Grafana Installation\OracleLinux

Latest revision as of 10:23, 26 September 2016

Ubuntu Installation | OracleLinux Installation

[edit] Overview

Grafana Installation on Oracle Linux 6.8

[edit] Network Config

If you installed the basic package, most likely the NIC is not configured for DHCP. try:

User ~ $ system-config-network

Once DHCP is configured, the next step is to restart the NIC.

User ~ $ ifdown eth0
User ~ $ ifup eth0
 
Determining IP information for eth0... done.
User ~ $ifconfig eth0

Make sure your hostname is defined in /etc/sysconfig/network

HOSTNAME=server.fqdn.com

Also for the network config, put your FQDN in the hosts file @ /etc/hosts

127.0.0.1   server.fqdn.com
::1   server.fqdn.com
OR
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
ip.address	fqdn.hostname

[edit] connect on boot

By default the network interface comes turned off on boot.

~$ sudo vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:0c:29:4f:09:c8
TYPE=Ethernet
UUID=5eed1f7e-74da-4841-b03b-3d4cc0812ade
ONBOOT=no
NM_CONTROLLED=yes
BOOTPROTO=dhcp
USERCTL=no
PEERDNS=yes
IPV6INIT=no

Change it so it automatically starts and connects on boot

ONBOOT=yes

[edit] Sudoers Config

Personally I prefer to use a group for sudoer management. Specify a unique UID so that it will be the same on all servers (manually dictate).

# groupadd -g <unique UID> sudo

Now we can add the group to the sudoers file

# visudo
Add the following under the entry for root

## Allows members of the 'sudo' group to run all commands anywhere
%sudo     ALL=(ALL)          ALL

Add new user(s) and make them a part of the new sudo group

# useradd -G sudo -u <unique UID> user_a

Change the password of the user

# passwd <username>

[edit] SSH Config

With Oracle Linux 6.8, openssh should be installed by default, but if it isnt:

#yum install openssl openssh-server

[edit] Grafana Repo

Create a new repo file for grafana

~$ sudo vi /etc/yum.repos.d/grafana.repo
Add:
[grafana]
name=grafana
baseurl=https://packagecloud.io/grafana/stable/el/6/$basearch
repo_gpgcheck=1
enabled=1
gpgcheck=1
gpgkey=https://packagecloud.io/gpg.key https://grafanarel.s3.amazonaws.com/RPM-GPG-KEY-grafana
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt

Update repo cache

~$ sudo yum makecache

[edit] Grafana, MySQL, Apache2 Installation

Now lets install grafana and the other required packages

~$ sudo yum install grafana mysql-server httpd

Start grafana

~$ sudo service grafana-server start

Make grafana start at boot

~$ sudo /sbin/chkconfig --add grafana-server

[edit] MySQL Configuration

We already downloaded and installed mysql in the last step, so lets now configure it.
Make sure mysql is started.

~$ sudo service mysqld status
or
sudo service mysqld start

setup the basics

~$ sudo mysql_secure_installation
Enter current password for root (enter for none): [enter]
Set root password? [Y/n] y
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] y
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y

Add user and Database

~$ mysql -u root -p
~$ mysql> CREATE USER 'grafana'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';
~$ mysql> CREATE DATABASE grafanadatabase;
~$ mysql> GRANT ALL PRIVILEGES ON grafana.* TO 'grafana'@'localhost' IDENTIFIED BY 'grafanauserpassword' WITH GRANT OPTION;
~$ mysql> exit

verify permissions have been granted

~$ mysql -u grafana -p
~$ mysql> SHOW GRANTS;
+---------------------------------------------------------------------------------------------------------------+
| Grants for grafana@localhost                                                                                   |
+---------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'grafana'@'localhost' IDENTIFIED BY PASSWORD '*2K21458K438UYE85A38B9Y7Y78DAEBF4T8689YK4' |
| GRANT ALL PRIVILEGES ON `grafanadatabase`.* TO 'grafana'@'localhost' WITH GRANT OPTION                          |
+---------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)

[edit] Configure Grafana

Edit /etc/grafana/grafana.ini and fill in the nessesary components.

