Just Installed Cacti 1.2.23 Network Monitoring Tool on CentOS Stream 9 And it Was Smooth

Just Installed Cacti 1.2.23 Network Monitoring Tool on CentOS Stream 9 And it Was Smooth

If you work in network operations especially managing routers, switches, firewalls and servers, then you definitely have interacted with this amazing tool called Cacti.

Cacti is an open source, network monitoring and graphing tool written in PHP/MySQL. It uses the RRDTool (Round-robin database tool) engine to store data and generate graphics, and collects periodical data through Net-SNMP (an application suite to implement SNMP—Simple Network Management Protocol).

In this article, am going to take you through a step by step installation of Cacti on Linux CentOS Stream 9. You will need root privileges to your OS to be able to go through this installation.

Step 1: Update Your OS Packages to the Latest Version

This helps to maintain the most recent security and bug patches in your system by keeping your OS update up to date.

The following command will check the repositories for newer packages and update them. The -y option means to automatically answer yes to any prompts. You can use the –exclude option to exclude specific packages from the update. Alternatively, you can use the dnf upgrade command, which is more conservative and only updates the packages that have no dependency issues:

# dnf update -y

Step 2: Install Cacti Dependencies (net-snmp, net-snmp-utils, net-snmp-libs and rrdtool)

Net-SNMP is a suite of software for using and deploying the SNMP protocol (v1, v2c and v3 and the AgentX subagent protocol). SNMP stands for Simple Network Management Protocol, which is a standard way of monitoring and managing network devices, such as routers, switches, servers, printers, etc. Net-SNMP supports various network transports, such as IPv4, IPv6, IPX, AAL5, Unix domain sockets and others. Net-SNMP contains a generic client library, a suite of command line applications, a highly extensible SNMP agent, perl modules and python modules.

Net-snmp-utils is a package that contains various utilities for use with the Net-SNMP network management project. These utilities include command line applications for managing your network using the SNMP protocol, such as snmpget, snmpset, snmpstatus, snmptest, snmptrap, and snmpwalk. You can use these utilities to communicate with SNMP agents on your network devices and perform various operations, such as retrieving or modifying information, sending or receiving traps, or walking through a MIB tree.

Net-snmp-libs is a package that contains the libraries for the Net-SNMP network management project. These libraries provide the core functionality for the SNMP protocol, such as encoding and decoding SNMP messages, sending and receiving SNMP packets, handling SNMP errors, etc. The net-snmp-libs package is required by the net-snmp package, which contains the SNMP agent, and the net-snmp-utils package, which contains the SNMP utilities.

RRDtool is a software tool for data logging and graphing of time series data, such as network bandwidth, temperatures, CPU load, etc. RRDtool stands for round-robin database tool, because it stores the data in a circular buffer based database that has a fixed size and a fixed time span. This means that the data is automatically aggregated and archived according to different resolutions and consolidation functions, such as average, minimum, maximum, etc. RRDtool can be easily integrated in shell scripts, perl, python, ruby, lua or tcl applications. It also has a graph function that can present the data in a customizable graphical format, such as PNG, EPS, PDF or SVG. RRDtool can be used for various purposes, such as monitoring system performance, network traffic, weather data, sensor readings, etc.

The following command will install net-snmp, net-snmp-utils, net-snmp-libs and rrdtool:


# dnf install net-snmp net-snmp-utils net-snmp-libs rrdtool -y

At this point you can start the SNMPD process and also enable it to start at server boot time, that is making the SNMPD process persistent through server reboots. SNMPD is a daemon that implements the SNMP protocol on Linux OS. SNMPD acts as an SNMP agent, which binds to a port and awaits requests from SNMP management software. Upon receiving a request, it processes the request, collects the requested information and/or performs the requested operations and returns the information to the sender. SNMPD can be configured using the /etc/snmp/snmpd.conf file.

