cacti各类插件使用

cacti本身自带了很多监控插件,如cpu,系统负载,磁盘等等。但是对于一些服务我们就必须另外找插件了。
现在我这边有用到的有nginx, apache, mysql, memcached, iis这几种

先说nginx插件。
http://forums.cacti.net/about26458.html
首先要在被监控服务器的nginx.conf文件中加上如下内容

location /nginx_status {
        stub_status on;
    # disable access_log if requared
    access_log   off;
        #allow XX.YY.AA.ZZ;
    #allow YY.ZZ.JJ.CC;
        #deny all;
}

最后再重启下nginx就可以了。上面内容可以根据自己需求进行更改的。

在监控服务器上

cp get_nginx_clients_status.pl /scripts/
cp get_nginx_socket_status.pl /scripts/
chmod 0755 /scripts/get_nginx_socket_status.pl
chmod 0755 /scripts/get_nginx_clients_status.pl

然后通过命令行验证是否可以正确运行

./get_nginx_clients_status.pl http://www.example.com/nginx_status

如果能看到如下内容表示能正常运行了
nginx_accepts:1169 nginx_handled:1169 nginx_requests:1225

最后就是cacti中导入模板,再添加新的图片就可以了。上面这些按照readme本身提供的信息就可以顺利的安装完成。

nginx

接着是apache插件
http://forums.cacti.net/about25227.html
首先是要给被监控服务器上的apache加上mod_status模块,一般默认是装的

bin/apxs -i -c -a /usr/local/source/httpd-2.2.8/modules/generators/mod_status.c

-i 表示安装

-c 编译

-a 自动增加 LoadModule 到httpd.conf中

修改httpd.conf文件


SetHandler server-status

Order Deny,Allow
Deny from all
Allow from 允许访问的IP

ExtendedStatus On     //这句千万要加上,apache官方文档上没有这个,如果不增加这个,就不能得到apache使用率等等信息。

打上补丁后一定要关闭apache再开启,不能restart和graceful
最后应该看到的形式为http://192.168.0.1/server-status
看到跟http://www.apache.org/server-status 这样的内容就算成功了

在监控服务器上

cp ss_apache_stats.php scripts/

最后通过命令行运行下是否能获取到相关数据
接着就是在cacti中导入模板,添加主机就可以了。

apache

下面是mysql的插件
http://forums.cacti.net/about24223.html

特别注意,如果是mysql5.0.2以上版本,需要修改mysql_stats.php
首先是打开mysql_stats.php文件
搜索 “$result_stat = @mysql_query(“SHOW STATUS”);” (一般在19行)
把 SHOW STATUS 替换为 SHOW /*!50002 GLOBAL */ STATUS

首先要在被监控的mysql中添加新用户,这个用户只需要process权限就可

GRANT PROCESS ON *.* TO cactiuser@'监控机IP' IDENTIFIED by 'password';
cp mysql_stats.php  /scripts/
chown 755 mysql_stats.php

接着在命令行中运行看看是否能取到数据

MySQL – QCache statistics:

php -q /scripts/mysql_stats.php cache
MySQL - Single Statistics:

php -q /scripts/mysql_stats.php status
MySQL - Handler statistics:

php -q /scripts/mysql_stats.php handler
MySQL - Command statistics:

php -q /scripts/mysql_stats.php command
MySQL - Thread statistics:

php -q /scripts/mysql_stats.php thread

最后也是在cacti中导入模板,添加主机就可以了

特别注意
cacti_graph_template_mysql_single_statistics.xml 这个模板需要自定义一个监控值,这个可以根据自己需求来,我自己就用了Qcache_hits
如果导入模板后打开Graph Debug Mode后有 (–unit/–y-grid) 这样的报错那只要在图片模板中把Unit Grid Value (–unit/–y-grid)
Use Per-Graph Value (Ignore this Value) 这个设置为空就可以了

mysql1

接着是memcache的监控
http://dealnews.com/developers/cacti/memcached.html

先要在被监控服务器上安装python-memcached

wget ftp://ftp.tummy.com/pub/python-memcached/python-memcached-1.43.tar.gz

解压后

python setup.py install

如果提示无法安装,那需要先安装下面这个

wget http://peak.telecommunity.com/dist/ez_setup.py
python ez_setup.py

接着再安装python-memcached就可

在监控服务器上

cp memcached.py  /scripts/
chown 755 memcached.py

接着在命令行中手工执行
python /scripts/memcached.py

如果能取得数据那再在cacti中添加相关模板和主机就可以了。

memcache

最后是对iis服务器的监控
http://forums.cacti.net/about12464.html
这个模板似乎只能对windows 2003和windows 2003 sp1有效,所以如果你是windows2000的话就要自行修改了
iis监控很容易,只要上传模板,添加主机就行了。

