[Debian] Debian 11.2 (bullseye) 安裝 新版 telegraf + influxDB 1.8.10 + Grafana 8.3.6

[Debian] Debian 11.2 (bullseye) 安裝 新版 telegraf + influxDB + Grafana 8.3.6

 

#Step 01 – 基本安裝

Install InfluxDB on Debian 11 (bullseye) Linux

sudo apt update
sudo apt install -y gnupg2 curl wget
wget -qO- https://repos.influxdata.com/influxdb.key | sudo apt-key add -
echo "deb https://repos.influxdata.com/debian bullseye stable" | sudo tee /etc/apt/sources.list.d/influxdb.list

安裝DB

wget https://dl.influxdata.com/influxdb/releases/influxdb_1.8.10_amd64.deb
sudo dpkg -i influxdb_1.8.10_amd64.deb

# 啟動
sudo systemctl enable --now influxdb

# 確認服務

systemctl status influxdb

# 先新增管理者

curl -XPOST "http://localhost:8086/query" --data-urlencode "q=CREATE USER username WITH PASSWORD 'strongpassword' WITH ALL PRIVILEGES"

systemctl restart influxdb
systemctl status influxdb

修改設定 認證
$ sudo vim /etc/influxdb/influxdb.conf 
修改
[http]
 auth-enabled = true


influxDB 資料庫指令

SHOW MEASUREMENTS


# 設定 telegraf

#sudo apt update
#sudo apt -y install telegraf 

wget https://dl.influxdata.com/telegraf/releases/telegraf_1.21.4-1_amd64.deb
sudo dpkg -i telegraf_1.21.4-1_amd64.deb

systemctl status telegraf

 

#Step 02 – 安裝Grafana

#$ echo deb http://nginx.org/packages/debian/ stretch nginx | sudo tee /etc/apt/sources.list.d/nginx.list
$ echo "deb http://nginx.org/packages/mainline/debian `lsb_release -cs` nginx" | sudo tee /etc/apt/sources.list.d/nginx.list
$ wget http://nginx.org/keys/nginx_signing.key && sudo apt-key add nginx_signing.key 
$ sudo apt update && apt install nginx -y

需要注意的是，這一步安裝的 Nginx 和系統自帶的 nginx 的配置目錄略有區別，可以用一下幾個簡單的命令修正：
讓設定習慣不用改變
sudo mkdir /etc/nginx/{sites-available,sites-enabled}
sudo mv /etc/nginx/conf.d/* /etc/nginx/sites-available
sudo rmdir -f /etc/nginx/conf.d/
sudo perl -pi -e 's/conf.d/sites-enabled/g' /etc/nginx/nginx.conf

要設定一下設定檔連結
ln -s /etc/nginx/sites-available/default.conf /etc/nginx/sites-enabled/

mkdir -p /var/www/html

chown -R nginx:nginx /var/www/html

檢查 nginx 設定檔是否正確

nginx -t

重新啟動 nginx 並 設定開機啟動

systemctl restart nginx 
systemctl enable nginx 

設定ssl

mkdir /etc/nginx/ssl

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=TW/ST=Taiwan/L=Taipei/O=MongoDB/OU=IT/CN=mylocaldomain.com/emailAddress=admin@mylocaldomain.com"


###############
server {
        listen 80 default_server;
        listen [::]:80 default_server;

  # 導向至 HTTPS
  rewrite ^(.*) https://$host$1 permanent;
}
server {
        # SSL 設定
        listen 443 ssl default_server;
        listen [::]:443 ssl default_server;

        # 憑證與金鑰的路徑
        ssl_certificate /etc/nginx/ssl/nginx.crt;
        ssl_certificate_key /etc/nginx/ssl/nginx.key;
        client_max_body_size 100M;
        # SSL configuration
        #
        # listen 443 ssl default_server;
        # listen [::]:443 ssl default_server;
        #
        # Note: You should disable gzip for SSL traffic.
        # See: https://bugs.debian.org/773332
        #
        # Read up on ssl_ciphers to ensure a secure configuration.
        # See: https://bugs.debian.org/765782
        #
        # Self signed certs generated by the ssl-cert package
        # Don't use them in a production server!
        #
        # include snippets/snakeoil.conf;

