How To Install Cacti on Rocky Linux 10

Network monitoring has become essential for modern IT infrastructure management. Cacti stands out as one of the most reliable open-source network monitoring solutions available today. This comprehensive guide walks through installing Cacti on Rocky Linux 10, ensuring you have a robust monitoring platform ready for production use.

What is Cacti and Why Use It?

Cacti represents a powerful web-based network monitoring and graphing tool designed to harness the capabilities of RRDTool’s data logging and graphing functionality. Built specifically for network administrators and system engineers, this sophisticated platform provides comprehensive SNMP-based data collection capabilities that enable real-time monitoring of network devices, servers, and applications.

The platform excels at creating detailed performance graphs and reports from collected data. Network professionals appreciate Cacti’s intuitive web interface, which simplifies complex monitoring tasks while maintaining enterprise-grade functionality.

Why Rocky Linux 10 is Perfect for Cacti

Rocky Linux 10 delivers enterprise-grade stability with complete Red Hat Enterprise Linux compatibility. This community-driven distribution provides the perfect foundation for critical monitoring infrastructure. The distribution offers long-term support, regular security updates, and proven reliability that network monitoring systems demand.

Additionally, Rocky Linux 10 includes modern package management tools, enhanced security features, and optimized performance characteristics. These advantages make it an ideal choice for hosting mission-critical monitoring applications like Cacti.

This guide provides everything needed to deploy a production-ready Cacti installation. You’ll learn proper configuration techniques, security best practices, and troubleshooting methods that ensure reliable network monitoring capabilities.

Prerequisites and System Requirements

Hardware Requirements for Optimal Performance

Successful Cacti deployment requires adequate system resources to handle data collection, processing, and web interface operations. Minimum hardware specifications include 2 GB of RAM for basic monitoring operations, though 4-8 GB provides better performance for production environments monitoring multiple devices.

Storage requirements depend on monitoring scope and data retention policies. Plan for at least 20 GB of available disk space for the initial installation, with additional capacity for RRD database growth over time. Network connectivity must support SNMP communications with monitored devices.

Consider CPU performance when planning for large-scale deployments. Multi-core processors handle concurrent data collection tasks more efficiently, especially when monitoring hundreds of network devices simultaneously.

Software Prerequisites and Dependencies

Rocky Linux 10 installation should be completed with root or sudo administrative privileges. Basic Linux command-line knowledge helps navigate configuration tasks and troubleshooting scenarios. Network configuration must be functional with proper DNS resolution and routing.

Essential software components include Apache web server for the monitoring interface, MySQL or MariaDB database backend for data storage, and PHP 7.4 or newer with required extensions. SNMP tools and RRDTool packages provide core monitoring functionality.

Understanding these dependencies before beginning installation prevents common configuration issues and ensures smooth deployment.

System Preparation and Initial Setup

Initial System Configuration

Begin by updating the Rocky Linux 10 system to ensure all security patches and package updates are applied. Run the following commands to update the system package repository and install available updates:

sudo dnf update -y
sudo reboot

Configure the system hostname to reflect its role as a monitoring server. Use a descriptive name that identifies the server’s purpose within your network infrastructure:

sudo hostnamectl set-hostname cacti-monitor.yourdomain.com

Verify the hostname change by checking the system configuration:

hostnamectl status

Firewall and Security Preparation

Rocky Linux 10 includes firewalld for network security management. Configure initial firewall rules to prepare for web server and monitoring traffic:

sudo systemctl enable firewalld
sudo systemctl start firewalld
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload

SELinux provides additional security layers for Rocky Linux systems. Verify SELinux is enabled and configured appropriately:

sestatus

Consider creating dedicated user accounts for service management and maintenance tasks. This practice enhances security by limiting administrative access to necessary personnel only.

Network Configuration Optimization

Configure static IP addressing if required for your monitoring infrastructure. Static addressing ensures consistent access to the Cacti web interface and reliable SNMP communications with monitored devices.

Edit the network configuration file to set static addressing:

sudo nmcli connection modify "System eth0" ipv4.addresses 192.168.1.100/24
sudo nmcli connection modify "System eth0" ipv4.gateway 192.168.1.1
sudo nmcli connection modify "System eth0" ipv4.dns 8.8.8.8,8.8.4.4
sudo nmcli connection modify "System eth0" ipv4.method manual
sudo nmcli connection up "System eth0"

Verify network connectivity and DNS resolution function correctly before proceeding with software installation.

