Merge pull request #62 from scline/1.2.11-centos8

1.2.11
scline · Apr 17, 2020 · 4b51b9e · 4b51b9e
2 parents bf2325f + 8702db6
commit 4b51b9e
Show file tree

Hide file tree

Showing 41 changed files with 61,695 additions and 56,050 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,3 @@
 # Mac Files
 .DS_Store
+docker-compose.*
diff --git a/Dockerfile b/Dockerfile
@@ -1,28 +1,38 @@
-FROM centos:7
+FROM centos:8
 MAINTAINER Sean Cline <[email protected]>
 
 ## --- SUPPORTING FILES ---
 COPY cacti /cacti_install
 
-## --- CACTI ---
+## --- UPDATE OS, INSTALL EPEL ---
 RUN \
-    rpm --rebuilddb && yum clean all && \
     yum update -y && \
+    yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \
+    yum install -y dnf-plugins-core && \
+    yum config-manager --set-enabled PowerTools && \
+    yum clean all
+
+## --- PHP EXTENTIONS ---
+RUN \
     yum install -y \
-        rrdtool net-snmp net-snmp-utils cronie php-ldap php-devel mysql php \
-        ntp bison php-cli php-mysql php-common php-mbstring php-snmp curl \
-        php-gd openssl openldap mod_ssl php-pear net-snmp-libs php-pdo \
-        autoconf automake gcc gzip help2man libtool make net-snmp-devel \
-        m4 libmysqlclient-devel libmysqlclient openssl-devel dos2unix wget \
-        sendmail mariadb-devel which && \
+        php php-xml php-session php-sockets php-ldap php-gd \
+        php-json php-mysqlnd php-gmp php-mbstring php-posix \
+        php-snmp php-intl php-common php-cli php-devel php-pear \
+        php-pdo && \
     yum clean all
 
-## --- CRON ---
-# Fix cron issues - https://github.com/CentOS/CentOS-Dockerfiles/issues/31
-RUN sed -i '/session required pam_loginuid.so/d' /etc/pam.d/crond
+## --- CACTI/SPINE Requirements ---
+RUN \
+    yum install -y \
+        rrdtool net-snmp net-snmp-utils cronie mariadb autoconf \
+        bison openssl openldap mod_ssl net-snmp-libs automake \
+        gcc gzip libtool make net-snmp-devel dos2unix m4 which \
+        openssl-devel mariadb-devel sendmail curl wget help2man && \
+    yum clean all
 
 ## --- SERVICE CONFIGS ---
 COPY configs /template_configs
+COPY configs/crontab /etc/crontab
 
 ## --- SETTINGS/EXTRAS ---
 COPY plugins /cacti_install/plugins
@@ -31,17 +41,20 @@ COPY settings /settings
 
 ## --- SCRIPTS ---
 COPY upgrade.sh /upgrade.sh
-RUN chmod +x /upgrade.sh
 COPY restore.sh /restore.sh
-RUN chmod +x /restore.sh
 COPY backup.sh /backup.sh
-RUN chmod +x /backup.sh
-RUN mkdir /backups
-RUN mkdir /cacti
-RUN mkdir /spine
+
+RUN  \
+    chmod +x /upgrade.sh && \
+    chmod +x /restore.sh && \
+    chmod +x /backup.sh && \
+    mkdir /backups && \
+    mkdir /cacti && \
+    mkdir /spine
 
 ## -- MISC SETUP --
 RUN echo "ServerName localhost" > /etc/httpd/conf.d/fqdn.conf
+RUN /usr/libexec/httpd-ssl-gencerts
 
 ## --- ENV ---
 ENV \
@@ -57,13 +70,12 @@ ENV \
     RDB_PORT=3306 \
     BACKUP_RETENTION=7 \
     BACKUP_TIME=0 \
-    SNMP_COMMUNITY=public \
     REMOTE_POLLER=0 \
     INITIALIZE_DB=0 \
-    INITIALIZE_INFLUX=0 \
     TZ=UTC \
     PHP_MEMORY_LIMIT=800M \
-    PHP_MAX_EXECUTION_TIME=60
+    PHP_MAX_EXECUTION_TIME=60 \
+    PHP_SNMP=1
 
 ## --- Start ---
 COPY start.sh /start.sh

diff --git a/README.md b/README.md
@@ -37,6 +37,14 @@ The following ports are important and used by Cacti
 It is recommended to allow at least one of the above ports for access to the monitoring system. This is translated by the -p hook. For example
 `docker run -p 80:80 -p 443:443`
 
+#### HTTPS 
+By default https will work if exposed, though using a self signed certificate. To provide your own certificate replace via mounting the following files:
+
+```
+/etc/ssl/certs/cacti.key
+/etc/ssl/certs/cacti.crt
+```
+
 ## Installation
 
 ### Cacti Master
@@ -53,10 +61,10 @@ The main cacti poller settings, these are required for single cacti and multi ca
 | INITIALIZE_DB | Can be `0` for false or `1` for true. If true the container will require `DB_ROOT_PASS` to the target database. The container will attempt to create usernames/passwords and Databases required on the remote system for Cacti to funtion. |
 | TZ | TimeZone, please select a format Centos understands, a list can be generated by running `ls /usr/share/zoneinfo`. |
 | BACKUP_RETENTION | Number of backup files to keep. |
-| BACKUP_TIME | How often Cacti should back itself up in minutes - currently not working |
 | REMOTE_POLLER | Can be `0` for false (default) or `1` for true. |
 | PHP_MEMORY_LIMIT | PHP memory limit adjust, by defaults its 128M |
 | PHP_MAX_EXECUTION_TIME |  PHP max execution time adjust, by defaults its 30 second |
+| PHP_SNMP | If set to `0`, will remove PHP-SNMP, this is sometimes required for some scripts or snmpv3 to work properly. by defualt this php-snmp is enabled |
 
 ### Remote Cacti Pollers
 Remote cacti poller containers require the following, the major differance here is the inclusion of RDB (remote database) variables which should be pointed at the master cacti installation settings. 
@@ -71,7 +79,6 @@ Remote cacti poller containers require the following, the major differance here
 | INITIALIZE_DB | Can be `0` for false or `1` for true. If true the container will require `DB_ROOT_PASS` to the target database. The container will attempt to create usernames/passwords and Databases required on the remote system for Cacti to funtion. |
 | TZ | TimeZone, please select a format Centos understands, a list can be generated by running `ls /usr/share/zoneinfo`.|
 | BACKUP_RETENTION | Number of backup files to keep|
-| BACKUP_TIME | How often Cacti should back itself up in minutes - currently not working |
 | REMOTE_POLLER | Can be `0` for false (default) or `1` for true. If true the container is setup as a remote poller. |
 | RDB_NAME | The master Cacti instance MySQL database name, this is used for both cacti settings and spine poller configurations. | 
 | RDB_USER | MySQL database user used by the master Cacti container should use. | 
@@ -93,12 +100,17 @@ The folks at Cacti.net recommend the following settings for its MySQL based data
 | tmp_table_size | >= 64M | When executing subqueries, having a larger temporary table size, keep those temporary tables in memory. |
 | join_buffer_size | >= 64M | When performing joins, if they are below this size, they will be kept in memory and never written to a temporary file. |
 | innodb_file_per_table | ON | When using InnoDB storage it is important to keep your table spaces separate. This makes managing the tables simpler for long time users of MySQL. If you are running with this currently off, you can migrate to the per file storage by enabling the feature, and then running an alter statement on all InnoDB tables. |
+| innodb_file_format | Barracuda | 	When using innodb_file_per_table, it is important to set the innodb_file_format to Barracuda. This setting will allow longer indexes important for certain Cacti tables. |
+| innodb_large_prefix	| 1 | If your tables have very large indexes, you must operate with the Barracuda innodb_file_format and the innodb_large_prefix equal to 1. Failure to do this may result in plugins that can not properly create tables. |
 | innodb_buffer_pool_size | >=25% RAM | InnoDB will hold as much tables and indexes in system memory as is possible. Therefore, you should make the innodb_buffer_pool large enough to hold as much of the tables and index in memory. Checking the size of the /var/lib/mysql/cacti directory will help in determining this value. We are recommending 25% of your systems total memory, but your requirements will vary depending on your systems size. |
-| innodb_doublewrite | OFF  | With modern SSD type storage, this operation actually degrades the disk more rapidly and adds a 50% overhead on all write operations. |
+| innodb_doublewrite | ON  | This settings should remain ON unless your Cacti instances is running on either ZFS or FusionI/O which both have internal journaling to accomodate abrupt system crashes. However, if you have very good power, and your systems rarely go down and you have backups, turning this setting to OFF can net you almost a 50% increase in database performance. |
 | innodb_lock_wait_timeout | >= 50 | Rogue queries should not for the database to go offline to others. Kill these queries before they kill your system. |
-| innodb_flush_log_at_timeout | >= 3 |  As of MySQL 5.7.14-8, the you can control how often MySQL flushes transactions to disk. The default is 1 second, but in high I/O systems setting to a value greater than 1 can allow disk I/O to be more sequential |
+| innodb_flush_log_at_timeout | >= 3 |  	As of MariaDB 10.3.22-1:10.3.22+maria~bionic, the you can control how often MariaDB flushes transactions to disk. The default is 1 second, but in high I/O systems setting to a value greater than 1 can allow disk I/O to be more sequential |
 | innodb_read_io_threads | >= 32 | With modern SSD type storage, having multiple read io threads is advantageous for applications with high io characteristics. |
 | innodb_write_io_threads | >= 16 | With modern SSD type storage, having multiple write io threads is advantageous for applications with high io characteristics. |
+|innodb_buffer_pool_instances| >=	9 | MariaDB will divide the innodb_buffer_pool into memory regions to improve performance. The max value is 64. When your innodb_buffer_pool is less than 1GB, you should use the pool size divided by 128MB. Continue to use this equation upto the max of 64.|
+| innodb_io_capacity	| 5000 | If you have SSD disks, use this suggestion. If you have physical hard drives, use 200 * the number of active drives in the array. If using NVMe or PCIe Flash, much larger numbers as high as 100000 can be used. |
+| innodb_io_capacity_max | 10000 | If you have SSD disks, use this suggestion. If you have physical hard drives, use 2000 * the number of active drives in the array. If using NVMe or PCIe Flash, much larger numbers as high as 200000 can be used. |
 | memory_limit | >= 800M | A minimum of 800 MB memory limit |
 | max_execution_time | >= 60 | A minimum of 1 m execution time |
 