The following command will start the SNMPD service:

# systemctl start snmpd

The following command will enable SNMPD service to start at boot time:

# systemctl enable snmpd

Step 3: Install Apache Web Server, MariaDB Server, PHP and other necessary PHP extensions

Httpd is a software program that acts as a web server using the HTTP and/or HTTPS protocols. Httpd stands for Hypertext Transfer Protocol Daemon, which means it is a process that runs in the background and waits for incoming client requests. Httpd can serve static or dynamic web content, such as HTML pages, images, scripts, etc. Httpd can also send HTTP error messages if the requested resource is not found or not accessible. Httpd is a common name for web server software, especially on Unix-like operating systems (Linux). There are different implementations of httpd, such as Apache HTTP Server, Nginx, Lighttpd, etc. Each implementation may have different features, configuration options and performance characteristics. For this particular installation, we shall make use of the Apache Web Server.

MariaDB is a database server that is compatible with MySQL, which means it can use the same data and commands as MySQL. MariaDB was created by some of the original developers of MySQL, who wanted to keep the project open source and independent from Oracle, the company that acquired MySQL in 2010. MariaDB has some features and improvements that MySQL does not have, such as better performance, scalability, security and compatibility. Cacti requires a database server to store its configuration and user data, and it can use either MySQL or MariaDB for this purpose. However, some users may prefer to use MariaDB over MySQL for various reasons, such as:

  • MariaDB is more actively developed and updated than MySQL.
  • MariaDB has more storage engines and plugins than MySQL, which can offer more flexibility and functionality.
  • MariaDB has better support for replication and clustering than MySQL, which can improve availability and reliability.
  • MariaDB has a more open and transparent development process than MySQL, which can foster more community involvement and trust.

Of course, there may also be some drawbacks or challenges in using MariaDB over MySQL, such as:

  • MariaDB may not be fully compatible with some applications or tools that are designed for MySQL, especially if they use some specific features or syntax that are not supported by MariaDB.
  • MariaDB may have some bugs or issues that are not present in MySQL, or vice versa, which can affect stability or performance.
  • MariaDB may require some additional configuration or tuning to work optimally with Cacti, especially if the default settings are different from MySQL.

Ultimately, the choice between MySQL and MariaDB depends on the user’s preferences, needs and environment. Both database servers can work well with Cacti, but they may have some advantages and disadvantages depending on the situation. For this particular installation, we shall stick to the MariaDB.

The following command will install httpd, mariadb-server, php, php extentions and all the dependacies required for cacti to function properly:

# dnf install httpd mariadb-server php php-xml php-session php-sockets php-ldap php-gd php-json php-mysqlnd php-gmp php-mbstring php-posix php-snmp php-intl -y

At this point we can start the httpd and mariadb services. And just like we did for snmpd, we want these services to start at boot time and remain persistent through server reboots.

The following command will start the Apache Web Service (httpd):

# systemctl start httpd

The following command will start the MariaDB service:

# systemctl start mariadb

The following command will enable HTTPD service to start at boot time:

# systemctl enable httpd

The following command will enable MariaDB service to start at boot time:

# systemctl enable mariadb

Step 4: Edit the php.in file and set the correct timezone

Here is a list of all the supported timezones

Use “vi” or “nano” to edit “/etc/php.ini” file as shown below, save and restart Apache Web Service:

date.timezone = Africa/Kampala
memory_limit = 512M
max_execution_time = 60

The following command will restart the Apache Web Service:

# systemctl restart httpd

Step 5: Creating Database, Database User and Configuring the MariaDB Settings

Login to the MariaDB shell and create a database named “cactidb” and a database user named “cacti

The following command starts MariaDB shell prompt:

# mysql

Once you gain access to the MariaDB shell, create a database named “cactidb”, and a database user named “cacti”.

The following command will create a database named “cactidb”:

MariaDB [(none)]> create database cactidb;

The following command will create a database user named “cacti” and set password “passw0rd1” and grant them access to “cactidb”. (Note: remember to set a unique password for your installation):

MariaDB [(none)]> GRANT ALL ON cactidb.* TO cacti@localhost IDENTIFIED BY 'passw0rd1';

Flush the privileges and exit from the MariaDB shell with the following command:

MariaDB [(none)]> flush privileges;
MariaDB [(none)]> exit;

Locate this file “/etc/my.cnf.d/mariadb-server.cnf” to configure MariaDB settings:

The following command is used to edit MariaDB settings.

