How to Install and Monitor services using Netdata Monitoring Tool on Rocky Linux 8
On this page
- Prerequisites
- Step 1 - Configure Firewall
- Step 2 - Install NetData
- Step 3 - Install SSL
- Step 4 - Install and Configure Nginx
- Step 5 - Access and Use Netdata Dashboard
- Step 6 - Configure NetData
- Step 7 - Configure Slack Notifications
- Configure Email Notifications
- Step 8 - Test Notification Channels
- Step 9 - Configure System Monitoring
- Step 10 - Configure Nginx Monitoring
- Step 11 - Configure MySQL/MariaDB Monitoring
- Step 12 - Configure PHP-FPM Monitoring
- Step 13 - Configure Docker Engine and Container Monitoring
- Conclusion
Netdata is an open-source monitoring system for Linux-based operating systems. It provides real-time performance and monitoring using beautiful and detailed dashboards. It offers hundreds of tools to monitor servers, CPU, memory usage, system processes, disk usage, IPv4 and IPv6 networks, system firewall, and applications like Nginx, MySQL, MongoDB, Redis, ElasticSearch, PostgreSQL, PHP-FPM, etc. It integrates with other monitoring tools such as Prometheus, Graphite, Kafka, Grafana, and more.
In this tutorial, you will learn to install and monitor various services using Netdata Tool on a Rocky Linux 8 server. We will use Netdata to track the metrics of a LEMP stack and Docker engine.
Prerequisites
- A server running Rocky Linux 8.
- A non-root user with sudo privileges.
- A Fully Qualified Domain Name (FQDN) like
netdata.example.com
pointing to your server. - A Slack account and workspace for receiving notifications.
- An SMTP account with an email service like Amazon SES or Mailgun.
- Disable SELinux.
Step 1 - Configure Firewall
The first step is to configure the firewall. Rocky Linux uses Firewalld Firewall. Check the firewall's status.
$ sudo firewall-cmd --state running
The firewall works with different zones, and the public zone is the default one that we will use. List all the services and ports active on the firewall.
$ sudo firewall-cmd --permanent --list-services
It should show the following output.
cockpit dhcpv6-client ssh
Allow HTTP and HTTPS ports.
$ sudo firewall-cmd --permanent --add-service=http $ sudo firewall-cmd --permanent --add-service=https
Recheck the status of the firewall.
$ sudo firewall-cmd --permanent --list-services
You should see a similar output.
cockpit dhcpv6-client http https ssh
Reload the firewall to enable the changes.
$ sudo firewall-cmd --reload
Step 2 - Install NetData
Netdata comes with an installer script that can work on any Linux distribution. Run the following command to download and run the installer script.
$ bash <(curl -Ss https://my-netdata.io/kickstart.sh)
You will be asked for your sudo password for enabling sudo privileges. Enter Y
to confirm adding the Netdata repository and installing it on your server.
Netdata installer automatically enables and starts the service. Check the status of the service.
$ sudo systemctl status netdata ? netdata.service - Real time performance monitoring Loaded: loaded (/usr/lib/systemd/system/netdata.service; enabled; vendor preset: disabled) Active: active (running) since Mon 2022-04-11 12:09:12 UTC; 13s ago Main PID: 19443 (netdata) Tasks: 32 (limit: 11412) Memory: 52.0M CGroup: /system.slice/netdata.service ??19443 /usr/sbin/netdata -P /var/run/netdata/netdata.pid -D ??19448 /usr/sbin/netdata --special-spawn-server ??19937 /usr/libexec/netdata/plugins.d/apps.plugin 1 ??19944 /usr/libexec/netdata/plugins.d/go.d.plugin 1 Apr 11 12:09:12 netdata systemd[1]: Started Real time performance monitoring. .......
If your service is not started or enabled, you can do so using the following command.
$ sudo systemctl enable netdata --now
Run the following command to check the open ports and the process using them.
$ sudo ss -plnt
You should get a similar output. Netdata uses port 19999 for its dashboard, seen in the output below. Netdata uses port 8125 to receive statistics from other applications.
