[Debian] Debian 11.2 (bullseye) 安裝 新版 telegraf + influxDB + Grafana 8.3.6
#Step 01 – 基本安裝
Install InfluxDB on Debian 11 (bullseye) Linux
sudo apt update
sudo apt install -y gnupg2 curl wget
wget -qO- https://repos.influxdata.com/influxdb.key | sudo apt-key add -
echo "deb https://repos.influxdata.com/debian bullseye stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
安裝DB
wget https://dl.influxdata.com/influxdb/releases/influxdb_1.8.10_amd64.deb
sudo dpkg -i influxdb_1.8.10_amd64.deb
# 啟動
sudo systemctl enable --now influxdb
# 確認服務
systemctl status influxdb
# 先新增管理者
curl -XPOST "http://localhost:8086/query" --data-urlencode "q=CREATE USER username WITH PASSWORD 'strongpassword' WITH ALL PRIVILEGES"
systemctl restart influxdb
systemctl status influxdb
修改設定 認證
$ sudo vim /etc/influxdb/influxdb.conf
修改
[http]
auth-enabled = true
influxDB 資料庫指令
SHOW MEASUREMENTS
# 設定 telegraf
#sudo apt update
#sudo apt -y install telegraf
wget https://dl.influxdata.com/telegraf/releases/telegraf_1.21.4-1_amd64.deb
sudo dpkg -i telegraf_1.21.4-1_amd64.deb
systemctl status telegraf
#Step 02 – 安裝Grafana
#$ echo deb http://nginx.org/packages/debian/ stretch nginx | sudo tee /etc/apt/sources.list.d/nginx.list
$ echo "deb http://nginx.org/packages/mainline/debian `lsb_release -cs` nginx" | sudo tee /etc/apt/sources.list.d/nginx.list
$ wget http://nginx.org/keys/nginx_signing.key && sudo apt-key add nginx_signing.key
$ sudo apt update && apt install nginx -y
需要注意的是,這一步安裝的 Nginx 和系統自帶的 nginx 的配置目錄略有區別,可以用一下幾個簡單的命令修正:
讓設定習慣不用改變
sudo mkdir /etc/nginx/{sites-available,sites-enabled}
sudo mv /etc/nginx/conf.d/* /etc/nginx/sites-available
sudo rmdir -f /etc/nginx/conf.d/
sudo perl -pi -e 's/conf.d/sites-enabled/g' /etc/nginx/nginx.conf
要設定一下設定檔連結
ln -s /etc/nginx/sites-available/default.conf /etc/nginx/sites-enabled/
mkdir -p /var/www/html
chown -R nginx:nginx /var/www/html
檢查 nginx 設定檔是否正確
nginx -t
重新啟動 nginx 並 設定開機啟動
systemctl restart nginx
systemctl enable nginx
設定ssl
mkdir /etc/nginx/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=TW/ST=Taiwan/L=Taipei/O=MongoDB/OU=IT/CN=mylocaldomain.com/emailAddress=admin@mylocaldomain.com"
###############
server {
listen 80 default_server;
listen [::]:80 default_server;
# 導向至 HTTPS
rewrite ^(.*) https://$host$1 permanent;
}
server {
# SSL 設定
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
# 憑證與金鑰的路徑
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
client_max_body_size 100M;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html index.php;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
#
location ~ \.php$ {
#try_files $uri /index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME /var/www/html/$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
#
location /grafana/ {
proxy_pass http://localhost:3000/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ^~ /jenkins/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
proxy_max_temp_file_size 0;
#proxy_pass http://localhost:8080/jenkins/;
proxy_pass http://127.0.0.1:8080/jenkins/;
# The following settings from https://wiki.jenkins-ci.org/display/JENKINS/Running+Hudson+behind+Nginx
sendfile off;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
# This is the maximum upload size
client_max_body_size 10m;
client_body_buffer_size 128k;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/run/php/php7.3-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
###############
#Step 03 – 安裝Grafana 8.1.2
sudo apt-get install -y adduser libfontconfig1
wget https://dl.grafana.com/oss/release/grafana_8.3.6_amd64.deb
sudo dpkg -i grafana_8.3.6_amd64.deb
systemctl daemon-reload
systemctl start grafana-server
systemctl enable grafana-server.service
安裝套件
grafana-cli plugins install grafana-piechart-panel
grafana-cli plugins install grafana-worldmap-panel
grafana-cli plugins install natel-discrete-panel
grafana-cli plugins install grafana-image-renderer
grafana-cli plugins install flant-statusmap-panel
grafana-cli plugins install grafana-clock-panel
grafana-cli plugins install cloudflare-app
#安裝流程圖 for 架構圖使用
grafana-cli plugins install agenty-flowcharting-panel
######
raintank-worldping-app
Missing signature
digrich-bubblechart-panel
Missing signature
worldping-cta
Missing signature
worldping-endpoint-list
Missing signature
worldping-endpoint-nav
###########
grafana-cli plugins install jdbranham-diagram-panel
# 氣泡圖
grafana-cli plugins install digrich-bubblechart-panel
#
grafana-cli plugins install raintank-worldping-app
# json資料
grafana-cli plugins install grafana-simple-json-datasource
#zabbix報警
