====== 安裝 LibreNMS (Docker) ======
* 安裝環境 [[tech/docker|Ubuntu 20.04 + docker compose]]
* 預計採用 image - [[https://hub.docker.com/r/librenms/librenms/tags?page=1&name=latest|librenms/librenms:latest]]
* 環境變數:
* TZ : Asia/Taipei
* LISTEN_IPV6 : false
* DB_HOST : 172.16.0.201
* DB_PORT : 8306
* DB_USER : librenms
* DB_PASSWORD : my_password999
* Port : 8000 (http)
* Volumes : /var/librenms/librenms ( config / plugins / rrd files/ logs... )
===== 安裝與下載 =====
* 建立 librenms 目錄
sudo mkdir /var/librenms/
sudo chown 1000:1000 /var/librenms/
cd /var/librenms/
* 下載 docker compsoe 設定檔
wget https://github.com/librenms/docker/raw/master/examples/compose/.env
wget https://github.com/librenms/docker/raw/master/examples/compose/compose.yml
wget https://github.com/librenms/docker/raw/master/examples/compose/librenms.env
wget https://github.com/librenms/docker/raw/master/examples/compose/msmtpd.env
* 將 .env 內的設定改成符合自己的設定 Exp.
TZ=Asia/Taipei
PUID=1000
PGID=1000
MYSQL_DATABASE=librenms
MYSQL_USER=librenms
MYSQL_PASSWORD=my_password999
* 將 msmtpd.env 內的設定改成符合自己的設定 Exp.
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_TLS=on
SMTP_STARTTLS=on
SMTP_TLS_CHECKCERT=on
SMTP_AUTH=on
SMTP_USER=foo
SMTP_PASSWORD=bar
SMTP_FROM=foo@gmail.com
===== 啟動 docker compose =====
*
docker compose up -d
docker compose logs -f
* 當啟動完成就可以直接輸入 http://server_ip:8000 來建立使用者 \\ {{:tech:2023-09-20_151047.png|}}
===== 更新版本 =====
*
cd /var/librenms
docker compose down
docker compose pull
docker compose up -d
===== 命令列操作 =====
* 新增監控節點 Exp. 10.0.0.197 / snmp community : mypass001
docker compose exec librenms lnms device:add 10.0.0.197 -c mypass001
* 手動執行掃描自動加入監控節點
- 掃描參數設定
- [Global Settings]->[Discovery]->[Networks]->[Autodiscovery Networks] 加入掃描網路範圍 Exp. 10.0.0.0/24
- [Global Settings]->[Poller]->[SNMP]->[Communities (priority)] 加入 SNMP Agent 端的 Communities Exp. nms_ckey001 (預設 public)
- 進行自動掃描
docker compose exec librenms ./snmp-scan.py
* 設定每小時自動掃描自動加入監控節點
- 建立 cron.txt
0 * * * * cd /var/librenms && docker compose exec librenms ./snmp-scan.py > /tmp/snmp-scan.log 2>&1
- 啟動 crontab
crontab cron.txt
crontab -l
===== 驗證 Service(Nagios_Plugin) 設定參數 =====
* 如果不確定參數該如何下可以正確運作, 可以先使用 cli 模式進行驗證 Exp. 檢查 Mail Server(192.168.11.241) 的 smtps / imaps / pop3s 的 SSL 憑證是否過期
docker compose exec -it librenms /usr/lib/monitoring-plugins/check_ssmtp -H 192.168.11.241 -p 465 -S -D 30,7 --sni mail.ichiayi.com
docker compose exec -it librenms /usr/lib/monitoring-plugins/check_spop -H 192.168.11.241 -p 995 -S -D 25,7 --sni mail.ichiayi.com
docker compose exec -it librenms /usr/lib/monitoring-plugins/check_simap -H 192.168.11.241 -p 993 -S -D 25,7 --sni mail.ichiayi.com
* Nagios_Plugin 存放在 librenms 容器內的 /usr/lib/monitoring-plugins/
* 如果確定可以正確運作, service 的 parameter 欄位內容就是 -H 192.168.11.241 之後的參數字串 Exp. -p 465 -S -D 30,7 --sni mail.ichiayi.com
===== 設定告警條件(Alert Rules) =====
* Alerts -> Alert Rules -> Click here to create the default alert rules!
* ++看畫面|{{:tech:螢幕擷取畫面_2024-01-29_095225.png|}}++
* ++會建立出預設的告警條件項目 |{{:tech:螢幕擷取畫面_2024-01-29_095328.png|}}++
* ++設定預設 Port status up/down 告警條件排除 docker 的介面|{{:tech:螢幕擷取畫面_2024-01-29_121432.png|}}++
===== 設定告警通知(Alert Transports) =====
* [[tech/librenms_line-notify|Line Notify]]
===== 常見問題 =====
- 已經安裝的 LibreNMS 主機設定好 snmpd , 卻無法在 LibreNMS 成功加入, 出現 SNMP v2c: No reply with community public 無法存取狀況
* 常見的問題是 LibreNMS 的 snmpd.conf 內所設定授權的 IP 範圍不正確, Exp. LibreNMS 主機 IP : 192.168.11.248 , 所以正常就會設定授權 IP 類似 192.168.11.248/32 Exp. snmod.conf 內設定為
:
com2sec mylibrenms 192.168.11.248/32 public
:
但是這環境已經有 docker 網路, 所以 LibreNMS 連過去主機會使用到 Docker 的網段 Exp. 172.20.0.0/16
localadmin@pve-librenms:~$ docker network inspect librenms_default | grep "Subnet"
"Subnet": "172.20.0.0/16",
因此需要將主機 snmpd.conf 的授權 IP 改成這 Docekr 網段 Exp.
