Apache+PHP+Nagios+Cacti服务器监控部署笔记

获取操作系统Centos源更新

修改更新源

rpm --import  http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5

yum update

yum -y install gcc gcc-c++ bison patch unzip mlocate flex wget automake autoconf gd cpp gettext readline-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel libidn libidn-devel openldap openldap-devel openldap-clients openldap-servers nss_ldap expat-devel libtool libtool-ltdl-devel

如果系统默认安装了apache,请先卸载.执行:

yum remove httpd

下载最新稳定版的程序源码包,以下都是到官方网站或sourceforge下载的源码包.

wget http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-5.1.45.tar.gz/from/http://mysql.he.net/
wget http://www.apache.org/dist/httpd/httpd-2.2.15.tar.gz
wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gz
wget http://sourceforge.net/projects/mcrypt/files/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.bz2/download
wget http://sourceforge.net/projects/mcrypt/files/MCrypt/2.6.8/mcrypt-2.6.8.tar.gz/download
wget http://sourceforge.net/projects/mhash/files/mhash/0.9.9.9/mhash-0.9.9.9.tar.bz2/download
wget http://www.php.net/get/php-5.2.13.tar.gz/from/this/mirror
wget http://php-fpm.org/downloads/php-5.2.13-fpm-0.5.13.diff.gz
wget http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/php5-mail-header.patch
wget http://pecl.php.net/get/memcache-2.2.5.tgz
wget http://bart.eaccelerator.net/source/0.9.6/eaccelerator-0.9.6.tar.bz2
wget ftp://ftp.p_w_picpathmagick.org/pub/ImageMagick/ImageMagick.tar.gz
wget http://pecl.php.net/get/imagick-2.3.0.tgz
wget http://download.suhosin.org/suhosin-0.9.29.tgz
wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.gz
wget http://downloads.zend.com/optimizer/3.3.9/ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz
wget http://monkey.org/~provos/libevent-1.4.13-stable.tar.gz
wget http://memcached.googlecode.com/files/memcached-1.4.4.tar.gz

一.安装Mysql.安装最新稳定版5.1.44版本

tar -zxf mysql-5.1.44.tar.gz

cd mysql-5.1.44

./configure --prefix=/usr/local/mysql --enable-assembler --enable-thread-safe-client --with-extra-charsets=all --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --with-plugins=partition,innodb_plugin,myisam,myisammrg

make && make install

cd ../

groupadd mysql -g 27

useradd mysql -u 27 -g 27 -c "MySQL Server" -d /var/lib/mysql -M

cp /usr/local/mysql/share/mysql/my-medium.cnf /etc/my.cnf

/usr/local/mysql/bin/mysql_install_db --user=mysql

chown -R mysql /usr/local/mysql/var

chgrp -R mysql /usr/local/mysql/.

cp /usr/local/mysql/share/mysql/mysql.server /etc/init.d/mysql

chmod u+x /etc/init.d/mysql

chkconfig --level 345 mysql on

echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf

echo "/usr/local/lib" >>/etc/ld.so.conf

ldconfig

ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql

ln -s /usr/local/mysql/include/mysql /usr/include/mysql

ln -s /usr/local/mysql/bin/mysql_config /usr/bin/mysql_config

service mysql start

/usr/local/mysql/bin/mysqladmin -u root password root

service mysql restart

service mysql stop

二.编译安装apache(httpd).apache的执行用户为httpd.

groupadd httpd

useradd -g httpd -s /sbin/nologin -M httpd

cd /usr/local/src

tar zxvf httpd-2.2.8.tar.gz

cd httpd-2.2.8

./configure --prefix=/usr/local/apache --enable-headers --enable-mime-magic --enable-proxy --enable-rewrite --enable-ssl --enable-suexec --disable-userdir --with-included-apr --with-mpm=prefork --with-ssl=/usr --with-suexec-caller=nobody --with-suexec-docroot=/ --with-suexec-gidmin=100 --with-suexec-logfile=/usr/local/apache/logs/suexec_log --with-suexec-uidmin=100 --with-suexec-userdir=public_html

make

make install

mkdir /usr/local/apache/domlogs

cp /usr/local/apache/bin/apachectl /etc/init.d/httpd

1.编辑/etc/init.d/httpd,在首行#!/bin/sh下添加:

# Startup script for the Apache Web Server
#
# chkconfig: - 85 15
# description: Apache is a World Wide Web server. It is used to serve \
# HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache/logs/httpd.pid
# config: /usr/local/apache/conf/httpd.conf
ulimit -n 1024
ulimit -n 4096
ulimit -n 8192
ulimit -n 16384
ulimit -n 32768
ulimit -n 65535

保存退出.