grafana-cli plugins install alexanderzobnin-zabbix-app
vi /etc/grafana/grafana.ini
# 修改
# The http port to use
;http_port = 3000
# The public facing domain name used to access grafana from a browser與送出連結有關
;domain = localhost
;domain = xxx.xxx.xxx.xxx
# Redirect to correct domain if host header does not match domain
# Prevents DNS rebinding attacks
;enforce_domain = false
# The full public facing url you use in browser, used for redirects and emails
# If you use reverse proxy and sub path specify full url (with sub path)
;root_url = %(protocol)s://%(domain)s:%(http_port)s/
root_url = %(protocol)s://%(domain)s/grafana/
systemctl start grafana-server
##### 將sqlite3 換成 mariadb mysql
create database argus_grafana;
GRANT USAGE ON `argus_grafana`.* to 'grafana'@'127.0.0.1' identified by 'gIWeWCa2k8GuMJSM61';
GRANT ALL PRIVILEGES ON `argus_grafana`.* to 'grafana'@'127.0.0.1' with grant option;
flush privileges;
#################################### Database ####################################
[database]
# You can configure the database connection by specifying type, host, name, user and password
# as separate properties or as on string using the url properties.
# Either "mysql", "postgres" or "sqlite3", it's your choice
;type = sqlite3
;host = 127.0.0.1:3306
;name = grafana
;user = root
# If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
;password =
type = mysql
host = 127.0.0.1:3306
name = argus_grafana
user = grafana
password = gIWeWCa2k8GuMJSM61
#url = mysql://grafana:gIWeWCa2k8GuMJSM61@127.0.0.1:3306/argus_grafana
#Step 04 –
安裝
mysql -u root -p
CREATE DATABASE kanboard CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT ALL PRIVILEGES ON kanboard.* TO 'kanboard'@'localhost' IDENTIFIED BY 'mypassword';
FLUSH PRIVILEGES;
\q
wget https://github.com/kanboard/kanboard/archive/v1.2.10.tar.gz
wget https://github.com/kanboard/kanboard/archive/refs/tags/v1.2.20.tar.gz
tar -xvf v1.2.20.tar.gz
cp -r kanboard-1.2.20 /var/www/html/kanboard
cd /var/www/html/kanboard
cp config.default.php config.php
vi config.php
// Database driver: sqlite, mysql or postgres (sqlite by default)
define('DB_DRIVER', 'mysql');
// Mysql/Postgres username
define('DB_USERNAME', 'kanboard');
// Mysql/Postgres password
define('DB_PASSWORD', 'password');
// Mysql/Postgres hostname
define('DB_HOSTNAME', 'localhost');
// Mysql/Postgres database name
define('DB_NAME', 'kanboard');
chown -R nginx:nginx /var/www/html/kanboard
###############
server {
listen 80;
server_name example.com;
index index.php;
root /var/www/html/kanboard;
client_max_body_size 32M;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
}
# location ~* ^.+\.(log|sqlite)$ {
# return 404;
# }
#
# location ~ /\.ht {
# return 404;
# }
#
# location ~* ^.+\.(ico|jpg|gif|png|css|js|svg|eot|ttf|woff|woff2|otf)$ {
# log_not_found off;
# expires 7d;
# etag on;
# }
#
# gzip on;
# gzip_comp_level 3;
# gzip_disable "msie6";
# gzip_vary on;
# gzip_types
# text/javascript
# application/javascript
# application/json
# text/xml
# application/xml
# application/rss+xml
# text/css
# text/plain;
}
systemctl restart php8.0-fpm.service
Plugins
Plugin folder:
define('PLUGINS_DIR', 'data/plugins');
Enable/disable plugin installation from the user interface:
開啟插件
define('PLUGIN_INSTALLER', false); // Default is false since Kanboard v1.2.8
Change default plugin directory URL:
define('PLUGIN_API_URL', 'https://kanboard.org/plugins.json');
#Step 05 – telegraf 設定檔
###############################################################################
# Start #
###############################################################################
# Global Agent Configuration
[global_tags]
# Configuration for telegraf agent
[agent]
interval = "10s"
debug = false
# hostname = "server-hostname"
hostname = ""
round_interval = true
flush_interval = "10s"
flush_jitter = "0s"
collection_jitter = "0s"
metric_batch_size = 1000
metric_buffer_limit = 10000
quiet = false
logfile = ""
omit_hostname = false
precision = ""
###############################################################################
# OUTPUTS #
###############################################################################
# Output Plugin InfluxDB
[[outputs.influxdb]]
database = "telegraf"
urls = [ "http://127.0.0.1:8086" ]
username = "telegraf"
password = "metricsmetricsmetricsmetrics"
retention_policy = ""
###############################################################################
# INPUTS #
###############################################################################
#Read metrics about cpu usage
[[inputs.cpu]]
