1.wgcloud监控介绍
1.1 介绍
这是一款开源的主机监控系统,可以支持主机各种指标监测(cpu使用率,cpu温度,内存使用率,磁盘容量空间,磁盘IO,硬盘SMART健康状态,系统负载,连接数量,网卡流量,硬件系统信息等)。支持监测服务器上的进程应用、文件、端口、日志、DOCKER容器、数据库、数据表等资源。支持监测服务接口API、数通设备(如交换机、路由器、打印机)PING和SNMP监测、自定义监控指令等。自动生成网络拓扑图,大屏可视化,web SSH,统计分析报表,指令下发批量执行,FTP监测,资产管理,设备账号管理,故障告警信息推送(如邮件、钉钉、微信、短信等)
1.2 支持监控的主机
- 支持监测Linux:Debian,RedHat,CentOS,Ubuntu,Fedora,SUSE,麒麟,统信(UOS),龙芯(mips)等
- 支持监测Windows:Windows Server 2008 R2,Windows Server 2012,2016,2019,2022,Windows 7,Windows 8,Windows 10,Windows 11
- 支持监测Unix:Solaris,FreeBSD,OpenBSD,AIX
- 支持监测MacOS:MacOS amd64,MacOS arm64
- 其他支持:ARM,Android(安卓),Riscv64,S390x,树莓派等
2.wgcloud的搭建
2.1 Server端的搭建
2.1.1 监控机安装JDK
爪哇下载 |甲骨文中国 (oracle.com)
`查看主机中是否安装了Java
[root@localhost ~]# rpm -qa | grep java
`查看仓库中的java软件包
[root@localhost ~]# yum -y list java*
`下载开发者版本
[root@localhost ~]# yum install java-1.8.0-openjdk-devel.x86_64
`查看是否下载成功
[root@localhost ~]# java -version
`通过Yum安装的jdk一般在/usr/lib/jvm
`配置环境变量
[root@localhost ~]# cat > /etc/profile.d/jdk.sh << EOF
JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.322.b06-1.el7_9.x86_64
JRE_HOME=$JAVA_HOME/jre
CLASS_PATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib
PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin
export JAVA_HOME JRE_HOME CLASS_PATH PATH
EOF
`初始化环境变量,让环境变量永久生效
[root@localhost ~]# source /etc/profile.d/jdk.sh
2.1.2 监控机安装MySQL数据库
`使用Yum安装Mariadb
[root@localhost ~]# yum -y install mariadb*
`启动数据库并设置为自启动
[root@localhost ~]# systemctl start mariadb.service;systemctl enable mariadb.service
`初始化数据库并设置密码
[root@localhost ~]# mysqladmin -uroot password "******"
`添加远程访问权限
MariaDB [(none)]> use mysql;
MariaDB [mysql]> grant all privileges on *.* to root@'%' identified by '123456';
MariaDB [mysql]> flush privileges;
2.1.3 监控机安装wgcloud
[root@localhost ~]# wget https://www.wgstart.com/download/3.4.6/wgcloud-v3.4.6.tar.gz
[root@localhost ~]# tar -zxf wgcloud-v3.4.6.tar.gz -C /usr/local/
`在服务端进行初始化数据库,导入或运行SQL语句
`第一步:创建数据库,名称为wgcloud,字符集设置为UTF-8
[root@localhost ~]# mysql -uroot -p12345
MariaDB [(none)]> create database if not exists wgcloud character set utf8 collate utf8_general_ci;
MariaDB [(none)]> create user wgcloud@localhost identified by 'wgcloud123';
MariaDB [(none)]> grant all privileges on wgcloud.* to wgcloud@localhost;
MariaDB [(none)]> flush privileges;
`第二步:在wgcloud数据库,导入或运行/usr/local/wgcloud-v3.4.6文件夹中的wgcloud-MySQL.sql文件
MariaDB [none]> use wgcloud;
MariaDB [wgcloud]> source /usr/local/wgcloud-v3.4.6/wgcloud-MySQL.sql;
2.1.4 在服务端进行Server配置及启动
`配置/usr/local/wgcloud-v3.4.6/server/config/application.yaml文件
`配置/usr/local/wgcloud-v3.4.6/agent/config/application.properties文件