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 127.0.0.1:8125 0.0.0.0:* users:(("netdata",pid=22496,fd=29)) LISTEN 0 128 0.0.0.0:19999 0.0.0.0:* users:(("netdata",pid=22496,fd=6)) ...... LISTEN 0 128 [::1]:8125 [::]:* users:(("netdata",pid=22496,fd=28)) LISTEN 0 128 [::]:19999 [::]:* users:(("netdata",pid=22496,fd=7))
Step 3 - Install SSL
To install an SSL certificate using Let's Encrypt, we need to install the Certbot tool.
Firstly, you need to download and install the EPEL repository.
$ sudo dnf install epel-release
Run the following commands to install Certbot.
$ sudo dnf install certbot
Generate the SSL certificate.
$ sudo certbot certonly --standalone --agree-tos --no-eff-email --staple-ocsp --preferred-challenges http -m [email protected] -d netdata.example.com
The above command will download a certificate to the /etc/letsencrypt/live/netdata.example.com
directory on your server.
Generate a Diffie-Hellman group certificate.
$ sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
Create a challenge web root directory for Let's Encrypt auto-renewal.
$ sudo mkdir -p /var/lib/letsencrypt
Create a Cron Job to renew the SSL. It will run every day to check the certificate and renew it if needed. For that, first, create the file /etc/cron.daily/certbot-renew
and open it for editing.
$ sudo nano /etc/cron.daily/certbot-renew
Paste the following code.
#!/bin/sh certbot renew --cert-name netdata.example.com --webroot -w /var/lib/letsencrypt/ --post-hook "systemctl reload nginx"
Save the file by pressing Ctrl + X and entering Y when prompted.
Change the permissions on the task file to make it executable.
$ sudo chmod +x /etc/cron.daily/certbot-renew
Step 4 - Install and Configure Nginx
We will be installing the latest version of Nginx. Create and open the file /etc/yum.repos.d/nginx.repo
for editing.
$ sudo nano /etc/yum.repos.d/nginx.repo
Paste the following lines in it.
[nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true [nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true
Save the file by pressing Ctrl + X and entering Y when prompted.
Install Nginx and HTTPD tools.
$ sudo dnf install nginx httpd-tools
Verify the installation.
$ nginx -v nginx version: nginx/1.20.2
Enable and start the Nginx service.
$ sudo systemctl enable nginx --now
Create and open the file /etc/nginx/conf.d/netdata.conf
for editing.
$ sudo nano /etc/nginx/conf.d/netdata.conf
Paste the following code in it.
# Define netdata upstream upstream netdata { server 127.0.0.1:19999; keepalive 64; } # Redirect all non-encrypted to encrypted server { listen 80; listen [::]:80; server_name netdata.example.com; return 301 https://netdata.example.com$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name netdata.example.com; ssl_certificate /etc/letsencrypt/live/netdata.example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/netdata.example.com/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/netdata.example.com/chain.pem; ssl_session_timeout 1d; ssl_session_cache shared:MozSSL:10m; ssl_session_tickets off; ssl_prefer_server_ciphers off; ssl_stapling on; ssl_stapling_verify on; ssl_dhparam /etc/ssl/certs/dhparam.pem; resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001] 8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844] valid=60s; resolver_timeout 2s; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; access_log /var/log/nginx/netdata.example.com.access.log main; error_log /var/log/nginx/netdata.example.com.error.log; location / { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_pass http://netdata; proxy_http_version 1.1; proxy_pass_request_headers on; proxy_set_header Connection "keep-alive"; proxy_store off; auth_basic "NetData Private Area"; auth_basic_user_file /etc/nginx/.htpasswd; } }
Once finished, save the file by pressing Ctrl + X and entering Y when prompted.
Open the file /etc/nginx/nginx.conf
for editing.
$ sudo nano /etc/nginx/nginx.conf
Add the following line before the line include /etc/nginx/conf.d/*.conf;
.
server_names_hash_bucket_size 64;
Save the file by pressing Ctrl + X and entering Y when prompted.
Run the following command to generate a password file to enable HTTP authentication.