## Whether to report per-cpu stats or not
percpu = true
## Whether to report total system cpu stats or not
totalcpu = true
## If true, collect raw CPU time metrics.
collect_cpu_time = false
#If true, compute and report the sum of all non-idle CPU states.
report_active = false
fielddrop = ["time_guest","time_guest_nice","time_irq","time_nice","time_softirq","time_steal","usage_guest","usage_guest_nice","usage_irq","usage_nice","usage_softirq","usage_steal"]
#Read metrics about disk usage by mount point
[[inputs.disk]]
#Read metrics about disk IO by device
[[inputs.diskio]]
[[inputs.io]]
#Get kernel statistics from /proc/stat
[[inputs.kernel]]
#Read metrics about memory usage
[[inputs.mem]]
#Get the number of processes and group them by status
[[inputs.processes]]
#Read metrics about swap memory usage
[[inputs.swap]]
#Read metrics about system load & uptime
[[inputs.system]]
#Read stats about given file(s)
[[inputs.filestat]]
#Read formatted metrics from one or more HTTP endpoints
[[inputs.http]]
#Collect statistics about itself
[[inputs.internal]]
#This plugin gathers interrupts data from /proc/interrupts and /proc/softirqs.
[[inputs.interrupts]]
#Collect virtual and real server stats from Linux IPVS
[[inputs.ipvs]]
#Get kernel statistics from /proc/vmstat
[[inputs.kernel_vmstat]]
#Provides Linux sysctl fs metrics
[[inputs.linux_sysctl_fs]]
#Aggregates the contents of multiple files into a single point
[[inputs.multifile]]
#Read metrics about network interface usage
[[inputs.net]]
#Collect response time of a TCP or UDP connection
[[inputs.net_response]]
#Read TCP metrics such as established, time wait and sockets counts.
[[inputs.netstat]]
#Collect kernel snmp counters and network interface statistics
[[inputs.nstat]]
[[inputs.synproxy]]
#Monitor process cpu and memory usage
[[inputs.procstat]]
pattern = "httpd|java|python|telegraf|tomcat8|htop|apache2|www-data"
user = "daemon|root|telegraf|www-data|tomcat8"
#Sysstat metrics collector
[[inputs.sysstat]]
#Gather systemd units state
[[inputs.systemd_units]]
#Read metrics of ZFS from arcstats, zfetchstats, vdev_cache_stats, and pools
[[inputs.zfs]]
#Step 06 –
#Step 07 –
#Step 08 –
#Step 09 –
#Step 10 – 備用安裝
useradd -M -r -s /bin/false prometheus
mkdir /etc/prometheus /var/lib/prometheus
指定版本
VER=2.26.0
wget https://github.com/prometheus/prometheus/releases/download/v$VER/prometheus-$VER.linux-amd64.tar.gz
tar xzf prometheus-$VER.linux-amd64.tar.gz
cp prometheus-$VER.linux-amd64/{prometheus,promtool} /usr/local/bin/
chown prometheus:prometheus /usr/local/bin/{prometheus,promtool}
cp -r prometheus-$VER.linux-amd64/{consoles,console_libraries} /etc/prometheus/
cp prometheus-$VER.linux-amd64/prometheus.yml /etc/prometheus/
less /etc/prometheus/prometheus.yml
chown -R prometheus:prometheus /etc/prometheus
chown -R prometheus:prometheus /var/lib/prometheus
prometheus --config.file=/etc/prometheus/prometheus.yml
cat > /etc/systemd/system/prometheus.service << 'EOL'
[Unit]
Description=Prometheus Time Series Collection and Processing Server
Wants=network-online.target
After=network-online.target
[Service]
User=prometheus
Group=prometheus
Type=simple
ExecStart=/usr/local/bin/prometheus \
--config.file /etc/prometheus/prometheus.yml \
--storage.tsdb.path /var/lib/prometheus/ \
--web.console.templates=/etc/prometheus/consoles \
--web.console.libraries=/etc/prometheus/console_libraries
[Install]
WantedBy=multi-user.target
EOL
systemctl daemon-reload
systemctl enable --now prometheus
systemctl status prometheus
沒有留言:
張貼留言