开源监控LibreNMS:全功能网络监控

一、LibreNMS简单介绍

LibreNMS是一个功能齐全的开源网络监控系统，它使用SNMP来获取来自不同设备的数据，LibreNMS支持各种设备如Cisco Linux FreeBSD Juniper Brocade Foundry HP等，它支持多种身份验证机制，并支持双因素身份验证。它有一个可定制的警报系统，可以通过电子邮件，IRC或slack通知网络管理员。

二、LibreNMS特点：

1、它使用这些协议自动发现整个网络：CDP，FDP，LLDP，OSPF，BGP，SNMP和ARP。
2、它有一个移动友好的Web UI，可定制的仪表板。
3、支持一个Unix代理。
4、支持水平缩放以随网络扩展。
5、支持高度灵活和可定制的警报系统; 通过电子邮件，irc，slack等发送通知。
6、支持用于管理，绘制和检索系统数据的API。
7、提供流量计费系统。
8、还支持提供核心功能的Android和iOS应用程序。
9、支持与NfSen，collectd，SmokePing，RANCID和Oxidized的集成。
10、支持多种身份验证方法，例如MySQL，HTTP，LDAP，Radius和Active Directory。
11、允许自动更新和许多其他功能。

在Linux系统上安装LibreNMS之前，您可以尝试在线演示。

Demo URL: https://demo.librenms.org/
Username: demo
Password: demo

三、CentOS7下部署LibreNMS

1.关闭selinux
查看状态

#getenforce
#/usr/sbin/sestatus

关闭SeLinux

###临时关闭
#setenforce 0

修改/etc/selinux/config

2、配置yum源

[root@localhost /]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
[root@localhost /]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
[root@localhost /]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@localhost /]# yum clean all
[root@localhost /]# yum makecache

3、配置remi-php73源，安装LibreNMS所需的组件

[root@localhost /]# yum install -y yum-utils
[root@localhost /]# yum localinstall http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
[root@localhost /]# yum-config-manager --enable remi-php73 
[root@localhost /]# yum install composer cronie fping git ImageMagick jwhois mariadb mariadb-server mtr MySQL-python net-snmp net-snmp-utils nginx nmap php-fpm php-cli php-common php-curl php-gd php-mbstring php-process php-snmp php-xml php-zip php-memcached php-mysqlnd python-memcached rrdtool python3 python3-pip python3-devel -y
[root@localhost /]# yum install -y zip unzip

4.git下载lirenms最新版本

[root@localhost /]# cd /opt/
[root@localhost /]#  git clone https://github.com/librenms/librenms.git
[root@localhost /]# useradd librenms -d /opt/librenms -M -r
[root@localhost /]# usermod -a -G librenms nginx
[root@localhost /]# chown -R librenms:librenms /opt/librenms
[root@localhost /]# chmod 770 /opt/librenms
[root@localhost /]# chgrp apache /var/lib/php/session/

5、切换到librenms用户，配置php环境

[root@localhost opt]# su - librenms
-bash-4.2$ ./scripts/composer_wrapper.php install --no-dev
-bash-4.2$ exit

6、配置数据库

[root@localhost opt]# systemctl start mariadb
[root@localhost opt]# mysqladmin -u root password 'MySQL@2021'
[root@localhost opt]# mysql -u root -pMySQL@2021
MariaDB [(none)]> CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci;
MariaDB [(none)]> CREATE USER 'librenms'@'localhost' IDENTIFIED BY 'librenms@2021';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> exit
[root@localhost /]# vim /etc/my.cnf
[mysqld]下加入如下两行
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
[root@localhost /]# systemctl enable mariadb
[root@localhost /]# systemctl restart mariadb

7、配置php环境

[root@localhost /]# vim /etc/php.ini 
修改时区配置如下
[Date]
; Defines the default timezone used by the date functions
; http://php.net/date.timezone
 第922行   date.timezone =Asia/Shanghai

[root@localhost /]# vim /etc/php-fpm.d/www.conf 
修改成如下行
user = apache  换成  nginx
group = apache   

