Dave Bullock / eecue

photographer, director of engineering: crowdrise, photojournalist, hacker, nerd, geek, human


Cacti: Qmail and Djbdns Graphing Templates

Recently I created two templates for Cacti, the open source server resource graphing application. I have been using Cacti for years, but there were a few things that I was not able to find graphing solutions for.

Qmail is an open source, light-weight and secure email server written by Dan Bernstein. I have also been using qmail for years, but until recently I had no way of graphing its traffic. I found this helpful bit of code on Howie's Stuff which helped me get the raw data I needed from qmailmrtg. After I got that working I started out with this template, which mostly worked. I then created a complex graph and exported the template for it which I posted here. The results can be seen in the graph below.

Cacti Qmail Graph

A Cacti/rrdtool graph showing various information about a qmail server that I run.

The next service that I was unable to find a Cacti graphing solution for was djbdns. Djbdns is a lightweight and secure DNS daemon, also written by Dan Bernstein. Jeremey Kister wrote a great script called djbdns-stats for parsing the djbdns logs and presenting data in the perfect format for Cacti to undertand. I took the djbdns-stats output and created an input and graph (below) template for Cacti, which I then shared on the Cacti site.

Cacti Tinydns Graph

A Cacti/rrdtool graph showing dns usage on my djbdns server.

I have found Cacti to be an extremely useful application over the years. I am greatly looking forward to the next release which will incorporate the helpful Cactiusers plugin framework.

Cacti Tinydns Graph Cacti Qmail Graph

Secure Cacti with Net-SNMP and SSH Tunnels

So I finally got around to setting up cacti/snmp on my servers. Here is what I did:

  1. Installed cacti on the main monitoring server which we'll call slappy. I used the FreeBSD port of cacti. Slappy already had php/mysql/apache installed.
  2. Added a user snmp to slappy and then I generated keys using ssh-keygen for each of the servers that slappy would be monitoring.
  3. On each of the servers that slappy would be monitoring I installed net-snmp from the ports tree and configured it to run over tcp on and then I added a user snmp with a nologin shell and without password authentication as I will just be using snmp to create a tunnel to the snmpd process that will be running on localhost.
  4. Back on slappy I su'ed to the snmp user and created a shell script that would set up the tunnels to each of the servers using a command like this: ssh -i ~/.ssh/keys/hostname -f -N -L 16101: hostname and then added the script as a cronjob.
  5. Finally I added all the servers to cacti using the basic built-in net-snmp support as well as a couple of qmail and mysql scripts.

So I now have a nice collection of graphs for traffic / disk space / processor, memory and mysql load.


cacti for rrg setup

after setting up my secure snmp network i needed something to parse the data with. MRTG is too basic so i opted for rrg. I used the software package called cacti. It's very nice.