2.配置apache配置参数文件httpd.conf,位于/usr/local/apache/conf/目录

cd /usr/local/apache/conf/

mv httpd.conf httpd.conf.bak

mkdir vhosts

vi httpd.conf

输入以下内容:

PidFile logs/httpd.pid
LockFile logs/accept.lock
ServerRoot "/usr/local/apache"
Listen 0.0.0.0:80
User httpd
Group httpd
ServerAdmin admin@vivaing.com
ServerName nagios.gviva.com

Timeout 300
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 5
UseCanonicalName Off
AccessFileName .htaccess
TraceEnable Off
ServerTokens ProductOnly
FileETag None
ServerSignature Off
HostnameLookups Off

# LoadModule perl_module modules/mod_perl.so

DocumentRoot "/usr/local/apache/htdocs"

<Directory "/">
 Options ExecCGI FollowSymLinks Includes IncludesNOEXEC -Indexes -MultiViews SymLinksIfOwnerMatch
 Order allow,deny
 Allow from all
 AllowOverride All
</Directory>

<Directory "/usr/local/apache/htdocs">
 Options Includes -Indexes FollowSymLinks
 AllowOverride None
 Order allow,deny
 Allow from all
</Directory>

DefaultType text/plain
RewriteEngine on
AddType text/html .shtml
AddHandler cgi-script .cgi .pl .plx .ppl .perl
AddHandler server-parsed .shtml
<IfModule mime_module>

    TypesConfig conf/mime.types
    AddType application/perl .pl .plx .ppl .perl
    AddType application/x-img .img
    AddType application/x-httpd-php .php .php3 .php4 .php5 .php6
    AddType application/x-httpd-php-source .phps
    AddType application/cgi .cgi
    AddType text/x-sql .sql
    AddType text/x-log .log
    AddType text/x-config .cnf conf
    AddType text/x-registry .reg
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddType text/html .shtml
    AddType application/x-tar .tgz
    AddType application/rar .rar
    AddType application/x-compressed .rar
    AddType application/x-rar .rar
    AddType application/x-rar-compressed .rar
    AddType text/vnd.wap.wml .wml
    AddType p_w_picpath/vnd.wap.wbmp .wbmp
    AddType text/vnd.wap.wmlscript .wmls
    AddType application/vnd.wap.wmlc .wmlc
    AddType application/vnd.wap.wmlscriptc .wmlsc
</IfModule>

<IfModule dir_module>
 DirectoryIndex index.html index.htm index.shtml index.php index.perl index.pl index.cgi
</IfModule>

<Files ~ "^error_log$">
 Order allow,deny
 Deny from all

 Satisfy All
</Files>

<FilesMatch "^\.ht">
 Order allow,deny
 Deny from all
 Satisfy All
</FilesMatch>

ErrorLog "logs/error_log"
LogLevel warn

<IfModule log_config_module>
 LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
 LogFormat "%h %l %u %t \"%r\" %>s %b" common

 <IfModule logio_module>

 LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
 </IfModule>
 CustomLog "logs/access_log" common
</IfModule>

<IfModule alias_module>
 ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
</IfModule>

<Directory "/usr/local/apache/cgi-bin">
 AllowOverride None
 Options None
 Order allow,deny
 Allow from all
</Directory>

<IfModule mpm_prefork_module>
 StartServers          3
 MinSpareServers       3
 MaxSpareServers       5
 MaxClients          150
 MaxRequestsPerChild   1024
</IfModule>

<IfModule mod_headers.c>
<FilesMatch "\.(html|htm|shtml)$">

Header set Cache-Control "max-age=3600, must-revalidate"
</FilesMatch>
</IfModule>

ReadmeName README.html
HeaderName HEADER.html

IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

Include conf/extra/httpd-languages.conf

<Location /server-status>
 SetHandler server-status
 Order deny,allow
 Deny from all
 Allow from 127.0.0.1
</Location>
ExtendedStatus On

<Location /server-info>
 SetHandler server-info
 Order deny,allow
 Deny from all
 Allow from 127.0.0.1

</Location>

<IfModule ssl_module>
Listen 0.0.0.0:443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLCipherSuite ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
SSLPassPhraseDialog  builtin
SSLSessionCache         dbm:/usr/local/apache/logs/ssl_scache
SSLSessionCacheTimeout  300
SSLMutex  file:/usr/local/apache/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

#Vhosts
NameVirtualHost 127.0.0.1:80
NameVirtualHost *

<VirtualHost 127.0.0.1:80 *>
 ServerName host.evlit.com
 DocumentRoot /var/www/html
 ServerAdmin admin@evlit.com
</VirtualHost>

Include conf/vhosts/*上述出现的127.0.0.1请改为你本机公网IP.