;listen = 127.0.0.1:9000

下面添加
listen = /run/php-fpm/php-fpm.sock

listen.owner = nginx
listen.group = nginx
listen.mode = 0660

[root@localhost /]# systemctl enable php-fpm
[root@localhost /]# systemctl restart php-fpm

8、配置nginx

[root@localhost /]# vim /etc/nginx/conf.d/librenms.conf

添加

server {
 listen      80;
 server_name librenms.example.com;
 root        /opt/librenms/html;
 index       index.php;

 charset utf-8;
 gzip on;
 gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
 location / {
  try_files $uri $uri/ /index.php?$query_string;
 }
 location /api/v0 {
  try_files $uri $uri/ /api_v0.php?$query_string;
 }
 location ~ \.php {
  include fastcgi.conf;
  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
 }
 location ~ /\.ht {
  deny all;
 }
}

[root@localhost /]# vim /etc/nginx/nginx.conf

禁用

#    server {
#        listen       443 ssl http2 default_server;
#        listen       [::]:443 ssl http2 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers HIGH:!aNULL:!MD5;
#        ssl_prefer_server_ciphers on;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#        location = /404.html {
#        }

[root@localhost /]# systemctl enable nginx

[root@localhost /]# systemctl restart nginx

9、snmpd配置

cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf
vi /etc/snmp/snmpd.conf中团体名，例如librenms
com2sec readonly  default      librenms
curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
chmod +x /usr/bin/distro
systemctl enable snmpd
systemctl restart snmpd

distro

#!/usr/bin/env sh
# Detects which OS and if it is Linux then it will detect which Linux Distribution.

OS=`uname -s`
REV=`uname -r`
MACH=`uname -m`

if [ "${OS}" = "SunOS" ] ; then
  OS=Solaris
  ARCH=`uname -p`
  OSSTR="${OS} ${REV}(${ARCH} `uname -v`)"

elif [ "${OS}" = "AIX" ] ; then
  OSSTR="${OS} `oslevel` (`oslevel -r`)"

elif [ "${OS}" = "Linux" ] ; then
  KERNEL=`uname -r`

  if [ -f /etc/fedora-release ]; then
    DIST=$(cat /etc/fedora-release | awk '{print $1}')
    REV=`cat /etc/fedora-release | sed s/.*release\ // | sed s/\ .*//`

  elif [ -f /etc/redhat-release ] ; then
    DIST=$(cat /etc/redhat-release | awk '{print $1}')
    if [ "${DIST}" = "CentOS" ]; then
      DIST="CentOS"
      IGNORE_OS_RELEASE=1 # https://bugs.centos.org/view.php?id=8359
    elif [ "${DIST}" = "CloudLinux" ]; then
      DIST="CloudLinux"
    elif [ "${DIST}" = "Mandriva" ]; then
      DIST="Mandriva"
      PSEUDONAME=`cat /etc/mandriva-release | sed s/.*\(// | sed s/\)//`
      REV=`cat /etc/mandriva-release | sed s/.*release\ // | sed s/\ .*//`
    elif [ -f /etc/oracle-release ]; then
      DIST="Oracle"
    elif [ -f /etc/rockstor-release ]; then
      DIST="Rockstor"
    else
      DIST="RedHat"
    fi

    PSEUDONAME=`cat /etc/redhat-release | sed s/.*\(// | sed s/\)//`
    REV=`cat /etc/redhat-release | sed s/.*release\ // | sed s/\ .*//`

  elif [ -f /etc/mandrake-release ] ; then
    DIST='Mandrake'
    PSEUDONAME=`cat /etc/mandrake-release | sed s/.*\(// | sed s/\)//`
    REV=`cat /etc/mandrake-release | sed s/.*release\ // | sed s/\ .*//`

  elif [ -f /etc/devuan_version ] ; then
    DIST="Devuan `cat /etc/devuan_version`"
    REV=""

