1. Setting up the package sources
Checkmk requires a number of software packages from your Linux distribution. Third-party software is not required. In order that all necessary packages can be subsequently installed, a correct configuration of the software sources is necessary. With Red Hat and CENTOS the EPEL (Extra Packages for Enterprise Linux) repository must be set up as a package source. You can do this with the help of an RPM package, which can be installed with the yum command:
Here is an example of an installation on CentOS 8:
root@linux# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
In order to be able to use EPEL on RedHat and CentOS, the package sources for optional RPMs are required if these haven’t already been installed during the operating system installation. Without these sources the freeradius-utils, graphviz-gd, and php-mbstring package will be missing. As of version 8.x it will suffice to activate the so-called PowerTools with the help of Dandified YUM in CentOS or the subscription-manager in RHEL respectively. This can be done, eg., with the following commands:
Red Hat/CentOS 6.X:
root@linux# yum-config-manager --enable rhel-6-server-optional-rpms root@linux# subscription-manager repos --enable rhel-6-server-optional-rpms
Red Hat/CentOS 7.X:
root@linux# yum-config-manager --enable rhel-7-server-optional-rpms root@linux# yum-config-manager --enable rhel-7-server-extras-rpms root@linux# subscription-manager repos --enable rhel-7-server-optional-rpms root@linux# subscription-manager repos --enable rhel-7-server-extras-rpms
root@linux# dnf config-manager --set-enabled PowerTools
root@linux# subscription-manager repos --enable "codeready-builder-for-rhel-8-x86_64-rpms"
2. Setup SELinux and Firewall
Since Red Hat and thus CentOS also deliver SELinux and a local firewall by default, adjustments may have to be made here. As the first step you will need to allow your web server to access the network interfaces:
root@linux# setsebool -P httpd_can_network_connect 1
Secondly, you release the web server and activate the change:
root@linux# firewall-cmd --zone=public --add-service=http --permanent success root@linux# firewall-cmd --reload success
3. Download the appropriate packages
If you have a subscription, on your subscription downloads
page you will find a suitable RPM or DEB package for your distribution
for every available Checkmk-Version. For a free test or
small installtions of Checkmk you can use our free
Editions. These don't need in consequence any subscription. You are still
able to do an upgrade any time to go to on of the
Please consider when selecting a package:
- Firstly, choose a Checkmk-version, a distribution and a the version of this distribution.
- We recommend the latest stable version. If you need an older version anyway, you can find these in download archive at the of the page.
- The name and version of your distribution must be strictly identical.
- Choose one of the Editions. If you're unsure, you can get an overview to the differences of the editions.
After you downloaded the package to your machine, you need to copy the
file to the target Linux system where Checkmk needs to be installed. You can
do that for example with the programm WinSCP or – if you are able
to use ssh connections – with the commandline tool scp. In the
following example for the
root@linux# scp check-mk-raw-1.6.0p12-el8-38.x86_64.rpm email@example.com:
4. Signed-package installation
All packages are signed using GnuPG. Through the use of this signature, on the one hand it can be verified whether the package really is from Checkmk, and on the other hand it can be verified that the package is complete.
So that these signed packages can be installed in the usual way, one time only you will need to import our public key so that the signature will be trusted. First, load the key directly from our website:
root@linux# wget https://checkmk.com/support/Check_MK-pubkey.gpg
Alternatively, the key can also be obtained from gnupg.net:
root@linux# gpg --keyserver keys.gnupg.net --recv-keys 434DAC48C4503261 root@linux# gpg --armor --export 434DAC48C4503261 > Check_MK-pubkey.gpg
Then import the key to the list of trusted signatures. On Red Hat and CentOS this is yet another job for rpm:
root@linux# rpm --import Check_MK-pubkey.gpg
Once the key has been imported, you can verify the package and install it the usual way with yum install afterwards:
root@linux# rpm -K check-mk-enterprise-1.6.0p12-el8-38.x86_64.rpm check-mk-enterprise-1.6.0p12-el8-38.x86_64.rpm: digests signatures OK root@linux# yum install check-mk-enterprise-1.6.0p12-el8-38.x86_64.rpm
5. Final test
After the successful installation of Checkmk, and all dependencies, you will have access to the omd command. With this command you are able to create and manage monitoring sites. You can request the installed version to verify your installation:
root@linux# omd version OMD - Open Monitoring Distribution Version 1.6.0p12.cee