ICQMX.NET

SNMP is a protocol to manage and monitor network devices. mrtg can capture the SNMP monitored data, analyze the data and generate the graphs. Previously, I used SNMP and mrtg to monitor my home server’s network traffic and CPU usage. However, mrtg is not quite powerful. RRDtool is a good substitution, but it’s very difficult to use. Therefore, I’m currently using cacti to help me to call RRDtool to generate the graphs. Cacti is actually a web based PHP software. So the installation path of cacti must be accessible by web server.

Environment: CentOS 5.3

Basic Setup:

Install some missing packages:
yum install intltool
yum install cairo-devel
yum install pango-devel
yum install net-snmp
yum install net-snmp-libs
yum install net-snmp-utils

Change some settings of snmpd:
vim /etc/snmp/snmpd.conf
Search:
com2sec notConfigUser default public
Replace:
com2sec notConfigUser 127.0.0.1 public

Give more permissions
Search:

view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
Replace:
view systemview included .1.3.6.1.2.1
view systemview included .1.3.6.1.2.1.25.1.1

Search:
access notConfigGroup "" any noauth exact systemview none none
Replace:
access notConfigGroup "" any noauth exact all none none

Search:
#view all included .1 80
Replace (Remove comment):
view all included .1 80

Restart snmpd:
/etc/init.d/snmpd restart

turn on snmpd automatically when Linux starts:
ntsysv

Install RRDtool:
tar zxvf rrdtool-1.3.8.tar.gz
cd rrdtool-1.3.8
./configure --prefix=/usr/local/rrdtool
make
make install

Create cacti database:
mysql -u root -p
CREATE DATABASE cacti;
INSERT INTO mysql.user(Host,User,Password) VALUES ('localhost','cacti',password('cacti'));
FLUSH PRIVILEGES;
GRANT ALL PRIVILEGES ON cacti.* to cacti@localhost IDENTIFIED BY 'cacti';
\q

Install cacti:
tar zxvf cacti-0.8.7e.tar.gz
mv cacti-0.8.7e /home/admin/
/home/admin/cacti-0.8.7e /home/admin/cacti

Import cacti tables:
mysql -u cacti -pcacti cacti < /home/admin/cacti/cacti.sql

Edit cacti configurations:
vim /home/admin/cacti/include/config.php
Change to be like this:
$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cacti";
$database_password = "cacti";
$database_port = "3306";

Then, you can open your web browser to use cacti. Just simply follow the instruction to setup cacti. The following error may be shown as /usr/local/rrdtool/bin/rrdtool is not the default RRDTool installation path.

[NOT FOUND] RRDTool Binary Path: The path to the rrdtool binary.

Therefore, define the path of RRDTool installed previrously:
/usr/local/rrdtool/bin/rrdtool

The default username and password are admin

crontab configuration:
This step can update the cacti required information every five minutes.

Edit crontab file:
vim /etc/crontab
And add the following line at the end:
*/5 * * * * root /usr/local/php5/bin/php /home/admin/cacti/poller.php > /dev/null 2>&1
Where /usr/local/php5/bin/php is the binary execution of PHP.

More cacti configurations (monitoring network interface):
By default, cacti only shows the basic hardware configuration. But I also want it to display network interface information. Here is the configuration steps:

1. Enable cacti SNMP v2 parsing:
   In my experience, it does not work when I choose default value “Not In use”.
   Devices > [Description] > SNMP Version: Version 2
2. Add Interface data source:
   Devices > [Description] > Data Source List (Top Right) > Add (Top Right)
   Choose:
   Selected Data Template: Interface – Traffic
   Host: [Description] 127.0.0.1
   click Create button.
3. Select network interface:
   New Graphs > Select interface (e.g. eth0) > Create

Static graphs generation:
If you want to show this graphs to public without login. You can generation the static pages and graphs.

1. Create a directory first (e.g. /home/admin/public)
2. Login Cacti and goto Console. Click Settings under Configuration part.
3. Click Graph Export
4. Input an associated path (i.e. /home/admin/public) in Export Directory (both local and ftp) field
5. The graphs will be generated every five minutes by default.

Integrated lm_sensors to show the graph of CPU temperature:
** Before doing this part, please ensure the sensors driver is installed and lm_sensors is properly configured.

In this example, cacti is installed in /home/admin/cacti.

1. Download cacti-netsnmp-lmsensors.0.8.tar.gz and extract it:
   tar zxvf cacti-netsnmp-lmsensors.0.8.tar.gz
2. Copy scripts/ss_netsnmp_lmsensors.php to the /home/admin/cacti/scripts/ directory.
3. Copy the XML files in resource/0.8.7/ to the /home/admin/cacti/resource/script_server/ directory
4. Login to Cacti console and click Import Templates from the menu
5. Upload the associated XML file (i.e. netsnmp_lmsensors_thermal_data_query_template.xml) from the templates folder that is extracted previously
6. Devices > [Description]. In Associated Data Queries tab, add ucd/net – lmSensors – Thermal Sensors. You may click Verbose Query to check whether the temperature data can be obtained.
7. Click New Graphs in the left menu. You can focus on Data Query [ucd/net - lmSensors - Thermal Sensors] to select the sensors that you want to monitor.