# vi /etc/my.cnf.d/mariadb-server.cnf

Add the following lines inside [mysqld] section:

collation-server=utf8mb4_unicode_ci
character-set-server=utf8mb4
max_heap_table_size=32M
tmp_table_size=32M
join_buffer_size=64M
25% Of Total System Memory
innodb_buffer_pool_size=1GB
pool_size/128 for less than 1GB of memory
innodb_buffer_pool_instances=10
innodb_flush_log_at_timeout=3
innodb_read_io_threads=32
innodb_write_io_threads=16
innodb_io_capacity=5000
innodb_file_format=Barracuda
innodb_large_prefix=1
innodb_io_capacity_max=10000

Save and close the file when you are finished editing and then restart the MariaDB service to apply the changes:

# systemctl restart mariadb

Import the “mysql_test_data_timezone.sql” to mysql database with the following command (There is no password by default, just hit enter at the password prompt):

# mysql -u root -p mysql < /usr/share/mariadb/mysql_test_data_timezone.sql

Login to MariaDB shell and grant database user “cacti” access the mysql.time_zone_name table:

# mysql
MariaDB [(none)]> GRANT SELECT ON mysql.time_zone_name TO cacti@localhost;
MariaDB [(none)]> flush privileges;

MariaDB [(none)]> show variables like '%time_zone%';
MariaDB [(none)]> exit;

# systemctl restart mariadb

Step 6: Installing and Configuring Cacti

Cacti is not available in the default CentOS 9 repo, we need to add the EPEL (Extra Packages for Enterprise Linux) repo to our installation. The EPEL repository is a useful source of software for Enterprise Linux users who want to have more choices and flexibility than what’s in the official repositories.

The following command will install the EPEL repo to the OS:

# dnf install epel-release -y

Once the EPEL repository is installed, we can proceed to install Cacti.

The following command will install cacti:

# dnf install cacti -y

You can check your Cacti installation with the following command:

# rpm -qi cacti

Step 7: Importing Cacti data into cactidb, and defining database setting in the cacti config file

The following command will import cacti data from “/usr/share/doc/cacti/cacti.sql” file into cactidb (the cacti database):

# mysql -u root -p cactidb < /usr/share/doc/cacti/cacti.sql

Edit “/usr/share/cacti/include/config.phpconfiguration file and define the database settings:

# vi /usr/share/cacti/include/config.php

Change the following lines to match with your database:

$database_type = 'mysql';
$database_default = 'cactidb';
$database_hostname = 'localhost';
$database_username = 'cacti';
$database_password = 'passw0rd1';
$database_port = '3306';
$database_retries = 5;
$database_ssl = false;

Step 8: Creating a cronjob job for Cacti

The following command will add a system user named “cacti” (Note that the system user is different from the database user, this particular system user will be used to run the cacti cronjob. Alternatively you could choose to run the cronjob as root user):

# useradd -d /home/cacti -m cacti
# passwd cacti

Edit the “/etc/cron.d/cacti” file using vi:

# vi /etc/cron.d/cacti

Uncomment the following line (This means the poller.php script runs every 5mins and collects data which is used by Cacti to display graphs):

*/5 * * * * cacti /usr/bin/php /usr/share/cacti/poller.php > /dev/null 2>&1

The following command will make poller.php executable by user cacti:

# chmod 777 /usr/share/cacti/poller.php

Step 9: Configuring Apache Web Server Settings for Cacti

Access and edit the Apache virtual host configuration file for Cacti:

# vi /etc/httpd/conf.d/cacti.conf

Find the following lines:

Alias /cacti    /usr/share/cacti
 
<Directory /usr/share/cacti/>
        <IfModule mod_authz_core.c>
                     # httpd 2.4
                Require host localhost
        </IfModule>
        <IfModule !mod_authz_core.c>
                     # httpd 2.2
                Order deny,allow
                Deny from all
                Allow from localhost
        </IfModule>
</Directory>

And replace them with the following lines:

Alias /cacti    /usr/share/cacti
 
<Directory /usr/share/cacti/>
        <IfModule mod_authz_core.c>
                     # httpd 2.4
                Require all granted
        </IfModule>
        <IfModule !mod_authz_core.c>
                     # httpd 2.2
                Order deny,allow
                Deny from all
                Allow from all
        </IfModule>
</Directory>

Save and close the file when you are finished then restart the Apache and PHP-FPM service to apply the changes:

# systemctl restart httpd
# systemctl restart php-fpm

Step 10: Configuring FirewallD and SELinux to allow access to the cacti web service

You need to allow http and https services through the firewalld service to be able to access the cacti service via the web browser.