配置apache

将下面的内容加入apache配置文件的alias模块<IfModule alias_module>

ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"

<Directory "/usr/local/nagios/sbin">
#  SSLRequireSSL
    Options ExecCGI
    AllowOverride None
    Order allow,deny
    Allow from all
#  Order deny,allow
#  Deny from all
#  Allow from 127.0.0.1
    AuthName "Nagios Access"
    AuthType Basic
    AuthUserFile /usr/local/nagios/etc/htpasswd.users
    Require valid-user
</Directory>

Alias /nagios "/usr/local/nagios/share"

<Directory "/usr/local/nagios/share">
#  SSLRequireSSL
    Options None
    AllowOverride None
    Order allow,deny
    Allow from all
#  Order deny,allow
#  Deny from all
#  Allow from 127.0.0.1
    AuthName "Nagios Access"
    AuthType Basic
    AuthUserFile /usr/local/nagios/etc/htpasswd.users
    Require valid-user
</Directory>

安装服务并开机启动
 
chmod 755 /etc/init.d/httpd
chkconfig --add httpd
chkconfig --level 345 httpd on
service httpd start

三.编译安装php(mod_php)
1.编译安装相关支持库

tar -zxf libiconv-1.13.1.tar.gz

cd libiconv-1.13.1/

./configure

make

make install

cd ../

tar -jxf libmcrypt-2.5.8.tar.bz2

cd libmcrypt-2.5.8/

./configure

make

make install

/sbin/ldconfig

cd libltdl/

./configure --enable-ltdl-install

make

make install

cd ../

tar -jxf mhash-0.9.9.9.tar.bz2

cd mhash-0.9.9.9/

./configure

make

make install

ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1
ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config

cd ../

tar -zxf mcrypt-2.6.8.tar.gz

cd mcrypt-2.6.8/

/sbin/ldconfig

./configure

make

make install

2.编译php,这里我们为php打入补丁.有助于防止邮件发送被滥用(多用户)以及在邮件中提供有价值的信息.
补丁介绍信息请点击:http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/

tar -zxf php-5.2.13.tar.gz

patch -d php-5.2.13 -p1 < php5-mail-header.patch

cd php-5.2.13

./configure --prefix=/usr/local --with-config-file-path=/etc --with-apxs2=/usr/local/apache/bin/apxs --enable-bcmath --enable-calendar --enable-exif --enable-ftp --enable-gd-native-ttf --enable-libxml --enable-magic-quotes --enable-mbstring --enable-pdo=shared --enable-soap --enable-sockets --enable-zip --with-bz2 --with-curl --with-curlwrappers --with-freetype-dir --with-gd --with-gettext --with-jpeg-dir --with-kerberos --with-libexpat-dir=/usr --with-libxml-dir=/usr --with-mcrypt=/usr --with-mhash=/usr --with-mysql=/usr --with-mysql-sock=/var/lib/mysql/mysql.sock --with-mysqli=/usr/bin/mysql_config --with-openssl=/usr --with-openssl-dir=/usr --with-pdo-mysql=shared --with-pdo-sqlite=shared --with-png-dir=/usr --with-sqlite=shared --with-ttf --with-xmlrpc --with-zlib -with-zlib-dir=/usr --enable-pcntl

make ZEND_EXTRA_LIBS='-liconv'

make install

cp php.ini-dist /etc/php.ini

cd ../

3.安装php扩展模块

tar -zxf memcache-2.2.5.tgz

cd memcache-2.2.5/

phpize

./configure --with-php-config=/usr/local/bin/php-config --with-zlib-dir --enable-memcache

make

make install

cd ../

tar -jxf eaccelerator-0.9.6.tar.bz2

cd eaccelerator-0.9.6/

phpize

./configure --enable-eaccelerator=shared --with-php-config=/usr/local/bin/php-config

make

make install

mkdir -p /tmp/eaccelerator

chmod 777 /tmp/eaccelerator

echo "mkdir -p /tmp/eaccelerator" >> /etc/rc.local

echo "chmod 777 /tmp/eaccelerator" >> /etc/rc.local

cd ../

tar -zxf ImageMagick.tar.gz

cd ImageMagick-*

./configure

make

make install

cd ../

tar -zxf imagick-2.3.0.tgz

cd imagick-2.3.0/

phpize

./configure --with-php-config=/usr/local/bin/php-config

make

make install

cd ../

tar -zxf suhosin-0.9.29.tgz

cd suhosin-0.9.29

phpize

./configure

make

make install

cd ../

tar -zxf ioncube_loaders_lin_x86.tar.gz

cd ioncube

mkdir /usr/local/ioncube

mv ioncube_loader_lin_5.2.so /usr/local/ioncube/

cd /usr/local/src

tar -zxf ZendOptimizer-3.3.9-linux-glibc23-i386.tar.gz

mkdir -p /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.x

cp ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.x/ZendOptimizer.so

3.1.修改php.ini.

查找/etc/php.ini中的extension_dir = "./".将其修改为extension_dir = "/usr/local/lib/php/extensions/no-debug-non-zts-20060613/"

查找;include_path = ".:/php/includes",删除前面的分号,并修改为include_path = ".:/usr/lib/php:/usr/local/lib/php"

