Centos7部署Open-Falcon监控

时间:2022-09-17 19:06:06

参考博主:努力哥完成

一、Open-Falcon介绍

1、监控系统,可以从运营级别(基本配置即可),以及应用级别(二次开发,通过端口进行日志上报),对服务器、操作系统、中间件、应用进行全面的监控,及报警,对我们的系统正常运行的作用非常重要。

2、基础监控

CPU、Load、内存、磁盘、IO、网络相关、内核参数、ss 统计输出、端口采集、核心服务的进程存活信息采集、关键业务进程资源消耗、NTP offset采集、DNS解析采集,这些指标,都是open-falcon的agent组件直接支持的。

Linux运维基础采集项:http://book.open-falcon.org/zh/faq/linux-metrics.html

对于这些基础监控选项全部理解透彻的时刻,也就是对Linux运行原理及命令进阶的时刻。

3、第三方监控

术业有专攻,运行在OS上的应用甚多,Open-Falcon的开发团队不可能把所有的第三方应用的监控全部做完,这个就需要开源社区提供更多的插件,当前对于很多常用的第三方应用都有相关插件了。

4、JVM监控

对于Java作为主要开发语言的大多数公司,对于JVM的监控不可或缺。

每个JVM应用的参数,比如GC、类加载、JVM内存、进程、线程,都可以上报给Falcon,而这些参数的获得,都可以通过MxBeans实现。

使用 Java 平台管理 bean:http://www.ibm.com/developerworks/cn/java/j-mxbeans/

5、业务应用监控

对于业务需要监控的接口,比如响应时间等。可以根据业务的需要,上报相关数据到Falcon,并通过Falcon查看结果。

二、Zabbix、Nagios、Open-Falcon这3大开源运维监控工具的比较

Centos7部署Open-Falcon监控

说明:Open-Falcon部署分为前端(客户端)和后端(服务端)

三、后端部署(服务端)

参考官方文档:https://book.open-falcon.org/zh_0_2/quick_install/prepare.html

1、系统环境

[root@open-falcon-server ~]# cat /etc/redhat-release 
CentOS Linux release 7.2.1511 (Core)

2、系统优化

#安装下载软件
yum install wget -y

#更换aliyun源

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

#下载epel源

yum install epel-release.noarch -y
rpm -Uvh http://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
yum clean all
yum makecache

#下载常用软件

yum install git telnet net-tools tree nmap sysstat lrzsz dos2unix tcpdump ntpdate -y

#配置时间同步

ntpdate cn.pool.ntp.org

#更改主机名

hostnamectl set-hostname open-falcon-server
hostname open-falcon-server

#开启缓存

sed -i 's#keepcache=0#keepcache=1#g' /etc/yum.conf 
grep keepcache /etc/yum.conf

#关闭selinux

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0

#关闭防火墙

systemctl stop firewalld.service
systemctl disable firewalld.service

3、软件环境准备

#安装 redis

yum install redis -y

#redis常用命令

redis-server     redis 服务端
 
redis-cli    redis 命令行客户端
 
redis-benchmark  redis 性能测试工具
 
redis-check-aof   AOF文件修复工具
 
redis-check-dump  RDB文件修复工具
 
redis-sentinel     Sentinel 服务端

#启动redis

 

[root@localhost ~]# redis-server &
[1] 3222
[root@localhost ~]# 3222:C 26 Feb 15:19:31.280 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
3222:M 26 Feb 15:19:31.280 * Increased maximum number of open files to 10032 (it was originally set to 1024).
                _._                                                  
           _.-``__ ''-._                                             
      _.-``    `.  `_.  ''-._           Redis 3.2.10 (00000000/0) 64 bit
  .-`` .-```.  ```\/    _.,_ ''-._                                   
 (    '      ,       .-`  | `,    )     Running in standalone mode
 |`-._`-...-` __...-.``-._|'` _.-'|     Port: 6379
 |    `-._   `._    /     _.-'    |     PID: 3222
  `-._    `-._  `-./  _.-'    _.-'                                   
 |`-._`-._    `-.__.-'    _.-'_.-'|                                  
 |    `-._`-._        _.-'_.-'    |           http://redis.io        
  `-._    `-._`-.__.-'_.-'    _.-'                                   
 |`-._`-._    `-.__.-'    _.-'_.-'|                                  
 |    `-._`-._        _.-'_.-'    |                                  
  `-._    `-._`-.__.-'_.-'    _.-'                                   
      `-._    `-.__.-'    _.-'                                       
          `-._        _.-'                                           
              `-.__.-'                                               

