Chinaunix首页 | 论坛 | 博客
  • 博客访问: 29532
  • 博文数量: 9
  • 博客积分: 0
  • 博客等级: 民兵
  • 技术积分: 76
  • 用 户 组: 普通用户
  • 注册时间: 2014-12-07 21:21
文章分类

全部博文(9)

文章存档

2015年(3)

2014年(6)

我的朋友

分类: 系统运维

2014-12-08 07:19:16

System: CentOS Linux 6.2

 

Preparation

Importing Repository Signatures

For security, this repository is gpg signed.

If you do not import our gpg keys, you could see errors such as:

warning: rpmts_HdrFromFdno: Header V4 RSA/SHA1 Signature, key ID 0fc6984b: NOKEY
Public key for opsview-xxxxx.rpm is not installed
Create the gpg file named opsview.asc in /tmp:
vi /tmp/opsview.asc
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.10 (GNU/Linux)

mQENBE+RJcUBCACufp+mfI70ZUTPx9gaebIQEpg11OGp0y068gB5UZzhZ+hf8T9p
0YYUgRQ4qv8VL+YY+mvqLcoISkBLvYE7NQWm7xCmKCLpR3rdO/f2T0qS8s2Cl1V9
QV+MtZD9DvgWtwXSJDf9Ne6qgayyhdazMFTV/4pxMkkfRG2jYixDwx4RlgvJ0fgK
s9oS1REdXZ0LoNcwJ2eBqZljtXELUs38IYaoZNGAMzggTnfqxD0yV6NA87wxslpj
Ek5Zx1IsPf87odMnDshynb/rJG20SqouEFBeGGIZg9mR6/1n05ht2C7UmxFXw3am
w0eqAZ2Mv6gRQHrjeLy/N8a2/GCjN8iXW1D9ABEBAAG0T09wc3ZpZXcgUmVwb3Np
dG9yaWVzIChodHRwczovL2Rvd25sb2Fkcy5vcHN2aWV3LmNvbSkgPHJlcG9zaXRv
cmllc0BvcHN2aWV3LmNvbT6JATgEEwECACIFAk+RJcUCGwMGCwkIBwMCBhUIAgkK
CwQWAgMBAh4BAheAAAoJEDJ8cM0PxphLo40H/3Mi6zSWT2Gs6/R2tBr893zxATmh
Wp+VD9V9+i01dk5molEsetqwydj2IXIJWw3JIGODuRj8xzl8LW9vBNIxSOFtdml8
9VH5oEQdzsikLo69914PNRy5nXNMnH40weAkm5xCKH4a7qSWN37KIhHjS2ZDD89b
UzIT82eBDdAFbUodNxLR9WSHTKISiAeRUkHGfJU8d2YLZCfzCvFR7c1uwzr3XC6p
ORIK1yNu9dL3y2ZgjyTB2W1OR0XPGXCFOXOA5hIpGt4We1TcShEgOqpLzYYUlrmh
VePUcjAqoA20JWttT5xOsJnnZqEJRTknnBKbDzZUtSqekjLBnqIXEE4I8kW5AQ0E
T5ElxQEIAK65S8VDrha8j8H6zMLOSKT83mQf9fmouxzCtxqsfkjRik5/6ZRnYY6c
k4DPj+2nN4hJNKa2VQ9f1qQTQ1Q/8AEhA/ljg8a9E8neClUyCfOq0HQ9TKlFbQN/
gdvEOdspyWSEJxbFCX/IQy1kDhMf1DJRpUKUU1gJUOQiHsobM9FMX9jf4at+N9qD
i2N1tBlFK2v+T6du32Vfukxv56D+rozCr/EkJZmD6DT/enpQG6tK6+lhitmr1AgB
kLegV9RIJWSulu08RqpBgXNV7Hru8EI/MZWfdzuasiXA3I+umjXoch8wuF8I5R0P
GS25mit3DNs1o+6jV7TogsIv2PiC1ysAEQEAAYkBHwQYAQIACQUCT5ElxQIbDAAK
CRAyfHDND8aYS9xmCACQUNq33dBrNQz5ggXLXeOfwEgzrDAcd1TeTn7bDF5viXiW
EfoDw302jafYybtR4iojXC+r78EdEIPzPN21tUzN6o3HqZfgzDS0r7YBRsid/0x0
0Doc//ebZBJVMXe+MtzGYpkYQojSCYIS6WXdrRv/NRWlfMajqIkAliqggZFaRRuJ
L1tszaI0+2Ep1I7I8TRlmhvmd6S6w12HZtaQGBzv9ylI23m5LbSsLDYrZtIqeRBo
ucfnvywHuqgrgxgO+x8PRG7v7gfFT0QaJcWf6PwuxsqNsOq4UqZCRnfj3jg/aUoO
JE37AT9NT+b06NS5cSJVhWfky4fblE9bhPxjLDOZ
=HqD/
-----END PGP PUBLIC KEY BLOCK-----
 
On RHEL and CentOS systems, import this key using:
rpm --import /tmp/opsview.asc

The “Public key for” portion of this message indicates that your system does not have the public key for this repository and so cannot verify its contents. 

 

SELinux

Opsview is not currently compatible with Security-Enhanced Linux extensions, this must be disabled.  

Edit /etc/selinux/config and restart system:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
# SELINUXTYPE=targeted

RPMForge repositories

Set up to install any necessary dependencies by downloading and installing the RPMForge release package.

