1.Grafana安装

wget https://dl.grafana.com/oss/release/grafana-7.0.3-1.x86_64.rpm

yum localinstall grafana-7.0.3-1.x86_64.rpm

启动grafana，并设置其开机自启

systemctl restart grafana-server

systemctl enable grafana-server

查看已安装的grafana版本号

grafana-cli -version

在线搜索插件

grafana-cli plugins list-remote

grafana-cli plugins list-remote |grep zabbix

安装Grafana的zabbix插件

grafana-cli plugins install alexanderzobnin-zabbix-app

重启grafana

systemctl restart grafana-server

查看Grafana已安装的插件列表

grafana-cli plugins ls

2.Grafana与LDAP集成

    2.1 修改grafana配置

        cd /etc/grafana/

        vi grafana.ini

 

2.2 修改grafana下LDAP配置

cd /etc/grafana/

vim ldap.toml

[[servers]]

host = "xxx.xxx.xxx.xxx" 修改为ip

port = 389

use_ssl = false

start_tls = false

ssl_skip_verify = false

bind_dn = " cn=Manager,dc=haohaozhu,dc=com"  #修改为安装ldap设置时的domain name

bind_password = 'Hadoop'   #修改ldap设置的密码

search_filter = "(cn=%s)"

search_base_dns = ["dc=haohaozhu,dc=com"]

#下面三个是根据ldap有没有memberof属性来开启的，如果有就设置为如下，反之则注释掉。

group_search_filter = "(&(objectClass=posixGroup)(memberUid=%s))"

group_search_base_dns = ["cn=users, dc=haohaozhu,dc=com "]

group_search_filter_user_attribute = "cn"

[servers.attributes]

name = "givenName"

surname = "sn"

username = "cn"

# member_of = " memberOf"

member_of = "dn"  #如果ldap有memberOf属性，则设置为memberOf，反之设置为dn

email =  "email"

#设置具体的ldap组与grafana角色的映射

[[servers.group_mappings]]

group_dn = "ou=users,dc=haohaozhu,dc=com"

org_role = "Admin" # 对应grafana权限设置，拥有admin用户所有权限

org_id = 1  # org_id对应 Grafana 的权限

Admin管理员账号可以在上方图示处更改权限，权限分为：Admin管理员权限，Editor拥有编辑权限，Viewer只读权限

[[servers.group_mappings]]

group_dn = "*"

org_role = "Viewer"

org_id = 3  # users用户组下的用户user1具有只读权限

2.3 LDAP用户登录

使用admin账号登录查看成员所属