打赏

部署监控步骤流程

部署监控涉及到如下模块:

1、keycloak的安装

1)、建库:CREATE DATABASE IF NOT EXISTS keycloak DEFAULT CHARSET utf8 COLLATE utf8_general_ci;

2)、导入初始表:mysql -uroot -proot keycloak </root/tielu/oneaa/keycliak_3.sql

3)、装keycloak,并启动:rpm -ivh keycloak-1.5.1-6.noarch.rpm 

修改配置文件/opt/server/keycloak/standalone/configuration/standalone.xml中的数据库连接的用户名和密码。

启动keycloak:/etc/init.d/keycloakd start

4)、java -jar oneaa_sh.jar

用户名:admin,密码:123456,端口默认的是8081

运行完后拷贝keycloak.json

{auth-server-url=http://172.16.65.31:8081/auth, realm=master, resource=One-AA, credentials={secret=9e948a33-64dd-4074-a62e-849cfa01123e}, ssl-required=external, realm-public-key=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkioaUltvle0772GY17a1TCDfjgB0jmvGYYbaM3YYBK+27C1wOGfvOk/gBW2b8cn9RC0+Aw5z6M8hJAypfUKuuLj1nL5seLmH/hS/anBMIc2jfiNVZ3WsyMWGIeLkti0yUc5/pqe6qe8xEuvwRUA83wkZq3879N5l3JzrN7KCLAhw4qHWx5NEEGUlnGlmrz80s1RJ+DjUIZpGTNmLTSDNACnYukfmt4UYtAStoh9Jfy4zTzJ94W9rSIbCLEFYo6CONqNTOUpqoL+Ie30qBMf135HOh80dp2S2yGn7EmLlIlMg/PZ+XRLW2lPOUmRnxwvEE0PzCBkZmLJO0l9+IG+9XwIDAQAB}

这文件拷贝到oneaa前端ui的keycloak.json中去,去掉auth-server-url中的端口号

2、one-aa的安装

1)拷贝one-aa.war拷贝到/opt/server/tomcat/webapps/下,手动解压然后改配置文件

2)创建数据库:CREATE DATABASE IF NOT EXISTS oneaa DEFAULT CHARSET utf8 COLLATE utf8_general_ci;

然后导表

3)创建oneaa权限表,导入:one_aa_sdk_schema.sql

2)identity.conf

keycloak.endpoint=http://172.16.64.139/auth
keycloak.admin.name=admin
keycloak.admin.password=123456
keycloak.admin.clientId=security-admin-console
jdbc.driver=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://172.16.64.139:3306/oneaa?useUnicode=true&characterEncoding=utf-8
jdbc.username=root
jdbc.password=root
#connection pool settings
jdbc.pool.maxIdle=10
jdbc.pool.maxActive=50
ONE_AA_CLIENT=e350cb0c-8f8e-4502-9d1e-39c4165d1e00
ONE_AA_SECRET=63c947b3-d082-4a0c-a8bb-ed93b71913bc
ONE_AA_CLIENT_ID=7459b39a-d0a2-4112-8fe4-db21b8638681
other.endpoints=
COLLECTION_TIME_OUT=2000
COLLECTION_SOCKET_TIME_OUT=8000

mir.sdk.jdbc.driver=com.mysql.jdbc.Driver
mir.sdk.jdbc.url=jdbc:mysql://172.16.64.139:3306/oneaa?useUnicode=true&characterEncoding=utf-8
mir.sdk.jdbc.username=root
mir.sdk.jdbc.password=root
#connection pool settings
mir.sdk.jdbc.pool.maxIdle=10
mir.sdk.jdbc.pool.maxActive=50
#项目地址前缀,可选
#mir.sdk.prefix=/api
mir.sdk.oneaa.endpoint=http://172.16.64.139:8080/one-aa-api
#打印审计日志时指定的log输出目录
mir.sdk.log.space=auditlogger
#是否认证token。true:不需认证;false:需要认证
mir.sdk.auth.bypass=false
#unit:second
mir.sdk.cached.duration=30
#配置policy.xml的路径,可以是classpath下,webapp下或任何一个绝对路径下
mir.sdk.policyFile.path=""

 


3)、log4j.properties文件中去掉systemlogstash,auditlogstash和所有连接远程日志的配置

4)webapps/one-aa-api/WEB-INF/classes下的datasource.properties是否用到了?

