Ubuntu 20.04 / CentOS7 安裝 LibreNMS 程序

這是本文件的舊版！

Ubuntu 20.04 LTS
CentOS Linux release 7.5.1804 (Core)

Ubuntu 20.04 安裝程序
CentOS7 安裝程序

載入中 ...

安裝必要的套件

apt install software-properties-common
add-apt-repository universe
apt update
apt install acl curl composer fping git graphviz imagemagick mailutils mariadb-client mariadb-server mtr-tiny nginx-full nmap php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-json php7.4-mbstring php7.4-mysql php7.4-snmp php7.4-xml php7.4-zip rrdtool snmp snmpd whois unzip python3-pip python3-pymysql python3-dotenv python3-redis python3-setuptools python3-systemd

新增 librenms 帳號

useradd librenms -d /opt/librenms -M -r -s "$(which bash)"

下載 LibreNMS 系統

cd /opt
git clone https://github.com/librenms/librenms.git

設定 librenms 權限

chown -R librenms:librenms /opt/librenms
chmod 771 /opt/librenms
setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/

安裝 PHP 相關套件

su - librenms
./scripts/composer_wrapper.php install --no-dev
exit

安裝 php composer

wget https://getcomposer.org/composer-stable.phar
mv composer-stable.phar /usr/bin/composer
chmod +x /usr/bin/composer

設定時區資料

vi /etc/php/7.4/fpm/php.ini
vi /etc/php/7.4/cli/php.ini

:
date.timezone = "Asia/Taipei"
:

timedatectl set-timezone Asia/Taipei

設定 MariaDB

vi /etc/mysql/mariadb.conf.d/50-server.cnf
--
[mysqld]
:
innodb_file_per_table=1
lower_case_table_names=0
:
--
systemctl enable mariadb
systemctl restart mariadb

修改 DB 密碼 Password

mysql -u root
--
CREATE DATABASE librenms CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'librenms'@'localhost' IDENTIFIED BY '**Password**';
GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
FLUSH PRIVILEGES;
exit

設定 PHP-FPM

cp /etc/php/7.4/fpm/pool.d/www.conf /etc/php/7.4/fpm/pool.d/librenms.conf
vi /etc/php/7.4/fpm/pool.d/librenms.conf

將 [www] 改成 [librenms]
將 user 和 group 改成 “librenms”
```
user = librenms
group = librenms
```
將 listen 改成 /run/php-fpm-librenms.sock
```
listen = /run/php-fpm-librenms.sock
```

設定 Nginx 改 server_name 為實際的網址或 IP Exp. 10.20.0.34

vi /etc/nginx/conf.d/librenms.conf

server {
 listen      80;
 server_name 10.20.0.34;
 root        /opt/librenms/html;
 index       index.php;

 charset utf-8;
 gzip on;
 gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
 location / {
  try_files $uri $uri/ /index.php?$query_string;
 }
 location ~ [^/]\.php(/|$) {
  fastcgi_pass unix:/run/php-fpm-librenms.sock;
  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  include fastcgi.conf;
 }
 location ~ /\.(?!well-known).* {
  deny all;
 }
}

重新啟動 nginx

rm /etc/nginx/sites-enabled/default
systemctl restart nginx
systemctl restart php7.4-fpm

啟動 lnms

ln -s /opt/librenms/lnms /usr/bin/lnms
cp /opt/librenms/misc/lnms-completion.bash /etc/bash_completion.d/

設定 snmpd

cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf
vi /etc/snmp/snmpd.conf
---
將 RANDOMSTRINGGOESHERE 改成自己的 snmp 密碼
com2sec readonly  default         RANDOMSTRINGGOESHERE
:
--
curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
chmod +x /usr/bin/distro
systemctl enable snmpd
systemctl restart snmpd