 

[root@localhost ~]# netstat -lntup|grep red
tcp        0      0 0.0.0.0:6379            0.0.0.0:*               LISTEN      3222/redis-server * 
tcp6       0      0 :::6379                 :::*                    LISTEN      3222/redis-server * 

#安装mysql

[root@open-falcon-server ~]#wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm  
[root@open-falcon-server ~]# rpm -ivh mysql-community-release-el7-5.noarch.rpm 
[root@open-falcon-server ~]#yum install -y mysql-server

#启动mysql并设置开机自启动

[root@open-falcon-server ~]# systemctl start mysqld.service
[root@open-falcon-server ~]# systemctl enable mysqld.service

#检查3306端口

[root@open-falcon-server ~]# netstat -lntup|grep 3306

4、初始化MySQL表结构(备注:导入表结构后,注意检查)

cd /tmp/ && git clone https://github.com/open-falcon/falcon-plus.git 
cd /tmp/falcon-plus/scripts/mysql/db_schema/
mysql -h 127.0.0.1 -u root -p < 1_uic-db-schema.sql
mysql -h 127.0.0.1 -u root -p < 2_portal-db-schema.sql
mysql -h 127.0.0.1 -u root -p < 3_dashboard-db-schema.sql
mysql -h 127.0.0.1 -u root -p < 4_graph-db-schema.sql
mysql -h 127.0.0.1 -u root -p < 5_alarms-db-schema.sql
rm -rf /tmp/falcon-plus/

#设置数据库密码 (备注:用户名:root ,密码: password )

[root@open-falcon-server open-falcon]# mysqladmin -uroot password "password"
Warning: Using a password on the command line interface can be insecure.

#检查导入的数据表

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| alarms             |
| dashboard          |
| falcon_portal      |
| graph              |
| mysql              |
| performance_schema |
| uic                |
+--------------------+
8 rows in set (0.00 sec)

5、配置Go语言开发环境

#安装go语言开发包(备注:安装需要epel源)

yum install golang -y

#检查版本

[root@open-falcon-server ~]# go version
 go version go1.8.3 linux/amd64

#查看go的安装路径

[root@open-falcon-server ~]# find / -name go
/etc/alternatives/go
/var/lib/alternatives/go
/usr/bin/go
/usr/lib/golang/src/cmd/go  #需要的是这个路径
/usr/lib/golang/src/go
/usr/lib/golang/bin/go
/usr/lib/golang/pkg/linux_amd64/go

#设置环境变量GOROOT和GOPATH

export GOROOT=/usr/lib/golang
export GOPATH=/home

6、下载编译好的二进制版本

下载地址:

直接下载官方编译好的二进制版本(x86 64位平台)

#开始安装open-falcon

[root@open-falcon-server ~]# export FALCON_HOME=/home/work
[root@open-falcon-server ~]# export WORKSPACE=$FALCON_HOME/open-falcon
[root@open-falcon-server ~]# mkdir -p $WORKSPACE
#上传软件
[root@open-falcon-server ~]# ll
-rw-r--r--. 1 root root 40031472 Oct 29 2017 open-falcon-v0.2.1.tar.gz
 
