34 설치
[root@centos74 ~]# tar xvf httpd-2.2.34.tar.gz
[root@centos74 ~]# cd httpd-2.2.34/
[root@centos74 httpd-2.2.34]# ./configure --enable-module=so --enable-mods-shared=most --enable-maintainer-mode --enable-deflate --enable-headers --enable-rewrite --enable-ssl --enable-proxy --enable-proxy-http --enable-proxy-ajp --enable-proxy-balance --with-included-apr --with-pcre=/usr/local/pcre --prefix=/usr/local/apache2
[root@centos74 httpd-2.2.34]# make && make install

 

httpd.conf 수정

[root@centos74 ~]# vi /usr/local/apache2/conf/httpd.conf
ServerName www.example.com:80
[root@centos74 ~]# /usr/local/apache2/bin/apachectl restart

 

systemctl 등록

[root@centos74 ~]# vi /etc/systemd/system/apache.service
[Unit]
Description=The Apache HTTP Server

[Service]
Type=forking
#EnvironmentFile=/usr/local/apache2/bin/envvars
PIDFile=/usr/local/apache2/logs/httpd.pid
ExecStart=/usr/local/apache2/bin/apachectl start
ExecReload=/usr/local/apache2/bin/apachectl graceful
ExecStop=/usr/local/apache2/bin/apachectl stop
KillSignal=SIGCONT
PrivateTmp=true


[Install]
WantedBy=multi-user.target

[root@centos74 ~]# systemctl daemon-reload
[root@centos74 ~]# systemctl enable apache

 

apache 실행 및 실행 확인

[root@centos74 bin]# systemctl start apache
[root@centos74 bin]# systemctl status apache
● apache.service - The Apache HTTP Server
   Loaded: loaded (/etc/systemd/system/apache.service; enabled; vendor preset: disabled)
   Active: active (running) since Sat 2017-12-16 00:00:26 KST; 21s ago
  Process: 2534 ExecStop=/usr/local/apache2/bin/apachectl stop (code=exited, status=0/SUCCESS)
  Process: 2541 ExecStart=/usr/local/apache2/bin/apachectl start (code=exited, status=0/SUCCESS)
 Main PID: 2544 (httpd)
   CGroup: /system.slice/apache.service
           ├─2544 /usr/local/apache2/bin/httpd -k start
           ├─2545 /usr/local/apache2/bin/httpd -k start
           ├─2546 /usr/local/apache2/bin/httpd -k start
           ├─2547 /usr/local/apache2/bin/httpd -k start
           ├─2548 /usr/local/apache2/bin/httpd -k start
           └─2549 /usr/local/apache2/bin/httpd -k start

Dec 16 00:00:26 centos74 systemd[1]: Starting The Apache HTTP Server...
Dec 16 00:00:26 centos74 systemd[1]: PID file /usr/local/apache2/logs/httpd.pid not readable (yet?) after start.
Dec 16 00:00:26 centos74 systemd[1]: Started The Apache HTTP Server.
[root@centos74 bin]#