設定 crontab

cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms

設定 logrotate

cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms

開啟網頁進行設定 Exp. http://10.20.0.34
1. 檢查設定
2. 設定資料庫與匯入基本資料
3. 建立管理者帳號密碼

如果有遇到問題可以執行以下語法進行檢測

sudo su - librenms
./validate.php

如果沒問題會顯示類似如下結果:

root@ct-librenms:/opt# sudo su - librenms
librenms@ct-librenms:~$ ./validate.php
====================================
Component | Version
--------- | -------
LibreNMS  | 21.4.0-3-gcea6f13bf
DB Schema | 2021_04_08_151101_add_foreign_keys_to_port_group_port_table (208)
PHP       | 7.4.3
Python    | 3.8.5
MySQL     | 10.3.25-MariaDB-0ubuntu0.20.04.1
RRDTool   | 1.7.2
SNMP      | NET-SNMP 5.8
====================================

[OK]    Composer Version: 2.0.12
[OK]    Dependencies up-to-date.
[WARN]  You have no devices.
        [FIX]: 
        Consider adding a device such as localhost: /addhost
[OK]    Database connection successful
[OK]    Database schema correct
librenms@ct-librenms:~$

假設區網為 192.168.1.0/24 (192.168.1.1 - 192.168.1.254)
SNMP 都是設定為 v1 / v2c , Community 設定為 public 或 ichiayi_snmp

先安裝 python-ipaddress 模組 yum install python-ipaddress
先手動加入一個設備進行監管 Exp. 192.168.1.1

vi /opt/librenms/config.php

:
# Auto-Discovery
// v1 or v2c
$config['snmp']['community'][] = "public";
$config['snmp']['community'][] = "ichiayi_snmp";

$config['nets'][] = '192.168.1.0/24';

$config['autodiscovery']['nets-exclude'][] = '192.168.1.1/32';

$config['discovery_by_ip'] = true;

第一次可以手動執行一次

cd /opt/librenms
./snmp-scan.py

結果:

[root@ct-librenms librenms]# ./snmp-scan.py
Scanning IPs:
..............................................................................................................................................................................................................................................++++++++++-----

Scanned 253 IPs: 0 known devices, added 10 devices, failed to add 5 devices, 1 ips excluded by config
Runtime: 104.31 seconds

設定 default_poller_group = 1
```
lnms config:set default_poller_group 1
```
之後在區域網路內的新設備如果有啟用 snmp v1 / v2c communty 符合設定的值, 可以在五分鐘內被自動加入

前一陣子發現設定都正確, 使用 snmp-scan.py 確實可以自動加入, 但卻無法如預期由該機制將新設備自動加入, 找了一些文章後還是無法真正解決問題, 目前我的 workaround 方法是將 snmp-scan.py 直接加入 cron 來處理

設定 E-Mail 通知
- Global Settings → Alerting Settings
  - General alert settings : Default contact ← 填上要接收通知的 E-Mail 設定畫面參考
  - Email options 依照實際寄送的 Mail Server 方式設定設定畫面參考
設定告警通知規則
- Alerts → Alert Rules
  - 當監控的設備無法連線就通知設定畫面參考
  - 將預設網路流量超過 90% 告警排除 lo 介面設定畫面參考

Device Dependencies 可以減少不必要的告警通知, 例如 Firewall 故障, Firewall 內所有的主機當然無法使用, 此時可以設定裡面所有的主機的 Parents 是 Firewall 減少不必要的告警通知
Exp. 192.168.1.254 是 Firewall, 192.168.1.222 是內部 Wifi 設備, 外部監控的 LibreNMS 可以設定 192.168.1.222 有個 Parents 是 192.168.1.254 可點下參考相關設定畫面 * 選單 Devices→Device Dependncies 進入設定功能
* 搜尋要設定的 Device IP Exp. 192.168.1.222
* 編輯該設備的 Parent Exp. 192.168.1.254
* 當完成設定後, 192.168.1.254(Firewall) 出現異常, 192.168.1.222(WiFi) 的異常就不會通知 * 192.168.1.254(Firewall) 出現異常紀錄(告警會通知)
* 192.168.1.222(Wifi) 出現異常紀錄(告警會跳過)

LibreNMS Agent 的安裝方式
安裝 Apache Agent 的方式
加裝 Nagios Plugin 增加監控能力
安裝 BIND(Named) Agent 的方式
加裝 Check_MK 增加監控能力
nagios plugins - check_mssql_health
安裝 PVE (Proxmox Virtual Environment) Agent 的方式
安裝 fail2ban Agent 的方式
安裝 MySQL Agent 的方式
安裝 Nginx Agent 的方式
安裝 PHP-FPM Agent 的方式
安裝 postfix Agent 的方式
安裝 Redis Agent 的方式
安裝 SMART Agent 的方式
安裝 ZFS Agent 的方式

載入中 ...

