Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: reworked installation guide for new sfx installer

...

Introduction

This document will describe describes how to install NMIS8 (Version 8.5.6G 10G and newer) on GNU/Linux systems.

...

NMIS8 has been widely deployed and tested on many Linux distros, with Red Hat/CentOS being the most popular among  our customers. This document contains variations specific to several Linux distros, but not all of them have been tested equally heavily: Centos 6, Debian 78, Ubuntu 12 and 14 are our main platforms for in-house testing.
We do appreciate your feedback (and any modifications or changes) that you might submit to support@opmantek.com.!

Assumptions

The reader is assumed to have a working knowledge of UNIX or GNU/Linux systems , how to compile software, and what Perl is. While NMIS is written in Perl, you do not need to be a "Perl hacker" to install this program and make it work. Also, this Some fundamental knowledge of  how to compile software on UNIX systems would certainly be helpful, but is by no means required.

This document will use the <nmisdir> tag the <nmisdir> tag to refer to NMIS's installation directory . The (whose default location is /usr/local/nmis8); the tag <version> stands for the full version of NMIS (at this time 8.5.10G).

The Installation Process

...

First, install your GNU/Linux distribution of choice. It is recommended to select a basic installation type with no extra stuff. That means no GNOME, KDE, "Server" packages, or anything else.
Depending on your choice of distribution, the "minimal" installation type may not be totally sufficient for NMIS: with CentOS/Redhat 7 for example, "minimal" does not include Perl  and in this case you'll have to install the Perl core (using sudo yum install perl-core) before NMIS can be installed.

Linux Security Settings: SELinux and Firewalling

...

Similarly, if you have a firewall on your server (e.g. iptables) you need to make sure that it accepts incoming HTTP (possibly HTTPS) connections, and SNMP traps and Syslog connections/packets. This involves TCP ports 80 and 443, and UDP ports 161, 162 and 514.

NMIS8 Installation

And speaking As of NMIS, if you haven't already downloaded it, the latest version (v8.5.6G at time of this writing) is available at httpFebruary 2016, NMIS is distributed in a self-extracting download format that simplifies the installation process quite a bit.
You can download NMIS from the Opmantek website at https://opmantek.com/.

Download the NMIS distribution archive (a compressed tar file), save it in a convenient place on the machine in question (/tmp or root's home directory are common choices), then unpack the NMIS distribution:

 

Code Block
sudo bash # or use su to gain superuser privileges
tar -xvzf nmis8.5.6g.tar.gz
The unpacking of the tarball in the previous step has created a directory called nmis8.5.6g that contains the installer and all of NMIS' other files.

...

network-tools-download/; the distribution file is called nmis<version>.run, and your browser will likely prompt you regarding what to do with this '.run' file; you should tell it to Save the file, ideally in /tmp.

Starting the Installer

Starting the new self-extracting installer is trivial: you simply tell your shell to run it, using one of two mechanisms:

  1. The simplest way to achieve this is to type "sh ./nmis<version>.run"
  2. You can also modify the permissions of the .run file to indicate that it is executable, then start it directly
    To do so, you'd run "chmod u+x ./nmis<version>.run" followed by "./nmis<version>.run".

The installer will first run an archive integrity check, decompress the archive, then start the interactive phase of the installation. Please note that the installer must be run with superuser privileges; if you're not the root user you'll have to use sudo or su to switch privileges.

The installer takes care of all necessary operations on the supported platforms: all pre-requisite software is installed and configured, an existing NMIS installation is upgraded in place and basic integration of NMIS with the operating system is performed on your behalf as well.

The

...

installer does require Internet access for installing pre-requisites using apt-get, yum

...

and CPAN (but we do have a few suggestions for dealing with a system where Internet access is restricted).

As of 8.5.6G using the installer is the only supported method for installing or upgrading NMIS, simply because the installer by now it  is now quite suitably mature and robust, and because it's very very easy to miss crucial operations in a totally manual installation (but feel free to read the installer source, it's pretty straightforward to figure out what it does, why and how). Please see the Advanced Installer Use section below if you need more precise control over the installer.
The installer is interactive and will commonly generally request your confirmation for any critical operations that it needs to perform; if you don't consent to it making some particular change it will likely show you a message about the consequences of not performing that operation and ask you to confirm that you've read that before continuing the installation.
To use the installer, simply cd into the directory containing the unpacked NMIS source and run the installer script install.pl as root:

 

Code Block
sudo bash # if you're not the superuser yet/anymore
cd nmis8.5.6g
./install.pl
++++++++++++++++++++++++++++++++++++++++++++++++++++++
NMIS Installation Script
++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++
Checking Perl version...
++++++++++++++++++++++++++++++++++++++++++++++++++++++
The version of Perl installed on your server is v5.14.2 and OK
++++++++++++++++++++++++++++++++++++++++++++++++++++++
Checking Dependencies...
++++++++++++++++++++++++++++++++++++++++++++++++++++++
...lots more....

The installer has a very few command line options, which it displays to you when you run it as ./install.pl -h:

  • site=<somedirectory> instructs it to install NMIS into a non-standard directory. Default is /usr/local/nmis8.
  • listdeps=true instructs it to NOT install NMIS at all, but to only perform the dependency resolution and check and install any prerequisites.

    ...

    installation

    ...

    .