跳到最后一行,然后添加以下内容:

extension = "memcache.so"
extension = "pdo.so"
extension = "pdo_mysql.so"
extension = "pdo_sqlite.so"
extension = "sqlite.so"
extension = "eaccelerator.so"
eaccelerator.shm_size = 32
eaccelerator.cache_dir = "/tmp/eaccelerator"
eaccelerator.enable = 1
eaccelerator.optimizer = 0
eaccelerator.debug = 0
eaccelerator.name_space = ""
eaccelerator.check_mtime = 1
eaccelerator.filter = ""
eaccelerator.shm_max = 0
eaccelerator.shm_ttl = 7200
eaccelerator.shm_prune_period = 7200
eaccelerator.shm_only = 1
eaccelerator.compress = 0
eaccelerator.compress_level = 9
eaccelerator.keys = shm
eaccelerator.sessions = shm
eaccelerator.content = shm
zend_extension = "/usr/local/ioncube/ioncube_loader_lin_5.2.so"
zend_extension = "/usr/local/Zend/lib/Optimizer-3.3.9/php-5.2.x/ZendOptimizer.so"

4,安装Memcached(可选)

cd /usr/local/src

tar -xzf libevent-1.4.13-stable.tar.gz

cd libevent-1.4.13-stable

./configure

make

make install

ln -s /usr/local/lib/libevent-1.4.so.2 /usr/lib

cd ../

tar -xzf memcached-1.4.4.tar.gz

cd memcached-1.4.4

./configure --with-libevent=/usr

make

make install

基本使用方法:

启动:/usr/local/bin/memcached -d -m 64 -p 11211 -u nobody -l localhost

关闭:killall -9 memcached

以下内容为安装Nagios3.2.3：

下载Nagios3.2.3,Nagios-plugins1.4.15,nrpe2.12,nsclient++

http://www.nagios.org/download/wgethttp://osdn.dl.sourceforge.net/sourceforge/nagios/nagios-3.2.3.tar.gz

wget http://osdn.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.11.tar.gz

Nagios3.2.3,Nagios-plugins1.4.15,nrpe2.12安装在监控服务器上。

去http://www.nagios.org/download/addons/下载nrpe和nsclient++插件。

nrpe2.12安装在Linux/Unix被监控端。
nsclient++安装在Windows被监控端。

创建帐号及组

创建帐号

useradd -m nagios
passwd nagios

加入Nginx用户组

/usr/sbin/usermod -a -G httpd nagios

httpd 为运行Nginx的帐号。

安装nagios

tar xvf nagios-cn-3.2.3.tar.bz2

cd nagios-cn-3.2.3

./configure --with-command-group=httpd --prefix=/usr/local/nagios --with-gd-lib=/usr --with-gd-inc=/usr

make all

使用make install来安装主程序,CGI和HTML文件

make install

使用make install-init在/etc/rc.d/init.d安装启动脚本

make install-init

使用make install-cofig来安装示例配置文件,安装的路径是/usr/local/nagios/etc.

make install-config

使用make install-commandmode来配置目录权限

make install-commandmode

nagios目录功能的简要说明：

bin    Nagios执行程序所在目录，nagios文件即为主程序
etc    Nagios配置文件位置
sbin    Nagios Cgi文件所在目录，也就是执行外部命令所需文件所在的目录
Share    Nagios网页文件所在的目录
var    Nagios日志文件、spid 等文件所在的目录
var/archives    日志归档目录
var/rw    用来存放外部命令文件

创建Nginx目录验证文件

需要使用有apache服务器创建密码文件

/usr/local/apache/bin/htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
New password: (输入密码)
Re-type new password: (再输入一次密码)
Adding password for user nagiosadmin

当然也可以使用perl 创建密码文件 新建 一个 pw.pl 文件 其内容：

#!/usr/bin/perl
use strict;
my $pw=$ARGV[0] ;
print crypt($pw,$pw)."\n";

然后执行 chmod +x pw.pl
./pw.pl password
papAq5PwY/QQM
papAq5PwY/QQM 就是password 的crypt()密码
然后 将上面用 perl 生成的 加密后的密码
按照
用户名:密码
的格式写到 htpasswd 文件中

这样既完成了设置

配置nagios配置文件

vi /usr/local/nagios/etc/objects/contacts.cfg

将里面的email地址改为自己的email地址。

cd ../

安装Nagios插件

tar xzvf nagios-plugins-1.4.15.tar.gz

cd nagios-plugins-1.4.15

./configure --with-nagios-user=nagios --with-nagios-group=httpd

make

make install

安装nagios-snmp-plugins

nagios-snmp-plugins是一套用Perl编写的通过SNMP方式监控主机的插件程序。

wget http://nagios.manubulon.com/nagios-snmp-plugins.1.1.1.tgz
tar xzf nagios-snmp-plugins.1.1.1.tgz
cd nagios_plugins

配置check_snmp_int.pl这些插件的使用时需要配置cpan，CPAN是Comprehensive Perl Archive Network的缩写.。它是一个巨大的Perl软件收藏库，收集了大量有用的Perl模块(modules)及其相关的文件。这里主要是使用Perl-Net-SNMP模块。有两种方式安装：

A）通过CPAN来安装
#perl -MCPAN -e shell
cpan> install Net::SNMP

B) 手工安装

首先去官方网站www.cpan.org下载以下几个模块
Crypt::DES
Digest::MD5
Digest::SHA1
Digest::HMAC
Net::SNMP

