diff --git a/en_US/integrations/0-integration.netdata.linux.md b/en_US/integrations/0-integration.netdata.linux.md new file mode 100644 index 00000000..38dd0843 --- /dev/null +++ b/en_US/integrations/0-integration.netdata.linux.md @@ -0,0 +1,241 @@ +# Integrate netdata monitor (on Linux server) + +[TOC] + +## What's netdata + +netdata () is a "Simple. Effective. Awesome!" monitor +which can monitor almost everyting on your Linux/FreeBSD system. You can visit +its website to check online demo. + +We will show you how to install and configure netdata on iRedMail server +(Linux) to monitor mail service related softwares. + +## Install packages required by netdata + +netdata requires some tools to get stastics data from other softwares, let's +install it first. + +* On RHEL/CentOS: + +``` +yum install curl libmnl libuuid lm_sensors nc PyYAML zlib iproute MySQL-python python-psycopg2 +``` + +* On Debian/Ubuntu: + +``` +apt-get install zlib1g libuuid1 libmnl0 curl lm-sensors iproute netcat python-mysqldb python-psycopg2 +``` + +## Install netdata + +* Download the latest netdata from its github project page, and upload to + iRedMail server: + + We use version `1.9.0` for example in this tutorial, the package we download + is: + + We assume you upload the package to `/root/netdata-latest.gz.run`. + +* Install netdata: + +``` +cd /root/ +chmod +x netdata-latest.gz.run +./netdata-latest.gz.run --accept +``` + +netdata installs its files under `/opt/netdata/` by default, let's create +symbol link of the configuration and log directories: + +``` +ln -s /opt/netdata/etc/netdata /etc/netdata +ln -s /opt/netdata/var/log/netdata /var/log/netdata +``` + +netdata will create required systemd script for service control, also logrotate +config file, so there's not much we need to do after the package installation. + +## Configure netdata + +Main config file of netdata is `/etc/netdata/netdata.conf`, it contains many +parameters with detailed comments. Here's the +[config file](https://bitbucket.org/zhb/iredmail/src/default/iRedMail/samples/netdata/netdata.conf) +used by iRedMail: + +* It binds to address `127.0.0.1` and port `19999` by default. Since it doesn't + have ACL control, we will run netdata behind Nginx to get ACL control done in + Nginx. + +``` +[registry] + enabled = no + +[global] + bind to = 127.0.0.1 + run as user = netdata + default port = 19999 + update every = 3 + +[plugin:proc] + # Disable IPVS check since iRedMail doesn't use ipvs by default + /proc/net/ip_vs/stats = no + + # inbound packets dropped + /proc/net/dev = no +``` + +netdata ships a lot modular config files to gather information of softwares +running on the server, they have very good default settings and most config +files don't need your attention at all. but some applications do require +extra settings. + +### Monitor Nginx and php-fpm + +We need to enable `stub_status` in Nginx to get detailed server info, also +update php-fpm config file to enable similar feature. + +* Create Nginx config snippet `/etc/nginx/templates/stub_status.tmpl` with + content below: + +``` +location = /stub_status { + stub_status on; + access_log off; + allow 127.0.0.1; + deny all; +} + +location = /status { + include fastcgi_params; + fastcgi_pass php_workers; + fastcgi_param SCRIPT_FILENAME $fastcgi_script_name; + access_log off; + allow 127.0.0.1; + deny all; +} +``` + +* Update default virtual host config file `/etc/nginx/sites-enabled/00-default.conf`, + include new snippet config file `stub_status.tmpl` after the + `redirect_to_https.tmpl` line like below: + +``` +server { + ... + include /etc/nginx/templates/redirect_to_https.tmpl; + include /etc/nginx/templates/stub_status.tmpl; # <- add this line + ... +} +``` + +* Update php-fpm pool config file `www.conf`, enable parameter `pm.status_path` + like below: + * On RHEL/CentOS, it's `/etc/php-fpm.d/www.conf` + * On Debian, it's `/etc/php5/fpm/pool.d/www.conf` + * On Ubuntu, it's `/etc/php/7.0/fpm/pool.d/www.conf` (note: php version number may be different on your server) + * On FreeBSD, it's `/usr/local/etc/php-fpm.d/www.conf` + * On OpenBSD, it's `/etc/php-fpm.conf` + +``` +pm.status_path = /status +``` + +* Restart both php-fpm and Nginx service. + +### [TODO] Monitor Dovecot + + +### Monitor MySQL/MariaDB server + +netdata requires a SQL user (we use `netdata` here) with privilege `USAGE` to +gather MySQL server information. + +* Create the SQL user with a strong password (please replace `` in + command below by the real (and strong) password). + +``` +# mysql -u root +sql> GRANT USAGE ON *.* TO netdata@localhost IDENTIFIED BY ''; +sql> FLUSH PRIVILEGES; +``` + +* Create file `/etc/netdata/python.d/mysql.conf` with content below. + + !!! attention + + * This file already exists, feel free to remove all content in this file + and copy content below as its new content. + * Please replace `` below by the real password. + +``` +tcp: + name: 'local' + host: '127.0.0.1' + port: '3306' + user: 'netdata' + pass: '' +``` + +### Monitor PostgreSQL server + +netdata requires a SQL user (we use `netdata` here) to gather PostgreSQL server +information. + +* Create the SQL user with a strong password (please replace `` in + command below by the real (and strong) password). + +``` +# su - postgres +$ psql +sql> CREATE USER netdata WITH ENCRYPTED PASSWORD '' NOSUPERUSER NOCREATEDB NOCREATEROLE; +``` + +* Create file `/etc/netdata/python.d/mysql.conf` with content below. + + !!! attention + + * This file already exists, feel free to remove all content in this file + and copy content below as its new content. + * Please replace `` below by the real password. + +``` +socket: + name : 'local' + user : 'netdata' + password : '' + database : 'postgres' +``` + +## Configure Nginx to forward requests to netdata + +## System tuning + +To get better performance, netdata requires few sysctl settings. Please add +lines below in `/etc/sysctl.conf`: + +``` +vm.dirty_expire_centisecs=60000 +vm.dirty_background_ratio=80 +vm.dirty_ratio=90 +``` + +Also increase max open files limit. + +``` +mkdir -p /etc/systemd/system/netdata.service.d +``` + +Create file `/etc/systemd/system/netdata.service.d/limits.conf`: + +``` +[Service] +LimitNOFILE=30000 +``` + +Reload systemd daemon: + +``` +systemctl daemon-reload +``` diff --git a/en_US/integrations/_links.md b/en_US/integrations/_links.md index 8baf8b22..09df1fee 100644 --- a/en_US/integrations/_links.md +++ b/en_US/integrations/_links.md @@ -7,7 +7,10 @@ * [For MySQL/MariaDB backend](./integration.mlmmj.mysql.html) * [For PostgreSQL backend](./integration.mlmmj.pgsql.html) -* [Integrate netdata monitor](./integration.netdata.html) (netdata is an optional component since iRedMail-0.9.8) +* Integrate netdata monitor (netdata is an optional component since iRedMail-0.9.8): + * [For Linux](./integration.netdata.linux.html) + * [For FreeBSD](./integration.netdata.freebsd.html) + * netdata doesn't work on OpenBSD (yet). Documents contributed by iRedMail users: diff --git a/html/index.html b/html/index.html index 576dd952..206fb639 100644 --- a/html/index.html +++ b/html/index.html @@ -167,7 +167,12 @@
  • -