~$ sudo vi /etc/grafana/grafana.ini

[database]
[database]
# Either "mysql", "postgres" or "sqlite3", it's your choice
type = mysql
host = 127.0.0.1:3306
name = grafanadatabase
user = grafana
password = grafanauserpassword

[server]
protocol = http
http_addr = 127.0.0.1
http_port = 3000
domain = grafana.domain.com
enforce_domain = true
root_url = %(protocol)s://%(domain)s/

[security]
admin_user = admin
admin_password = SecureAdminPass
secret_key = somelongrandomstringkey

[edit] Apache Config Prep

Before we can move on to the apache config, we need to make sure we can install the appropriate mods. If you have not added the epel repos, then you probably wont find these:

~$ sudo yum info mod_proxy_html
Loaded plugins: security, ulninfo
Error: No matching Packages to list

You can confirm you don't have the EPEL repos also:

~$ yum repolist
Loaded plugins: security, ulninfo
grafana                                                                                   14/14
repo id           repo name                                                               status
grafana           grafana                                                                     14
public_ol6_UEKR4  Latest Unbreakable Enterprise Kernel Release 4 for Oracle Linux 6Server    179
public_ol6_latest Oracle Linux 6Server Latest (x86_64)                                    36,466
repolist: 36,659

[edit] Adding EPEL repos

So let's add the EPEL repos:

~$ wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
~$ rpm -ivh epel-release-6-8.noarch.rpm
~$ yum repolist
Loaded plugins: security, ulninfo
epel/metalink                                                            |  13 kB     00:00     
epel                                                                     | 4.3 kB     00:00     
epel/primary_db                                                          | 5.9 MB     00:00     
repo id           repo name                                                               status
epel              Extra Packages for Enterprise Linux 6 - x86_64                          12,221
grafana           grafana                                                                     14
public_ol6_UEKR4  Latest Unbreakable Enterprise Kernel Release 4 for Oracle Linux 6Server    179
public_ol6_latest Oracle Linux 6Server Latest (x86_64)                                    36,466
repolist: 48,880

[edit] Installing mod_proxy_html

This mod, mod_proxy_html, contains both of the mods we need to add:

mod_proxy_html
mod_xml2enc

If you wanted to check this before installing, you could do:

$ sudo repoquery -l mod_proxy_html

/etc/httpd/conf.d/proxy_html.conf
/usr/lib64/httpd/modules/mod_proxy_html.so
/usr/lib64/httpd/modules/mod_xml2enc.so
/usr/share/doc/mod_proxy_html-3.1.2
/usr/share/doc/mod_proxy_html-3.1.2/COPYING
/usr/share/doc/mod_proxy_html-3.1.2/README

To install is simple:

~$ sudo yum install mod_proxy_html

Restart apache

~$ sudo service httpd restart

and check to verify the new mods are listed

~$ ls /etc/httpd/modules/
These should be listed:
mod_proxy_html.so
mod_xml2enc.so

There's no need to list a LoadModule entry for these in /etc/httpd/conf/httpd.conf because the package added /etc/httpd/conf.d/proxy_html.conf which contains both already.
httpd.conf should have an include statement to pull in all conf files from /etc/httpd/conf.d/*.conf like so:

Include conf.d/*.conf

[edit] Apache Config

make a backup of the default httpd.conf

~$ sudo cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.default

make sure that the following is in your httpd.conf and is NOT commented out

Include conf.d/*.conf

also in httpd.conf make sure to specify your host's name

ServerName server.fqdn.com

Make a new conf file just for this site under /etc/httpd/conf.d/
edit grafana.conf

~$ sudo vi /etc/httpd/conf.d/grafana.conf
add:
<VirtualHost *:80>
 	ProxyPreserveHost On
 	ProxyPass / http://127.0.0.1:3000/ retry=0 timeout=5
 	ProxyPassReverse / http://127.0.0.1:3000/
 	ServerName grafana.domain.com
       TransferLog logs/servername-access_log
       ErrorLog logs/servername-error_log
</VirtualHost>

NOTE: In order for the http reverse proxy feature to work, you MUST use a fqdn. You cannot use an IP address as the ServerName or Hostname

[edit] SELinux Allow

By default SELinux will block the reverse proxy from working. You'll see something like this:

~$ sudo vi /var/log/audit/audit.log
type=AVC msg=audit(1265039669.305:14): avc:  denied  { name_connect } for  pid=4343 comm="httpd" dest=7009 
scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket

To test and see if it's an issue with SELinux, you can do a quick test by setting it to permissive, which should maintain until the next reboot.

