差異處

這裏顯示兩個版本的差異處。

--- tech:k8s_librenms [2024/01/29 12:15] – [設定告警條件(Alert Rules)] jonathan
+++ tech:k8s_librenms [2025/02/27 14:14] (目前版本) – 增加驗證 Service(Nagios_Plugin) 設定參數 jonathan
@@ 行 65: / 行 65: @@
 docker compose exec librenms lnms device:add 10.0.0.197 -c mypass001
 </cli>
-  * 手動執行掃描自動加入監控節點 <cli>
+  * 手動執行掃描自動加入監控節點
+    - 掃描參數設定
+      - [Global Settings]->[Discovery]->[Networks]->[Autodiscovery Networks] 加入掃描網路範圍 Exp. 10.0.0.0/24
+      - [Global Settings]->[Poller]->[SNMP]->[Communities (priority)] 加入 SNMP Agent 端的 Communities Exp. nms_ckey001 (預設 public)
+    - 進行自動掃描<cli>
 docker compose exec librenms ./snmp-scan.py
 </cli>
+  * 設定每小時自動掃描自動加入監控節點
+    - 建立 cron.txt <file>
+* * * * cd /var/librenms && docker compose exec librenms ./snmp-scan.py > /tmp/snmp-scan.log 2>&1
+</file>
+    - 啟動 crontab <cli>
+crontab cron.txt
+crontab -l
+</cli>
+===== 驗證 Service(Nagios_Plugin) 設定參數 =====
+  * 如果不確定參數該如何下可以正確運作, 可以先使用 cli 模式進行驗證 Exp. 檢查 Mail Server(192.168.11.241) 的 smtps / imaps / pop3s 的 SSL 憑證是否過期 <cli>
+docker compose exec -it librenms /usr/lib/monitoring-plugins/check_ssmtp -H 192.168.11.241 -p 465 -S -D 30,7 --sni mail.ichiayi.com
+docker compose exec -it librenms /usr/lib/monitoring-plugins/check_spop -H 192.168.11.241 -p 995 -S -D 25,7 --sni mail.ichiayi.com
+docker compose exec -it librenms /usr/lib/monitoring-plugins/check_simap -H 192.168.11.241 -p 993 -S -D 25,7 --sni mail.ichiayi.com
+</cli>
+    * Nagios_Plugin 存放在 librenms 容器內的 /usr/lib/monitoring-plugins/
+    * 如果確定可以正確運作, service 的 parameter 欄位內容就是 -H 192.168.11.241 之後的參數字串 Exp. -p 465 -S -D 30,7 --sni mail.ichiayi.com
 ===== 設定告警條件(Alert Rules) =====
@@ 行 91: / 行 112: @@
 :
 </cli>修改 snmpd.conf 後重啟 snmpd 服務就可
+    * 如果重新開機 docker network 網段會改變, 可以指定固定網段的 Docker 網路 Exp. librenms-network 修改 compose.yml<cli>
+name: librenms
+networks:
+  librenms-network:
+    name: librenms-network
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.20.0.0/16
+          gateway: 172.20.0.1
+services:
+  db:
+    image: mariadb:10.5
+    container_name: librenms_db
+    networks:
+      - librenms-network
+    command:
+      - "mysqld"
+      - "--innodb-file-per-table=1"
+      - "--lower-case-table-names=0"
+      - "--character-set-server=utf8mb4"
+      - "--collation-server=utf8mb4_unicode_ci"
+    volumes:
+      - "./db:/var/lib/mysql"
+    environment:
+      - "TZ=${TZ}"
+      - "MYSQL_ALLOW_EMPTY_PASSWORD=yes"
+      - "MYSQL_DATABASE=${MYSQL_DATABASE}"
+      - "MYSQL_USER=${MYSQL_USER}"
+      - "MYSQL_PASSWORD=${MYSQL_PASSWORD}"
+    restart: always
+  redis:
+    image: redis:5.0-alpine
+    container_name: librenms_redis
+    networks:
+      - librenms-network
+    environment:
+      - "TZ=${TZ}"
+    restart: always
+  msmtpd:
+    image: crazymax/msmtpd:latest
+    container_name: librenms_msmtpd
+    networks:
+      - librenms-network
+    env_file:
+      - "./msmtpd.env"
+    restart: always
+  librenms:
+    image: librenms/librenms:latest
+    container_name: librenms
+    hostname: librenms
+    networks:
+      - librenms-network
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    ports:
+      - target: 8000
+        published: 8000
+        protocol: tcp
+    depends_on:
+      - db
+      - redis
+      - msmtpd
+    volumes:
+      - "./librenms:/data"
+    env_file:
+      - "./librenms.env"
+    environment:
+      - "TZ=${TZ}"
+      - "PUID=${PUID}"
+      - "PGID=${PGID}"
+      - "DB_HOST=db"
+      - "DB_NAME=${MYSQL_DATABASE}"
+      - "DB_USER=${MYSQL_USER}"
+      - "DB_PASSWORD=${MYSQL_PASSWORD}"
+      - "DB_TIMEOUT=60"
+    restart: always
+  dispatcher:
+    image: librenms/librenms:latest
+    container_name: librenms_dispatcher
+    hostname: librenms-dispatcher
+    networks:
+      - librenms-network
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    depends_on:
+      - librenms
+      - redis
+    volumes:
+      - "./librenms:/data"
+    env_file:
+      - "./librenms.env"
+    environment:
+      - "TZ=${TZ}"
+      - "PUID=${PUID}"
+      - "PGID=${PGID}"
+      - "DB_HOST=db"
+      - "DB_NAME=${MYSQL_DATABASE}"
+      - "DB_USER=${MYSQL_USER}"
+      - "DB_PASSWORD=${MYSQL_PASSWORD}"
+      - "DB_TIMEOUT=60"
+      - "DISPATCHER_NODE_ID=dispatcher1"
+      - "SIDECAR_DISPATCHER=1"
+    restart: always
+  syslogng:
+    image: librenms/librenms:latest
+    container_name: librenms_syslogng
+    hostname: librenms-syslogng
+    networks:
+      - librenms-network
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    depends_on:
+      - librenms
+      - redis
+    ports:
+      - target: 514
+        published: 514
+        protocol: tcp
+      - target: 514
+        published: 514
+        protocol: udp
+    volumes:
+      - "./librenms:/data"
+    env_file:
+      - "./librenms.env"
+    environment:
+      - "TZ=${TZ}"
+      - "PUID=${PUID}"
+      - "PGID=${PGID}"
+      - "DB_HOST=db"
+      - "DB_NAME=${MYSQL_DATABASE}"
+      - "DB_USER=${MYSQL_USER}"
+      - "DB_PASSWORD=${MYSQL_PASSWORD}"
+      - "DB_TIMEOUT=60"
+      - "SIDECAR_SYSLOGNG=1"
+    restart: always
+  snmptrapd:
+    image: librenms/librenms:latest
+    container_name: librenms_snmptrapd
+    hostname: librenms-snmptrapd
+    networks:
+      - librenms-network
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    depends_on:
+      - librenms
+      - redis
+    ports:
+      - target: 162
+        published: 162
+        protocol: tcp
+      - target: 162
+        published: 162
+        protocol: udp
+    volumes:
+      - "./librenms:/data"
+    env_file:
+      - "./librenms.env"
+    environment:
+      - "TZ=${TZ}"
+      - "PUID=${PUID}"
+      - "PGID=${PGID}"
+      - "DB_HOST=db"
+      - "DB_NAME=${MYSQL_DATABASE}"
+      - "DB_USER=${MYSQL_USER}"
+      - "DB_PASSWORD=${MYSQL_PASSWORD}"
+      - "DB_TIMEOUT=60"
+      - "SIDECAR_SNMPTRAPD=1"
+    restart: always
+</cli>
   - 第一次啟動時 docker compose logs librenms 一直出現 librenms  | nginx: [emerg] socket() [::]:8000 failed (97: Address family not supported by protocol)
     * 主要是該 VM 沒有啟用支援 ipv6, 因此必須將 nginx 內的設定檔關閉 Listen ipv6