→ 此頁連結

CentOS 7 + systemd
這 Agent Listen TCP-Port 6556

需要驗證 LibreNMS 可以正確 TCP-Port 6556 連上 Agent 主機

複製 librenms-agent 儲存庫

cd /opt/
git clone https://github.com/librenms/librenms-agent.git
cd librenms-agent
cp check_mk_agent /usr/bin/check_mk_agent
chmod +x /usr/bin/check_mk_agent
cp [email protected] check_mk.socket /etc/systemd/system
mkdir -p /usr/lib/check_mk_agent/plugins /usr/lib/check_mk_agent/local
cp agent-local/* /usr/lib/check_mk_agent/local/
chmod a+x /usr/lib/check_mk_agent/local/*
systemctl enable check_mk.socket && systemctl start check_mk.socket

https://docs.librenms.org/Extensions/Agent-Setup/

librenms, agent

先透過執行 daily.sh 看錯誤訊息
```
su - librenms
./daily.sh
```
看錯誤訊息進行處理, Exp. git 檔案被更改, 就移除這些檔案後, 在執行 daily.sh

如果無法解決, 可以透過 validate.php 來檢查

./vaildate.php

:
[FAIL]  Some folders have incorrect file permissions, this may cause issues.
        [FIX]:
        sudo chown -R librenms:librenms /opt/librenms
        sudo setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/libr                                              enms/bootstrap/cache/ /opt/librenms/storage/
        sudo chmod -R ug=rwX /opt/librenms/rrd /opt/librenms/logs /opt/librenms/                                              bootstrap/cache/ /opt/librenms/storage/
        Files:
         /opt/librenms/storage/framework/views/cdca770a337e07f2364ec770e7b408621                                              95170d7.php

就依照內容說明去修正

su - root
chown -R librenms:librenms /opt/librenms
setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
chmod -R ug=rwX /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/

其他實用的修復 script:
- 修復 git 目錄檔案 ./scripts/github-remove

自動更新失敗, 出現很多套件依存議題, Exp,. Carbon 1 is deprecated, see how to migrate to Carbon 2

可重新完整安裝的程序如下:

su - librenms
./scripts/github-remove -d -v
git pull
./daily.sh
./validate.php

PHP 7.1 and Python 2 no longer supported 
LibreNMS will soon require Python 3.5+ and PHP 7.2.5+. For more details check https://t.libren.ms/uo84c

2020-05-11 00:00:00 | Source: http://www.librenms.org/notifications.rss

```
yum install python36
```
參考 - https://kirin.idv.tw/python-install-python3-in-centos7/

因為資料庫變大, 改用 Percona XtraDB Cluster 來取代本機 MySQL/MariaDB, 修改 /opt/librenms/config.php 內的 ### Database config 卻完全沒用, 看了 LibreNMS 文件才發現已經變成要改 /opt/librenms/.env 才對

以下是 /opt/librenms/.env 大概的內容

APP_KEY=base64:LvIYs6Gauexxxxxxxxxxxxxxxxxxxxxxxxxxxxxx5/c=

DB_HOST=192.168.11.202
DB_DATABASE=librenms
DB_USERNAME=**dbuser**
DB_PASSWORD=**dbpasswd**

#APP_URL=
NODE_ID=5cxxxxxxxxxde
DB_PORT=3306
LIBRENMS_USER=librenms

原本 mariadb 的設定要關閉

systemctl stop mariadb
systemctl disable mariadb

參考 - https://docs.librenms.org/Support/Configuration/

2020/11/04 收到訊息會 2020/11 起, LibreNMS 必須使用 php 7.3 以上(建議 7.4)版本才會自動更新

先移除原本 PHP 7.2

systemctl stop php-fpm
yum remove php72w*
mv /etc/yum.repos.d/webtatic* /tmp/

將安裝 REMI 的 PHP 7.4 來因應

yum install https://rpms.remirepo.net/enterprise/remi-release-7.rpm
vi /etc/yum.repos.d/remi-php74.repo