        root /var/www/html;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html index.php;

        server_name _;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }
#
        location ~ \.php$ {
            #try_files $uri /index.php =404;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass   unix:/var/run/php/php8.0-fpm.sock;
            fastcgi_index  index.php;
            #fastcgi_param  SCRIPT_FILENAME /var/www/html/$fastcgi_script_name;
            fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include        fastcgi_params;
        }
#
        location /grafana/ {
            proxy_pass http://localhost:3000/;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-Host $host;
            proxy_set_header X-Forwarded-Server $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

        location ^~ /jenkins/ {
                proxy_set_header        Host              $host;
                proxy_set_header        X-Real-IP         $remote_addr;
                proxy_set_header        X-Forwarded-For   $proxy_add_x_forwarded_for;
                proxy_set_header        X-Forwarded-Proto $http_x_forwarded_proto;
                proxy_set_header        X-Forwarded-Port  $http_x_forwarded_port;
                proxy_max_temp_file_size 0;

                #proxy_pass              http://localhost:8080/jenkins/;
                proxy_pass              http://127.0.0.1:8080/jenkins/;
                # The following settings from https://wiki.jenkins-ci.org/display/JENKINS/Running+Hudson+behind+Nginx
                sendfile off;

                # Required for new HTTP-based CLI
                proxy_http_version      1.1;
                proxy_request_buffering off;
                # This is the maximum upload size
                client_max_body_size       10m;
                client_body_buffer_size    128k;

        }
        # pass PHP scripts to FastCGI server
        #
        #location ~ \.php$ {
        #       include snippets/fastcgi-php.conf;
        #
        #       # With php-fpm (or other unix sockets):
        #       fastcgi_pass unix:/run/php/php7.3-fpm.sock;
        #       # With php-cgi (or other tcp sockets):
        #       fastcgi_pass 127.0.0.1:9000;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #       deny all;
        #}
}


###############

 

#Step 03 – 安裝Grafana 8.1.2

sudo apt-get install -y adduser libfontconfig1
wget https://dl.grafana.com/oss/release/grafana_8.3.6_amd64.deb
sudo dpkg -i grafana_8.3.6_amd64.deb

systemctl daemon-reload
systemctl start grafana-server
systemctl enable grafana-server.service

安裝套件
grafana-cli plugins install grafana-piechart-panel

grafana-cli plugins install grafana-worldmap-panel

grafana-cli plugins install natel-discrete-panel

grafana-cli plugins install grafana-image-renderer

grafana-cli plugins install flant-statusmap-panel

grafana-cli plugins install grafana-clock-panel

grafana-cli plugins install cloudflare-app

#安裝流程圖 for 架構圖使用
grafana-cli plugins install agenty-flowcharting-panel

######
raintank-worldping-app
Missing signature
digrich-bubblechart-panel
Missing signature
worldping-cta
Missing signature
worldping-endpoint-list
Missing signature
worldping-endpoint-nav
###########
grafana-cli plugins install jdbranham-diagram-panel
# 氣泡圖
grafana-cli plugins install digrich-bubblechart-panel
#
grafana-cli plugins install raintank-worldping-app
# json資料
grafana-cli plugins install grafana-simple-json-datasource
#zabbix報警
grafana-cli plugins install alexanderzobnin-zabbix-app

vi /etc/grafana/grafana.ini

#  修改
# The http port  to use
;http_port = 3000

# The public facing domain name used to access grafana from a browser與送出連結有關
;domain = localhost
;domain = xxx.xxx.xxx.xxx

# Redirect to correct domain if host header does not match domain
# Prevents DNS rebinding attacks
;enforce_domain = false

# The full public facing url you use in browser, used for redirects and emails
# If you use reverse proxy and sub path specify full url (with sub path)
;root_url = %(protocol)s://%(domain)s:%(http_port)s/
root_url = %(protocol)s://%(domain)s/grafana/

systemctl start grafana-server

##### 將sqlite3 換成 mariadb mysql  
create database argus_grafana;
GRANT USAGE ON `argus_grafana`.* to 'grafana'@'127.0.0.1' identified by 'gIWeWCa2k8GuMJSM61';
GRANT ALL PRIVILEGES ON `argus_grafana`.* to 'grafana'@'127.0.0.1' with grant option;
flush privileges;

#################################### Database ####################################
[database]
# You can configure the database connection by specifying type, host, name, user and password
# as separate properties or as on string using the url properties.