$ sudo htpasswd -c /etc/nginx/.htpasswd netadmin New password: Re-type new password: Adding password for user netadmin
Verify the Nginx configuration file syntax.
$ sudo nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Restart the Nginx service to enable the new configuration.
$ sudo systemctl restart nginx
Step 5 - Access and Use Netdata Dashboard
You should be able to access Netdata via the URL https://netdata.example.com
. The first time you access it, you will be prompted for your HTTP authentication details.
You will get the following dashboard.
Check the box Remember my choice and click the button Later, stay at the agent dashboard to dismiss the popup.
You can pause, stop and start the monitoring anytime using the Play button on the dashboard.
You can access various dashboards by clicking on the options from the right sidebar. Click the UTC button and select the correct timezone to change it.
Step 6 - Configure NetData
Netdata stores its main configuration in the /etc/netdata/netdata.conf
file. You can view these settings by visiting the URL https://netdata.example.com/netdata.conf
in your browser.
The file is divided into various sections, such as [global], [web], [registry], and more. The default configuration is enough to get us started. Netdata collects data using two types of plugins:
- internal plugins are written in C language and run as threads inside the
netdata
daemon. - external plugins are written in various languages, including Python, Go, etc. and are spawned as long-running independent processes by the
netdata
daemon. They communicate with the Netdata daemon usingpipes
.
Configure NetData Memory Usage
NetData's RAM usage is decided based on the time you want to keep the recorded chart data before it gets lost.
- 3600 seconds or 1 hour of chart data retention uses 15 MB of RAM.
- 7200 seconds or 2 hours of chart data retention uses 30 MB of RAM.
- 14400 seconds or 4 hours of chart data retention uses 60 MB of RAM.
Every time you double the chart data retention time, the RAM requirement also doubles. These RAM requirements are based on the number of charts in use by the stock dashboard. Adding more charts and applications will change these estimates.
Open the Netdata configuration file.
$ sudo nano /etc/netdata/netdata.conf
Enter the line history = 14400
under the [global]
section.
[global] .. history = 14400 ..
Save the file by pressing Ctrl + X and entering Y when prompted.
Turn off Telemetry
By default, Netdata collects anonymous usage information using a product analytics platform, Posthog. Every time the Netdata daemon is started or stopped, Netdata uses the anonymous statistics script to collect the following system information and send it to itself.
- Netdata version
- OS name, version, id, id_like
- Kernel name, version, architecture
- Virtualization technology
- Containerization technology
- Additional information about Netdata client failures.
Fortunately, you can opt-out of this. Create an empty file called .opt-out-from-anonymous-statistics
in the Netdata directory.
$ sudo touch /etc/netdata/.opt-out-from-anonymous-statistics
Restart Netdata to enable the change.
$ sudo systemctl restart netdata
Long term storage
Netdata uses your system's RAM and disk to store historical data by default. The default Netdata process collects around 2000 metrics per second, which means the default configuration will store about two days' worth of metrics on the RAM and disk.
To store more metrics, you have the following two options:
- Configure Netdata to use more RAM and disk space
- Archive the metrics to an external database
We will only discuss the first option in this tutorial. For the second option, you should refer to Netdata's official documentation.
Configure Netdata to use more RAM and disk space
Open the file /etc/netdata/netdata.conf
for editing.
$ sudo nano /etc/netdata/netdata.conf
Paste the following lines under the [global]
section.
[global] ... memory mode = dbengine page cache size = 32 dbengine disk space = 256
Save the file by pressing Ctrl + X and entering Y when prompted.
The page cache size determines the amount of RAM used, and the dbengine disk space
determines the disk usage. By default, Netdata uses 32 MB of RAM and 256 MB of disk space. You can uncomment these values and change either of the two values to your liking.
You can use Netdata's Storage Metric calculator to decide how much RAM and disk space you need.
Reduce Collection Frequency
You can optimize Netdata's performance by increasing the time between metrics collection. By default, Netdata collects metrics every second.
To change that, open the Netdata configuration file for editing.