#解压
[root@open-falcon-server ~]# tar -xf open-falcon-v0.2.1.tar.gz -C $WORKSPACE
[root@open-falcon-server ~]# cd $WORKSPACE
<br>#查看解压结果
[root@open-falcon-server open-falcon]# ll
total 3896
drwxrwxr-x. 7 501 501      67 Aug 15 19:16 agent
drwxrwxr-x. 5 501 501      40 Aug 15 19:16 aggregator
drwxrwxr-x. 5 501 501      40 Aug 15 19:16 alarm
drwxrwxr-x. 6 501 501      51 Aug 15 19:16 api
drwxrwxr-x. 5 501 501      40 Aug 15 19:16 gateway
drwxrwxr-x. 6 501 501      51 Aug 15 19:16 graph
drwxrwxr-x. 5 501 501      40 Aug 15 19:16 hbs
drwxrwxr-x. 5 501 501      40 Aug 15 19:16 judge
drwxrwxr-x. 5 501 501      40 Aug 15 19:16 nodata
-rwxrwxr-x. 1 501 501 3987469 Aug 15 19:16 open-falcon
lrwxrwxrwx. 1 501 501      16 Aug 15 19:16 plugins -> ./agent/plugins/
lrwxrwxrwx. 1 501 501      15 Aug 15 19:16 public -> ./agent/public/
drwxrwxr-x. 5 501 501      40 Aug 15 19:16 transfer

7、修改配置文件cfg.json

坑:

部分模块依赖连接数据库,因为如果不修改配置文件,aggregator模块会出现无法启动,graph、hbs、nodata、api、alarm模块会出现开启不报错但是状态为开启失败的情况。

如果需要每个模块都能正常启动,需要将上面模块的cfg.json的数据库信息进行修改。根据本教程的配置,需要修改配置文件所在的目录: 

 

模块 配置文件所在路径
aggregator    /home/work/open-falcon/aggregator/config/cfg.json
graph /home/work/open-falcon/graph/config/cfg.json
hbs /home/work/open-falcon/hbs/config/cfg.json
nodata /home/work/open-falcon/nodata/config/cfg.json
api /home/work/open-falcon/api/config/cfg.json
alarm /home/work/open-falcon/alarm/config/cfg.json

1)修改aggregator的配置文件

vim /home/work/open-falcon/aggregator/config/cfg.json

 Centos7部署Open-Falcon监控

 

mysql的root密码为空,则去掉“password”,若不为空,则用root密码替换“password”。

2)修改graph的配置文件

vim /home/work/open-falcon/graph/config/cfg.json

 Centos7部署Open-Falcon监控

 

mysql的root密码为空,则去掉“password”,若不为空,则用root密码替换“password”。

3)修改hbs的配置文件

vim /home/work/open-falcon/hbs/config/cfg.json

 Centos7部署Open-Falcon监控

 

mysql的root密码为空,则去掉“password”,若不为空,则用root密码替换“password”。

4)修改nodata的配置文件

vim /home/work/open-falcon/nodata/config/cfg.json

 Centos7部署Open-Falcon监控

 

mysql的root密码为空,则去掉“password”,若不为空,则用root密码替换“password”。

5)修改api的配置文件

vim /home/work/open-falcon/api/config/cfg.json

 Centos7部署Open-Falcon监控

 

mysql的root密码为空,则去掉“password”,若不为空,则用root密码替换“password”。

6)修改alarm的配置文件

vim /home/work/open-falcon/alarm/config/cfg.json

mysql的root密码为空,则去掉“password”,若不为空,则用root密码替换“password”。 

 Centos7部署Open-Falcon监控

 

8、启动后端模块

[root@open-falcon-server open-falcon]# cd /home/work/open-falcon

#启动服务

[root@open-falcon-server open-falcon]# ./open-falcon start

#检查服务启动状态

[root@open-falcon-server open-falcon]# ./open-falcon check

[root@open-falcon-server open-falcon]# ./open-falcon check
falcon-graph UP 8945
falcon-hbs UP 8954
falcon-judge UP 8962
falcon-transfer UP 8968
falcon-nodata UP 8974
falcon-aggregator UP 8981
falcon-agent UP 8989
falcon-gateway UP 8995
falcon-api UP 8999
falcon-alarm UP 9004

#更多的命令行工具用法

# ./open-falcon [start|stop|restart|check|monitor|reload] module
./open-falcon start agent
/open-falcon check
        falcon-graph         UP           53007
          falcon-hbs         UP           53014
        falcon-judge         UP           53020
     falcon-transfer         UP           53026
       falcon-nodata         UP           53032
   falcon-aggregator         UP           53038
        falcon-agent         UP           53044
      falcon-gateway         UP           53050
          falcon-api         UP           53056
        falcon-alarm         UP           53063