5)、建oneaa库:CREATE DATABASE IF NOT EXISTS oneaa DEFAULT CHARSET utf8 COLLATE utf8_general_ci;

执行schema.sql中语句。

3、influxdb

直接运行influxdb目录下的install_influxdb.sh文件。 

sh install_influxdb.sh

4、nginx的安装

直接运行nginx目录中的文件nginx-1.8.0-1.el6.ngx.x86_64.rpm

rpm  -ivh  nginx-1.8.0-1.el6.ngx.x86_64.rpm

配置nginx

文件/etc/nginx/conf.d/mir-ui.conf

 

server {
         listen       80;
         server_name  localhost;
         #charset koi8-r;
         access_log  /var/log/nginx/mir-plus.access.log  main;

         #try_files $uri $uri/ /index.html =404;

         location / {
               root   /opt/server/mir-ui/www/html;
               index  index.html index.htm;
               try_files $uri $uri/ /index.html =404;
         }
         #error_page  404              /404.html;

         # redirect server error pages to the static page /50x.html
         #
         error_page   500 502 503 504  /50x.html;
         location = /50x.html {
               root   /usr/share/nginx/html;
         }
         location /auth
         {
#端口号是keycloak的端口 proxy_pass http://172.16.64.139:8190/auth; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host:$server_port; proxy_set_header X-Forwarded-Proto "https"; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Real-IP $remote_addr; } location /one-aa-api { proxy_pass http://172.16.64.139:8080/one-aa-api; } location /mir-monitoring-api { proxy_pass http://172.16.64.139:8080/mir-monitoring-api; } }

 

5、rabbitmq的安装

直接运行rabbitmq目录下的install_rabbitmq.sh

sh  install_rabbitmq.sh

6、sensu服务器端的安装

直接运行sensu目录下的install_sensu_server.sh

sh  install_sensu_server.sh

7、mysql的安装

mysql目录下有如下文件:

perl-DBD-MySQL-4.013-3.el6.x86_64.rpm

mysql-libs-5.1.73-5.el6_6.x86_64.rpm

mysql-5.1.73-5.el6_6.x86_64.rpm

mysql-server-5.1.73-5.el6_6.x86_64.rpm

安装顺序就按上面的顺序

默认的root用户没有密码,给root用户设置密码:

mysqladmin -u root password 'root'

默认的是远程主机不能访问mysql,设置远程主机也能访问mysql,登录mysql后执行:

grant all privileges on *.* to 'root'@'%' identified by 'root' with grant option;

8、redis的安装

直接运行 sh  install_redis.sh

9、tomcat的安装

rpm -ivh apache-tomcat-8.0.24-4.noarch.rpm

10、mir-monitoring-api的安装

rpm -ivh mir-monitoring-api-1.0-8328.noarch.rpm

实际上是把mir-monitoring-api.war拷贝到tomcat的webapps目录下,手动把war包解压缩。

先在webapps目录下建文件夹:mir-monitoring-api,然后把mir-monitoring-api.war拷贝到该文件夹下,运行如下命令解压:

jar  -xf  mir-monitoring-api.war

创建库:CREATE DATABASE IF NOT EXISTS mirmon DEFAULT CHARSET utf8 COLLATE utf8_general_ci;

修改mir-monitoring-api下的配置文件:

mir-monitoring-api.conf:

全局替换:%s/172.16.64.158/127.0.0.1/g,然后把红线部分换成真实ip地址。

# redis
redis.master.name=mir-mon-redis-master
redis.sentinels=127.0.0.1:26379

# sensu
sensu.api.endpoint=http://127.0.0.1:4567
sensu.api.user=admin
sensu.api.password=secret
sensu.client.host=127.0.0.1

# influxdb
influxdb.api.endpoint=http://127.0.0.1:8086
influxdb.api.user=root
influxdb.api.password=root
influxdb.db.name=dev_test
influxdb.customized.db.name=customized_test

# rabbitmq
rabbitmq.host=172.16.64.139
rabbitmq.port=5672
rabbitmq.user=sensu
rabbitmq.password=sensu

# repo
monitor.repo.path={catalina.home}/webapps/mir-monitoring-api/public
# EDIT ALWAYS
monitor.repo.endpoint=http://172.16.64.139:8080/mir-monitoring-api/public

identity.conf

mir.sdk.jdbc.driver=com.mysql.jdbc.Driver
mir.sdk.jdbc.url=jdbc:mysql://172.16.64.139:3306/mirmon?useUnicode=true&characterEncoding=utf-8
mir.sdk.jdbc.username=root
mir.sdk.jdbc.password=root
#connection pool settings
mir.sdk.jdbc.pool.maxIdle=10
mir.sdk.jdbc.pool.maxActive=50
mir.sdk.prefix=/api
mir.sdk.oneaa.endpoint=http://172.16.64.139:8080/one-aa-api
#下面两个值是在one-aa界面中创建mir-mon的子系统后才能获取到
mir.sdk.oneaa.clientid=035afe44-9850-48d8-ae45-aaf8b8ee40ab
mir.sdk.oneaa.secret=ce03ed1d-ffa9-43c4-b3c5-dcb6f224dba6
mir.sdk.log.space=auditlogger
mir.sdk.auth.bypass=false
#unit:second
mir.sdk.cached.duration=30
mir.sdk.policyFile.path=/WEB-INF/policy.yml

log4j.properties,去掉上报logstash的连接

# Default log level
log4j.rootCategory=WARN, console, file

# Log level
log4j.logger.com.chinacloud=DEBUG

#Audit log
log4j.logger.auditlogger=DEBUG,auditlogger,console

# Console appender
log4j.appender.console=org.apache.log4j.ConsoleAppender
log4j.appender.console.layout=org.apache.log4j.PatternLayout
log4j.appender.console.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,S} [%t] %p %c:%L - %m%n