First, ensure that you are working as the root user. If not, enter the following into the command line:

su - root
{enter root password}
wget 
rpm -Uhv rpmforge-release-0.3.6-1..rf..rpm

Where is one of: 

  • i386
  • x86_64

and is one of:

  • el5 - for RHEL5 and CentOS5
  • el6 - for RHEL6 and CentOS6

If the site specified in the above wget is not available, there is a list of alternative sites to obtain the package on the .

Opsview repositories

Then, use your favourite editor to create the file /etc/yum.repos.d/opsview.repo containing the following lines: 

[opsview]
name = Opsview
baseurl = 
enabled = 1
protect = 0
gpgcheck = 0

where is either 5 or 6 depending on your version of CentOS.

 

Installation

Once the repositories have been updated to include the Opsview yum repository, the latest release of Opsview can be installed by running the following command as root.

yum install opsview
In here, it will pop-up a error that it can't find the below packages:
Error Downloading Packages:
  rrdtool-perl-1.3.8-6.el6.x86_64: failure: Packages/rrdtool-perl-1.3.8-6.el6.x86_64.rpm from Local: [Errno 256] No more mirrors to try.
  perl-Archive-Zip-1.30-2.el6.noarch: failure: Packages/perl-Archive-Zip-1.30-2.el6.noarch.rpm from Local: [Errno 256] No more mirrors to try.
  php-mbstring-5.3.3-3.el6_1.3.x86_64: failure: Packages/php-mbstring-5.3.3-3.el6_1.3.x86_64.rpm from Local: [Errno 256] No more mirrors to try.

Please kindly download these packages with the same version in .
for CentOS 6.2:
wget ftp://bo.mirror.garr.it/pub/1/slc/slc62/x86_64/Packages/perl-Archive-Zip-1.30-2.el6.noarch.rpm
wget ftp://ftp.sunet.se/pub/Linux/distributions/scientific/6.1/x86_64/os/Packages/rrdtool-perl-1.3.8-6.el6.x86_64.rpm
wget ftp://bo.mirror.garr.it/pub/1/slc/slc62/x86_64/Packages/php-mbstring-5.3.3-3.el6_1.3.x86_64.rpm

Install these packages manually:

rpm -ivh php-mbstring-5.3.3-3.el6_1.3.x86_64.rpm php-common-5.3.3-3.el6_1.3.x86_64.rpm

rpm -ivh rrdtool-perl-1.3.8-6.el6.x86_64.rpm rrdtool-1.3.8-6.el6.x86_64.rpm dejavu-lgc-sans-mono-fonts-2.30-2.el6.noarch.rpm dejavu-sans-mono-fonts-2.30-2.el6.noarch.rpm dejavu-fonts-common-2.30-2.el6.noarch.rpm

rpm -ivh perl-Archive-Zip-1.30-2.el6.noarch.rpm perl-Compress-Raw-Zlib-2.023-119.el6_1.1.x86_64.rpm

Then re-install opsview packages using the command:

yum install opsview

 

After the installation is complete

After the Opsview packages have been installed, it is necessary to configure Opsview and its databases.

1. Ensure the MySQL root password has been set to a known value:

Start MySQL first,

/etc/init.d/mysqld start

and ensure it is set to start at boot time with 

chkconfig --level 35 mysqld on

Set the root password:

mysqladmin -u root password {password} 


2. Ensure the nagios user's environment is set up correctly. Opsview will try to set the correct profile, but check that the following line is in the profile script, depending on your shell (e.g. .profile for bourne or korn shell, .bash_profile or .bashrc for bash shell):
Please kindly check the entry whether in that file or not, it exists in my installation.
su - nagios
echo "test -f /usr/local/nagios/bin/profile && . /usr/local/nagios/bin/profile" >> ~/.bash_profile

. ~/.bash_profile

3. Edit the opsview configuration file and amend the password as you see fit to secure the system (those passwords that should be changed as set to changeme by default)

Note: Do not use any funny shell characters in the password, such as $ or !.

vi /usr/local/nagios/etc/opsview.conf   # change passwords in this file


4. Set up the Opsview mysql database users with the necessary permissions

/usr/local/nagios/bin/db_mysql -u root -p{mysql root password}


5. Install the Opsview databases

/usr/local/nagios/bin/db_opsview db_install
/usr/local/nagios/bin/db_runtime db_install


6. Generate all the necessary configuration files:

/usr/local/nagios/bin/rc.opsview gen_config


7. You can now start up the web application server:

/etc/init.d/opsview-web start

The Opsview server is now listening on port 3000, i.e. . Confirm that this works correctly before configuring Apache. 

iptables maybe running which may disable this port. Configure iptables to allow incoming requests to port 3000 for the duration of this test

For Opsview versions before 20131125, you should secure your instance of Opsview Web, by changing the authtkt secret to be unique to this instance. In /usr/local/nagios/etc/opsview.conf, add the following and change the secret value to be a unique string:
$authtkt_shared_secret = "shared-secret-please-change";

Restart Opsview Web for this value to take effect: /etc/init.d/opsview-web restart.

Logging in

Once Opsview has been installed, a single administrative user will have been created. The credentials for this user are:

username: admin
password: initial

You should change this password to prevent unauthorised access to Opsview - this can be done from 'Administrator' link in the top right of the page.

See the guide for an introduction to Opsview.

The RPM packages that used in this guide.

阅读(1943) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~