下载后对于每个模块依次按照下面的方式安装

tar zxf <module>.tar.gz   <module>表示模块名，具体请按上面提到的模块替换
cd <module>            <module>表示模块名，具体请按上面提到的模块替换
perl Makefile.pl
make test
make install

注意：Net::SNMP模块必须在最后安装。至此Net::SNMP手动安装完毕

./install.sh 

执行nagios-snmp-plugins安装脚本,执行之后会将插件命令安装到/usr/local/nagios/libexec下

启动Nagios

配置机器启动时自动启动Nagios

chkconfig --add nagios

chkconfig nagios on

检查Nagios配置文件

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

启动Nagios

service nagios start

2).如果开启防火墙，应该允许访问apache（一般为80端口）并允许nagios去抓取被监控机信息（一般nrpe为5666端口）。

访问Nagios服务器

http://localhost/

输入用户名及密码登录。

安装nrpe插件，用来监控Linux机器

tar xzvf nrpe-2.12.tar.gz

cd nrpe-2.12

./configure

make all

在Nagios服务器端只要安装nrpe监控插件就行

make install-plugin

在/usr/local/nagios/etc/objects/commands.cfg中定义check_nrpe命令

vi /usr/local/nagios/etc/objects/commands.cfg

########################################################################
#
# 2008.11.18 add by Stone
# NRPE COMMAND
#
########################################################################
# 'check_nrpe ' command definition
define command{
         command_name check_nrpe
         command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
         }

在被监控服务器（Linux/unix）上安装Nagios-plugins和nrpeuseradd nagios

tar xzvf nagios-plugins-1.4.15.tar.gz

cd nagios-plugins-1.4.15

Nagios-plugins默认安装到/usr/local/nagios

./configure

make

make install

chown nagios.nagios /usr/local/nagios/

chown -R nagios.nagios /usr/local/nagios/libexec/

tar xzvf nrpe-2.12.tar.gz

cd nrpe-2.12

./configure

make all

安装nrpe插件，本监控端可以不装

make install-plugin

安装nrpe守护进程

make install-daemon

安张nrpe配置文件

make install-daemon-config

修改nrpe配置文件，允许Nagios监控服务器（NagiosServer IP）监控

vi /usr/local/nagios/etc/nrpe.cfg

多台机器用逗号隔开

allowed_hosts=127.0.0.1,（NagiosServer IP)

以独立守护进程启动nrpe，也可以使用xinetd启动nrpe，具体清查看nrpe官方文档。

/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d

开机自动启动nrpe

vi /etc/rc.d/rc.local

加入下面行

/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d

检查nrpe是否安装正常

/usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12

返回nrpe版本说明安装没问题。

查看启动端口

如果有防火墙应该开放5666端口：

＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊

注意：我们需要在/usr/local/nagios/etc/nrpe.cfg中定义我们用到的监控本地资源的命令。

下面的命令是默认定义的：
command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20
command[check_hda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda1
command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c 200

复制代码下面的命令是自己定义的：

＃ 监控交换分区的使用情况，使用超过20％时为警告状态，超过10％时为严重状态

command[check_swap]=/usr/local/nagios/libexec/check_swap -w 20% -c 10%

＃ 监控根分区磁盘使用情况

command[check_disk_root]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /
＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊＊

附：

做好必要的安全工作

设置用户家目录/home/user,相关配置参数文件,以及访问日志等目录的权限.

chmod 711 /home

chmod 711 /usr/local/pureftpd

chmod 711 /usr/local/apache/conf/vhosts

chmod 711 /usr/local/apache/domlogs

chmod 711 /usr/local/apache/logs

基础环境为Apache+PHP+Mysql+Nagios在这个基础上我们进行安装CACTI并与Nagios进行整合；

基础环境的安装请参见我前面的文章：Apache+PHP+Nagios服务器监控部署笔记（一）Nagios安装篇

下载Cacti并安装

安装rrdtool（http://oss.oetiker.ch/rrdtool/）

yum install pango pango-devel

wget http://oss.oetiker.ch/rrdtool/pub/rrdtool-1.4.3.tar.gz
tar zxvf rrdtool-1.4.3.tar.gz
cd rrdtool-1.4.3
make
make install

安装net-snmp（http://www.net-snmp.org/）

wget http://netcologne.dl.sourceforge.net/project/net-snmp/net-snmp/5.5/net-snmp-5.5.tar.gz
tar zxvf net-snmp-5.5.tar.gz
cd net-snmp-5.5
./configure --prefix=/usr/local/net-snmp --with-mysql=/usr/local/mysql/bin/mysql_config --enable-developer
make
make install

###########提示信息##############

default version of-snmp-version(3)：3（在这里版本通常有三种形式：1,2c,3）
Systemcontact information（配置该设备的联系信息）： ruanxi@163.com（也可以是邮箱地址）
System location (该系统设备的地理位置)：Fujian P.R.C
Location to write logfile (日志文件位置)：/var/log/snmpd.log
Location to Write persistent(数据存储目录)：/var/net-snmp
说明：也可以使用yum install net-snmp net-snmp-devel net-snmp-libs net-snmp-utils net-snmp-perl

