Tech

Grafana+InfluxDB+Telegraf - Build a VPS System Monitoring Platform

Learn how to leverage Grafana, InfluxDB, and Telegraf to create a robust VPS system monitoring platform. Monitor server metrics, set up Grafana dashboards, and ensure the health and performance of your virtual servers.

Henry

Dec 4, 2023 • 4 min read

Monitoring the health and performance of your VPS is crucial for ensuring its stability and addressing potential issues promptly. In this tutorial, we'll guide you through the process of setting up a comprehensive VPS system monitoring platform using Grafana, InfluxDB, and Telegraf.

1. Set up Grafana & InfluxDB

Allow port TCP/8086 on your Grafana server
Create project folder and docker-compose.yml

mkdir -p /your/path/grafana && cd /your/path/grafana && nano docker-compose.yml

docker-compose.yml

version: '3.8'

services:
  grafana:
    image: grafana/grafana-oss:latest
    container_name: grafana
    environment:
      - GF_AUTH_ANONYMOUS_ENABLED=false
      - GF_SERVER_ROOT_URL=https://grafana.example.com/
      - GF_INSTALL_PLUGINS=grafana-clock-panel
    user: '0'
    ports:
      - 127.0.0.1:12345:3000
    volumes:
      - ./grafana-data:/var/lib/grafana
    restart: unless-stopped

  influxdb:
    image: influxdb:1.8
    container_name: influxdb
    environment:
        - INFLUXDB_HTTP_AUTH_ENABLED=true
        - INFLUXDB_DB=telegraf
        - INFLUXDB_ADMIN_USER=admin
        - INFLUXDB_ADMIN_PASSWORD=your_password
        - INFLUXDB_USER=telegraf
        - INFLUXDB_USER_PASSWORD=your_password
    ports:
        - 8086:8086
    volumes:
        - ./influxdb-data:/var/lib/influxdb
    restart: unless-stopped

Note:
GF_AUTH_ANONYMOUS_ENABLED is convenient for exposing your dashboard to others.
INFLUXDB_ADMIN_PASSWORD sets the account password for HTTP authentication.
INFLUXDB_USER_PASSWORD sets the password of the database user.

After confirming that it is correct, you can bring up the containers

docker-compose up -d

2. Nginx Configuration

Get SSL certificates

certbot certonly --nginx

Create Nginx conf

nano /etc/nginx/conf.d/grafana.conf

server {
        listen 80;
        server_name grafana.example.com;
        if ($host = grafana.example.com) {
                return 301 https://$host$request_uri;
        }
        return 404;
}

server {
  listen 443 ssl http2;

  ssl_certificate       /your/key/path/fullchain.pem;
  ssl_certificate_key   /your/key/path/privkey.pem;
  ssl_session_timeout 1d;
  ssl_session_cache shared:MozSSL:10m;
  ssl_session_tickets off;

  ssl_protocols         TLSv1.2 TLSv1.3;
  ssl_ciphers           ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;

  ssl_prefer_server_ciphers off;

  server_name           grafana.example.com;
    add_header Content-Security-Policy upgrade-insecure-requests;
  location / {
    proxy_redirect off;
    proxy_pass http://127.0.0.1:12345;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_next_upstream off;
  }
}

Restart Nginx

nginx -t
systemctl restart nginx

3. Setup Telegraf

Next, install Telegraf on each VPS that needs to be monitored. Telegraf is used to monitor the host system. Docker installation is not recommended, so here we install it on each machine by adding sources.
For deb-based platforms (e.g. Ubuntu and Debian) run the following to add the repo key and setup a new sources.list entry:

# influxdata-archive_compat.key GPG fingerprint:
#     9D53 9D90 D332 8DC7 D6C8 D3B9 D8FF 8E1F 7DF8 B07E
wget -q https://repos.influxdata.com/influxdata-archive_compat.key
echo '393e8779c89ac8d958f81f942f9ad7fb82a25e133faddaf92e15b16e6ac9ce4c influxdata-archive_compat.key' | sha256sum -c && cat influxdata-archive_compat.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg > /dev/null
echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
sudo apt-get update && sudo apt-get install telegraf

Edit Telegraf’s main configuration file

nano /etc/telegraf/telegraf.conf

Modify the database connection information. The server IP is the public IP of the InfluxDB machine. Note that the account and password here are not those of the database but the HTTP authentication account password of InfluxDB

[[outputs.influxdb]]
  urls = ["http://server_ip:8086"]
  database = "telegraf"
  username = "admin"
  password = "your_password"

Note that modifying hostname is used to distinguish different machines
After configuration, start and restart Telegraf and set auto-start at boot

systemctl restart telegraf
systemctl enable telegraf

4. Configure Grafana & InfluxDB

Visit your site to open Grafana. The default administrator account and password are both admin. After logging in, add the data source:

Check BasicAuth and fill in the account password for INFLUXDB's HTTP authentication

Fill in database information

Add a dashboard. You can import some default dashboards by its ID

5. DEMO

Copyright statement: Unless otherwise stated, all articles on this blog adopt the CC BY-NC-SA 4.0 license agreement. For non-commercial reprints and citations, please indicate the author: Henry, and original article URL. For commercial reprints, please contact the author for authorization.