Welcome to docs.opsview.com

Installation Guide - CentOS Linux

Before you start

  • For supported CentOS Linux releases, see our official platforms list
  • Please ensure perl 5.8.8-15.el5_2.1 or newer is installed to resolve a performance problem

Planning

See our design notes for further information on planning for separate database servers, disk partitioning and security.

Preparation

Importing Repository Signatures

For security, this repository is gpg signed. Follow our instructions to add the key to your server.

If you do not import our gpg keys, you could see errors such as:

warning: rpmts_HdrFromFdno: Header V4 RSA/SHA1 Signature, key ID 0fc6984b: NOKEY
Public key for opsview-xxxxx.rpm is not installed

The “Public key for” portion of this message indicates that your system does not have the public key for this repository and so cannot verify its contents.

Prerequisites

See the installation prerequisites information to setup users, groups and MySQL.

SELinux

Opsview is not currently compatible with Security-Enhanced Linux extensions, this must be disabled.

Edit /etc/selinux/config and restart system:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
# SELINUXTYPE=targeted

RPMForge repositories

Set up RPMForge to install any necessary dependencies by downloading and installing the RPMForge release package.

First, ensure that you are working as the root user. If not, enter the following into the command line:

sudo su - root
{enter root password}
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.3.6-1.<OS>.rf.<ARCH>.rpm
rpm -Uhv rpmforge-release-0.3.6-1.<OS>.rf.<ARCH>.rpm

Where <ARCH> is one of:

  • i386
  • x86_64

and <OS> is one of:

  • el5 - for RHEL5 and CentOS5
  • el6 - for RHEL6 and CentOS6

If the site specified in the above wget is not available, there is a list of alternative sites to obtain the package on the RPMForge web site.

Opsview repositories

Then, use your favourite editor to create the file /etc/yum.repos.d/opsview.repo containing the following lines:

[opsview]
name = Opsview
baseurl = http://downloads.opsview.com/opsview-core/latest/yum/centos/<OS>/$basearch
enabled = 1
protect = 0
gpgcheck = 0

where <OS> is either 5 or 6 depending on your version of CentOS.

Installation

Once the repositories have been updated to include the Opsview yum repository, the latest release of Opsview can be installed by running the following command as root.

yum install opsview

Note: if rrdtool is > 1.3, then you will also need to install

  • dejavu-lgc-fonts.

After the installation is complete

After the Opsview packages have been installed, it is necessary to configure Opsview and its databases.

1. Ensure the MySQL root password has been set to a known value:

mysqladmin -u root password {password}

If you get an error like:

error: 'Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock'

Then mysql has not been started. Start it with

/etc/init.d/mysqld start

and ensure it is set to start at boot time with

chkconfig --level 345 mysqld on

See the MySQL setup page for more general MySQL settings.

2. Ensure the nagios user's environment is set up correctly. Opsview will try to set the correct profile, but check that the following line is in the profile script, depending on your shell (e.g. .profile for bourne or korn shell, .bash_profile or .bashrc for bash shell):

su - nagios
echo "test -f /usr/local/nagios/bin/profile && . /usr/local/nagios/bin/profile" >> ~/.bash_profile

3. The rest of the steps should be performed as the nagios user. Log out and back in again to ensure the profile is setup:

exit
su - nagios

4. Edit the opsview configuration file and amend the password as you see fit to secure the system (those passwords that should be changed as set to changeme by default)

Note: Do not use any funny shell characters in the password, such as $ or !.

vi /usr/local/nagios/etc/opsview.conf   # change passwords in this file

5. Set up the Opsview mysql database users with the necessary permissions

/usr/local/nagios/bin/db_mysql -u root -p{mysql root password}

6. Install the Opsview databases

/usr/local/nagios/bin/db_opsview db_install
/usr/local/nagios/bin/db_runtime db_install

7. Generate all the necessary configuration files:

/usr/local/nagios/bin/rc.opsview gen_config

8. You can now start up the web application server:

/etc/init.d/opsview-web start

The Opsview server is now listening on port 3000, i.e. http://opsview.example.com:3000/. Confirm that this works correctly before configuring Apache.

iptables maybe running which may disable this port. Configure iptables to allow incoming requests to port 3000 for the duration of this test

For Opsview versions before 20131125, you should secure your instance of Opsview Web, by changing the authtkt secret to be unique to this instance. In /usr/local/nagios/etc/opsview.conf, add the following and change the secret value to be a unique string:

$authtkt_shared_secret = "shared-secret-please-change";

Restart Opsview Web for this value to take effect: /etc/init.d/opsview-web restart.

Using Apache as a proxy server

The performance of Opsview will be significantly improved by using Apache at the front end. All the following commands should be run as root.

1. Edit the apache configuration files and enable proxy_html

cd /etc/httpd/conf
vi httpd.conf

You need to ensure that:

  • The line “LoadModule proxy_http_module modules/mod_proxy_http.so” is uncommented
  • The line 'DocumentRoot ”/var/www/html”' is commented out

2. For Opsview versions since 20131125, create /etc/httpd/conf.d/opsview:

<VirtualHost *>
    Include /usr/local/opsview-web/etc/apache_proxy.conf
</VirtualHost>

For previous versions, copy in the example Apache configuration file and edit to suite your needs:

cd /etc/httpd/conf.d
cp /usr/local/nagios/installer/apache_proxy.conf opsview.conf
vi opsview.conf

Edit the Apache configuration file so that the same shared secret is used:

TKTAuthSecret "shared-secret-please-change"

3. Amend the apache web server user group membership to include nagcmd group

usermod -G nagcmd apache

Check to ensure the apache user is correct for your web software.

If you use a centralised user management system, you may need to amend /etc/group manually. To test that the permissions are set correctly, run id apache and look for the nagcmd group.

4. Restart Apache

/etc/init.d/httpd restart

You can now access Opsview at your server url, for example: http://opsview.example.com/

If apache does not allow proxying, you need to disable SELinux

Logging in

Once Opsview has been installed, a single administrative user will have been created. The credentials for this user are:

username: admin
password: initial

You should change this password to prevent unauthorised access to Opsview - this can be done from 'Administrator' link in the top right of the page.

See the quick start guide for an introduction to Opsview

Troubleshooting

Automatic dependencies

Yum should automatically work out all dependencies when installing Opsview, but in the event that installing the opsview package does not also bring in opsview-base, opsview-perl, etc then follow these steps

  • Ensure yum-updatesd-helper is not running
  • yum remove opsview
  • yum clean all
  • yum makecache

Running yum deplist opsview should now show the correct dependencies and allow opsview to be installed correctly.

Navigation
Print/export
Toolbox