或者yum net-snmp*来进行安装

ln -s /usr/local/net-snmp/bin/* /usr/local/bin/
cp EXAMPLE.conf  /usr/local/net-snmp/share/snmp/snmpd.conf
vi /usr/local/net-snmp/share/snmp/snmpd.conf         //修改snmpd.conf（修改COMMUNITY、允许抓取snmp数据的主机、抓取数据范围等）。

以下是我的snmpd.conf配置##########################################
#       sec.name  source          community
com2sec local     localhost       public
##########################################

/usr/local/net-snmp/sbin/snmpd     //启动SNMP服务
 vi /etc/rc.d/rc.local       //在rc.local上加入一行/usr/local/net-snmp/sbin/snmpd,系统启动时启动SNMP服务。

安装cacti与cacti-spine（http://cactiusers.org/）

wget http://www.cacti.net/downloads/cacti-0.8.7g.tar.gz
wget http://www.cacti.net/downloads/spine/cacti-spine-0.8.7g.tar.gz

安装cacti
tar zxvf cacti-0.8.7g.tar.gz
mv cacti-0.8.7g /usr/local/cacti
useradd -s /sbin/nologin cacti
passwd cacti
usermod -a -G httpd cacti
chown -R httpd:cacti /usr/local/cacti

安装cacti-spine

tar zxvf cacti-spine-0.8.7g.tar.gz
cd cacti-spine-0.8.7g
获取补丁程序并安装补丁
wget http://www.cacti.net/downloads/spine/patches/0.8.7g/unified_issues.patch
patch -p1 -N < unified_issues.patch
./configure --prefix=/usr/local/cacti-spine --with-mysql=/usr/local/mysql --with-snmp=/usr/local/net-snmp
make
make install

配置cacti、cacti-spine

创建cacti数据库，并初始化该数据库
/usr/local/mysql/bin/mysql -u root -pXXXX  (XXXX为数据库密码)
mysql> create database cacti；
mysql> GRANT ALL PRIVILEGES ON *.* TO cacti@localhost IDENTIFIED BY 'cacti' WITH GRANT OPTION; 
mysql> flush privileges;

/usr/local/mysql/bin/mysql -ucacti -pcacti cacti < /usr/local/cacti/cacti.sql

编译配置文件/usr/local/cacti-spine/etc/spine.conf（注意：如果是RPM方式安装，那么配置文件位于/etc/spine.conf）

vi /usr/local/cacti-spine/etc/spine.conf
写入如下内容
DB_Host localhost
DB_Database cacti
DB_User cacti
DB_Pass 2010
DB_Port 3306
DB_PreG 0

配置cacti的虚拟主机指向目录/usr/local/cacti/

配置cacti的config.php配置文件

vi /usr/local/cacti/include/config.php
修改如下内容
$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cacti";
$database_password = "cacti";
$database_port = "3306";

配置/etc/cron.d/cacti任务文件，即：系统每5分钟进行收集SNMP代理上的数据

crontab -e
*/5 * * * * /usr/local/bin/php /usr/local/cacti/poller.php  &>/dev/null 2>&1

测试一下

重启apache

http://ip/，登录cacti，还要相关配置，下面是一个配置例子

说明：路径要设置对，也可以先跳过，然后登录cacti主页后，选择"settings" -> "Paths"进行修改

---------------------------------------------------------------------------------

Cacti插件的安装

安装Plugin Architecture（http://cactiusers.org/）

作用：让cacti支持更多的插件

tar zxvf cacti-plugin-0.8.7g-PA-v2.9.tar.gz

mv cacti-plugin-arch /usr/local/cacti/

cd /usr/local/cacti/

/usr/local/mysql/bin/mysql -ucacti -pcacti cacti < cacti-plugin-arch/pa.sql

patch -p1 -N < cacti-plugin-arch/cacti-plugin-0.8.7g-PA-v2.9.diff
 
rm -rf cacti-plugin-arch
chown -R httpd:cacti /usr/local/cacti

vi /usr/local/cacti/include/global.php，修改并增加如下
$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cacti";
$database_password = "2010";
$database_port = "3306";

显示Plugin-Management

User Management -> "admin" or "other user" -> "Realm Permissions" -> "Plugin Management" -> 打勾并保存

安装相关插件

安装Settings插件（http://docs.cacti.net/plugins）
wget http://docs.cacti.net/_media/plugin:settings-v0.7-1.tgz
tar zxvf settings-v0.7-1.tgz 
mv settings /usr/local/cacti/plugins/settings
根据新旧版本插件，进行设置

安装Thold插件（http://docs.cacti.net/plugins）
wget http://docs.cacti.net/_media/plugin:thold-latest.tgz -O thold-latest.tgz
tar zxvf thold-latest.tgz
mv thold-0.41 /usr/local/cacti/plugins/thold
根据新旧版本插件，进行设置

安装Monitor插件（http://docs.cacti.net/plugins）

tar zxvf monitor-v1.2-1.tgz
mv monitor /usr/local/cacti/plugins/monitor
根据新旧版本插件，进行设置