注意:properties类型文件中的等号后面不需要保留空格。agent主动单向给server上报采集数据,agent主机不需要开启任何端口,因为server不会访问agent
2.1.5 启动Serveri端和Agent端
[root@localhost ~]# cd /usr/local/wgcloud-v3.4.6/server/
[root@localhost server]# ./start.sh
./wgcloud-server-release.jar
wgcloud-server程序开始启动
./wgcloud-daemon-release
wgcloud-daemon程序开始启动
[root@localhost server]# cd ../agent/
[root@localhost agent]# ./start.sh
./wgcloud-agent-release
wgcloud-agent程序开始启动
[root@localhost agent]# lsof -i:9999
2.1.6 访问http://IP地址:Port/wgcloud
2.2 Agent的搭建
2.2.1 在客户端安装wgcloud
[root@localhost ~]# wget https://www.wgstart.com/download/3.4.6/wgcloud-v3.4.6.tar.gz
[root@localhost ~]# tar -zxf wgcloud-v3.4.6.tar.gz -C /usr/local/
2.2.2 修改Agent配置文件
`修改serverUrl为:http://Serverip:port
2.2.3 启动Agent
[root@localhost ~]# bash /usr/local/wgcloud-v3.4.1/agent/.start.sh
2.2.4 查看监控情况
2.3 使用system管理wgcloud
`使用system管理wgcloud
[root@localhost ~]# cat > /usr/lib/systemd/system/wgcloud.service << EOF
[Unit]
Description=wgcloud sever
After=network.target syslog.target
[Service]
Type=forking
User=root
ExecStart=/usr/local/wgcloud/server/start.sh
ExecStop=/usr/local/wgcloud/server/stop.sh
ExecReload=/usr/local/wgcloud/server/stop.sh;/usr/local/wgcloud/server/start.sh
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
[root@localhost ~]# systemctl daemon-reload
3.使用Nginx服务器管理wgcloud
3.1 配置Nginx基础配置
`配置Nginx.conf文件中包括错误日志生成路径,进程限制,访问日志格式
user nginx;
worker_processes auto;
worker_cpu_affinity auto; #CPU亲和配置
worker_rlimit_nofile 1024; #进程限制
error_log /data/log/nginx/error.log;
# error_log的级别分为debug,info,notice,warn,error,crit,默认为error
# debug:调试消息
# info:信息性消息
# notice:公告
# warn:警告
# error:处理请求时出错
# alert:警告.必须立即采取行动
# emerg: 紧急情况.系统处于无法使用的状态
events {
worker_connections 1024;
use epoll; # 配置事件驱动模块
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr $host - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# remote_addr:客户端IP地址
# remote_user:客户端用户名称,用于记录浏览者进行身份验证时提供的名称,如果没有登录则为空
# time_local:访问的时间与时区
# request:请求的URL和HTTP协议
# status:记录返回的HTTP状态码
# body_bytes_sent:发送给客户端的文件主体内容的大小
# http_referer:表示是从哪个网站上跳转来的
# http_user_agent:客户端浏览器标识
# http_x_forwarded_for:客户端IP地址列表(包括中间经过的代理IP)
#access_log logs/access.log main;
sendfile on;
tcp_nopush on;
# 优化Nginx静态资源的处理
keepalive_timeout 65;
include /usr/local/nginx/conf/conf.d/*.conf;
}
3.2 配置上游服务器
`文件路径:/usr/local/nginx/conf/conf.d/upstream.conf
upstream wgcloudServer {
server 192.168.65.3:9999 weight=10;
ip_hash;
}
3.3 配置反向代理
`文件路径:/usr/local/nginx/conf/conf.d/proxy.conf
server{
listen 80;
server_name localhost;
charset utf-8;
location / {
proxy_pass http://myApp;
proxy_buffer_size 64k;
proxy_buffers 32 32k;
proxy_busy_buffers_size 128k;