需要注意的是
iis_network_statistics的图片模板中y值中b要去掉
network是byte计算

<img class=”aligncenter size-full wp-image-219″ title=”iis1″ src=”https://zauc.files.wordpress.com/2008/08/iis1.jpg&#8221; alt=”iis1″ width=”459″ height=”323″ /

Advertisements

vsftp虚拟用户和目录

vsftpd虚拟用户安装手册

目的:所有帐户存在一个文件内,而不是系统内。每个虚拟帐户都可以拥有自己独立的目录

安装过程不说了。

#cat vsftpd.conf

# Example config file /etc/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
listen=YES
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
use_localtime=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=www
#
# You may override where the log file goes if you like. The default is shown
# below.
xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format
#xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd.banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd.chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
chroot_local_user=YES
#secure_chroot_dir=/home/pplive/res
guest_enable=YES
guest_username=virtual_user
user_config_dir=/etc/vsftpd_user_conf
user_sub_token=$USER

还需要安装的软件是db4-util,根据各自系统不同来进行安装

首先是建立一个ftp总的帐户

useradd virtual_user -d /home/ftp/ -s /sbin/nologin

vi /etc/vsftpd/vsftpd_login
tom       //用户名
123       //密码

#建立用户数据库
db_load -T -t hash -f vsftpd_login /etc/vsftpd/vsftpd_login.db

#改变文件属性
chmod 600 /etc/vsftp/vsftpd_login.db

建立PAM文件,告诉系统你要使用自己的数据库了)
看看另一个文件vsftpd.pam,它有两行内容:

vi vsftpd.pam
auth required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login
account required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login

cp vsftpd.pam /etc/pam.d/ftp

mkdir /etc/vsftpd_user_conf/$USER
vi $USER
local_root=/home/ftp/$USER
anon_umask=002
write_enable=YES
anon_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES

$USER根据实际情况替换

cacti数据合并

http://www.hiadmin.com/cacti%E8%BF%9B%E9%98%B6%E5%BA%94%E7%94%A8%E4%B8%80%EF%BC%9A%E6%B1%87%E6%80%BB%E6%B5%81%E9%87%8F%E5%9B%BE-%E5%B0%86%E6%95%B0%E6%8D%AE%E5%90%88%E5%B9%B6%E5%90%8E%E4%BD%9C%E5%9B%BE/
上面是我参考的原文。
但是我需要的是数据的合并,并不是像原文中那种独立展示的。
在add items中原文如下:
data source:数据来源就是你要汇总的流量之一;
color:选择颜色这里可以任意选择;
Graph Item Type:图形(我选择的是AREA区域类型,要累加的流量图请选择stack)
CDEF Function:这里一定要选择“Turn bytes into Bits”

在第二项中Graph Item Type中,原文中说如果要累加的话要使用stack,但是在实践过程中我发现,在第一个item必须使用AREA,而不是stack,第二个开始启用stack类型。

mysql slave同步慢问题解决

mysql的master和slave是一般系统上经常使用到的一个。
但是这个模式有个很大的问题,slave机器一直都是通过单线程模式来运行,这个其实就已经算是瓶颈了。
第二,涉及到网络环境,如果交换机网络广播较多,或者跨交换机,那同步的速度也还是非常慢的。
第三,slave机器CPU和内存起码得跟master一样才行。
第四:sql语句优化,以及数据库的优化。经常查看下slow log会是很有帮助的。其实这个是最重要的对于数据库层面的同步。如果在master 经常通过show full processlist会出现语句,那只能说明SQL写的太烂了。
第五:数据库引擎的选择,这个要根据业务类型来选择。
第六:是选择state replication还是row replication还是混合也是根据自己的业务类型来选择,可以通过监控线程中是select还是update以及insert多来考虑。

http://forums.mysql.com/read.php?26,225394,225394
这里介绍了一种新的replication方式。但是国内还甚少看到有人用这个,所以出了问题一般也就在mail list中找答案了。
同时mysql已经准备发布replication的第二版本,已经能够支持多线程了。试目以待