The following commands will permit http and https services in FirewallD:

# firewall-cmd --permanent --zone=public --add-service=http
# firewall-cmd --permanent --zone=public --add-service=https
# firewall-cmd --reload

Next, we also need to disable the SELinux in our OS and make it permissive.

You can disable the SELinux by editing “/etc/selinux/config” file:

# vi /etc/selinux/config

Find the following line:

SELINUX=enforcing

And replace it with the following line:

SELINUX=permissive

Save and close the file then reboot the system to apply the changes.

The following command will reboot the server:

# reboot

Step 11: First time access to the Cacti Web Interface and Completing Installation

At this point, you should be ready and excited to access your fresh Cacti Web GUI to complete the installation and setup. Open your web browser and access the Cacti web interface using the URL http://your-server-ip/cacti. You will be redirected to the Cacti login page:

Enter the default username and password as admin/admin then click on the Login button. You should see the Cacti password change screen. Proceed to enter the default password, new password and click on the Save button. You should see the Cacti license agreement page:

Tick the “Accept GPL License Agreement” and click on the Begin button. You should see the pre-installation check page:

Click on the “MySQL – Settings” to reveal the recommended MySQL performance tuning settings.
Go to MariaDB configuration file “/etc/my.cnf.d/mariadb-server.cnf” to edit these setting to the recommended values:

Restart “mysqld” service for the new changes to take effect:

# systemctl restart mysqld

Click on the refresh icon in the Cacti Pre-Installation Checks window to ensure that all warnings have now been cleared before moving to the next step:

Click next to move to Selecting your installation type. Select “New Primary Server” and click next

The next step is “Directory Permission Checks” – ensure the directory permissions are correct before proceeding to the next step.

The next step is “Critical Binary Locations and Versions”. Make sure all these values are correct before clicking next.

The next screen is “Input Validation Whitelist Protection”, Check the “I have read this statement” box and click next.

Next, define the “Default Profile” (5 Min Collection, 5 Min Cron Interval), click next.

Select the Device Templates that you wish to install now. Later on, through the Cacti Admin Portal, more Device Templates can be installed. In a few days, we’ll go over this in a different topic.

Next is Sever Collation, Database Collation and Table Setup

Implement the recommended database settings to clear the Database Collation warning:

# mysql
MariaDB [(none)]> ALTER DATABASE cactidb CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> exit

Click refresh in the installation wizard to make sure the “Database Collation” warning has been cleared before clicking next:

In the Table Setup, select all the tables to be converted during the installation process and click next.

At the confirmation screen, check the “Confirm Installation” box and then click “Install”

Wait for cacti server to complete installation and then click on “Get Started”

Congratulations! You have successfully completed installation of Cacti network monitoring tool, at this point you can add your first network devices and begin monitoring and creating graphs. I will post separate short articles on how to add devices on cacti and how to create graphs.

If you have any questions regarding cacti installation or if you landed on this article because you are having challenges with your cacti installation. Please feel free to engage with me on the Q & A forum on this website. Am active on this forum and will be able to respond to your queries as soon as possible.

JoshuaProfile

About the Author

Joshua Makuru Nomwesigwa is a seasoned Telecommunications Engineer with vast experience in IP Technologies; he eats, drinks, and dreams IP packets. He is a passionate evangelist of the forth industrial revolution (4IR) a.k.a Industry 4.0 and all the technologies that it brings; 5G, Cloud Computing, BigData, Artificial Intelligence (AI), Machine Learning (ML), Internet of Things (IoT), Quantum Computing, etc. Basically, anything techie because a normal life is boring.

Spread the word: