setup grafana prometheus node exporter on centos 7 with grafana ldap auth.
Setup Prometheus with grafana for linux monitoring
Update system to latest
$ yum update -y
Disable Selinux
Open SELinux configuration and edit the file:
vim /etc/sysconfig/selinux
Change “SELINUX=enforcing” to “SELINUX=disabled”.
Save and exit the file. Then reboot the system.
reboot
Download package from https://prometheus.io/download/
Run the following command to download package. Paste the copied URL after wget in the below command:
wget https://github.com/prometheus/prometheus/releases/download/v2.16.0/prometheus-2.16.0.linux-amd64.tar.gz
Step 4 – Configure Prometheus
Add a Prometheus user.
useradd --no-create-home --shell /bin/false prometheus
Create needed directories.
mkdir /etc/prometheus
mkdir /var/lib/prometheus
Change the owner of the above directories.
chown prometheus:prometheus /etc/prometheus
chown prometheus:prometheus /var/lib/prometheus
Now go to Prometheus downloaded location and extract it.
tar -xvzf prometheus-2.8.1.linux-amd64.tar.gz
Rename it as per your preference.
mv prometheus-2.8.1.linux-amd64 prometheuspackage
Copy “prometheus” and “promtool” binary from the “prometheuspackage” folder to “/usr/local/bin”.
cp prometheuspackage/prometheus /usr/local/bin/
cp prometheuspackage/promtool /usr/local/bin/
Change the ownership to Prometheus user.
chown prometheus:prometheus /usr/local/bin/prometheus
chown prometheus:prometheus /usr/local/bin/promtool
Copy “consoles” and “console_libraries” directories from the “prometheuspackage” to “/etc/prometheus folder”
cp -r prometheuspackage/consoles /etc/prometheus
cp -r prometheuspackage/console_libraries /etc/prometheus
Change the ownership to Prometheus user
chown -R prometheus:prometheus /etc/prometheus/consoles
chown -R prometheus:prometheus /etc/prometheus/console_libraries
Add and modify Prometheus configuration file.
Configurations should be added to the “/etc/prometheus/prometheus.yml”
Now we will create the prometheus.yml file.
vim /etc/prometheus/prometheus.yml
Add the following configuration to the file.
global:
scrape_interval: 10s
scrape_configs:
- job_name: 'prometheus_master'
scrape_interval: 5s
static_configs:
- targets: ['localhost:9090']
save and exit the file
Change the ownership of the file.
chown prometheus:prometheus /etc/prometheus/prometheus.yml
Configure the Prometheus Service File.
vim /etc/systemd/system/prometheus.service
Copy the following content to the file.
[Unit]
Description=Prometheus
Wants=network-online.target
After=network-online.target
[Service]
User=prometheus
Group=prometheus
Type=simple
ExecStart=/usr/local/bin/prometheus \
--config.file /etc/prometheus/prometheus.yml \
--storage.tsdb.path /var/lib/prometheus/ \
--web.console.templates=/etc/prometheus/consoles \
--web.console.libraries=/etc/prometheus/console_libraries
[Install]
WantedBy=multi-user.target
Save and the exit file.
Reload the systemd service.
systemctl daemon-reload
Start the Prometheus service.
systemctl start prometheus
Check service status.
systemctl status prometheus
Add firewall rules.
firewall-cmd --zone=public --add-port=9090/tcp --permanent
Reload firewall service.
systemctl reload firewalld
Now you can access console of prometheus
Monitor Linux Server Using Prometheus
First, you need to configure Prometheus node exporter on a Linux server.
Copy URL of the Node Exporter form the official
Paste the copied URL after wget in the following command:
wget https://github.com/prometheus/node_exporter/releases/download/v0.18.1/node_exporter-0.18.1.linux-amd64.tar.gz
Extract the downloaded package.
tar -xvzf node_exporter-0.17.0.linux-amd64.tar.gz
Create a user for the node exporter.
useradd -rs /bin/false nodeusr
Move binary to “/usr/local/bin” from the downloaded extracted package.
mv node_exporter-0.17.0.linux-amd64/node_exporter /usr/local/bin/
Create a service file for the node exporter.
vim /etc/systemd/system/node_exporter.service
Add the following content to the file.
[Unit]
Description=Node Exporter
After=network.target
[Service]
User=nodeusr
Group=nodeusr
Type=simple
ExecStart=/usr/local/bin/node_exporter
[Install]
WantedBy=multi-user.target
Save and exit the file.
Reload the system daemon.
systemctl daemon-reload
Start node exporter service.
systemctl start node_exporter
Add a firewall rule to allow node exporter.
firewall-cmd --zone=public --add-port=9100/tcp --permanent
Reload firewall service.
systemctl restart firewalld
Enable node exporter on system boot.
systemctl enable node_exporter
View the metrics browsing node exporter URL.
Add configured node exporter Target On Prometheus Server.
Login to Prometheus server and modify the prometheus.yml file
Edit the file:
vim /etc/prometheus/prometheus.yml
Add the following configurations under the scrape config.
