Welcome to docs.opsview.com

Opsview Community is deprecated - read more here. Showing the most current documentation for Opsview Core

Installation Guide - Red Hat Enterprise Linux

Before you start

  • For supported Red Hat Enterprise Linux releases please refer to platforms.
  • Please ensure perl 5.8.8-15.el5_2.1 or newer is installed to resolve a performance problem.

Planning

See our design notes for further information on planning for separate database servers, disk partitioning and security.

SELinux

Opsview is not currently compatible with Security-Enhanced Linux extensions, this must be disabled.

Edit /etc/selinux/config and restart system:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
# SELINUXTYPE=targeted

Preparation

Prerequisites

See the installation prerequisites information to setup users, groups and MySQL.

Redhat repositories

For RHEL6 the Red Hat Optional Server 6 repositories must be enabled via RHN.

  • Log in
  • Select RHEL6 system name
  • Alter channel subscription to include “RHEL Server Optional (v. 6 for xx-bit)”

Alternatively, you can run the command (depending on your architecture):

rhn-channel --add --channel="rhel-x86_64-server-optional-6" -u rhn-username -p rhn-password 
rhn-channel --add --channel="rhel-i386-server-optional-6"  -u rhn-username -p rhn-password

Dependencies

Opsview depends on libmcrypt being installed.

RHEL5 x86-64:

rpm -iv http://dl.fedoraproject.org/pub/epel/5/x86_64/libmcrypt-2.5.7-5.el5.x86_64.rpm

RHEL6 x86-64:

rpm -iv http://dl.fedoraproject.org/pub/epel/6/x86_64/libmcrypt-2.5.8-9.el6.x86_64.rpm

Opsview repositories

Then, use your favourite editor to create the file /etc/yum.repos.d/opsview.repo containing the following lines:

[opsview]
name = Opsview
baseurl = http://downloads.opsview.com/opsview-core/latest/yum/rhel/$releasever/$basearch
enabled = 1
protect = 0
gpgcheck = 0

Installation

Once the repositories have been updated to include the Opsview yum repository, the latest release of Opsview can be installed by running the following command as root.

yum install opsview

Note: if rrdtool is > 1.3, then you will also need to install

  • dejavu-lgc-fonts

After the installation is complete

After the Opsview packages have been installed, it is necessary to configure Opsview and its databases.

1. Ensure the MySQL root password has been set to a known value:

mysqladmin -u root password {password}

If you get an error like:

error: 'Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock'

Then mysql has not been started. Start it with

/etc/init.d/mysqld start

and ensure it is set to start at boot time with chkconfig –level 345 mysqld on.

See the Mysql setup page for more general mysql settings.

2. Ensure the nagios user's environment is set up correctly. Opsview will try to set the correct profile, but check that the following line is in the profile script, depending on your shell (e.g. .profile for bourne or korn shell, .bash_profile or .bashrc for bash shell):

test -f /usr/local/nagios/bin/profile && . /usr/local/nagios/bin/profile

3. The rest of the steps should be performed as the nagios user

su - nagios

4. Edit the opsview configuration file and amend the password as you see fit to secure the system (those passwords that should be changed as they are set to changeme by default). Note that any service checks for MySQL systems will also require the default password of changeme to be amended.

Note: Do not use any funny shell characters in the password, such as $ or !.

vi /usr/local/nagios/etc/opsview.conf   # change passwords in this file

5. Set up the Opsview mysql database users with the necessary permissions

/usr/local/nagios/bin/db_mysql -u root -p{mysql root password}

6. Install the required databases

/usr/local/nagios/bin/db_opsview db_install
/usr/local/nagios/bin/db_runtime db_install

7. Generate all the necessary configuration files:

/usr/local/nagios/bin/rc.opsview gen_config

8. You can now start up the web application server:

/etc/init.d/opsview-web start

The Opsview server is now listening on port 3000, i.e. http://opsview.example.com:3000/

To secure your instance of Opsview Web, you should change the authtkt secret to be unique to this instance. In /usr/local/nagios/etc/opsview.conf, add the following and change the secret value to be a unique string:

$authtkt_shared_secret = "shared-secret-please-change";

Restart Opsview Web for this value to take effect: /etc/init.d/opsview-web restart.

Using Apache as a proxy server

The performance of Opsview will be significantly improved by using Apache at the front end. All the following commands should be run as root.

1. Edit the apache configuration files and enable proxy_html

cd /etc/httpd/conf
vi httpd.conf
Ensure the line "LoadModule proxy_http_module modules/mod_proxy_http.so" is uncommented

2. For Opsview versions since 20131125, create /etc/httpd/conf.d/opsview:

<VirtualHost *>
    Include /usr/local/opsview-web/etc/apache_proxy.conf
</VirtualHost>

For previous versions, copy in the example Apache configuration file and edit to suite your needs:

cd /etc/httpd/conf.d
cp /usr/local/nagios/installer/apache_proxy.conf opsview.conf
vi opsview.conf

Then, edit the Apache configuration file so that the same shared secret is used:

TKTAuthSecret "shared-secret-please-change"

You may need to comment out the DocumentRoot variable in /etc/httpd/conf/httpd.conf.

3. Amend the apache web server user group membership to include nagcmd group

usermod -G nagcmd apache

Check to ensure the apache user is correct for your web software.

If you use a centralised user management system, you may need to amend /etc/group manually. To test that the permissions are set correctly, run id apache and look for the nagcmd group.

4. Restart Apache

/etc/init.d/httpd restart

You can now access Opsview at http://your.server/

Logging in

Once Opsview has been installed, a single administrative user will have been created. The credentials for this user are:

username: admin
password: initial

You should change this password to prevent unauthorised access to Opsview - this can be done from 'Administrator' link in the top right of the page.

See the quick start guide for an introduction to Opsview

Troubleshooting

Apache: 503 server temporarily unavailable

If you try to connect to: “http://your.server/” you may be greeted with a 503 server temporarily unavailable error. Go to the command line and enter:

setsebool -P httpd_can_network_connect=1

Try navigating to that address again.

Automatic dependencies

Yum should automatically work out all dependencies when installing Opsview, but in the event that installing the opsview package does not also bring in opsview-base, opsview-perl, etc then follow these steps

  • Ensure yum-updatesd-helper is not running
  • yum remove opsview
  • yum clean all
  • yum makecache

Running yum deplist opsview should now show the correct dependencies and allow opsview to be installed correctly.

Navigation
Print/export
Toolbox