Installing Dependencies and Core Components

Repository Configuration and Management

Rocky Linux 10 requires additional repositories for Cacti and related packages. Install the EPEL (Extra Packages for Enterprise Linux) repository to access required software:

sudo dnf install epel-release -y
sudo dnf update -y

Verify repository configuration and package availability:

sudo dnf repolist
sudo dnf search cacti

Configure DNF package manager for optimal performance by enabling fastest mirror selection and parallel downloads:

echo 'fastestmirror=true' | sudo tee -a /etc/dnf/dnf.conf
echo 'max_parallel_downloads=10' | sudo tee -a /etc/dnf/dnf.conf

Apache Web Server Installation and Configuration

Install Apache HTTP server to provide the web interface for Cacti monitoring platform:

sudo dnf install httpd -y
sudo systemctl enable httpd
sudo systemctl start httpd

Configure Apache for optimal Cacti performance by editing the main configuration file:

sudo nano /etc/httpd/conf/httpd.conf

Add or modify these directives for better performance:

ServerTokens Prod
ServerSignature Off
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15

Create a dedicated virtual host configuration for Cacti:

sudo nano /etc/httpd/conf.d/cacti.conf

Add the following virtual host configuration:

<VirtualHost *:80>
    DocumentRoot /usr/share/cacti
    ServerName cacti-monitor.yourdomain.com
    
    <Directory /usr/share/cacti>
        DirectoryIndex index.php
        AllowOverride All
        Require all granted
    </Directory>
    
    ErrorLog /var/log/httpd/cacti_error.log
    CustomLog /var/log/httpd/cacti_access.log combined
</VirtualHost>

Restart Apache to apply configuration changes:

sudo systemctl restart httpd

Database Server Setup and Configuration

MariaDB provides reliable database backend services for Cacti data storage. Install and configure MariaDB server:

sudo dnf install mariadb-server mariadb -y
sudo systemctl enable mariadb
sudo systemctl start mariadb

Secure the MariaDB installation by running the security script:

sudo mysql_secure_installation

Follow the prompts to set a strong root password, remove anonymous users, disable remote root login, and remove test databases.

Configure MariaDB for optimal Cacti performance by editing the configuration file:

sudo nano /etc/my.cnf.d/mariadb-server.cnf

Add these optimization settings under the [mysqld] section:

[mysqld]
max_connections = 100
max_heap_table_size = 128M
tmp_table_size = 128M
join_buffer_size = 64M
innodb_buffer_pool_size = 512M
innodb_log_file_size = 64M
innodb_flush_log_at_trx_commit = 2
innodb_lock_wait_timeout = 50

Restart MariaDB to apply performance optimizations:

sudo systemctl restart mariadb

PHP Installation and Extension Configuration

Install PHP and required extensions for Cacti functionality:

sudo dnf install php php-mysql php-snmp php-xml php-ldap php-mbstring php-gd php-gmp php-intl php-json php-posix php-cli -y

Configure PHP settings for optimal Cacti performance by editing the configuration file:

sudo nano /etc/php.ini

Modify these important PHP settings:

memory_limit = 512M
max_execution_time = 60
max_input_time = 60
max_input_vars = 1000
post_max_size = 16M
upload_max_filesize = 16M
date.timezone = America/New_York

Create a PHP info file to verify the installation:

echo "<?php phpinfo(); ?>" | sudo tee /var/www/html/info.php

Restart Apache to load PHP modules:

sudo systemctl restart httpd

Database Configuration for Cacti

Database Creation and User Management

Access the MariaDB command line interface to create the Cacti database and user account:

sudo mysql -u root -p

Create a dedicated database for Cacti data storage:

CREATE DATABASE cacti DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;

Create a dedicated user account with appropriate privileges:

CREATE USER 'cactiuser'@'localhost' IDENTIFIED BY 'your_secure_password_here';
GRANT ALL PRIVILEGES ON cacti.* TO 'cactiuser'@'localhost';
FLUSH PRIVILEGES;
EXIT;

Test database connectivity with the new user account:

mysql -u cactiuser -p cacti

Database Schema Implementation and Optimization

Import the Cacti database schema to establish required table structures. First, install the Cacti package to access SQL files:

sudo dnf install cacti -y

Import the database schema:

mysql -u cactiuser -p cacti < /usr/share/doc/cacti/cacti.sql

Verify table creation by checking the database structure:

USE cacti;
SHOW TABLES;
DESCRIBE host;

Configure database-specific optimizations for time series data storage and retrieval performance. Consider implementing regular backup procedures to protect monitoring data and configuration settings.

Cacti Installation and Configuration

Package Installation and File System Setup

Install Cacti and related monitoring tools:

sudo dnf install cacti net-snmp net-snmp-utils rrdtool -y

Verify package installation and file locations:

rpm -ql cacti | head -20
ls -la /usr/share/cacti/

Configure file ownership and permissions for web server access:

sudo chown -R apache:apache /usr/share/cacti/
sudo chmod -R 755 /usr/share/cacti/

Create necessary directories for log files and temporary data:

sudo mkdir -p /var/log/cacti
sudo chown apache:apache /var/log/cacti

Configuration File Setup and Database Connection

Edit the main Cacti configuration file to establish database connectivity:

sudo nano /usr/share/cacti/include/config.php

Configure database connection parameters:

$database_type = 'mysql';
$database_default = 'cacti';
$database_hostname = 'localhost';
$database_username = 'cactiuser';
$database_password = 'your_secure_password_here';
$database_port = '3306';
$database_ssl = false;