- job_name: 'node_exporter_centos'
scrape_interval: 5s
static_configs:
- targets: ['10.94.10.209:9100']
Restart Prometheus service.
systemctl restart prometheus
Login to Prometheus server web interface, and check targets.
http://Prometheus-Server-IP:9090/targets
setting up grafana
Create a repo file.
vim /etc/yum.repos.d/grafana.repo
Add the following contents to file:
[grafana]
name=grafana
baseurl=https://packages.grafana.com/oss/rpm
repo_gpgcheck=1
enabled=1
gpgcheck=1
gpgkey=https://packages.grafana.com/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
Step 3 – Install Grafana
Enter the following command:
sudo yum install grafana
nstall additional font packages
Continue with following commands to install the free type and urw fonts.
yum install fontconfig
yum install freetype*
yum install urw-fonts
Step 5 – Enable Grafana Service
Check the status of the service.
systemctl status grafana-server
If service is not active, start it using the following command:
systemctl start grafana-server
Enable Grafana service on system boot
systemctl enable grafana-server.service
Step 6 – Modify Firewall
Change firewall configuration to allow Grafana port. So run following command.
firewall-cmd --zone=public --add-port=3000/tcp --permanent
Reload firewall service.
firewall-cmd --reload
Step 7 – Browse Grafana
Use the following URL to access the Grafana web interface.
http://Your Server IP or Host Name:3000/
------ setting up ldap auth
Edit vim /etc/grafana/ldap.toml for ldap entries
Mine is like
[[servers]]
host = "192.168.1.30"
port = 389
use_ssl = false
start_tls = false
ssl_skip_verify = false
bind_dn = "uid=admin,cn=users,cn=accounts,dc=mylab,dc=local"
bind_password = 'redhat123'
search_filter = "(uid=%s)"
search_base_dns = ["cn=users,cn=accounts,dc=mylab,dc=local"]
[servers.attributes]
name = "givenName"
surname = "sn"
username = "uid"
member_of = "memberOf"
email = "email"
[[servers.group_mappings]]
group_dn = "cn=grafanadmin,cn=groups,cn=accounts,dc=mylab,dc=local"
org_role = "Admin"
[[servers.group_mappings]]
group_dn = "cn=grafanaeditor,cn=groups,cn=accounts,dc=mylab,dc=local"
org_role = "Editor"
[[servers.group_mappings]]
group_dn = "*"
org_role = "Viewer"
Now edit vim /etc/grafana/grafana.ini
edit like bellow
[auth.ldap]
enabled = true
config_file = /etc/grafana/ldap.toml
Update system to latest
$ yum update -y
Disable Selinux
Open SELinux configuration and edit the file:
vim /etc/sysconfig/selinux
Change “SELINUX=enforcing” to “SELINUX=disabled”.
Save and exit the file. Then reboot the system.
reboot
Download package from https://prometheus.io/download/
Run the following command to download package. Paste the copied URL after wget in the below command:
wget https://github.com/prometheus/prometheus/releases/download/v2.16.0/prometheus-2.16.0.linux-amd64.tar.gz
Step 4 – Configure Prometheus
Add a Prometheus user.
useradd --no-create-home --shell /bin/false prometheus
Create needed directories.
mkdir /etc/prometheus
mkdir /var/lib/prometheus
Change the owner of the above directories.
chown prometheus:prometheus /etc/prometheus
chown prometheus:prometheus /var/lib/prometheus
Now go to Prometheus downloaded location and extract it.
tar -xvzf prometheus-2.8.1.linux-amd64.tar.gz
Rename it as per your preference.
mv prometheus-2.8.1.linux-amd64 prometheuspackage
Copy “prometheus” and “promtool” binary from the “prometheuspackage” folder to “/usr/local/bin”.
cp prometheuspackage/prometheus /usr/local/bin/
cp prometheuspackage/promtool /usr/local/bin/
Change the ownership to Prometheus user.
chown prometheus:prometheus /usr/local/bin/prometheus
chown prometheus:prometheus /usr/local/bin/promtool
Copy “consoles” and “console_libraries” directories from the “prometheuspackage” to “/etc/prometheus folder”
cp -r prometheuspackage/consoles /etc/prometheus
cp -r prometheuspackage/console_libraries /etc/prometheus
Change the ownership to Prometheus user
chown -R prometheus:prometheus /etc/prometheus/consoles
chown -R prometheus:prometheus /etc/prometheus/console_libraries
Add and modify Prometheus configuration file.
Configurations should be added to the “/etc/prometheus/prometheus.yml”
Now we will create the prometheus.yml file.
vim /etc/prometheus/prometheus.yml
Add the following configuration to the file.
global:
scrape_interval: 10s
scrape_configs:
- job_name: 'prometheus_master'
scrape_interval: 5s
static_configs:
- targets: ['localhost:9090']
save and exit the file
Change the ownership of the file.
chown prometheus:prometheus /etc/prometheus/prometheus.yml
Configure the Prometheus Service File.
vim /etc/systemd/system/prometheus.service
Copy the following content to the file.
