1.软件安装 1.1 更新系统

yum -y install wget vim-enhanced
mkdir /etc/yum.repos.d/backup
mv /etc/yum.repos.d/{*.repo,backup}
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.163.com/.help/CentOS7-Base-163.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
rm -rf /var/cache/yum
rm -rf /var/cache/man
yum makecache
yum update

1.2 安装 Cacti 部署环境所需软件包 1.2.1 添加 MariaDB YUM 仓库,执行以下脚本

echo '# MariaDB 10.2 CentOS repository list - created 2017-07-03 06:59 UTC 
#http://downloads.mariadb.org/mariadb/repositories/ 
[mariadb]
name = MariaDB
baseurl = https://ipv4.mirrors.ustc.edu.cn/mariadb/yum/10.2/centos7-amd64
gpgkey=https://ipv4.mirrors.ustc.edu.cn/mariadb/yum/RPM-GPG-KEY-MariaDB
gpgcheck=1
'>/etc/yum.repos.d/Mariadb.repo

1.2.2 安装软件环境

yum install -y httpd mariadb mariadb-server mariadb-devel net-snmp net-snmp-utils net-snmp-libs net-snmp-agent-libs net-snmp-devel php php-snmp php-ldap php-pdo php-mysql php-devel php-pear php-common php-gd php-mbstring php-xml php-process rrdtool rrdtool-php rrdtool-perl rrdtool-devel gcc openssl-devel dos2unix autoconf automake binutils libtool cpp postfix glibc-headers kernel-headers glibc-devel gd gd-devel help2man ntpdate wget patch

2.环境配置 2.1 配置 PHP 修改 PHP 主配置文件 /etc/php.ini 关闭安全模式,以支持 rrdtool,允许 exec() 访问

[PHP]
safe_mode = Off

设置时区

[Date]
date.timezone = Asia/Shanghai

2.2 配置 Web 服务器 Apache httpd 编辑 /etc/httpd/conf.d/php.conf 配置文件,确保文件含有

# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
LoadModule php5_module modules/libphp5.so
#
# Cause the PHP interpreter to handle files with a .php extension.
AddHandler php5-script .php

2.3 配置数据库 MariaDB 为安全起见,设置数据库 root 用户密码

systemctl start mariadb
mysqladmin -uroot password xxx123

导入时区数据到 mysql 数据库

mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -uroot mysql -p

修改 /etc/my.cnf.d/server.cnf 文件,确保文件含有

[mysqld]
character_set_server = utf8mb4
collation_server = utf8mb4_unicode_ci
character_set_client = utf8mb4
max_connections = 100
max_heap_table_size = 4096M
max_allowed_packet = 16777216
join_buffer_size = 64M
tmp_table_size = 64M
innodb_file_per_table = ON
innodb_buffer_pool_size = 25600M
innodb_doublewrite = OFF
innodb_lock_wait_timeout = 50
innodb_flush_log_at_timeout = 3
innodb_read_io_threads = 32
innodb_write_io_threads = 16

2.4 配置 SNMP 配置 net-snmp-agent, 修改配置文件 /etc/snmp/snmpd.conf 将41行 com2sec notConfigUser default public 改为 com2sec notConfigUser 127.0.0.1 public 将62行 access notConfigGroup "" any noauth exact systemview none none 改为 access notConfigGroup "" any noauth exact all none none 将85行 #view all included .1 80 改为 view all included .1 80 3.安装配置 Cacti 3.1 下载解压 Cacti 安装包

useradd -r -M cacti
cd /var/www/html/
wget https://github.com/Cacti/cacti/archive/release/1.1.38.tar.gz
tar -zxvf 1.1.38.tar.gz
cp -R cacti-release-1.1.38/ /var/www/html/cacti
cd /var/www/html/cacti

3.2 创建 cacti 数据库,创建 cactiuser 用户,设置相关授权

mysql -u root -p
CREATE database cacti default character set utf8;
create user 'cacti'@'localhost' identified by 'xxx3';
grant all privileges on cacti.* to cacti@localhost;
grant select on mysql.time_zone_name to 'cacti'@'localhost' identified by 'xxx3';
flush privileges;