proxy_set_header Host $host;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect default;
proxy_connect_timeout 600s;
proxy_send_timeout 600s;
proxy_read_timeout 600s;
}
location /wgcloud {
proxy_pass http://wgcloudServer;
}
}
3.4 配置SSL证书
1.本地做个域名解析(不做域名解析就用IP进行访问)
`Linux虚拟机:
[root@localhost ~]# vim /etc/hosts
`Windows主机同样修改hosts文件
2.使用Shell脚本一键生成SSL证书(此证书不被CA认可,所以浏览器会报不安全)
#!/bin/bash
if [ ! -f "/bin/openssl" ];then
yum -y install openssl
fi
. /etc/init.d/functions
CERT_INFO=([00]="/O=heaven/CN=ca.god.com" \
[01]="cakey.pem" \
[02]="cacert.pem" \
[03]=2048 \
[04]=3650 \
[05]=0 \
[10]="/C=CN/ST=hubei/L=wuhan/O=Gizaworks/CN=wgcloud.haohe.online" \
[11]="master.key" \
[12]="master.crt" \
[13]=2048 \
[14]=365
[15]=1 \
[16]="master.csr" \
[20]="/C=CN/ST=hubei/L=wuhan/O=Gizaworks/CN=halo.haohe.online" \
[21]="slave.key" \
[22]="slave.crt" \
[23]=2048 \
[24]=365 \
[25]=2 \
[26]="slave.csr" )
COLOR="echo -e \\E[1;32m"
END="\\E[0m"
DIR=/usr/local/nginx/conf/ssl/
cd $DIR
for i in {0..2};do
if [ $i -eq 0 ] ;then
openssl req -x509 -newkey rsa:${CERT_INFO[${i}3]} -subj ${CERT_INFO[${i}0]} \
-set_serial ${CERT_INFO[${i}5]} -keyout ${CERT_INFO[${i}1]} -nodes -days ${CERT_INFO[${i}4]} \
-out ${CERT_INFO[${i}2]} &>/dev/null
else
openssl req -newkey rsa:${CERT_INFO[${i}3]} -nodes -subj ${CERT_INFO[${i}0]} \
-keyout ${CERT_INFO[${i}1]} -out ${CERT_INFO[${i}6]} &>/dev/null
openssl x509 -req -in ${CERT_INFO[${i}6]} -CA ${CERT_INFO[02]} -CAkey ${CERT_INFO[01]} \
-set_serial ${CERT_INFO[${i}5]} -days ${CERT_INFO[${i}4]} -out ${CERT_INFO[${i}2]} &>/dev/null
fi
$COLOR"**************************************生成证书信息**************************************"$END
openssl x509 -in ${CERT_INFO[${i}2]} -noout -subject -dates -serial
echo
done
chmod 600 *.key
action "证书生成完成"
3.5修改配置文件
server{
listen 80;
server_name wgcloud.haohe.online;
charset utf-8;
return 301 https://$host$request_uri;
}
server{
# SSL访问的域名为443
listen 443 default ssl;
# 填写绑定证书的域名
server_name wgcloud.haohe.online;
# 证书文件名称
ssl_certificate /usr/local/nginx/conf/ssl/master.crt;
# 私钥文件名称
ssl_certificate_key /usr/local/nginx/conf/ssl/master.key;
ssl_session_timeout 5m;
#请按照以下协议配置
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location /wgcloud {
# limit_req zone=five burst=10;
error_page 503 /503_api.html;
proxy_pass http://wgcloudServer;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
add_header Strict-Transport-Security "max-age=31536000";
}
access_log /data/log/nginx/https_access.log main;
error_log /data/log/nginx/https_error.log;
}
![[陇剑杯 2021]之Misc篇(NSSCTF)刷题记录⑤](https://img-blog.csdnimg.cn/245cc2864ca747e2a6d68460873daa3e.png)