Set path configurations for system binaries:

$config['rrd_tool'] = '/usr/bin/rrdtool';
$config['php_path'] = '/usr/bin/php';
$config['snmpwalk'] = '/usr/bin/snmpwalk';
$config['snmpget'] = '/usr/bin/snmpget';
$config['snmpbulkwalk'] = '/usr/bin/snmpbulkwalk';
$config['snmpgetnext'] = '/usr/bin/snmpgetnext';
$config['snmptrap'] = '/usr/bin/snmptrap';

Security Configuration and Access Controls

Configure log file paths and security settings:

$config['log_path'] = '/var/log/cacti/';
$config['tmp_path'] = '/tmp/';
$config['url_path'] = '/cacti/';

Set appropriate file permissions for security:

sudo chmod 640 /usr/share/cacti/include/config.php
sudo chown root:apache /usr/share/cacti/include/config.php

Configure SELinux policies for Cacti operations:

sudo setsebool -P httpd_can_network_connect 1
sudo setsebool -P httpd_execmem 1

Web-Based Installation Process

Accessing the Installation Interface

Open a web browser and navigate to your Cacti installation:

http://your-server-ip/cacti/

The installation wizard guides through initial configuration steps. Accept the license agreement and proceed to system checks.

Review pre-installation requirements and verify all dependencies are satisfied. The installer checks PHP extensions, file permissions, and database connectivity.

Installation Wizard Configuration Steps

Select installation type as “New Primary Server” for fresh installations. Configure paths for RRDTool, PHP, and SNMP utilities if they differ from detected defaults.

Test database connectivity using the configured credentials. The installer validates connection parameters and schema availability.

Import device templates and data queries for common network devices. These templates provide pre-configured monitoring capabilities for routers, switches, and servers.

Configure the poller settings based on your monitoring requirements:

• CMD.php Poller: Suitable for small to medium deployments
• Spine Poller: Recommended for larger environments requiring better performance

Post-Installation Configuration and Cron Setup

Configure the data collection poller by creating a cron job:

sudo nano /etc/cron.d/cacti

Add the following cron entry for 5-minute data collection intervals:

*/5 * * * * apache /usr/bin/php /usr/share/cacti/poller.php > /dev/null 2>&1

Verify cron job activation:

sudo systemctl restart crond
sudo systemctl status crond

Log in to the Cacti web interface using default credentials (admin/admin) and immediately change the default password for security.

Security Hardening and Best Practices

Firewall Configuration and Network Security

Configure specific firewall rules for Cacti services:

sudo firewall-cmd --permanent --add-port=80/tcp
sudo firewall-cmd --permanent --add-port=443/tcp
sudo firewall-cmd --permanent --add-port=161/udp
sudo firewall-cmd --reload

Implement access restrictions for administrative interfaces:

sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.0/24" port protocol="tcp" port="80" accept'

Application Security Enhancement

Change default administrative credentials immediately after installation. Create additional user accounts with appropriate permission levels for different monitoring roles.

Configure session security settings in the Cacti interface:

• Enable session timeout for inactive users
• Implement strong password policies
• Configure account lockout policies for failed login attempts

Consider implementing SSL/TLS encryption for web interface access:

sudo dnf install mod_ssl -y
sudo systemctl restart httpd

System Security and Monitoring

Configure log rotation for Cacti log files:

sudo nano /etc/logrotate.d/cacti

Add log rotation configuration:

/var/log/cacti/*.log {
    weekly
    missingok
    rotate 52
    compress
    delaycompress
    notifempty
    create 644 apache apache
}

Implement regular security updates and monitoring of system logs for unusual activity.

Troubleshooting Common Issues

Installation and Configuration Problems

Database Connection Failures: Verify MariaDB service status and user privileges. Check configuration file syntax and password accuracy.

sudo systemctl status mariadb
mysql -u cactiuser -p cacti

PHP Extension Errors: Ensure all required PHP modules are installed and loaded:

php -m | grep -E "(mysql|snmp|xml|gd)"

Permission Denied Errors: Verify file ownership and SELinux contexts:

ls -laZ /usr/share/cacti/
sudo restorecon -R /usr/share/cacti/

Performance and Operational Issues

Slow Graph Generation: Check RRDTool performance and database query optimization. Monitor system resource usage during peak data collection periods.

Missing Data Points: Verify SNMP connectivity to monitored devices and check poller execution logs:

tail -f /var/log/cacti/cacti.log
snmpwalk -v2c -c public device_ip 1.3.6.1.2.1.1.1.0

Web Interface Timeout Issues: Increase PHP execution time limits and optimize database queries for large datasets.

Regular maintenance includes database optimization, log file management, and security update application to ensure continued reliable operation.

Congratulations! You have successfully installed Cacti. Thanks for using this tutorial for installing the Cacti monitoring tool on your Rocky Linux 10 system. For additional help or useful information, we recommend you check the official Cacti website.