<nowik>~$ sudo setenforce permissive</nowiki>

If this does the trick, try being more specific

~$ /usr/sbin/setsebool httpd_can_network_connect 1

In order to fix this permanently, you can do

~$ /usr/sbin/setsebool -P httpd_can_network_connect 1

Or you can set SELinux to permissive across the board (semi-disabling)

~$ sudo vi /etc/sysconfig/selinux
Change
SELINUX=enforcing 
>>
SELINUX=permissive

@@ Line 1: / Line 1: @@
+[[Grafana_Installation|Ubuntu Installation]] | [[Grafana_Installation\OracleLinux|OracleLinux Installation]]
 ==Overview==
 Grafana Installation on Oracle Linux 6.8
@@ Line 15: / Line 16: @@
 Also for the network config, put your FQDN in the hosts file @ /etc/hosts
   <nowiki>127.0.0.1   server.fqdn.com
-::1   server.fqdn.com</nowiki>
+::1   server.fqdn.com
+OR
+.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
+::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
+ip.address	fqdn.hostname
+</nowiki>
 ====connect on boot====
 By default the network interface comes turned off on boot.
@@ Line 41: / Line 47: @@
 ## Allows members of the 'sudo' group to run all commands anywhere
 %sudo     ALL=(ALL)          ALL</nowiki>
+Add new user(s) and make them a part of the new sudo group
+ <nowiki># useradd -G sudo -u <unique UID> user_a</nowiki>
+Change the password of the user
+ <nowiki># passwd <username></nowiki>
+==SSH Config==
+With Oracle Linux 6.8, openssh should be installed by default, but if it isnt:
+ <nowiki>#yum install openssl openssh-server</nowiki>
+==Grafana Repo==
+Create a new repo file for grafana
+ <nowiki>~$ sudo vi /etc/yum.repos.d/grafana.repo
+Add:
+[grafana]
+name=grafana
+baseurl=https://packagecloud.io/grafana/stable/el/6/$basearch
+repo_gpgcheck=1
+enabled=1
+gpgcheck=1
+gpgkey=https://packagecloud.io/gpg.key https://grafanarel.s3.amazonaws.com/RPM-GPG-KEY-grafana
+sslverify=1
+sslcacert=/etc/pki/tls/certs/ca-bundle.crt</nowiki>
+Update repo cache
+ <nowiki>~$ sudo yum makecache</nowiki>
+==Grafana, MySQL, Apache2 Installation==
+Now lets install grafana and the other required packages
+ <nowiki>~$ sudo yum install grafana mysql-server httpd</nowiki>
+Start grafana
+ <nowiki>~$ sudo service grafana-server start</nowiki>
+Make grafana start at boot
+ <nowiki>~$ sudo /sbin/chkconfig --add grafana-server</nowiki>
+==MySQL Configuration==
+We already downloaded and installed mysql in the last step, so lets now configure it.<br>
+Make sure mysql is started.
+ <nowiki>~$ sudo service mysqld status
+or
+sudo service mysqld start </nowiki>
+setup the basics
+ <nowiki>~$ sudo mysql_secure_installation
+Enter current password for root (enter for none): [enter]
+Set root password? [Y/n] y
+Remove anonymous users? [Y/n] y
+Disallow root login remotely? [Y/n] y
+Remove test database and access to it? [Y/n] y
+Reload privilege tables now? [Y/n] y</nowiki>
+Add user and Database
+ <nowiki>~$ mysql -u root -p
+~$ mysql> CREATE USER 'grafana'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED';
+~$ mysql> CREATE DATABASE grafanadatabase;
+~$ mysql> GRANT ALL PRIVILEGES ON grafana.* TO 'grafana'@'localhost' IDENTIFIED BY 'grafanauserpassword' WITH GRANT OPTION;
+~$ mysql> exit</nowiki>
+verify permissions have been granted
+ <nowiki>~$ mysql -u grafana -p
+~$ mysql> SHOW GRANTS;
++---------------------------------------------------------------------------------------------------------------+
+| Grants for grafana@localhost                                                                                   |
++---------------------------------------------------------------------------------------------------------------+
+| GRANT USAGE ON *.* TO 'grafana'@'localhost' IDENTIFIED BY PASSWORD '*2K21458K438UYE85A38B9Y7Y78DAEBF4T8689YK4' |
+| GRANT ALL PRIVILEGES ON `grafanadatabase`.* TO 'grafana'@'localhost' WITH GRANT OPTION                          |
++---------------------------------------------------------------------------------------------------------------+
+row in set (0.00 sec)</nowiki>
+==Configure Grafana==
+Edit <code>/etc/grafana/grafana.ini</code> and fill in the nessesary components.
+ <nowiki>~$ sudo vi /etc/grafana/grafana.ini
+[database]
+[database]
+# Either "mysql", "postgres" or "sqlite3", it's your choice
+type = mysql
+host = 127.0.0.1:3306
+name = grafanadatabase
+user = grafana
+password = grafanauserpassword
+[server]
+protocol = http
+http_addr = 127.0.0.1
+http_port = 3000
+domain = grafana.domain.com
+enforce_domain = true
+root_url = %(protocol)s://%(domain)s/
+[security]
+admin_user = admin
+admin_password = SecureAdminPass
+secret_key = somelongrandomstringkey
+</nowiki>
+==Apache Config Prep==
+Before we can move on to the apache config, we need to make sure we can install the appropriate mods.  If you have not added the epel repos, then you probably wont find these:
+ <nowiki>~$ sudo yum info mod_proxy_html
+Loaded plugins: security, ulninfo
+Error: No matching Packages to list</nowiki>
+You can confirm you don't have the EPEL repos also:
+ <nowiki>~$ yum repolist
+Loaded plugins: security, ulninfo
+grafana                                                                                   14/14
+repo id           repo name                                                               status
+grafana           grafana                                                                     14
+public_ol6_UEKR4  Latest Unbreakable Enterprise Kernel Release 4 for Oracle Linux 6Server    179
+public_ol6_latest Oracle Linux 6Server Latest (x86_64)                                    36,466
+repolist: 36,659</nowiki>
+===Adding EPEL repos===
+So let's add the EPEL repos:
+ <nowiki>~$ wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
+~$ rpm -ivh epel-release-6-8.noarch.rpm
+~$ yum repolist
+Loaded plugins: security, ulninfo
+epel/metalink                                                            |  13 kB     00:00
+epel                                                                     | 4.3 kB     00:00
+epel/primary_db                                                          | 5.9 MB     00:00
+repo id           repo name                                                               status
+epel              Extra Packages for Enterprise Linux 6 - x86_64                          12,221
+grafana           grafana                                                                     14
+public_ol6_UEKR4  Latest Unbreakable Enterprise Kernel Release 4 for Oracle Linux 6Server    179
+public_ol6_latest Oracle Linux 6Server Latest (x86_64)                                    36,466
+repolist: 48,880</nowiki>
+===Installing mod_proxy_html===
+This mod, <code>mod_proxy_html</code>, contains both of the mods we need to add:
+ <nowiki>mod_proxy_html
+mod_xml2enc</nowiki>
+If you wanted to check this before installing, you could do:
+ <nowiki>$ sudo repoquery -l mod_proxy_html
+/etc/httpd/conf.d/proxy_html.conf
+/usr/lib64/httpd/modules/mod_proxy_html.so
+/usr/lib64/httpd/modules/mod_xml2enc.so
+/usr/share/doc/mod_proxy_html-3.1.2
+/usr/share/doc/mod_proxy_html-3.1.2/COPYING
+/usr/share/doc/mod_proxy_html-3.1.2/README</nowiki>
+To install is simple:
+ <nowiki>~$ sudo yum install mod_proxy_html</nowiki>
+Restart apache
+ <nowiki>~$ sudo service httpd restart</nowiki>
+and check to verify the new mods are listed
+ <nowiki>~$ ls /etc/httpd/modules/
+These should be listed:
+mod_proxy_html.so
+mod_xml2enc.so</nowiki>
+There's no need to list a LoadModule entry for these in <code>/etc/httpd/conf/httpd.conf</code> because the package added <code>/etc/httpd/conf.d/proxy_html.conf</code> which contains both already.<br>
+httpd.conf should have an include statement to pull in all conf files from <code>/etc/httpd/conf.d/*.conf</code> like so:
+ <nowiki>Include conf.d/*.conf</nowiki>
+==Apache Config==
+make a backup of the default httpd.conf
+ ~$ sudo cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.default
+make sure that the following is in your httpd.conf and is NOT commented out
+ Include conf.d/*.conf
+also in httpd.conf make sure to specify your host's name
+ ServerName server.fqdn.com
+Make a new conf file just for this site under /etc/httpd/conf.d/<br>
+edit grafana.conf
+ <nowiki>~$ sudo vi /etc/httpd/conf.d/grafana.conf
+add:
+<VirtualHost *:80>
+ 	ProxyPreserveHost On
+ 	ProxyPass / http://127.0.0.1:3000/ retry=0 timeout=5
+ 	ProxyPassReverse / http://127.0.0.1:3000/
+ 	ServerName grafana.domain.com
+       TransferLog logs/servername-access_log
+       ErrorLog logs/servername-error_log
+</VirtualHost></nowiki>
+<br>
+'''NOTE:''' In order for the http reverse proxy feature to work, you '''MUST''' use a fqdn.   You cannot use an IP address as the ServerName or Hostname
+==SELinux Allow==
+By default SELinux will block the reverse proxy from working.  You'll see something like this:
+ <nowiki>~$ sudo vi /var/log/audit/audit.log
+type=AVC msg=audit(1265039669.305:14): avc:  denied  { name_connect } for  pid=4343 comm="httpd" dest=7009
+scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket
+</nowiki>
+To test and see if it's an issue with SELinux, you can do a quick test by setting it to permissive, which should maintain until the next reboot.
+ <nowik>~$ sudo setenforce permissive</nowiki>
+If this does the trick, try being more specific
+ <nowiki>~$ /usr/sbin/setsebool httpd_can_network_connect 1</nowiki>
+In order to fix this permanently, you can do
+ <nowiki>~$ /usr/sbin/setsebool -P httpd_can_network_connect 1</nowiki>
+Or you can set SELinux to permissive across the board (semi-disabling)
+ <nowiki>~$ sudo vi /etc/sysconfig/selinux
+Change
+SELINUX=enforcing
+>>
+SELINUX=permissive</nowiki>

Grafana Installation\OracleLinux

Latest revision as of 10:23, 26 September 2016

Contents

[edit] Overview

[edit] Network Config

[edit] connect on boot

[edit] Sudoers Config

[edit] SSH Config

[edit] Grafana Repo

[edit] Grafana, MySQL, Apache2 Installation

[edit] MySQL Configuration

[edit] Configure Grafana

[edit] Apache Config Prep

[edit] Adding EPEL repos

[edit] Installing mod_proxy_html

[edit] Apache Config

[edit] SELinux Allow

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Mediawiki

Confluence

DevOps Tools

Open Source Products

Ubuntu

Ubuntu 22

Mac OSX

Oracle Linux

AWS

Windows

OpenVPN

Grafana

InfluxDB2

TrueNas

MagicMirror

OwnCloud

Pivotal

osTicket

OTRS

phpBB

WordPress

VmWare ESXI 5.1

Crypto currencies

HTML

CSS

Python

Java Script

PHP

Raspberry Pi

Canvas LMS

Kaltura Media Server

Plex Media Server

MetaSploit

Zoneminder

ShinobiCE

Photoshop CS2

Fortinet

Uploaded

Certifications

General Info

Games

Meal Plans

NC Statutes

Politics

Volkswagen

Covid

NCDMV

Toolbox