WeatherMap插件（http://www.network-weathermap.com/download）
wget http://www.network-weathermap.com/files/php-weathermap-0.97a.zip
unzip php-weathermap-0.97a.zip
mv weathermap /usr/local/cacti/plugins/

cd /usr/local/cacti/plugins/weathermap/
chown -R httpd:cacti /usr/local/cacti
chmod u+w configs #设置configs目录的所属主对该目录可写
cp editor-config.php-dist editor-config.php
vi editor-config.php，修改如下参数
$cacti_base = "/usr/local/cacti"; #cacti目录的绝对路径
$cacti_url = "http://localhost/cacti/"; #访问cacti的地址
$mapdir= $cacti_base.'/plugins/weathermap/configs'; #设置configs目录的绝对路径

根据新旧版本插件，进行设置

Nagios整合到Cacti

安装Nagios Plugin for Cacti（NPC）插件（http://trac2.assembla.com/npc）

作用：将nagios的数据通过ndo2db导入到mysql数据库，然后cacti读取数据库信息将nagios的结果通过NPC展示出来

安装NPC

wget http://www.constructaegis.com/downloads/npc-2.0.4.tar.gz
tar zxvf npc-2.0.4.tar.gz
mv npc /usr/local/cacti/plugins/
最后：根据新旧版本插件，进行设置

安装php-json（http://pecl.php.net/package/json），因为NPC需要用到它

wget http://pecl.php.net/get/json-1.2.1.tgz
tar zxvf json-1.2.1.tgz
cd json-1.2.1
/usr/bin/phpize
./configure --with-php-config=/usr/local/bin/php-config --enable-shared --enable-static --with-json
make
make install
service httpd restart
http://ip /phpinfo.php

访问phpinfo.php文件，确定一下是否已经加载了json，文件可以自行创建，内容如下：

<?php
phpinfo();
?>

安装NDOUtils

cd /usr/src/ndoutils-1.4b9/

./configure --prefix=/usr/local/nagios --enable-mysql --disable-pgsql LDFLAGS=-L/usr/local/mysql/lib/mysql  --with-mysql-lib=/usr/local/mysql/lib/mysql --with-mysql=/usr/local/mysql

make

在编译没有出错后，复制相应的配置文件与相关的执行文件，他们的主要作用就是做相关的配置与让nagios可以正确的调用。

cd /usr/src/ndoutils-1.4b9/src/

cp ndo2db-3x ndo2db-2x file2sock log2ndo /usr/local/nagios/bin/

cd ../config

cp ndo2db.cfg-sample /usr/local/nagios/etc/ndo2db.cfg

cp ndomod.cfg-sample /usr/local/nagios/etc/ndomod.cfg

以上复制的文档中前两项是版本相关的，即假如您的nagios主版本号是2系列，则需要拷贝名为ndomod-2x.o和ndo2db-2x的两个文档。后两项是通用文档，随便复制过去就OK了。

修改NPC在CACTI数据库中的相关表，这个应该是个BUG。所以需要执行如下操作：

ALTER TABLE `npc_hostchecks` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`;
ALTER TABLE `npc_hoststatus` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`;
ALTER TABLE `npc_servicechecks` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`;
ALTER TABLE `npc_servicestatus` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`;
ALTER TABLE `npc_statehistory` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`;
ALTER TABLE `npc_eventhandlers` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`;
ALTER TABLE `npc_systemcommands` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`;
ALTER TABLE `npc_notifications` ADD COLUMN `long_output` varchar(8192) NOT NULL default '' AFTER `output`;

配置ndo2db.cfg文件：

[root@node3 etc]# vim /usr/local/nagios/etc/ndo2db.cfg

lock_file=/usr/local/nagios/var/ndo2db.lock
ndo2db_user=nagios
ndo2db_group=nagios
socket_type=tcp
socket_name=/usr/local/nagios/var/ndo.sock
tcp_port=5668
use_ssl=0
db_servertype=mysql
db_host=localhost
db_port=3306
db_name=cacti
db_prefix=npc_
db_user=cacti
db_pass=cacti
max_timedevents_age=1440
max_systemcommands_age=10080
max_servicechecks_age=10080
max_hostchecks_age=10080
max_eventhandlers_age=44640
max_externalcommands_age=44640
debug_level=0
debug_verbosity=1
debug_file=/usr/local/nagios/var/ndo2db.debug
max_debug_file_size=1000000

配置ndomod.cfg文件

vi /usr/local/nagios/etc/ndomod.cfg

instance_name=node3
output_type=tcpsocket
output=127.0.0.1
tcp_port=5668
use_ssl=0
output_buffer_items=5000
buffer_file=/usr/local/nagios/var/ndomod.tmp
file_rotation_interval=14400
file_rotation_timeout=60
reconnect_interval=15
reconnect_warning_interval=15
data_processing_options=-1
config_output_options=2

配置nagios的配置文件

vi /usr/local/nagios/etc/nagios.cfg

添加以下两句，第二句如果没有才加上去，默认是有的。

broker_module=/usr/local/nagios/bin/ndomod-3x.o config_file=/usr/local/nagios/etc/ndomod.cfg

event_broker_options=-1

启动ndo2db守护进程

/usr/local/nagios/bin/ndo2db-3x -c /usr/local/nagios/etc/ndo2db.cfg

执行完以上这条命令，如果没有报错，就看看nagios.log的日志，如果出现以下提示：

nagios: ndomod: Could not open data sink!  I'll keep trying, but some output may get lost...