  elif [ -f /etc/debian_version ] ; then
    DIST="Debian `cat /etc/debian_version`"
    REV=""
    IGNORE_OS_RELEASE=1
    if [ -f /usr/bin/lsb_release ] ; then
      ID=`lsb_release -i | awk -F ':' '{print $2}' | sed 's/  //g'`
    fi
    if [ "${ID}" = "Raspbian" ] ; then
      DIST="Raspbian `cat /etc/debian_version`"
    fi
    if [ -f /usr/bin/pveversion ]; then
      DIST="${DIST}/PVE `/usr/bin/pveversion | cut -d '/' -f 2`"
    fi
    if [ -f /usr/bin/pmgversion ]; then
      # pmgversion requires root permissions to run, please add NOPASSWD setting to visudo.
      DIST="${DIST}/PMG `sudo /usr/bin/pmgversion | cut -d '/' -f 2`"
    fi
    if [ -f /etc/dogtag ]; then
      DIST=`cat /etc/dogtag`
    fi
    
  elif [ -f /etc/gentoo-release ] ; then
    DIST="Gentoo"
    REV=$(tr -d '[[:alpha:]]' " ")

  elif [ -f /etc/arch-release ] ; then
    DIST="Arch Linux"
    REV="" # Omit version since Arch Linux uses rolling releases
    IGNORE_LSB=1 # /etc/lsb-release would overwrite $REV with "rolling"
    
  elif [ -f /etc/photon-release ] ; then
    DIST=$(head -1 < /etc/photon-release)
    REV=$(sed -n -e 's/^.*PHOTON_BUILD_NUMBER=//p' /etc/photon-release)
    IGNORE_LSB=1 # photon os does not have /etc/lsb-release nor lsb_release

  elif [ -f /etc/openwrt_version ] ; then
    DIST="OpenWrt"
    REV=$(cat /etc/openwrt_version)

  elif [ -f /etc/pld-release ] ; then
    DIST=$(cat /etc/pld-release)
    REV=""

  elif [ -f /etc/SuSE-release ] ; then
    DIST=$(echo SLES $(grep VERSION /etc/SuSE-release | cut -d = -f 2 | tr -d " "))
    REV=$(echo SP$(grep PATCHLEVEL /etc/SuSE-release | cut -d = -f 2 | tr -d " "))
  fi

  if [ -x "$(command -v  awk)" ];  then # some distros do not ship with awk
    if [ "`uname -a | awk '{print $(NF)}'`" = "DD-WRT" ] ; then
      DIST="dd-wrt"
    fi
    if [ "`uname -a | awk '{print $(NF)}'`" = "ASUSWRT-Merlin" ] ; then
      DIST="ASUSWRT-Merlin"
      REV=`nvram show | grep buildno= | egrep -o '[0-9].[0-9].[0-9]'` > /dev/null 2>&1
    fi
  fi

  # try standardized os version methods
  if [ -f /etc/os-release -a "${IGNORE_OS_RELEASE}" != 1 ] ; then
    . /etc/os-release
    STD_DIST="$NAME"
    STD_REV="$VERSION_ID"
  elif [ -f /etc/lsb-release -a "${IGNORE_LSB}" != 1 ] ; then
    STD_DIST=$(lsb_release -si)
    STD_REV=$(lsb_release -sr)
  fi
  if [ -n "${STD_DIST}" ]; then
    DIST="${STD_DIST}"
  fi
  if [ -n "${STD_REV}" ]; then
    REV="${STD_REV}"
  fi

  if [ -n "${REV}" ]; then
    OSSTR="${DIST} ${REV}"
  else
    OSSTR="${DIST}"
  fi

elif [ "${OS}" = "Darwin" ] ; then
  if [ -f /usr/bin/sw_vers ] ; then
    OSSTR=`/usr/bin/sw_vers|grep -v Build|sed 's/^.*:.//'| tr "\n" ' '`
  fi

elif [ "${OS}" = "FreeBSD" ] ; then
  if [ -f /etc/version ] ; then
    DIST=$(cat /etc/version | cut -d'-' -f 1)
    if [ "${DIST}" = "FreeNAS" ]; then
      OSSTR=`cat /etc/version | cut -d' ' -f 1`
    fi
  else
    OSSTR=`/usr/bin/uname -mior`
  fi
fi

echo ${OSSTR}

10、crond配置与logrotated配置

cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms
cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms

参考连接 ：
https://mp.weixin.qq.com/s/wu0B3gFCcCJFufoVQJGvww