[Unit]
Description=Prometheus
Wants=network-online.target
After=network-online.target
[Service]
User=prometheus
Group=prometheus
Type=simple
ExecStart=/usr/local/bin/prometheus \
--config.file /etc/prometheus/prometheus.yml \
--storage.tsdb.path /var/lib/prometheus/ \
--web.console.templates=/etc/prometheus/consoles \
--web.console.libraries=/etc/prometheus/console_libraries
[Install]
WantedBy=multi-user.target
Save and the exit file.
Reload the systemd service.
systemctl daemon-reload
Start the Prometheus service.
systemctl start prometheus
Check service status.
systemctl status prometheus
Add firewall rules.
firewall-cmd --zone=public --add-port=9090/tcp --permanent
Reload firewall service.
systemctl reload firewalld
Now you can access console of prometheus
Monitor Linux Server Using Prometheus
First, you need to configure Prometheus node exporter on a Linux server.
Copy URL of the Node Exporter form the official
Paste the copied URL after wget in the following command:
wget https://github.com/prometheus/node_exporter/releases/download/v0.18.1/node_exporter-0.18.1.linux-amd64.tar.gz
Extract the downloaded package.
tar -xvzf node_exporter-0.17.0.linux-amd64.tar.gz
Create a user for the node exporter.
useradd -rs /bin/false nodeusr
Move binary to “/usr/local/bin” from the downloaded extracted package.
mv node_exporter-0.17.0.linux-amd64/node_exporter /usr/local/bin/
Create a service file for the node exporter.
vim /etc/systemd/system/node_exporter.service
Add the following content to the file.
[Unit]
Description=Node Exporter
After=network.target
[Service]
User=nodeusr
Group=nodeusr
Type=simple
ExecStart=/usr/local/bin/node_exporter
[Install]
WantedBy=multi-user.target
Save and exit the file.
Reload the system daemon.
systemctl daemon-reload
Start node exporter service.
systemctl start node_exporter
Add a firewall rule to allow node exporter.
firewall-cmd --zone=public --add-port=9100/tcp --permanent
Reload firewall service.
systemctl restart firewalld
Enable node exporter on system boot.
systemctl enable node_exporter
View the metrics browsing node exporter URL.
Add configured node exporter Target On Prometheus Server.
Login to Prometheus server and modify the prometheus.yml file
Edit the file:
vim /etc/prometheus/prometheus.yml
Add the following configurations under the scrape config.
- job_name: 'node_exporter_centos'
scrape_interval: 5s
static_configs:
- targets: ['10.94.10.209:9100']
Restart Prometheus service.
systemctl restart prometheus
Login to Prometheus server web interface, and check targets.
http://Prometheus-Server-IP:9090/targets
setting up grafana
Create a repo file.
vim /etc/yum.repos.d/grafana.repo
Add the following contents to file:
[grafana]
name=grafana
baseurl=https://packages.grafana.com/oss/rpm
repo_gpgcheck=1
enabled=1
gpgcheck=1
gpgkey=https://packages.grafana.com/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
Step 3 – Install Grafana
Enter the following command:
sudo yum install grafana
nstall additional font packages
Continue with following commands to install the free type and urw fonts.
yum install fontconfig
yum install freetype*
yum install urw-fonts
Step 5 – Enable Grafana Service
Check the status of the service.
systemctl status grafana-server
If service is not active, start it using the following command:
systemctl start grafana-server
Enable Grafana service on system boot
systemctl enable grafana-server.service
Step 6 – Modify Firewall
Change firewall configuration to allow Grafana port. So run following command.
firewall-cmd --zone=public --add-port=3000/tcp --permanent
Reload firewall service.
firewall-cmd --reload
Step 7 – Browse Grafana
Use the following URL to access the Grafana web interface.
http://Your Server IP or Host Name:3000/
------ setting up ldap auth
Edit vim /etc/grafana/ldap.toml for ldap entries
Mine is like
[[servers]]
host = "192.168.1.30"
port = 389
use_ssl = false
start_tls = false
ssl_skip_verify = false
bind_dn = "uid=admin,cn=users,cn=accounts,dc=mylab,dc=local"
bind_password = 'redhat123'
search_filter = "(uid=%s)"
search_base_dns = ["cn=users,cn=accounts,dc=mylab,dc=local"]
[servers.attributes]
name = "givenName"
surname = "sn"
username = "uid"
member_of = "memberOf"
email = "email"
[[servers.group_mappings]]
group_dn = "cn=grafanadmin,cn=groups,cn=accounts,dc=mylab,dc=local"
org_role = "Admin"
[[servers.group_mappings]]
group_dn = "cn=grafanaeditor,cn=groups,cn=accounts,dc=mylab,dc=local"
org_role = "Editor"
[[servers.group_mappings]]
group_dn = "*"
org_role = "Viewer"
Now edit vim /etc/grafana/grafana.ini
edit like bellow
[auth.ldap]
enabled = true
config_file = /etc/grafana/ldap.toml
Comments
Post a Comment