$ sudo nano /etc/netdata/netdata.conf
Enter the following line under the [global]
section. This increases the frequency to 5 seconds.
[global] ... update every = 5
Save the file by pressing Ctrl + X and entering Y when prompted.
Step 7 - Configure Slack Notifications
The first step is to create a Slack application and connect it to a specific channel in your workspace to configure Slack Notifications.
Visit the Slack API page and click on the Create App button to start creating an application.
Click on From Scratch link to create the app.
Select a name for your app and choose the workspace where you want your App to appear. If you don't want to associate your app with the existing workspace, you can create another one and come back to this step.
Open the Incoming Webhook page by selecting the option under the Features menu from the left sidebar, and then activate the webhook.
Click the Add New Webhook to Workspace button at the bottom of the page and select your workspace and the target channel for notifications.
Click the Allow button to proceed. Return to the Incoming Webhooks page and copy the Webhook URL.
Return to the terminal and switch to the /etc/netdata
directory.
$ cd /etc/netdata
Netdata provides a edit-config
script to edit and create Netdata configuration files. Run the following file to create and open the file health_alarm_notify.conf
using your system's default editor.
$ sudo ./edit-config health_alarm_notify.conf
Scroll down to the following section.
# Enable slack notification SEND_SLACK="YES" # Select the slack webhook SLACK_WEBHOOK_URL="https://hooks.slack.com/services/xxxxxxx" # Default channel for notification DEFAULT_RECIPIENT_SLACK="notifications"
Ensure that the variable SEND_SLACK
is set to yes. Paste the copied webhook URL to the SLACK_WEBHOOK_URL
variable. Enter the name of your channel for the DEFAULT_RECIPIENT_SLACK
variable.
If your editor is Vim, press the Escape key to exit editing, type :x and press the Enter key to save the file and exit the editor.
If your editor is Nano, save the file by pressing Ctrl + X and entering Y when prompted.
Restart Netdata to apply the changes.
$ sudo systemctl restart netdata
Configure Email Notifications
Netdata uses sendmail
by default to send email notifications but managing an email server is not an easy task. Netdata doesn't support SMTP, but you can install a package called msmtp
client. It allows you to send mail to an SMTP server.
Install msmtp
.
$ sudo dnf install msmtp
Create and open the configuration file for msmtp
.
$ sudo nano /etc/msmtprc
Paste the following code in it.
# Set default values for all following accounts. defaults # Use the mail submission port 587 instead of the SMTP port 25. port 587 # Always use TLS. tls on # The SMTP server of your ISP account ses host email-smtp.<location>.amazonaws.com from [email protected] auth on user <yoursesusername> password <yoursespassword> # Set default account to isp account default: ses
Save the file by pressing Ctrl + X and entering Y when prompted.
Open the file /etc/netdata/health_alarm_notify.conf
for editing.
$ sudo nano /etc/netdata/health_alarm_notify.conf
Scroll down to the following section and enter the path to the msmtp
.
# external commands # The full path to the sendmail command. # If empty, the system $PATH will be searched for it. # If not found, email notifications will be disabled (silently). sendmail="/usr/bin/msmtp"
Locate the following section and enter the details of the sender and receiver and ensure that email sending is enabled.
# email global notification options # multiple recipients can be given like this: # "[email protected] [email protected] ..." # the email address sending email notifications # the default is the system user netdata runs as (usually: netdata) # The following formats are supported: # EMAIL_SENDER="user@domain" # EMAIL_SENDER="User Name <user@domain>" # EMAIL_SENDER="'User Name' <user@domain>" # EMAIL_SENDER="\"User Name\" <user@domain>" EMAIL_SENDER="Server Admin <[email protected]>" # enable/disable sending emails SEND_EMAIL="YES" # if a role recipient is not configured, an email will be send to: DEFAULT_RECIPIENT_EMAIL="[email protected]" # to receive only critical alarms, set it to "root|critical"
Save the file by pressing Ctrl + X and entering Y when prompted.
Step 8 - Test Notification Channels
Let us test if the Slack notifications work.
Log in as the system user netdata
created during installation.
$ sudo su -s /bin/bash netdata
Run the Alarm notification script to send a test notification.
$ /usr/libexec/netdata/plugins.d/alarm-notify.sh test
Exit the user.
$ exit.
Open your Slack application, and you should have received the following alerts.
You should also get three emails about the test warnings.
Step 9 - Configure System Monitoring
Now that we have configured and tested notifications, let us configure and test notifications for the system, like CPU usage.
Run the following commands to create and open the CPU configuration file.
$ cd /etc/netdata $ sudo ./edit-config health.d/cpu.conf
Change the values of the warn and crit options under the 10min_cpu_usage as shown below.
warn: $this > (($status >= $WARNING) ? (60) : (70)) crit: $this > (($status == $CRITICAL) ? (75) : (85))
Save the file and exit the editor.
The above setting will send a warning if the CPU usage falls between 60 and 70% and a critical warning when the CPU usage falls between 75 and 85%.
Restart the Netdata service.
$ sudo systemctl restart netdata
Let us test the setting by installing the Stress application.
$ sudo dnf install stress
Run the following command to spike the CPU usage of your server.
$ stress --cpu 2
Leave the command running for 5-10 minutes, and you will receive High CPU usage messages. Once you receive those messages, return to the terminal and exit the command by pressing Ctrl + Z.
After stopping the service, you will receive a CPU recovered notification on Slack.
Step 10 - Configure Nginx Monitoring
One of the most commonly monitored apps using Netdata is the server and SQL packages. Let's monitor the Nginx server using Netdata.
To enable the monitoring of the Nginx server, we need to use the ngx_http_stub_status_module
. It usually comes pre-installed with Nginx. You can check if the module is present.
$ nginx -V 2>&1 | grep -o with-http_stub_status_module with-http_stub_status_module
If you get no response, it means your Nginx installation doesn't support the feature. You will need to compile Nginx in that case.
Open the Nginx's default configuration file /etc/nginx/conf.d/default.conf
for editing. The file's location is different because we installed Nginx from its official repository. If you are installing Nginx from the OS's repository, then the location for the file will be /etc/nginx/nginx.conf
.
$ sudo nano /etc/nginx/conf.d/default.conf
Enter the following code inside the server block before the last closing curly bracket.
# Enable module stub_status location /stub_status { stub_status; allow 127.0.0.1; #only allow requests from localhost deny all; #deny all other hosts }
Save the file by pressing Ctrl + X and entering Y when prompted.
Verify the Nginx configuration.
$ sudo nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Restart the Nginx server.
$ sudo systemctl restart nginx
Restart the Netdata service.
$ sudo systemctl restart netdata
You should see Nginx connection details in your Netdata dashboard.
Monitor Nginx Logs
Netdata can also monitor Nginx access logs. To do that, switch to the Netdata directory.
$ cd /etc/netdata
Run the following command to generate a configuration file for monitoring Access Logs.
$ sudo ./edit-config python.d/web_log.conf
Scroll to the bottom of the file and find the following section.
# ------------------------------------------- # nginx log on various distros # debian, arch nginx_log: name: 'nginx' path: '/var/log/nginx/access.log' # gentoo nginx_log2: name: 'nginx_site' path: '/var/log/nginx/localhost.access_log'
Change the path to monitor respective log files. You can add as many sections to monitor as many hosts and their access log files. Our configuration file looks like the following.
# ------------------------------------------- # nginx log on various distros # debian, arch nginx_log: name: 'nginx' path: '/var/log/nginx/access.log' nginx_log2: name: 'nginx_site1' path: '/var/log/nginx/site1.access_log' nginx_log3: name: 'nginx_site2' path: '/var/log/nginx/site2.access_log' nginx_log4: name: 'nginx_site3' path: '/var/log/nginx/site3.access_log'
Save and exit the editor.
To access the log files, Netdata needs permissions to access the directory. By default, the adm
system group has permission to access the log files. To give Netdata access, we need to add the netdata
user to the adm
group.
$ sudo usermod -aG adm netdata
Restart Nginx and the Netdata service.
$ sudo systemctl restart nginx netdata
Reload the Netdata dashboard to view your log file data.
Step 11 - Configure MySQL/MariaDB Monitoring
We will install MariaDB for our tutorial. The steps remain the same if you are using a MySQL server.
Add the repository for MariaDB 10.6.
$ sudo nano /etc/yum.repos.d/MariaDB.repo
Paste the following code in it.
# MariaDB 10.6 CentOS repository list - created 2022-04-12 11:12 UTC # https://mariadb.org/download/ [mariadb] name = MariaDB baseurl = https://download.nus.edu.sg/mirror/mariadb/yum/10.6/centos8-amd64 module_hotfixes=1 gpgkey=https://download.nus.edu.sg/mirror/mariadb/yum/RPM-GPG-KEY-MariaDB gpgcheck=1
Save the file by pressing Ctrl + X and entering Y when prompted.
Install MariaDB.
$ sudo dnf install MariaDB-server
Enable the MariaDB server.
$ sudo systemctl enable mariadb
Start the MySQL secure installation script. The file name is different in the case of MariaDB.
$ sudo mariadb-secure-installation .... Enter current password for root (enter for none): (Press Enter) .... Switch to unix_socket authentication [Y/n] Y (Type Y and Press Enter) .... Change the root password? [Y/n] Y (Type Y and Press Enter) New password: Re-enter new password: Password updated successfully! .... Remove anonymous users? [Y/n] Y (Type Y and Press Enter) .... Disallow root login remotely? [Y/n] Y (Type Y and Press Enter) .... Remove test database and access to it? [Y/n] Y (Type Y and Press Enter) .... Reload privilege tables now? [Y/n] Y (Type Y and Press Enter) .... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB!
Open the /etc/my.cnf.d/server.cnf
file for editing.
$ sudo nano /etc/my.cnf.d/server.cnf
Find the [mariadb]
section in the file and paste the following line as shown below to enable the Userstats plugin. This setting works only on MariaDB and not on the MySQL server.
[mariadb] userstat = 1
Save the file by pressing Ctrl + X and entering Y when prompted.
Start the MariaDB server.
$ sudo systemctl start mariadb
Restart the Netdata service.
$ sudo systemctl restart netdata
The MariaDB/MySQL dashboard should start appearing in the Netdata dashboard.
Step 12 - Configure PHP-FPM Monitoring
You can monitor one or more PHP-FPM instances using Netdata. For our tutorial, we will install PHP 8.0 and then enable its monitoring.
We will install PHP using the Remi repository. We already installed the EPEL repo in step 3. Install the Remi repository.
$ sudo dnf install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
Check for available PHP streams.
$ dnf module list php -y Last metadata expiration check: 0:00:12 ago on Fri 03 Dec 2021 09:39:32 AM UTC. Rocky Linux 8 - AppStream Name Stream Profiles Summary php 7.2 [d] common [d], devel, minimal PHP scripting language php 7.3 common [d], devel, minimal PHP scripting language php 7.4 common [d], devel, minimal PHP scripting language Remi's Modular repository for Enterprise Linux 8 - x86_64 Name Stream Profiles Summary php remi-7.2 common [d], devel, minimal PHP scripting language php remi-7.3 common [d], devel, minimal PHP scripting language php remi-7.4 common [d], devel, minimal PHP scripting language php remi-8.0 common [d], devel, minimal PHP scripting language php remi-8.1 common [d], devel, minimal PHP scripting language Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
The default version is 7.2. Enable Remi's PHP 8.0 repository.
$ sudo dnf module reset php -y $ sudo dnf module enable php:remi-8.0
Next, install PHP and its extensions required by Firefly III. The php
package contains several dependencies that Firefly III requires, so make sure you include them.
$ sudo dnf install php php-fpm php-mbstring php-xml php-curl php-mysqlnd php-zip php-intl php-bcmath php-gd php-ldap php-cli
Verify the installation.
$ php --version PHP 8.0.16 (cli) (built: Feb 15 2022 21:34:32) ( NTS gcc x86_64 ) Copyright (c) The PHP Group Zend Engine v4.0.16, Copyright (c) Zend Technologies with Zend OPcache v8.0.16, Copyright (c), by Zend Technologies
Configure PHP
Open the file /etc/php-fpm.d/www.conf
.
$ sudo nano /etc/php-fpm.d/www.conf
We need to set the Unix user/group of PHP processes to nginx. Find the user=www-data
and group=www-data
lines in the file and change them to nginx
.
... ; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. ; RPM: apache user chosen to provide access to the same directories as httpd user = nginx ; RPM: Keep a group allowed to write in log dir. group = nginx ...
Scroll down the file to locate the ;pm.status_path = /status
option. Uncomment the line by removing the semi-colon in front of it, as shown below.
; Note: There is a real-time FPM status monitoring sample web page available ; It's available in: @EXPANDED_DATADIR@/fpm/status.html ; ; Note: The value must start with a leading slash (/). The value can be ; anything, but it may not be a good idea to use the .php extension or it ; may conflict with a real PHP file. ; Default Value: not set pm.status_path = /status
Save the file by pressing Ctrl + X and entering Y when prompted.
Enable and start the PHP service.
$ sudo systemctl enable php-fpm --now
Add PHP Settings to Nginx
Open the Nginx's default configuration file /etc/nginx/conf.d/default.conf
for editing.
$ sudo nano /etc/nginx/conf.d/default.conf
Enter the following code inside the server block before the last closing curly bracket.
# define PHP-FPM monitoring location ~ ^/(status|ping)$ { allow 127.0.0.1; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_index index.php; include fastcgi_params; fastcgi_pass unix:/run/php-fpm/.sock; # Depends on the PHP Version and OS Distro }
Save the file by pressing Ctrl + X and entering Y when prompted.
Verify the Nginx configuration.
$ sudo nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Restart the Nginx server.
$ sudo systemctl restart nginx
Restart the Netdata service.
$ sudo systemctl restart netdata
Reload the Netdata dashboard, and you should see the PHP-FPM stats.
Step 13 - Configure Docker Engine and Container Monitoring
Netdata can monitor both the Docker engine and Docker containers. It can also monitor apps running inside these containers, but we won't be covering it in this tutorial.
Let us install Docker first.
$ sudo dnf install yum-utils $ sudo yum-config-manager \ --add-repo \ https://download.docker.com/linux/centos/docker-ce.repo $ sudo dnf install docker-ce docker-ce-cli containerd.io
Enable and start the Docker service.
$ sudo systemctl enable docker --now
To monitor the Docker engine, you need to enable the metrics feature of Docker.
Create and open the file /etc/docker/daemon.json
for editing.
$ sudo nano /etc/docker/daemon.json
Paste the following code in it.
{ "metrics-addr" : "127.0.0.1:9323", "experimental" : true }
Save the file by pressing Ctrl + X and entering Y when prompted.
Restart the Netdata and Docker services.
$ sudo systemctl restart docker netdata
Load the Netdata dashboard again, and you can see the Docker statistics.
You will see another entry named Prometheus Metrics
on your dashboard because the metrics option was made for the Prometheus dashboard.
The next step is to monitor the Docker container. Netdata uses control groups, referred to as cgroups
to monitor Docker containers. Control groups is a Linux feature that limits and tracks the resource usage of a collection of processes, in this case, containers. If you have Docker containers running when you install Netdata, they are automatically tracked. However, if you run a container after installing Netdata, you need to restart it.
Run a test container.
$ docker container run -d nginx
Check the status of the container.
$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 938b2cf30927 nginx "/docker-entrypoint.…" 3 seconds ago Up 2 seconds 80/tcp pensive_lovelace
The container's name is tender_murdock
as shown. Since the container has been started after installing Netdata, restart the service.
$ sudo systemctl restart netdata
Load the Dashboard, and you should be able to see the Container stats.
Conclusion
This concludes our tutorial on installing and using the Netdata monitoring system to monitor various apps like Nginx, MySQL, PHP-FPM, and Docker on a Rocky Linux server. If you have any questions, post them in the comments below.