     

    And that's really all there is to it! When the installer finishes, NMIS should be fully installed and working.

    Initial NMIS Test

     

    When the installer has completed its work you should be set to start using NMIS. As an initial check of NMIS you should likely try the command line tool nmis.pl and then the NMIS web GUI:

    Code Block
    cd /usr/local/nmis8/
    sudo ./bin/nmis.pl type=audit

    This command will do a quick check of directory and file existence as well as ownership and permissions; if all is well it will not print anything whatsoever.

    ...

     

    If you can't access the NMIS web site check that there is no firewall keeping you from accessing your NMIS system (NMIS needs access to TCP port 80), that the apache web server on your NMIS server is running, and that there is no SELinux throwing a spanner in the works.
    You may need  to check iptables -L on your NMIS server, as well as /etc/selinux/config and the exit code of selinuxenabled.

    SNMPD, Net-SNMP and collecting stats of the NMIS server itself

     

    NMIS8 ships with one default node configured for collection, primarily to prove it is all working. This node is called localhost and NMIS will collect statistics from your NMIS server using SNMP - if an SNMP agent is available, or just Ping statistics if not.

    However, the installer does not automatically configure this local Net-SNMP daemon; if you would like to collect the NMIS server's statistics follow the instructions below - otherwise you're done with the installation.

    You will likely want to consult and use the example configuration for Net-SNMP's snmpd, which ships with NMIS in the file <nmisdir>/install/snmpd.conf.

    Because the installer has installed Net-SNMP for you already, you only need to backup its default config and move in the NMIS example one. You should very much modify this config to secure the SNMP read access according to your organisation's security policy!

     

    Code Block
    cd /usr/local/nmis8
    mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig
    mv /etc/snmp/snmptrapd.conf /etc/snmp/snmptrapd.conf.orig
    cp install/snmpd.conf /etc/snmp/snmpd.conf
    cp install/snmptrapd.conf /etc/snmp
    cp install/snmptrapd.options /etc/sysconfig/snmptrapd # for CentOS/Red Hat only 

    Debian/Ubuntu

     The last command in the list above will fail as there is no /etc/sysconfig directory on this platform.  Instead the snmptrap service is started by the snmpd service, and is enabled by updating the file /etc/default/snmpd:

    Code Block
    TRAPDRUN=yes

     

    Auto Start SNMP Daemons

    Ensure that you tell Linux to start SNMPD automatically

     

    Code Block
    /sbin/chkconfig snmpd on
    /sbin/chkconfig snmptrapd on

    Debian/Ubuntu

     

    Code Block
    sysv-rc-conf snmpd on
    service snmpd start  

     

    Run a Test Update

    Once your local snmpd is running, you can run a test update operation:

     

    Code Block
    sudo /usr/local/nmis8/bin/nmis.pl type=update node=localhost info=true

     

    The output will look similar to this example:

     

    Code Block
    Copyright (C) Opmantek Limited (www.opmantek.com)
    This program comes with ABSOLUTELY NO WARRANTY;
    This is free software licensed under GNU GPL, and you are welcome to
    redistribute it under certain conditions; see www.opmantek.com or email
    contact@opmantek.com
    
    NMIS version 8.5.6G
    
    14:42:47 runPing, INFO (localhost) PING min/avg/max = /0.01/ ms loss=0%
    14:42:47 runPing, Finished with exit=1, nodedown=false
    14:42:47 getNodeInfo, Starting
    14:42:47 getNodeInfo, sysObjectId=1.3.6.1.4.1.8072.3.2.10, sysObjectName=_linux
    ...
    14:42:47 Number of Data Points: 17, Sum of Bytes: 136, RRDs updated: 1, Nodes with Updates: 1
    14:42:47 End of nmis-Config-update-localhost Processed 1 nodes ran for 1 seconds.

    As the installer has already installed the default NMIS cron schedule NMIS will poll and collect all known nodes every 5 minutes. You can now either run a test collect or sit back and wait for NMIS to do the next one automatically:

     

    Code Block
    sudo /usr/local/nmis8/bin/nmis.pl type=collect info=true

    After that collect operation has concluded you should see the newest data for your NMIS server on the NMIS dashboard.

    Advanced Installer Use

    If you want to read the installer source, or access the distributed files without actual installation, then simply pass the arguments –-keep --noexec to the run file invocation, e.g.

    sh ./nmis8.5.10g.run --keep --noexec

    This tells the self-extracting installer to just  unpack the archive (into the directory nmis<version>) and to not start the interactive installer component.

    If you want the installer to install NMIS into a non-standard directory, change to invocation to include site=<somepath (after a -- separator), e.g.

    sh ./nmis8.5.10g.run -- site=/opt/nmis

    If you don't want to perform the actual installation but only perform the software dependency resolution and check and install any prerequisites, use listdeps=true (after a -- separator), e.g.

    sh ./nmis8.5.10g.run -- listdeps=true

    The installer creates a log of all the operations that it performs, which is saved in the main NMIS installation directory as install.log. Subsequent NMIS upgrades add extra information to that log file, but the installer always starts its work with an initial log message that indicates when an installation/upgrade was performed.

    Historical Manual Installation Instructions

    The old manual installation instructions are available for your perusal on this page. Please note that these old instructions are no longer updated and will definitely diverge more or less from current best practice! (which is to let the installer handle the installation intricacies on your behalf).