Introduction
This document will describe how to install NMIS8 (Version 8.5.6G and newer) on GNU/Linux systems.
Caveats
NMIS8 has been widely deployed and tested on many Linux distros, with Red Hat/CentOS being the most popular. This document contains variations specific to several Linux distros, but not all of them have been tested equally heavily: Centos 6, Debian 7, Ubuntu 12 and 14 are our main platforms for in-house testing.
We appreciate your feedback and any modifications or changes that you might submit to support@opmantek.com.
Assumptions
The reader is assumed to have a working knowledge of UNIX or GNU/Linux systems, how to compile software, and what Perl is. While NMIS is written in Perl, you do not need to be a "Perl hacker" to install this program and make it work.
Also, this document will use the <nmisdir> tag to refer to NMIS's installation directory. The default location is /usr/local/nmis8
.
The Installation Process
Linux Distribution
First, install your GNU/Linux distribution. It is recommended to select a basic installation type with no extra stuff. That means no GNOME, KDE, "Server" packages, or anything else.
Linux Security Settings: SELinux and Firewalling
If you're running CentOS or any other Red Hat-derived distribution, we recommend that you turn off SELinux. Permissive mode was tested and it worked well, just very nagging; the default mode is known to interfere with NMIS. Disabling SELinux is a lot easier than performing the extensive configuration that SELinux needs.
Similarly, if you have a firewall on your server (e.g. iptables) you need to make sure that it accepts incoming HTTP (possibly HTTPS) connections, and SNMP traps and Syslog connections/packets. This involves TCP ports 80 and 443, and UDP ports 161, 162 and 514.
NMIS8 Installation
And speaking of NMIS, if you haven't already downloaded it, the latest version (v8.5.6G at time of this writing) is available at http://opmantek.com/.
Download the NMIS distribution archive (a compressed tar file), save it in a convenient place on the machine in question (/tmp
or root
's home directory are common choices), then unpack the NMIS distribution:
sudo bash # or use su to gain superuser privileges tar -xvzf nmis8.5.6g.tar.gz
nmis8.5.6g
that contains the installer and all of NMIS' other files.cd
into the directory containing the unpacked NMIS source and run the installer script install.pl
as root
:
sudo bash # if you're not the superuser yet/anymore cd nmis8.5.6g ./install.pl ++++++++++++++++++++++++++++++++++++++++++++++++++++++ NMIS Installation Script ++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Checking Perl version... ++++++++++++++++++++++++++++++++++++++++++++++++++++++ The version of Perl installed on your server is v5.14.2 and OK ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Checking Dependencies... ++++++++++++++++++++++++++++++++++++++++++++++++++++++ ...lots more....
The installer has a very few command line options, which it displays to you when you run it as ./install.pl -h
:
- site=<somedirectory> instructs it to install NMIS into a non-standard directory. Default is
/usr/local/nmis8
. - listdeps=true instructs it to NOT install NMIS at all, but to only perform the dependency resolution and check and install any prerequisites.
The installer creates a log of all the operations that it performs, which is saved in the main NMIS installation directory as install.log
. Subsequent NMIS upgrades add extra information to that log file, but the installer always starts its work with an initial log message that indicates when an installation/upgrade was performed.
Initial NMIS Test
When the installer has completed its work you should be set to start using NMIS. As an initial check of NMIS you should likely try the command line tool nmis.pl
and then the NMIS web GUI:
cd /usr/local/nmis8/ sudo ./bin/nmis.pl type=audit
This command will do a quick check of directory and file existence as well as ownership and permissions; if all is well it will not print anything whatsoever.
http://<yourhostname-or-ip>/nmis8/
, and that page shows both a link to the NMIS dashboard and the online NMIS documentation.Check the NMIS Dashboard. After authenting you should see the dashboard in all its glory, likely overlapped by the "Basic Setup" helper panel if this is an NMIS installation from scratch.
iptables -L
on your NMIS server, as well as /etc/selinux/config
and the exit code of selinuxenabled
.SNMPD, Net-SNMP and collecting stats of the NMIS server itself
NMIS8 ships with one default node configured for collection, primarily to prove it is all working. This node is called localhost
and NMIS will collect statistics from your NMIS server using SNMP - if an SNMP agent is available, or just Ping statistics if not.
However, the installer does not automatically configure this local Net-SNMP daemon; if you would like to collect the NMIS server's statistics follow the instructions below - otherwise you're done with the installation.
You will likely want to consult and use the example configuration for Net-SNMP's snmpd
, which ships with NMIS in the file <nmisdir>/install/snmpd.conf
.
Because the installer has installed Net-SNMP for you already, you only need to backup its default config and move in the NMIS example one. You should very much modify this config to secure the SNMP read access according to your organisation's security policy!
cd /usr/local/nmis8 mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig mv /etc/snmp/snmptrapd.conf /etc/snmp/snmptrapd.conf.orig cp install/snmpd.conf /etc/snmp/snmpd.conf cp install/snmptrapd.conf /etc/snmp cp install/snmptrapd.options /etc/sysconfig/snmptrapd # for CentOS/Red Hat only
Debian/Ubuntu
The last command in the list above will fail as there is no /etc/sysconfig directory on this platform. Instead the snmptrap service is started by the snmpd service, and is enabled by updating the file /etc/default/snmpd:
TRAPDRUN=yes
Auto Start SNMP Daemons
Ensure that you tell Linux to start SNMPD automatically
/sbin/chkconfig snmpd on /sbin/chkconfig snmptrapd on
Debian/Ubuntu
sysv-rc-conf snmpd on service snmpd start
Run a Test Update
Once your local snmpd
is running, you can run a test update operation:
sudo /usr/local/nmis8/bin/nmis.pl type=update node=localhost info=true
The output will look similar to this example:
Copyright (C) Opmantek Limited (www.opmantek.com) This program comes with ABSOLUTELY NO WARRANTY; This is free software licensed under GNU GPL, and you are welcome to redistribute it under certain conditions; see www.opmantek.com or email contact@opmantek.com NMIS version 8.5.6G 14:42:47 runPing, INFO (localhost) PING min/avg/max = /0.01/ ms loss=0% 14:42:47 runPing, Finished with exit=1, nodedown=false 14:42:47 getNodeInfo, Starting 14:42:47 getNodeInfo, sysObjectId=1.3.6.1.4.1.8072.3.2.10, sysObjectName=_linux ... 14:42:47 Number of Data Points: 17, Sum of Bytes: 136, RRDs updated: 1, Nodes with Updates: 1 14:42:47 End of nmis-Config-update-localhost Processed 1 nodes ran for 1 seconds.
As the installer has already installed the default NMIS cron schedule NMIS will poll and collect all known nodes every 5 minutes. You can now either run a test collect or sit back and wait for NMIS to do the next one automatically:
sudo /usr/local/nmis8/bin/nmis.pl type=collect info=true
After that collect operation has concluded you should see the newest data for your NMIS server on the NMIS dashboard.
Historical Manual Installation Instructions
The old manual installation instructions are available for your perusal on this page. Please note that these old instructions are no longer updated and will definitely diverge more or less from current best practice! (which is to let the installer handle the installation intricacies on your behalf)