# Rolling file appender
log4j.appender.file=org.apache.log4j.RollingFileAppender
log4j.appender.file.append=true
log4j.appender.file.file=/var/log/mir-monitoring-api/api.log
log4j.appender.file.Encoding=UTF-8
log4j.appender.file.MaxFileSize=10MB
log4j.appender.file.MaxBackupIndex=4
log4j.appender.file.layout=org.apache.log4j.PatternLayout
log4j.appender.file.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,S} [%t] %p %c:%L - %m%n

# audio log local
log4j.appender.auditlogger=org.apache.log4j.RollingFileAppender
log4j.appender.auditlogger.append=true
log4j.appender.auditlogger.file=/var/log/mir-monitoring-api/audit.log
log4j.appender.auditlogger.MaxFileSize=10MB
log4j.appender.auditlogger.MaxBackupIndex=4
log4j.appender.auditlogger.layout=org.apache.log4j.PatternLayout
log4j.appender.auditlogger.layout.ConversionPattern=%d{yyyy-MM-dd'T'HH:mm:ss.SSS} [%t] %p %c:%L - %m%n
log4j.additivity.auditlogger = false

 

  在one-aa平台中配置子系统url时输入:http://172.16.64.139:8080/mir-monitoring-api/api

测试安装是否成功

curl -X GET  "http://localhost:8080/mir-monitoring-api/api/v1/health"

11、远程监控oracle功能的配置

1. 界面配置weblgoic机器的ip,weblogic端口,weblogic用户名,weblogic密码
1. 界面配置weblgoic机器的ip,weblogic端口,weblogic用户名,weblogic密码
2. 界面配置weblogic机器的ip,oracle端口,oracle用户名,oracle密码
3. 运行界面的命令行安装
4. 修改配置
/etc/sensu/conf.d/oracle_monitor.conf

app_id=3951d7fdfd854ef0b6919989beef06a3
host=10.111.131.60 # 修改为oralce的ip
oracle.username=system
oracle.password=123qweQWE
oracle.port=1521
oracle.sid=xe

下面这个配置应该不用改,检查对比下
/etc/sensu/conf.d/oracle_monitor.json
{
  "checks": {
    "oracle_monitor": {
      "interval": 60,
      "command": "/bin/bash /etc/sensu/plugins/monitor.oracle-1.0-SNAPSHOT/bin/monitor.sh /etc/sensu/conf.d/oracle_monitor.conf",
      "type": "metric",
      "handlers": [
        "influxdb"
      ],
      "standalone": true
    }
  }
}

 重启sensu-client

 

12、mir-ui的安装

rpm -ivh mir-ui.rpm

安装到/opt/server/mir-ui中。目录/opt/server/mir-ui/www/html下文件:keycloak.json

红色部分的ip地址要与nginx中的地址对应,注意没有端口

{
  "realm": "master",
  "realm-public-key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyu+8QNRAk4fd/CfRPXqbRlHNjRHXySFBw9ys/1ozJufp9yKyopnXSsdftub/O+At9tirbd4SOWmEPHEVDzs0ywsHmS1DhWs5mTAYNesLSn6lm+oocPGrdMlG/xN0rUEgX27O7VZz6FpVP5HEDzp1Klp3ui+ZvUyGXGdX3TesNdFSSefJZF3ze1miv2/c6y2nSSJ8yDqR5BVyG+igbfl2A6jvZSTyC8sKH5HOyBSSFBTY124o1weCVN6GEuCXwdTIbiSNHA0XDjTymHFwGCw14Bm4yzIuaXsXo3qG3tRR7DPHTxaILfWfx8DPaQnNSne0B/xlIylcZZubWRIY9mjvUQIDAQAB",
  "auth-server-url": "http://172.16.64.139/auth",
  "ssl-required": "external",
  "resource": "One-AA",
  "credentials": {
    "secret": "8f9e3d07-a608-4c3b-9b43-ef3d88ffce97"
  }
}

 13、其他:

查看hostname:hostname

将hostname加到/etc/hosts里面

rpm -e sensu

rm -rf /etc/sensu

rm -rf /var/log/sensu/

rm -rf /var/run/sensu/

启动weblogic的监控端口:

root -c "/usr/java/latest/bin/jcmd 1579 ManagementAgent.start jmxremote.ssl=false jmxremote.port=9000 jmxremote.rmi.port=9000 jmxremote.authenticate=false jmxremote.autodiscovery=true"

/usr/local/jdk1.7/bin/jcmd 1579 ManagementAgent.start jmxremote.ssl=false jmxremote.port=9000 jmxremote.rmi.port=9000 jmxremote.authenticate=false jmxremote.autodiscovery=true

 

查看influxdb的界面:http://172.16.65.31:8083/   root/root

 list series

select * from oracle.time_ratio.cpu_time_ratio limit 100

时间格式化:date -d@1456132606

查看是什么程序占用进程: lsof -i:50122 
posted @ 2016-02-18 18:39  矮子爬楼梯  阅读(2014)  评论(0编辑  收藏  举报