However, I found that different sensors device may use different object identifier (OID) to identify the CPU temperature. So you may need to modify the $oid_array (about line 313) of ss_netsnmp_lmsensors.php. In my f71882fg sensors, the OID is:
“sensorIndex” => “.1.3.6.1.4.1.2021.13.16.5.1.1″
“sensorName” => “.1.3.6.1.4.1.2021.13.16.5.1.2″
“sensorReading” => “.1.3.6.1.4.1.2021.13.16.5.1.3″

Integrated hddtemp to show the graph of Harddisk temperature:
** Please be also reminded that hddtemp must be installed and the hddtemp daemon must be started as well.

In my example, I have two hard disks, and my cacti is installed in /home/admin/cacti. Here is the command to start hddtemp daemon with two hard disks:
/usr/sbin/hddtemp -d /dev/sda /dev/sdb

I recommend to add above line to /etc/rc.local. The daemon will automatically start when the Linux starts.

1. Download cacti-linux-hddtemp-1.0.tar.gz and extract it:
   tar zxvf cacti-linux-hddtemp-1.0.tar.gz
2. Copy hddtemp.php to the /home/admin/cacti/scripts/ directory.
3. Copy hddtemp.xml to the /home/admin/cacti/resource/script_queries/ directory
4. Login to Cacti console and click Import Templates from the left menu
5. Upload the basic template XML file (i.e. cacti_template_linux_hddtemp_disk_temperature.xml). If you want grouping graph (e.g. monitoring two hard disks in the same graph), please also upload an related graph template
   (e.g. cacti_graph_template_linux_hddtemp_disk_temperature_2x.xml for two hard disks)
6. Devices > [Description]. In Associated Data Queries tab, add Linux – hddtemp – disk temperature. You may click Verbose Query to check whether the temperature data can be obtained.
7. Click New Graphs in the left menu. In the Graph Templates part, Create field, select Linux – hddtemp – disk temperature. In the Data Query [Linux - hddtemp - disk temperature] part, tick the check boxes of /dev/sda and /dev/sdb. Then you can click the Create button. If you don’t want to change the title, just can Create button again.
8. Click Graph Management in the left menu. Click [Description] – Disks temperature hyperlink which the associated template name is Linux – hddtemp – Disk temperature 2x. Select below matching:
   Disk 1: [Description] – Disks temperature /dev/sda
   Disk 2: [Description] – Disks temperature /dev/sdb
9. In Graph Management page, you may delete the single-disk graphs, but you must select Leave the data sources untouched.
10. Actually the setup should be done. But my graph only shows the second line. Therefore, I click Graph Templates > Linux – hddtemp – Disk temperature 2x. Click Item # 1 and Item # 5.
    For Item # 1:
    Data Source: Linux – hddtemp – Disk temperature – (temperature)
    Graph Item Type: Area
    For Item # 5:
    Data Source: Linux – hddtemp – Disk temperature – (temperature)
    Graph Item Type: Line1
    
    Going back to previous page (Linux – hddtemp – Disk temperature 2x), in Graph Item Inputs part, delete unnecessary items except Disk1 and Disk2, and set it to Disk 1 maps to Item1-4 and Disk 2 maps to Item5-8.
    
    Click Graph Management in the left menu, click [Description] Disks temperature and choose again Disk 1 and Disk 2. That’s all!

References:
Linux Pilot 2009年7月號(Vol. 81)
Eric A. Hall – - Software Projects – - Cacti lmSensors/Net-SNMP Sensor Readings
hddtemp template for cacti

I have just checked the hard disk status of my Linux home server. I found that the hard disk has already run for 20845 hours (868 days). Also, it displays there are 94 errors occurred. I guess it may malfunction suddenly. Although S.M.A.R.T is just a reference and it is not 100% accurate, it is better to do a full backup to prevent data loss.

Useful S.M.A.R.T command usages:
Prints all SMART information
smartctl -a /dev/hda
Show device SMART health status
smartctl -H /dev/hda

Since Discuz (a PHP based BBS application) don’t support TLS SMTP (Gmail), I setup a relay SMTP server using Postfix yesterday. Relay SMTP Server is like a middleman. When the site administrator want to send mail notifications to their members, Discuz first connects to the middleman (Relay SMTP Server) instead of Gmail (because Discuz don’t support TLS SMTP), and the middleman will redirect such emails to Gmail SMTP server. Finally, the mails are delivered to recipients by Gmail.

After you have done SMTP relay, not only work in Discuz, other PHP applications that use mail() function should work as well.

I’ve tried below steps in my CentOS 4.5 and Fedora 10 servers, both distributions work and the emails are able to send out via PHP mail() function.

In my scenario, both SMTP Server (Postfix) and Discuz (or other mail PHP applications) are installed on the same server. Otherwise, it is necessary to do some additional configurations on your Postfix and your PHP application must support ESMTP.