:
[remi-php74]
:
enabled=1
:

yum install composer php php-cli php-common php-curl php-fpm php-gd php-mbstring php-mysqlnd php-process php-snmp php-xml php-zip

因為這方式是重新安裝 php 與相關套件, 所以 php.ini 與 nginx 的一些設定必須再次執行

修改 php.ini

vi /etc/php.ini

:
[Date]
; Defines the default timezone used by the date functions
; http://php.net/date.timezone
date.timezone = Asia/Taipei
:

修改 php-fpm 設定

vi /etc/php-fpm.d/www.conf

:
;user = apache
user = nginx
:
;listen.owner = nobody
;listen.group = nobody
;listen.mode = 0660
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
:

systemctl enable php-fpm
systemctl restart php-fpm

修改 nginx 設定

vi /etc/nginx/conf.d/librenms.conf

:
:
 location ~ \.php {
  include fastcgi.conf;
  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  #fastcgi_pass unix:/var/run/php-fpm/php7.2-fpm.sock;
  fastcgi_pass 127.0.0.1:9000;
 }
:

systemctl restart nginx

設定 ping 的執行權限

setcap cap_net_raw+ep /usr/sbin/fping
setcap cap_net_raw+ep /usr/sbin/fping6

驗證一下是否可以正常運作

su - librenms
./validate.php 
./daily.sh

可能會出現一些 Call to undefined method … 訊息, 不過第二次執行 ./daily.sh 應該就不會再出現, 執行畫面如下

[root@ct-librenms ~]# su - librenms
-bash-4.2$ ./validate.php 
====================================
Component | Version
--------- | -------
LibreNMS  | 1.69-5-g240edd2
DB Schema | 2020_07_27_00522_alter_devices_snmp_algo_columns (188)
PHP       | 7.4.12
Python    | 3.6.8
MySQL     | 5.6.42-84.2-56-log
RRDTool   | 1.4.8
SNMP      | NET-SNMP 5.7.2
OpenSSL   | 
====================================

[OK]    Composer Version: 1.10.17
[OK]    Dependencies up-to-date.
[OK]    Database connection successful
[OK]    Database schema correct
-bash-4.2$ ./daily.sh
Supported PHP and Python version, switched back to master branch. OK
Updating to latest codebase                        OK

In AppServiceProvider.php line 43:
                                                                            
  Call to undefined method Illuminate\Pagination\Paginator::useBootstrap()  

In AppServiceProvider.php line 43:
                                                                            
  Call to undefined method Illuminate\Pagination\Paginator::useBootstrap()  

Updating Composer packages                         OK
Updated from bc02ab3 to 240edd2                    OK
Updating SQL-Schema                                OK
Updating submodules                                OK
Cleaning up DB                                     OK
Fetching notifications                             OK
Caching PeeringDB data                             OK
-bash-4.2$ ./daily.sh
Updating to latest codebase                        OK
Updating Composer packages                         OK
Updating SQL-Schema                                OK
Updating submodules                                OK
Cleaning up DB                                     OK
Fetching notifications                             OK
Caching PeeringDB data                             OK

移轉 LibreNMS 程序可參考 https://docs.librenms.org/Support/FAQ/ 內
How do I move my LibreNMS install to another server?

2021/06/13 發現 Librenms 無法運作, 才發現 2021/03 起只支援 MySQL version 5.7.7 以上的版本, 所以目前使用的 Percona XtraDB Cluster 內的 5.6.42 就被迫要升級改用 MariaDB 10.5
將舊資料匯出, 如果忘記資料庫連線資訊, 可以看一下 .env
```
su - librenms
head .env
```
Exp. db_host:192.168.11.21 , db_user:librenms , db_pass:Password , db_name:librenms
```
mysqldump -u librenms -p librenms -h 192.168.11.21> /tmp/librenms.sql 
```
執行CentOS 7 安裝 MariaDB 10.5