    Integrate netdata monitor (netdata is an optional component since iRedMail-0.9.8)

    +

    Integrate netdata monitor (netdata is an optional component since iRedMail-0.9.8):

    +

    • Documents contributed by iRedMail users:

    diff --git a/html/integration.netdata.linux.html b/html/integration.netdata.linux.html new file mode 100644 index 00000000..c26e6bd8 --- /dev/null +++ b/html/integration.netdata.linux.html @@ -0,0 +1,268 @@ + + + + + Integrate netdata monitor (on Linux server) + + + + +

    Integrate netdata monitor (on Linux server)

    +
    + +
    +

    What's netdata

    +

    netdata (http://my-netdata.io) is a "Simple. Effective. Awesome!" monitor +which can monitor almost everyting on your Linux/FreeBSD system. You can visit +its website to check online demo.

    +

    We will show you how to install and configure netdata on iRedMail server +(Linux) to monitor mail service related softwares.

    +

    Install packages required by netdata

    +

    netdata requires some tools to get stastics data from other softwares, let's +install it first.

    +
      +
    • On RHEL/CentOS:
      • +
    +
    yum install curl libmnl libuuid lm_sensors nc PyYAML zlib iproute MySQL-python python-psycopg2
+
    + +
      +
    • On Debian/Ubuntu:
      • +
    +
    apt-get install zlib1g libuuid1 libmnl0 curl lm-sensors iproute netcat python-mysqldb python-psycopg2
+
    + +

    Install netdata

    + +
    cd /root/
+chmod +x netdata-latest.gz.run
+./netdata-latest.gz.run --accept
+
    + +

    netdata installs its files under /opt/netdata/ by default, let's create +symbol link of the configuration and log directories:

    +
    ln -s /opt/netdata/etc/netdata /etc/netdata
+ln -s /opt/netdata/var/log/netdata /var/log/netdata
+
    + +

    netdata will create required systemd script for service control, also logrotate +config file, so there's not much we need to do after the package installation.