:
com2sec mylibrenms 172.20.0.0/16 public
:
修改 snmpd.conf 後重啟 snmpd 服務就可
* 如果重新開機 docker network 網段會改變, 可以指定固定網段的 Docker 網路 Exp. librenms-network 修改 compose.yml
name: librenms
networks:
librenms-network:
name: librenms-network
ipam:
driver: default
config:
- subnet: 172.20.0.0/16
gateway: 172.20.0.1
services:
db:
image: mariadb:10.5
container_name: librenms_db
networks:
- librenms-network
command:
- "mysqld"
- "--innodb-file-per-table=1"
- "--lower-case-table-names=0"
- "--character-set-server=utf8mb4"
- "--collation-server=utf8mb4_unicode_ci"
volumes:
- "./db:/var/lib/mysql"
environment:
- "TZ=${TZ}"
- "MYSQL_ALLOW_EMPTY_PASSWORD=yes"
- "MYSQL_DATABASE=${MYSQL_DATABASE}"
- "MYSQL_USER=${MYSQL_USER}"
- "MYSQL_PASSWORD=${MYSQL_PASSWORD}"
restart: always
redis:
image: redis:5.0-alpine
container_name: librenms_redis
networks:
- librenms-network
environment:
- "TZ=${TZ}"
restart: always
msmtpd:
image: crazymax/msmtpd:latest
container_name: librenms_msmtpd
networks:
- librenms-network
env_file:
- "./msmtpd.env"
restart: always
librenms:
image: librenms/librenms:latest
container_name: librenms
hostname: librenms
networks:
- librenms-network
cap_add:
- NET_ADMIN
- NET_RAW
ports:
- target: 8000
published: 8000
protocol: tcp
depends_on:
- db
- redis
- msmtpd
volumes:
- "./librenms:/data"
env_file:
- "./librenms.env"
environment:
- "TZ=${TZ}"
- "PUID=${PUID}"
- "PGID=${PGID}"
- "DB_HOST=db"
- "DB_NAME=${MYSQL_DATABASE}"
- "DB_USER=${MYSQL_USER}"
- "DB_PASSWORD=${MYSQL_PASSWORD}"
- "DB_TIMEOUT=60"
restart: always
dispatcher:
image: librenms/librenms:latest
container_name: librenms_dispatcher
hostname: librenms-dispatcher
networks:
- librenms-network
cap_add:
- NET_ADMIN
- NET_RAW
depends_on:
- librenms
- redis
volumes:
- "./librenms:/data"
env_file:
- "./librenms.env"
environment:
- "TZ=${TZ}"
- "PUID=${PUID}"
- "PGID=${PGID}"
- "DB_HOST=db"
- "DB_NAME=${MYSQL_DATABASE}"
- "DB_USER=${MYSQL_USER}"
- "DB_PASSWORD=${MYSQL_PASSWORD}"
- "DB_TIMEOUT=60"
- "DISPATCHER_NODE_ID=dispatcher1"
- "SIDECAR_DISPATCHER=1"
restart: always
syslogng:
image: librenms/librenms:latest
container_name: librenms_syslogng
hostname: librenms-syslogng
networks:
- librenms-network
cap_add:
- NET_ADMIN
- NET_RAW
depends_on:
- librenms
- redis
ports:
- target: 514
published: 514
protocol: tcp
- target: 514
published: 514
protocol: udp
volumes:
- "./librenms:/data"
env_file:
- "./librenms.env"
environment:
- "TZ=${TZ}"
- "PUID=${PUID}"
- "PGID=${PGID}"
- "DB_HOST=db"
- "DB_NAME=${MYSQL_DATABASE}"
- "DB_USER=${MYSQL_USER}"
- "DB_PASSWORD=${MYSQL_PASSWORD}"
- "DB_TIMEOUT=60"
- "SIDECAR_SYSLOGNG=1"
restart: always
snmptrapd:
image: librenms/librenms:latest
container_name: librenms_snmptrapd
hostname: librenms-snmptrapd
networks:
- librenms-network
cap_add:
- NET_ADMIN
- NET_RAW
depends_on:
- librenms
- redis
ports:
- target: 162
published: 162
protocol: tcp
- target: 162
published: 162
protocol: udp
volumes:
- "./librenms:/data"
env_file:
- "./librenms.env"
environment:
- "TZ=${TZ}"
- "PUID=${PUID}"
- "PGID=${PGID}"
- "DB_HOST=db"
- "DB_NAME=${MYSQL_DATABASE}"
- "DB_USER=${MYSQL_USER}"
- "DB_PASSWORD=${MYSQL_PASSWORD}"
- "DB_TIMEOUT=60"
- "SIDECAR_SNMPTRAPD=1"
restart: always
- 第一次啟動時 docker compose logs librenms 一直出現 librenms | nginx: [emerg] socket() [::]:8000 failed (97: Address family not supported by protocol)
* 主要是該 VM 沒有啟用支援 ipv6, 因此必須將 nginx 內的設定檔關閉 Listen ipv6
- 修改 compose.yml 設定 LISTEN_IPV6=false
:
librenms:
image: librenms/librenms:latest
:
environment:
:
- "LISTEN_IPV6=false"
:
- 重新啟動
docker compose up -d
===== 參考網址 =====
* https://hub.docker.com/r/librenms/librenms
* https://github.com/librenms/docker
{{tag>K8s LibreNMS}}