# Either "mysql", "postgres" or "sqlite3", it's your choice
;type = sqlite3
;host = 127.0.0.1:3306
;name = grafana
;user = root
# If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
;password =
type = mysql
host = 127.0.0.1:3306
name = argus_grafana
user = grafana
password = gIWeWCa2k8GuMJSM61
#url = mysql://grafana:gIWeWCa2k8GuMJSM61@127.0.0.1:3306/argus_grafana

 

#Step 04 –

安裝 

mysql -u root -p

CREATE DATABASE kanboard CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT ALL PRIVILEGES ON kanboard.* TO 'kanboard'@'localhost' IDENTIFIED BY 'mypassword';
FLUSH PRIVILEGES;
\q

wget https://github.com/kanboard/kanboard/archive/v1.2.10.tar.gz


wget https://github.com/kanboard/kanboard/archive/refs/tags/v1.2.20.tar.gz

tar -xvf v1.2.20.tar.gz

cp -r kanboard-1.2.20 /var/www/html/kanboard

cd /var/www/html/kanboard
cp config.default.php config.php

vi config.php


// Database driver: sqlite, mysql or postgres (sqlite by default)
define('DB_DRIVER', 'mysql');

// Mysql/Postgres username
define('DB_USERNAME', 'kanboard');

// Mysql/Postgres password
define('DB_PASSWORD', 'password');

// Mysql/Postgres hostname
define('DB_HOSTNAME', 'localhost');

// Mysql/Postgres database name
define('DB_NAME', 'kanboard');

chown -R nginx:nginx /var/www/html/kanboard


###############
server {
        listen       80;
        server_name  example.com;
        index        index.php;
        root         /var/www/html/kanboard;
        client_max_body_size 32M;

        location / {
            try_files $uri $uri/ /index.php$is_args$args;
        }

        location ~ \.php$ {
            try_files $uri =404;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_index index.php;
            include fastcgi_params;
        }

#        location ~* ^.+\.(log|sqlite)$ {
#            return 404;
#        }
#
#        location ~ /\.ht {
#            return 404;
#        }
#
#        location ~* ^.+\.(ico|jpg|gif|png|css|js|svg|eot|ttf|woff|woff2|otf)$ {
#            log_not_found off;
#            expires 7d;
#            etag on;
#        }
#
#        gzip on;
#        gzip_comp_level 3;
#        gzip_disable "msie6";
#        gzip_vary on;
#        gzip_types
#            text/javascript
#            application/javascript
#            application/json
#            text/xml
#            application/xml
#            application/rss+xml
#            text/css
#            text/plain;
    }


systemctl restart php8.0-fpm.service

Plugins
Plugin folder:

define('PLUGINS_DIR', 'data/plugins');
Enable/disable plugin installation from the user interface:

開啟插件
define('PLUGIN_INSTALLER', false); // Default is false since Kanboard v1.2.8
Change default plugin directory URL:

define('PLUGIN_API_URL', 'https://kanboard.org/plugins.json');

 

#Step 05 – telegraf 設定檔

###############################################################################
#                                  Start                                      #
###############################################################################
# Global Agent Configuration
[global_tags]

# Configuration for telegraf agent
[agent]
    interval = "10s"
    debug = false
#    hostname = "server-hostname"
    hostname = ""
    round_interval = true
    flush_interval = "10s"
    flush_jitter = "0s"
    collection_jitter = "0s"
    metric_batch_size = 1000
    metric_buffer_limit = 10000
    quiet = false
    logfile = ""
    omit_hostname = false
        precision = ""

###############################################################################
#                                  OUTPUTS                                    #
###############################################################################

# Output Plugin InfluxDB
[[outputs.influxdb]]
    database = "telegraf"
    urls = [ "http://127.0.0.1:8086" ]
    username = "telegraf"
    password = "metricsmetricsmetricsmetrics"
    retention_policy = ""