@@ -188,6 +200,21 @@ REPLACE INTO `%DB_NAME%`.`settings` (`name`, `value`) VALUES('poller_type', '2')
 ```
 
 # Change Log
+#### 1.2.11 - 04/17/2020
+ * Update Docker container to use Centos8 over Centos7
+ * Close issue [#59](https://github.com/scline/docker-cacti/issues/59) - errors with percona on compose single instance; Thank you [miguelwill](https://github.com/miguelwill)
+   * Update docker-comose examples with Mariadb:10.3 from older Percona version
+ * Close issue [#61](https://github.com/scline/docker-cacti/issues/61) - spine directory and crontab empty after docker-compose down and restoring; Thank you [kevburkett](https://github.com/kevburkett)
+   * Update docker-compose with `spine` volume
+ * Enable HTTPS functionality and self-sign certs when needed
+ * Allow functionality to disable PHP-SNMP usagage via `PHP_SNMP` environment variable
+ se 
+ * Manual patch on provisioning new remote pollers - https://github.com/Cacti/cacti/issues/3459
+ * Update Cacti and Spine from 1.2.8 to 1.2.11
+   * [changelog 1.2.10 -> 1.2.11][CL1.2.11]
+   * [changelog 1.2.9 -> 1.2.10][CL1.2.10]
+   * [changelog 1.2.8 -> 1.2.9][CL1.2.9]
+
 #### 1.2.8 - 12/11/2019
  * Update Cacti and Spine from 1.2.6 to 1.2.8
    * [changelog 1.2.7 -> 1.2.8][CL1.2.8]
@@ -214,13 +241,13 @@ REPLACE INTO `%DB_NAME%`.`settings` (`name`, `value`) VALUES('poller_type', '2')
  * Update PHP variable readme to include `max_execution_time` and `memory_limit` changes for 1.2.0
  * Add and Hotfix the PHP variable `max_execution_time` for PHP_MAX_EXECUTION_TIME and `memory_limit` for PHP_MEMORY_LIMIT
 
-# Known Issues/Fixes
-* HTTPS is not setup to work, it may work just understand no testing has been done.
-
 # ToDo
 * Auto import remote pollers, currently you need to navigate to there GUI for a few clicks.
 * Documentation cleanup.
 
+[CL1.2.11]: http://www.cacti.net/release_notes.php?version=1.2.11
+[CL1.2.10]: http://www.cacti.net/release_notes.php?version=1.2.10
+[CL1.2.9]: http://www.cacti.net/release_notes.php?version=1.2.9
 [CL1.2.8]: http://www.cacti.net/release_notes.php?version=1.2.8
 [CL1.2.7]: http://www.cacti.net/release_notes.php?version=1.2.7
 [CL1.2.6]: http://www.cacti.net/release_notes.php?version=1.2.6

diff --git a/cacti/cacti-1.2.8.tar.gz → cacti/cacti-1.2.11.tar.gz b/cacti/cacti-1.2.8.tar.gz → cacti/cacti-1.2.11.tar.gz
diff --git a/cacti/cacti-spine-1.2.11.tar.gz b/cacti/cacti-spine-1.2.11.tar.gz
diff --git a/cacti/cacti-spine-1.2.8.tar.gz b/cacti/cacti-spine-1.2.8.tar.gz
diff --git a/configs/cacti.conf b/configs/cacti.conf
@@ -1,8 +1,21 @@
 <VirtualHost *:80>
-	DocumentRoot		/cacti
-	ServerName		cacti
-	Alias		/cacti	/cacti
-	<Directory "/cacti">
-		Require all granted
-	</Directory>
+	DocumentRoot    /cacti
+	Alias           /cacti          /cacti
+        RedirectMatch   ^/$             /cacti
+        <Directory "/cacti">
+                Require all granted
+        </Directory>
+</VirtualHost>
+
+
+<VirtualHost *:443>
+	DocumentRoot            /cacti
+	Alias                   /cacti          /cacti
+        RedirectMatch           ^/$             /cacti
+        <Directory "/cacti">
+                Require all granted
+        </Directory>
+        SSLEngine On
+        SSLCertificateFile      /etc/ssl/certs/cacti.crt
+        SSLCertificateKeyFile   /etc/ssl/certs/cacti.key
 </VirtualHost>