至此后端部署完成。

9、其它用法

#重载配置(备注:修改vi cfg.json配置文件后,可以用下面命令重载配置)

curl 127.0.0.1:1988/config/reload

五、前端部署 (备注:在另外一台服务器上面操作)

1、创建工作目录

export HOME=/home/work
export WORKSPACE=$HOME/open-falcon
mkdir -p $WORKSPACE
cd $WORKSPACE

2、克隆前端组件代码

git clone https://github.com/open-falcon/dashboard.git

3、安装依赖包

yum install -y python-virtualenv
yum install -y python-devel
yum install -y openldap-devel
yum install -y mysql-devel
yum groupinstall "Development tools" -y

4、先安装ez_setup.py,再安装pip

#下载ez_setup.py
wget --no-check-certificate https://bootstrap.pypa.io/ez_setup.py
python ez_setup.py --insecure
 
#下载pip
wget https://pypi.python.org/packages/11/b6/abcb525026a4be042b486df43905d6893fb04f05aac21c32c638e939e447/pip-9.0.1.tar.gz#md5=35f01da33009719497f01a4ba69d63c9
 
#解压并安装
tar xf pip-9.0.1.tar.gz 
cd pip-9.0.1
python setup.py install
cd ..

#查看需要安装的软件

[root@prometheus dashboard]# vim pip_requirements.txt 
Flask==0.10.1
Flask-Babel==0.9
Jinja2==2.7.2
Werkzeug==0.9.4
gunicorn==19.1.1
python-dateutil==2.2
requests==2.3.0
mysql-python
python-ldap

#利用pip安装上面这些软件

virtualenv ./env
source env/bin/activate #进入虚拟环境

[root@prometheus]# cd /home/work/open-falcon/dashboard #安装软件 [root@prometheus dashboard]# pip install -r pip_requirements.txt

5、修改配置

dashboard的配置文件为: 'rrd/config.py',请根据实际情况修改
 
## API_ADDR 表示后端api组件的地址
API_ADDR = "http://127.0.0.1:8080/api/v1"
 
## 根据实际情况,修改PORTAL_DB_*, 默认用户名为root,默认密码为""
## 根据实际情况,修改ALARM_DB_*, 默认用户名为root,默认密码为""

#修改方法

[root@Open-Falcon-client]#cd /home/work/open-falcon/dashboard/rrd
[root@Open-Falcon-client rrd]# cp config.py config.py.bak
(env)[root@Open-Falcon-client rrd]# vi config.py
#-*-coding:utf8-*-
# Copyright 2017 Xiaomi, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
 
#-*-coding:utf8-*-
# Copyright 2017 Xiaomi, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
 
 
# app config
import  os
LOG_LEVEL = os.environ.get( "LOG_LEVEL" , 'DEBUG' )
SECRET_KEY = os.environ.get( "SECRET_KEY" , "secret-key" )
PERMANENT_SESSION_LIFETIME = os.environ.get( "PERMANENT_SESSION_LIFETIME" ,3600 * 24 * 30)
SITE_COOKIE = os.environ.get( "SITE_COOKIE" , "open-falcon-ck" )
 
# Falcon+ API
API_ADDR = os.environ.get( "API_ADDR" , "http://10.0.0.6:8080/api/v1" )
 
# portal database
# TODO: read from api instead of db
PORTAL_DB_HOST = os.environ.get( "PORTAL_DB_HOST","10.0.0.6" )
PORTAL_DB_PORT = int(os.environ.get( "PORTAL_DB_PORT" ,3306))
PORTAL_DB_USER = os.environ.get( "PORTAL_DB_USER" , "root" )
PORTAL_DB_PASS = os.environ.get( "PORTAL_DB_PASS" , "password" )
PORTAL_DB_NAME = os.environ.get( "PORTAL_DB_NAME" , "falcon_portal" )
 
# alarm database
# TODO: read from api instead of db
ALARM_DB_HOST = os.environ.get( "ALARM_DB_HOST","10.0.0.6" )
ALARM_DB_PORT = int(os.environ.get( "ALARM_DB_PORT" ,3306))
ALARM_DB_USER = os.environ.get( "ALARM_DB_USER" , "root" )
ALARM_DB_PASS = os.environ.get( "ALARM_DB_PASS" , "password" )
ALARM_DB_NAME = os.environ.get( "ALARM_DB_NAME" , "alarms" )
 