在新資料庫建立 LibreNMS 的使用者與資料庫

mysql -u root -p
create database librenms;
create user 'librenms'@'%' identified by '**Password**';
grant all on librenms.* to 'librenms'@'%';
flush privileges;
quit

將舊資料匯入新資料庫 Exp. 192.168.11.22

cat /tmp/librenms.sql | mysql -u librenms -p librenms -h 192.168.11.22

修改 .env 內 DB 的連線設定
```
su - librenms
vi .env
```

出現錯誤訊息如下

In Connection.php line 678:

  SQLSTATE[42S01]: Base table or view already exists: 1050 Table 'port_groups' already exists (SQL: create table `port_groups` (`id` int unsigned not null auto_increment primary key, `na
  me` varchar(255) not null, `desc` varchar(255) null) default character set utf8mb4 collate 'utf8mb4_unicode_ci')

解決方式

mysql -u librenms -p librenms
drop table port_groups;

再次執行 ./lnms migrate 出現找不到 librenms.port_group_port 這 table

In Connection.php line 678:

  SQLSTATE[42S02]: Base table or view not found: 1146 Table 'librenms.port_group_port' doesn't exist (SQL: alter table `port_group_port` add constraint `port_group_port_port_group_id_for
  eign` foreign key (`port_group_id`) references `port_groups` (`id`) on delete CASCADE)

參考網址 - https://community.librenms.org/t/error-port-device/15386/33

解決方式 :

mysql -u librenms -p librenms
CREATE TABLE port_group_port (
port_group_id int(10) unsigned NOT NULL,
port_id int(10) unsigned NOT NULL,
PRIMARY KEY (port_group_id,port_id),
KEY port_group_port_port_group_id_index (port_group_id),
KEY port_group_port_port_id_index (port_id),
CONSTRAINT port_group_port_port_group_id_foreign FOREIGN KEY (port_group_id) REFERENCES port_groups (id) ON DELETE CASCADE,
CONSTRAINT port_group_port_port_id_foreign FOREIGN KEY (port_id) REFERENCES ports (port_id) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;

再次執行 ./lnms migrate 就可以修正成功

再執行 ./validate.php 看有其他那些問題, 依照說明的語法進行修正 Exp.

su - root
setcap cap_net_raw+ep /usr/sbin/fping6
sudo ln -s /opt/librenms/lnms /usr/bin/lnms
sudo cp /opt/librenms/misc/lnms-completion.bash /etc/bash_completion.d/
sudo chown -R librenms:librenms /opt/librenms
sudo setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
sudo chmod -R ug=rwX /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/

參考 How do I migrate my LibreNMS install to another server? 方式處理

依照正常程序安裝 LibreNMS 在 Ubuntu 20.04 上
Stop cron by commenting out all lines in /etc/cron.d/librenms
Dump the MySQL database librenms from your old server (mysqldump librenms -u root -p > librenms.sql)…
and import it into your new server (mysql -u root -p librenms < librenms.sql).
Copy the rrd/ folder to the new server.
Copy the .env and config.php files to the new server.
Check for modified files (eg specific os, …) with git status and migrate them.
Ensure ownership of the copied files and folders (substitute your user if necessary) - chown -R librenms:librenms /opt/librenms
Delete old pollers on the GUI (gear icon –> Pollers –> Pollers)
Validate your installation (/opt/librenms/validate.php)
Re-enable cron by uncommenting all lines in /etc/cron.d/librenms

nms, librenms, centos7, ubuntu20.04

Ubuntu 20.04 / CentOS7 安裝 LibreNMS 程序

Ubuntu 20.04 安裝程序

設定自動找尋區域網路內可納管設備

設定告警通知

設定 Device Dependencies 設備依存關係

安裝 Agent 監看應用程式

LibreNMS Agent 的安裝方式

參考網址

常見 LibreNMS 異常問題排除

每日自動更版失敗處理

更新 python3

修改連線 DB

CentOS 7 升級 php 至 7.4

CentOS 7 升級 MariaDB 10

./lnms migrate 出現 SQLSTATE[42S01] 異常

由 CentOS7 移轉至 Ubuntu 20.04

參考網址