close Warning: Can't synchronize with repository "(default)" (/usr/svn/silverfile does not appear to be a Subversion repository.). Look in the Trac log for more information.

Changes between Version 3 and Version 4 of administration/cacti

Apr 10, 2009, 11:40:52 PM (14 years ago)



  • administration/cacti

    v3 v4
    22(no login yet, need to get into sudoers)
     3= Cacti Server and Remote Host Setup =
     4== Initial Cacti Server Setup ==
     5''This part needs to be done only once''
     7Create a new user named 'cacti' to run the ssh tunnels
     9###create the user and home directory -m = make home directory
     10pw useradd cacti -m
     11###set the password for cacti
     12passwd cacti
     15Create the private/public key for authentication
     17###This should be run from the cacti server logged in as the cacti user
     18###Press enter twice to accept the defaults. Use no pass phrase.
     19ssh-keygen -t rsa
     22Create a bash script to open up the ssh tunnels. We need to figure out the best way to close the
     23tunnels before this script runs once we have many SilverFile boxes to monitor. If the script is run while
     24the existing tunnels are open, additional tunnels will be opened up which will get messy.
     25Perhaps a perl or python script would be better for this.
     27###This should be run from the cacti server logged in as the cacti user.
     29rm /home/cacti/tunnel.log
     31### Each additional SilverFile box will get an entry like this one. The tunnel port number will
     32###increase by one and the box address will be unique.
     33ssh -N -L 16000: >> /home/cacti/tunnel.log &
     34###Example of next remote host
     35###ssh -N -L 16001: >> /home/cacti/tunnel.log &
     38That's it until we have a remote host to monitor.
     40== Remote Host setup ==
     41Setup snmp and a no-login user to tranfer the data to the Cacti server
     43Install snmp and some snmp utilities
     45###Install snmp and run it as a daemon
     46apt-get install snmpd
     47###Optional, intall some tools to use for testing if you want
     48apt-get install snmp
     50Create a backup of the conf file and add our settings
     52###Make a copy of the original
     53cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig
     54###Edit snmpd.conf
     55vim /etc/snmp/snmpd.conf
     57Change (or comment out and add a new line) the line starting with com2sec so it reads:
     58  com2sec readonly default public (where public is the name of our community string)
     59And add the following line to switch the port from upd to tcp
     60   agentaddress tcp:161
     62Restart the snmpd daemon
     64/etc/init.d/snmpd restart
     66Optional: Test that snmp is producing data
     68snmpwalk -v 1 -c public tcp:localhost:161
     70Make a new user for the ssh tunnel to connect to.
     72###add a regular user w/login for now. We'll remove login-ability later
     73adduser snmp
     74###Give snmp a password for now. write it down for later.
     75passwd snmp
     77That's all on the remote client for now.
     79== Setup access to remote hosts from the cacti server ==
     81Login as the ssh tunnel user and copy the public rsa key to the remote host.
     83###While logged in as ssh tunnel user.
     84###This will connect to the remote host, create the ~/.ssh directory on the remote host and create then write
     85###the public rsa key to the file ~/.ssh/authorized_keys. If the authorized_keys file already exists the key will
     86###be appended to the file.
     87cat ~/.ssh/ | ssh 'mkdir .ssh && cat >>.ssh/authorized_keys'
     90Edit the tunnels.ssh file by adding the new host in a line similar to the others. Increase the 16000 range port by
     91one and use the new host's url. Save the file. make the file executable
     93chmod +x
     96At this point it might be best to just initiate the tunnel from the command line. Once we get a script that
     97will kill all the existing tunnels and then re-establish them all we'll be able to just run the script. For now
     98Just copy the line you added to the script and run it from the command line.
     100Now just log into the Cacti web-admin and configure the new client. Click on Devices and add a new device. The settings should be:
     102Hostname: tcp:
     103Host Template: ucd/net SNMP Host
     104SNMP Community: public
     105SNMP Version: Version 2
     106SNMP Port: 16000
     108Make sure you put in the specific Description, Community and the SNMP Port for that host.
     110Next configure the graphs you want. Seperate wiki