# ldap config
LDAP_ENABLED = os.environ.get( "LDAP_ENABLED" ,False)
LDAP_SERVER = os.environ.get( "LDAP_SERVER" , "ldap.forumsys.com:389" )
LDAP_BASE_DN = os.environ.get( "LDAP_BASE_DN" , "dc=example,dc=com" )
LDAP_BINDDN_FMT = os.environ.get( "LDAP_BINDDN_FMT" , "uid=%s,dc=example,dc=com" )
LDAP_SEARCH_FMT = os.environ.get( "LDAP_SEARCH_FMT" , "uid=%s" )
LDAP_ATTRS = [ "cn" , "mail" , "telephoneNumber" ]
LDAP_TLS_START_TLS = False
LDAP_TLS_CACERTDIR = ""
LDAP_TLS_CACERTFILE = "/etc/openldap/certs/ca.crt"
LDAP_TLS_CERTFILE = ""
LDAP_TLS_KEYFILE = ""
LDAP_TLS_REQUIRE_CERT = True
LDAP_TLS_CIPHER_SUITE = ""
 
# i18n
BABEL_DEFAULT_LOCALE = 'zh_CN'
BABEL_DEFAULT_TIMEZONE = 'Asia/Shanghai'
# aviliable translations
LANGUAGES = {
'en' : 'English' ,
'zh_CN' : 'Chinese-Simplified' ,
}
 
# portal site config
MAINTAINERS = [ 'root' ]
CONTACT = 'root@open-falcon.org'
 
try:
from rrd.local_config import  *
except:
print "[warning] no local config file"

 #启动服务

有两种方法:

法一:

(env)[root@Open-Falcon-client dashboard]# bash control start
falcon-dashboard started..., pid=40853

法二:

(env)[root@Open-Falcon-client dashboard]# ./control start
falcon-dashboard started..., pid=40853

#查看日志

(env)[root@Open-Falcon-client dashboard]# ./control tail
[2017-10-29 15:30:20 +0000] [40853] [INFO] Starting gunicorn 19.1.1
[2017-10-29 15:30:20 +0000] [40853] [INFO] Listening at: http://0.0.0.0:8081 (40853)
[2017-10-29 15:30:20 +0000] [40853] [INFO] Using worker: sync
[2017-10-29 15:30:20 +0000] [40858] [INFO] Booting worker with pid: 40858
[2017-10-29 15:30:20 +0000] [40863] [INFO] Booting worker with pid: 40863
[2017-10-29 15:30:20 +0000] [40864] [INFO] Booting worker with pid: 40864
[2017-10-29 15:30:20 +0000] [40866] [INFO] Booting worker with pid: 40866

#退出env环境

(env)[root@Open-Falcon-client dashboard]# deactivate
[root@Open-Falcon-client dashboard]#

#访问网站

http://10.0.0.6:8081

#登录界面

Centos7部署Open-Falcon监控

 

Centos7部署Open-Falcon监控

 

 6、其它用法

#以开发者模式启动

./env/bin/python wsgi.py
 
open http://127.0.0.1:8081 in your browser.

#开启8081端口 (备注:如果关闭了防火墙,则直接忽略这步)

1)防火墙添加8081端口永久开放

firewall-cmd --add-port=8081/tcp --permanent

2)重新载入防火墙配置

firewall-cmd --reload

#停止dashboard运行

bash control stop

#查看dashboard运行状态

bash control status

六、FAQ

  • Q: open-falcon v0.2 有管理员帐号吗?
  • A: 可以通过dashboard自行注册新用户,第一个用户名为root的帐号会被认为是超级管理员,超级管理员可以设置其他用户为管理员。

  • Q: open-falcon v0.2 dashboard 可以禁止用户自己注册吗?
  • A: 可以的,在api组件的配置文件中,将signup_disable配置项修改为true,重启api即可。

endpoint 查看磁盘相关监控信息。

Centos7部署Open-Falcon监控