解决方法就是：

查看/usr/local/nagios/etc/ndo2db.cfg文件里的ndo2db_user=nagios ndo2db_group=httpd db_user=cacti

db_pass=ndouser 这几项是否正确配置了，ndo2db_user就是你运行nagios的用户名；ndo2db_group是运行nagios的组，db_user表示的是你授权访问ndodb数据库的用户名，db_pass访问数据的密码。

如果在加载守护进程出现：

Failed to obtain lock on file /usr/local/nagios/var/ndo2db.lock: Permission denied  : Permission denied

解决方法是：确认你在/usr/local/nagios/etc/ndo2db.cfg里ndo2db_user与ndo2db_group这两项的填写的用户是否对目录/usr/local/nagios/var/有写入的权限。

重新启动nagios

service nagios restart

至此已经全部配置完成，下面确认我们已经安装成功，进入mysql看看我们创建的数据表里是否有数据。并且访问CACTI

 

 

实现MSN报警
基础环境，请参考我的前面的文章：《Apache+PHP+Nagios+Cacti+MSN服务器监控部署笔记（一）Nagios安装篇》
要实现MSN报警需要使用phpmsnclass，这是一个用php实现的msn机器人程序。
wget http://phpmsnclass.googlecode.com/files/phpmsnclass_1.10.7z
下载phpmsnclass，此文件为7zip压缩格式，需要安装7z

wget http://nchc.dl.sourceforge.net/sourceforge/p7zip/p7zip_4.65_x86_linux_bin.tar.bz2
tar jxvf p7zip_4.65_x86_linux_bin.tar.bz2
cd p7zip_4.65
./install.sh  安装7z
7z e phpmsnclass_1.9.7z  解压文件
msn报警有2种方式，一种是直接使用php进行登陆验证发送消息，另外一个是以msn机器人的形式发送，将消息存储在目录内。这里采用第二种。
cd phpmsnclass
mkdir /var/spool/msnbot
mkdir /var/spool/msnbot/log
mkdir /var/spool/msnbot/spool
下面把msnbot.php, config.php和msn.class.php拷贝到/var/spool/msnbot/
cp msnbot.sh msnbot.php msn.class.php msnsendmsg.php notify_add.php notify_send.php notify.sql sample.php test.msn changelog.txt config.php notify_config.php /var/spool/msnbot/

 

chmod 777 /var/spool/msnbot/spool 
chmod o+t /var/spool/msnbot/spool
这个机器人的工作原理是如果要发送消息，就调用php生成消息文件到
/var/spool/msnbot/spool目录中，发送程序检查到该目录有新文件就会模拟msn登陆和发信将信息发送出去。
chmod +x /var/spool/msnbot/msnbot.php
 vi config.php        
在配置文件中设置MSN的账号和密码（以后报警通过这个MSN发出）
cp msnbot.sh /etc/init.d/
chmod +x msnbot.sh     加上执行权限
vi msnbot.sh            
修改后的内容如下：
#! /bin/sh
#
# MSN bot
#
NAME=msnbot
DESC="MSN bot"
set -e
case "$1" in
  start)
        echo -n "Starting $DESC: $NAME"
        /usr/local/php/bin/php -Cq /var/spool/msnbot/msnbot.php
        echo "."
        ;;
  stop)
        echo -n "Stopping $DESC: $NAME"
    MSNPID=`cat /var/spool/msnbot/log/msnbot.pid`
        kill $MSNPID
        echo "."
        ;;
  restart|force-reload)
        $0 stop
        sleep 5s
        $0 start
        ;;
  *)
        N=/etc/init.d/$NAME
        echo "Usage: $N {start|stop|restart|force-reload}" >&2
        exit 1
        ;;
esac
exit 0
需要修改/var/spool/msnbot/msnbot.php这句
前面添加php程序的具体位置并添加具体参数：
/usr/local/php/bin/php -Cq /var/spool/msnbot/msnbot.php
修改msnbot.php文件
vi /var/spool/msnbot/msnbot.php

去除文件中第一行的内容；

启动MSN机器人

./msnbot.sh start

下面发个消息测试一下 
php msnsendmsg.php netkey530@hotmail.com "this is a test2"

向netkey530@hotmail.com的MSN账号发送测试信息

注意需要将netkey530@hotmail.com和config.php里设置的MSN账号相互加为好友

如果成功接收到信息说明配置正确，此步骤到此结束，后面的能让Nagios使用MSN进行报警的功能需要到Nagios里设置了。