3.3 导入 Cacti 默认数据库

use cacti;
source /var/www/html/cacti/cacti.sql;
flush privileges;
quit

3.4 编辑 /var/www/html/cacti/include/config.php

$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cacti";
$database_password = "xxx3"
/* load up old style plugins here */
$plugins = array();
//$plugins[] = 'thold';

3.5 创建 cacti 系统用户,设置 graph/log 目录权限

chown -R apache.apache /var/www/html/
chown -R cacti  /var/www/html/
chown -R apache.apache /var/www/html/cacti/
chown -R cacti /var/www/html/cacti/{rra,log}/
chmod -R 777 /var/www/html/cacti/{rra,log}/

3.6 添加定时任务

crontab -e
*/1 * * * * /usr/bin/php /var/www/html/cacti/poller.php > /dev/null 2>&1

4.配置防火墙 4.1 配置 firewalld 防火墙

firewall-cmd --permanent --add-port=3306/tcp
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-port=161/udp
firewall-cmd  --permanent --add-port=162/udp
firewall-cmd --reload

4.2 关闭selinux

setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config

5.安装 spine 5.1 下载解压与 Cacti 相同版本号 Spine 源码安装包

cd /usr/local/src
wget http://www.cacti.net/downloads/spine/cacti-spine-1.1.38.tar.gz
tar xf cacti-spine-1.1.38.tar.gz

5.2 源码编译安装 spine

ln -s /usr/lib64/libmysqlclient.so.18.0.0 /usr/lib64/libmysqlclient.so
ntpdate ntp.sjtu.edu.cn
cd cacti-spine-1.1.38
./configure && make && make install

5.3 复制修改配置文件

cp /usr/local/spine/etc/spine.conf.dist /etc/spine.conf
vim /etc/spine.conf
DB_Host                 localhost
DB_Database             cacti
DB_User                 cacti
DB_Pass                 xxx3
DB_Port                 3306
RDB_Host                localhost
RDB_Database            cacti
RDB_User                cacti
RDB_Pass                xxx3
RDB_Port                3306

5.4 测试

/usr/local/spine/bin/spine 

将会出现以下结果 SPINE: Using spine config file [/etc/spine.conf] SPINE: Version 1.1.38 starting SPINE: Time: 0.0429 s, Threads: 5, Devices: 0 6.设置重启、开机启动相关服务

systemctl restart httpd
systemctl restart mariadb
systemctl restart crond
systemctl restart snmpd
systemctl enable httpd
systemctl enable mariadb
systemctl enable crond
systemctl enable snmpd

7.登录 Cacti WEB 页面修改 Cacti 配置 Console -> 设置(Cacti Settings) -> Paths -> 在 Spine Binary File Location 文本框内填入配置文件路径 /usr/local/spine/bin/spine ,在 Spine Config File Path 框内填入配置文件路径 /usr/local/spine/etc/spine.conf,点击保存 (Save)。 Console -> 设置(Cacti Settings) -> Poller -> 在 Poller Type 下拉框中选择 spine ,点击保存 (Save)。 8.特别提示 在添加完设备和图形后,需要重建采集器缓存。 Console –> 系统工具 –> Rebuild Poller Cache

附: 比如说cacti平台要求更改默认端口号(例改为10010),且做白名单限制(例只允许IP地址123.123.123.123登录),相关设置如下 1、改端口号 vim /etc/httpd/conf/httpd.conf 在第137行下修改Listen:80为Listen:10010,保存退出。 2、防火墙放行10010端口号 vim /etc/sysconfig/iptables 添加防火墙规则 -A INPUT -m state --state NEW -m tcp -p tcp --dport 10010 -j ACCEPT 重启防火墙服务 service iptables restart 3、做白名单访问限制 vim /etc/httpd/conf/httpd.conf 在第318行下, <Directory "/var/www/html">内添加如下内容并保存退出

Order allow,deny Allow from 123.123.123.123

重启httpd服务 service httpd restart