Cacti: SNMP Monitoring Without All the Prickles
As our fetish for monitoring tools begins to subside, we realize that one of the neatest monitoring tools available has nearly been forgotten. Cacti is “a complete frontend to RRDTool,” as they say, which makes SNMP and script-based monitoring very worthwhile. In this article we’d like to talk a bit about Cacti and how it can be used to create some excitingly useful graphs of various data.
Many administrators, before implementing something like Cricket or Cacti, opt to write their own scripts for monitoring a few basic aspects of certain hosts. For example, it isn’t uncommon for administrators to run a script from cron to verify that a certain troublesome service hasn’t died again. Often, the number of scripts set upon these tasks will grow as the organization grows. Then people start looking for a better solution.
Some solutions are basically a frontend for your scripts, and some will have their own mechanisms to check certain aspects of your infrastructure. Nagios is a good example of the latter, as it does implement many “service checks” out of the box. Cacti also implements its own mechanisms for checking many things, but it also acts as a frontend for your scripts, very much like Nagios does. Cacti graphs can be generated based on data that you gather, but you do have to provide the RRD syntax to create the graphs for any custom data. Don’t mistake this flexibility for weakness; Cacti can also monitor many things automatically.
Cacti has built-in SNMP capabilities. It is capable of polling all SNMP-capable devices on your network, and adding the information you've selected to graphs. In its simplest form, Cacti will give you the ability to add a graph for the most common aspects of host monitoring (disk space, load average, memory usage, etc) and network monitoring (bytes in/out of an interface). This is all very simple to set up, and, amazingly for open source software, you don’t have to edit configuration files. Setting up basic graphs is done all through the Web interface.
Now that the initial excitement has passed, let’s discover how this system really works.
Cacti is PHP-based. Yes, that means it has security problems, but Cacti is well written and there have only been a few infrequent, minor security issues. The data used to generate these RRD graphs is stored in a MySQL database. Cacti itself is capable of firing off the data collection. Having all these features inside one application, with a Web frontend to administer them, provides a very slick and easy-to-configure monitoring solution.
Installing Cacti is quite easy, once you have the required tools. The list includes: Apache with PHP, MySQL, net-snmp, rrdtool and Cacti itself. The install process is also straightforward: Just follow the step-by-step instructions on their website. As with most MySQL-enabled applications, Cacti provides a default database template and instructions for creating the new Cacti database. Do make sure to run Cacti (the poller portion, from cron) as a different user than your Web server runs as, and don’t make it root.
Once configured, you’re encouraged to login to the Cacti Web page for the first time. Once there, you can add users, which is a good idea. A common configuration is to allow everyone to view the graphs with no authentication, and require authentication for the administrator functions. Cacti is very flexible, remember, and the user management portion doesn’t skimp. You can define users, and their access levels pertaining to specific sets of graphs or single graphs. This means you can allow your boss to see traffic graphs, but deny him access to the more specific server-monitoring graphs.
So it’s apparent that Cacti has graphs, but a perhaps mysterious function is graph templates. Templates allow you to group together graphs that share some common characteristics. This is normally used for management simplification, because all changes made to the template will affect all graphs that use the defined template. Likewise, all permissions applied to a template will affect all graphs that use the template.
Once you create graphs, and optionally graph templates, you’ll immediately see why Cacti makes this easy. If you’ve ever used RRD graphs before, you know how tedious the configuration is. Cacti allows you to change the graph scale, color, limits, and just about everything else RRD-related from the Web interface. We found ourselves setting up tons of graphs, for the most trivial monitoring, because it was so dang fun and easy. This may be the first time in history anyone has ever described RRD graphs as fun and easy, unless they were referring to Cacti.
Another amazing aspect of Cacti, is that its developers understand that not every deployment is created equal. Too many open source applications don’t take into consideration large-scale deployment. Included in the Cacti distribution is cactid, a data collection daemon written in C. The PHP-based collection that’s used by default can become a bottleneck if Cacti is polling hundreds of devices, so cactid was contrived. Cacti’s creator recommends using cactid as the poller if the PHP Cacti polling program starts to take too long to gather all of your data before another instance starts. This is an excellent solution, since the alternative would simply be “don’t poll as often.”
In summary, Cacti is great.
The Web frontend enables seamless configuration of monitoring. The Web pages are also very nice looking, which shouldn’t be taken for granted. Yes, you have to run an SNMP daemon on all your hosts, but enabling that is quite easy for the majority of devices and operating systems. Most people use Cacti to get trend-based data, along with Nagios to send notices and monitor real-time data. Nagios even has a plugin to allow your Cacti graphs to be integrated. Being able to see a graph of your web server’s virtual memory usage, for example, is pivotal to effectively managing servers. Abilities such as these are unique to Cacti; so fulfill your yearnings and statistics gathering needs with Cacti.