 
Before you do:
You must enable Gmail IMAP (with SMTP) function. Details:
http://mail.google.com/support/bin/answer.py?answer=77695

 
Basic commands:
Install postfix and change to appropriate directory:
yum install postfix
mkdir /etc/postfix/certs
cd /etc/postfix/certs

 
Create own certificate authority (CA):
For CentOS4:
/usr/share/ssl/misc/CA -newca
For CentOS 5/Fedora 10:
/etc/pki/tls/misc/CA -newca

Follow the prompts and make intelligent responses.

 
Create the client keys/certs:
Again with intelligent responses and ensuring you use the same common name and country code.
openssl genrsa -out postfixclient.key 1024
openssl req -new -key postfixclient.key -out postfixclient.csr
openssl ca -out ./postfixclient.pem -infiles postfixclient.csr

 
Amend Postfix configuration:
Open /etc/postfix/main.cf:
vim /etc/postfix/main.cf

And add the following lines:
relayhost = [smtp.gmail.com]:587
smtp_connection_cache_destinations = smtp.gmail.com
relay_destination_concurrency_limit = 1
smtp_sasl_auth_enable=yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_use_tls = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_note_starttls_offer = yes
tls_random_source = dev:/dev/urandom
smtp_tls_scert_verifydepth = 5
smtp_tls_key_file=/etc/postfix/certs/postfixclient.key
smtp_tls_cert_file=/etc/postfix/certs/postfixclient.pem
smtp_tls_enforce_peername = no
smtpd_tls_req_ccert =no
smtpd_tls_ask_ccert = yes

Create username and password database:
vim /etc/postfix/sasl_passwd

In /etc/postfix/sasl_passwd, add the following lines:
[smtp.gmail.com]:587 username@gmail.com:password
username@gmail.com is your Gmail login account and you must provide the corresponding password.

Enter the following commands and Postfix will parse the password file:
postmap /etc/postfix/sasl_passwd

 
Change appropriate permissions:
Other users cannot see the password files.
chmod 640 /etc/postfix/sasl_passwd*
chgrp postfix /etc/postfix/sasl_passwd*

The configuration is complete! Restart Postfix after you make any change:
/etc/init.d/postfix restart

 
Testing (optional):
This step will send an email to test whether it is configured successfully.
telnet 127.0.0.1 25
EHLO 127.0.0.1
MAIL FROM: username@gmail.com
RCPT TO: receipent@xxx.com
DATA
HIHI
If you can see this email, it means that the SMTP relay is configured successfully.
.
(Don’t forget to enter dot at the end)

 
Discuz configuration:
In mail_config.inc.php under Discuz root directory, change $mailsend option to 1 because your local server has already supported mail sending. For example:
$mailsend = 1;    // sendmail type
               //   0=do not send any mails
               //   1=send via PHP mail() function and UNIX sendmail
               //   2=send via Discuz! SMTP/ESMTP interface
               //   3=send via PHP mail() and SMTP(only for win32, do not support ESMTP)

 
References:
http://souptonuts.sourceforge.net/postfix_tutorial.html
http://www.wormly.com/blog/2008/11/05/relay-gmail-google-smtp-postfix/

Few months ago, I converted my another blog’s database character set from latin1 to utf8. The following is my conversion steps.

Prepared Software

• MySQL 4.1 or later
• Unicode Text Editor (eg. Notepad++)
• phpMyAdmin (Optional)

 
1. Export the database
I used mysqldump command to export the database to SQL file. I am not sure whether it works with phpMyAdmin. Please let me know if this way works. It is very important to set default-character-set to latin1.
mysqldump -h localhost --user=[username] -p --default-character-set=latin1 --insert-ignore --skip-set-charset [database] > dump.sql

 
2. Replace SQL statements
This procedure is replacing the charset keywords from latin1 to utf8 inside a SQL file, so that the collation of tables will be set to utf8. It is recommended to use Notepad++. If the Chinese characters can be shown in the text editor, it mean you have chosen a correct editor and the previous step is right. The replacing strings are the following:

Find:
DEFAULT CHARSET=latin1
Replace:
DEFAULT CHARSET=utf8
Now you can save it as dump_utf8.sql. And do NOT save it directly (file name:dump.sql) becuase this SQL file is for backup.

 
3. Modify the default Collation
When you create the new tables in the future, new tables will be set to the default character set, latin1. Therefore, it is suggested to modify the default Collation to utf8. You could choose either MySQL monitor or phpMyAdmin to modify and the below example is using MySQL monitor.

Login to MySQL:
mysql --user=[username] -p

After logged in, input the following SQL statement:
ALTER DATABASE [database] DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;

 
4. Import the modified SQL file
I also selected MySQL monitor to import the modified SQL file. Please make sure that the default-character-set is utf8 in this time.
mysql --user=[username] -p --default-character-set=utf8 [database]< dump_utf8.sql

 
5. Change web applications configuration
The conversion is basically completed. If you find the text of your web application unable to show correctly, you are needed to change the charset setting. For example:

WordPress (wp-config.php)
define( 'DB_CHARSET', 'utf8');
Discuz (config.inc.php)
$dbcharset = 'utf8';