    +

    Configure netdata

    +

    Main config file of netdata is /etc/netdata/netdata.conf, it contains many +parameters with detailed comments. Here's the +config file +used by iRedMail:

    +
      +
    • It binds to address 127.0.0.1 and port 19999 by default. Since it doesn't + have ACL control, we will run netdata behind Nginx to get ACL control done in + Nginx.
      • +
    +
    [registry]
+    enabled = no
+
+[global]
+    bind to = 127.0.0.1
+    run as user = netdata
+    default port = 19999
+    update every = 3
+
+[plugin:proc]
+    # Disable IPVS check since iRedMail doesn't use ipvs by default
+    /proc/net/ip_vs/stats = no
+
+    # inbound packets dropped
+    /proc/net/dev = no
+
    + +

    netdata ships a lot modular config files to gather information of softwares +running on the server, they have very good default settings and most config +files don't need your attention at all. but some applications do require +extra settings.

    +

    Monitor Nginx and php-fpm

    +

    We need to enable stub_status in Nginx to get detailed server info, also +update php-fpm config file to enable similar feature.

    +
      +
    • Create Nginx config snippet /etc/nginx/templates/stub_status.tmpl with + content below:
      • +
    +
    location = /stub_status {
+    stub_status on;
+    access_log off;
+    allow 127.0.0.1;
+    deny all;
+}
+
+location = /status {
+    include fastcgi_params;
+    fastcgi_pass php_workers;
+    fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
+    access_log off;
+    allow 127.0.0.1;
+    deny all;
+}
+
    + +
      +
    • Update default virtual host config file /etc/nginx/sites-enabled/00-default.conf, + include new snippet config file stub_status.tmpl after the + redirect_to_https.tmpl line like below:
      • +
    +
    server {
+    ...
+    include /etc/nginx/templates/redirect_to_https.tmpl;
+    include /etc/nginx/templates/stub_status.tmpl;      # <- add this line
+    ...
+}
+
    + +
      +
    • Update php-fpm pool config file www.conf, enable parameter pm.status_path + like below:
        +
      • On RHEL/CentOS, it's /etc/php-fpm.d/www.conf
        • +
      • On Debian, it's /etc/php5/fpm/pool.d/www.conf
        • +
      • On Ubuntu, it's /etc/php/7.0/fpm/pool.d/www.conf (note: php version number may be different on your server)
        • +
      • On FreeBSD, it's /usr/local/etc/php-fpm.d/www.conf
        • +
      • On OpenBSD, it's /etc/php-fpm.conf
        • +
      +
      • +
    +
    pm.status_path = /status
+
    + +
      +
    • Restart both php-fpm and Nginx service.
      • +
    +

    [TODO] Monitor Dovecot

    +

    Monitor MySQL/MariaDB server

    +

    netdata requires a SQL user (we use netdata here) with privilege USAGE to +gather MySQL server information.

    +
      +
    • Create the SQL user with a strong password (please replace <password> in + command below by the real (and strong) password).
      • +
    +
    # mysql -u root
+sql> GRANT USAGE ON *.* TO netdata@localhost IDENTIFIED BY '<password>';
+sql> FLUSH PRIVILEGES;
+
    + +
      +
    • +

      Create file /etc/netdata/python.d/mysql.conf with content below.

      +
      +

      Attention

      +
        +
      • This file already exists, feel free to remove all content in this file + and copy content below as its new content.
        • +
      • Please replace <password> below by the real password.
        • +
      +
      +
      • +
    +
    tcp:
+    name: 'local'
+    host: '127.0.0.1'
+    port: '3306'
+    user: 'netdata'
+    pass: '<password>'
+
    + +

    Monitor PostgreSQL server

    +

    netdata requires a SQL user (we use netdata here) to gather PostgreSQL server +information.

    +
      +
    • Create the SQL user with a strong password (please replace <password> in + command below by the real (and strong) password).
      • +
    +
    # su - postgres
+$ psql
+sql> CREATE USER netdata WITH ENCRYPTED PASSWORD '<password>' NOSUPERUSER NOCREATEDB NOCREATEROLE;
+
    + +
      +
    • +

      Create file /etc/netdata/python.d/mysql.conf with content below.

      +
      +

      Attention

      +
        +
      • This file already exists, feel free to remove all content in this file + and copy content below as its new content.
        • +
      • Please replace <password> below by the real password.
        • +
      +
      +
      • +
    +
    socket:
+    name     : 'local'
+    user     : 'netdata'
+    password : '<password>'
+    database : 'postgres'
+
    + +

    Configure Nginx to forward requests to netdata

    +

    System tuning

    +

    To get better performance, netdata requires few sysctl settings. Please add +lines below in /etc/sysctl.conf:

    +
    vm.dirty_expire_centisecs=60000
+vm.dirty_background_ratio=80
+vm.dirty_ratio=90
+
    + +

    Also increase max open files limit.

    +
    mkdir -p /etc/systemd/system/netdata.service.d
+
    + +

    Create file /etc/systemd/system/netdata.service.d/limits.conf:

    +
    [Service]
+LimitNOFILE=30000
+
    + +

    Reload systemd daemon:

    +
    systemctl daemon-reload
+
    +

    All documents are available in BitBucket repository, and published under Creative Commons license. You can download the latest version for offline reading. If you found something wrong, please do contact us to fix it.

    +
    + + + + \ No newline at end of file