Friday, November 13, 2009

System Monitoring - Cacti Virtual Appliance and Virtual Box

Cacti Virtual Appliance and Virtual Box
I wanted a fast and easy solution to do some monitoring on my network.  I have used mrtg and rddtool before, and it has served my needs in the past.  This time I wanted something that was move feature packed and robust.  Enter Cacti.  It didn’t seem too hard to set this up from scratch, but I really did not want to spend a lot of time messing around with it.  I found http://www.virtualappliances.net/ had a pre-built Cacti Virtual Appliance for VMware in OVF format (Note:  I just noticed on 8/16/2010 that this is not a valid site anymore - so the rest of this post is invalid unless you can find the VA-Cacti.ovf file).  Well Virtual Box can import the OVF format.   So here is what I did:

1.    Download the files from http://www.virtualappliances.net/downloads/esx/i386/VA-Cacti/
2.    Note…  when I downloaded the VA-Cacti.ovf file it wanted to save it with an xml extension.  I let it, and then once it was saved on my hard drive I changed the extension from xml to ovf.
3.    Open VirtualBox
4.    Select File and Import Appliance
5.    Click on Choose and navigate to the OVF File.  Select it and click next.
6.    Unselect/uncheck the NIC.  Click the import button.
7.    The VA-Cacti virtual machine should show up in your list.  Highlight it and click on Settings.
8.    Click System, uncheck floppy and cdrom
9.    Click Display, change Video Memory from 4 to 7.
10.    Click Network, Enable the Network Adapter.  I selected the Intel PRO/1000 MT Desktop NIC and Selected Bridged Adapter.
11.    Click OK
12.    For whatever reason,  VM-ware tools is installed and messes up the /etc/fstab file.  Plus we don’t need or want vmware tools…  We are using Virtual Box.  There is probably a cleaner way to do this, but a quick and dirty way to overcome this issue is…
13.    Start the Appliance but push ESC right away.  Select the “recovery mode” option from the menu.
14.    The default root password is root.
15.    Enter it to get in to maintenance mode.
16.    Change directories to /etc
17.    Remove the vmware tools directory.
# rm -R vmware-tools
18.    Change directories to /etc/rc2.d
19.    Remove the S19vmware-tools startup/shutdown script
# rm S19vmware-tools
20.    reboot
21.    As the system is shutting down, you may get a warning about not being able to find vmware-tools…  So what…
22.    The system will reboot.
23.    Take note of the server’s address.  You will see a message stating VA Management Console can be access at https://:8000
24.    Open a browser and go to that address.
25.    Log in using the default admin account.  admin/admin
26.    Click on Configuration at the top and select time keeping.  Change the date/time/zone to match your area.
27.    Click save and you should get a message stating that the changes will take affect the next time you restart.
28.    If you want, you can set a static IP and other config settings from this page, but for the purposes of this example we will leave everything else allow.
29.    Restart the server now by click on the reboot button at the top of the web page.
30.    When the server comes back up, verify the IP address.
31.    Now open a browser and go to http://
32.    Click on Next.  Click Next again.  Click Finish.
33.    You will now be presented with a Cacti login screen. The default username and password is admin/admin.  Once you enter that you will be forced to change your password.  For my test, I just entered admin in twice to leave it unchanged.  Bad security?  Yes, but this is just my Proof of Concept test.
34.    Now you are in and the system is up.  Before we go any farther, I am going to point you to the Cacti user manual.  This is a must read.  Cacti, is very configurable and in being so, it is easy to render your system useless and broken.  The manual is here:  http://docs.cacti.net/manual:087
35.    Assumptions:  Cisco router with an SNMP RO community string set.
36.    With that out of the way, I will go through one example of monitoring a router and setting up graphs for it.
37.    Click create devices and click add in the upper right hand corner.
38.    Fill in a description,  enter the IP Address or DNS name, select Cisco Router from the Host Template drop down.  Select SNMP Version 2 and enter the appropriate RO community string.  Then click create.  If successful, you should see at the top of your screen “Save Successful” and under Ping Results… “Host is alive”.
39.    To the right of that a “Create Graphs for this Host” link.  Click it.
40.    Towards the top, check the box for “Create: Cisco - CPU Usage” then scroll down and click create.  Click create again.
41.    Now select the interface(s) you want to monitor and click create.
42.    Now click on the left hand side toward the top “Graph Trees”.  Then click “Default Tree”
43.    Then click add.  The Parent Item is root, the Tree Item Type is Host, Choose your host from the drop down and select create.
44.    Now click the graphs tab at the top.  You should see your host under the default tree.  It will take approximately 5 to 10 minutes for graphs to be created and enough data to start plotting.
Have Fun!


4 comments:

  1. when i try to delete the files you specified I get:
    rm: cannot remove 'vmware-tools.....: read-only file system

    ReplyDelete
  2. when trying to delete vmware-tools i get error stating i cannot remove the files because of read-only file system

    ReplyDelete
  3. I think I had the same issue unless I entered Maintenance/Recovery mode. Are you pressing ESC right away (press it repeatedly until you get the recovery mode screen).

    Start the Appliance but push ESC right away. Select the “recovery mode” option from the menu.
    See steps 14 through 20 in the post.

    ReplyDelete
  4. Also, make sure your /etc/fstab file is sane. If the server came up with VMWare Tools installed it appears to muck up the /etc/fstab file.

    ReplyDelete