###############################################################################
#                                  INPUTS                                     #
###############################################################################
#Read metrics about cpu usage
[[inputs.cpu]]
  ## Whether to report per-cpu stats or not
 percpu = true
  ## Whether to report total system cpu stats or not
 totalcpu = true
  ## If true, collect raw CPU time metrics.
 collect_cpu_time = false
#If true, compute and report the sum of all non-idle CPU states.
  report_active = false
  fielddrop = ["time_guest","time_guest_nice","time_irq","time_nice","time_softirq","time_steal","usage_guest","usage_guest_nice","usage_irq","usage_nice","usage_softirq","usage_steal"]
#Read metrics about disk usage by mount point
[[inputs.disk]]
#Read metrics about disk IO by device
[[inputs.diskio]]
[[inputs.io]]
#Get kernel statistics from /proc/stat
[[inputs.kernel]]
#Read metrics about memory usage
[[inputs.mem]]
#Get the number of processes and group them by status
[[inputs.processes]]
#Read metrics about swap memory usage
[[inputs.swap]]
#Read metrics about system load & uptime
[[inputs.system]]
#Read stats about given file(s)
[[inputs.filestat]]
#Read formatted metrics from one or more HTTP endpoints
[[inputs.http]]
#Collect statistics about itself
[[inputs.internal]]
#This plugin gathers interrupts data from /proc/interrupts and /proc/softirqs.
[[inputs.interrupts]]
#Collect virtual and real server stats from Linux IPVS
[[inputs.ipvs]]
#Get kernel statistics from /proc/vmstat
[[inputs.kernel_vmstat]]
#Provides Linux sysctl fs metrics
[[inputs.linux_sysctl_fs]]
#Aggregates the contents of multiple files into a single point
[[inputs.multifile]]
#Read metrics about network interface usage
[[inputs.net]]
#Collect response time of a TCP or UDP connection
[[inputs.net_response]]
#Read TCP metrics such as established, time wait and sockets counts.
[[inputs.netstat]]
#Collect kernel snmp counters and network interface statistics
[[inputs.nstat]]
[[inputs.synproxy]]
#Monitor process cpu and memory usage
[[inputs.procstat]]
pattern = "httpd|java|python|telegraf|tomcat8|htop|apache2|www-data"
user = "daemon|root|telegraf|www-data|tomcat8"
#Sysstat metrics collector
[[inputs.sysstat]]
#Gather systemd units state
[[inputs.systemd_units]]
#Read metrics of ZFS from arcstats, zfetchstats, vdev_cache_stats, and pools
[[inputs.zfs]]

 

#Step 06 –

 

#Step 07 –

 

#Step 08 –

 

#Step 09 –

 

#Step 10 – 備用安裝

useradd -M -r -s /bin/false prometheus

mkdir /etc/prometheus /var/lib/prometheus

指定版本
VER=2.26.0

wget https://github.com/prometheus/prometheus/releases/download/v$VER/prometheus-$VER.linux-amd64.tar.gz


tar xzf prometheus-$VER.linux-amd64.tar.gz

cp prometheus-$VER.linux-amd64/{prometheus,promtool} /usr/local/bin/

chown prometheus:prometheus /usr/local/bin/{prometheus,promtool}

cp -r prometheus-$VER.linux-amd64/{consoles,console_libraries} /etc/prometheus/


cp prometheus-$VER.linux-amd64/prometheus.yml /etc/prometheus/

less /etc/prometheus/prometheus.yml

chown -R prometheus:prometheus /etc/prometheus

chown -R prometheus:prometheus /var/lib/prometheus

prometheus --config.file=/etc/prometheus/prometheus.yml


cat > /etc/systemd/system/prometheus.service << 'EOL'
[Unit]
Description=Prometheus Time Series Collection and Processing Server
Wants=network-online.target
After=network-online.target

[Service]
User=prometheus
Group=prometheus
Type=simple
ExecStart=/usr/local/bin/prometheus \
    --config.file /etc/prometheus/prometheus.yml \
    --storage.tsdb.path /var/lib/prometheus/ \
    --web.console.templates=/etc/prometheus/consoles \
    --web.console.libraries=/etc/prometheus/console_libraries

[Install]
WantedBy=multi-user.target
EOL

systemctl daemon-reload

systemctl enable --now  prometheus

systemctl status prometheus