-
Kubernetes部署Prometheus
1. Prometheus简介
prometheus是一个开源的系统监控和告警工具;通过不断收集应用的指标数据到时序数据库中,实现持续监控应用的状态;
2.Prometheus特性
(1) 多维度的数据指标模型
prometheus将所有的数据以时序的方式存储;并且对于相同指标名称的任何标签组合均为对该指标的各个维度的描述;promQL允许我们过滤以及聚合这些维度的指标数据;以"__"双下划线开头的指标名称用于内部使用
(2) PromQL, prometheus Query Language,供用于查询以及聚合时序数据;
(3) 可单机部署
(4) 默认以间隔拉取方式获取应用指标数据
(5) 支持应用主动推送指标数据
(6) 可通过静态配置或服务发现来发现应用
(7) 支持多种类型的图标和面板展示3.部署Prometheus
3.1.书写prometheus配置文件
prometheus 默认监控当前集群所有的Pod, 因此此处我们这里书写监控 namespce=default 集群下的所有Pod;
apiVersion: v1 kind: ConfigMap metadata: namespace: monitoring name: prometheus-config labels: name: prometheus-config data: prometheus.rules: |- groups: - name: devopscube demo alert rules: - alert: High Pod Memory expr: sum(container_memory_usage_bytes) > 1 for: 1m labels: severity: slack annotations: summary: High Memory Usage prometheus-config.yaml: |- global: scrape_interval: 5s evaluation_interval: 5s rule_files: - /etc/prometheus/prometheus.rules alerting: alertmanagers: - scheme: http static_configs: - targets: - "alertmanager.monitoring.svc:9093" scrape_configs: - job_name: 'node-exporter' kubernetes_sd_configs: - role: endpoints relabel_configs: - source_labels: [__meta_kubernetes_endpoints_name] regex: 'node-exporter' action: keep - job_name: 'kubernetes-apiservers' kubernetes_sd_configs: - role: endpoints scheme: https tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token relabel_configs: - source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] action: keep regex: default;kubernetes;https - job_name: 'kubernetes-nodes' scheme: https tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token kubernetes_sd_configs: - role: node relabel_configs: - action: labelmap regex: __meta_kubernetes_node_label_(.+) - target_label: __address__ replacement: kubernetes.default.svc:443 - source_labels: [__meta_kubernetes_node_name] regex: (.+) target_label: __metrics_path__ replacement: /api/v1/nodes/${1}/proxy/metrics - job_name: 'kubernetes-pods' kubernetes_sd_configs: - role: pod relabel_configs: - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape] action: keep regex: true - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path] action: replace target_label: __metrics_path__ regex: (.+) - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port] action: replace regex: ([^:]+)(?::\d+)?;(\d+) replacement: $1:$2 target_label: __address__ - action: labelmap regex: __meta_kubernetes_pod_label_(.+) - source_labels: [__meta_kubernetes_namespace] action: replace target_label: kubernetes_namespace - source_labels: [__meta_kubernetes_pod_name] action: replace target_label: kubernetes_pod_name - job_name: 'kube-state-metrics' static_configs: - targets: ['kube-state-metrics.kube-system.svc.cluster.local:8080'] - job_name: 'kubernetes-cadvisor' scheme: https tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token kubernetes_sd_configs: - role: node relabel_configs: - action: labelmap regex: __meta_kubernetes_node_label_(.+) - target_label: __address__ replacement: kubernetes.default.svc:443 - source_labels: [__meta_kubernetes_node_name] regex: (.+) target_label: __metrics_path__ replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor - job_name: 'kubernetes-service-endpoints' kubernetes_sd_configs: - role: endpoints relabel_configs: - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape] action: keep regex: true - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] action: replace target_label: __scheme__ regex: (https?) - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] action: replace target_label: __metrics_path__ regex: (.+) - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] action: replace target_label: __address__ regex: ([^:]+)(?::\d+)?;(\d+) replacement: $1:$2 - action: labelmap regex: __meta_kubernetes_service_label_(.+) - source_labels: [__meta_kubernetes_namespace] action: replace target_label: kubernetes_namespace - source_labels: [__meta_kubernetes_service_name] action: replace target_label: kubernetes_name- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
3.2.部署prometheus deployment
创建 prometheus-monitor serviceaccount
apiVersion: v1 kind: ServiceAccount metadata: namespace: monitoring name: prometheus-monitor --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: rolebindingpromethuesmonitoradminpermission subjects: - kind: ServiceAccount name: prometheus-monitor namespace: monitoring roleRef: kind: ClusterRole name: cluster-admin apiGroup: rbac.authorization.k8s.io- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
部署deployment
apiVersion: apps/v1 kind: Deployment metadata: name: prometheus-server namespace: monitoring labels: app: prometheus-server spec: replicas: 1 selector: matchLabels: app: prometheus-server component: prometheus-server template: metadata: labels: app: prometheus-server component: prometheus-server annotations: prometheus.io/scrape: "false" spec: serviceAccountName: prometheus-monitor securityContext: runAsUser: 0 containers: - name: prometheus-server image: prom/prometheus imagePullPolicy: IfNotPresent command: - prometheus - --config.file=/etc/prometheus/prometheus-config.yaml - --storage.tsdb.path=/prometheus - --storage.tsdb.retention=720h ports: - containerPort: 9090 protocol: TCP volumeMounts: - mountPath: /etc/prometheus/ name: prometheus-config - mountPath: /prometheus/ name: prometheus-storage-volume volumes: - name: prometheus-config configMap: name: prometheus-config - name: prometheus-storage-volume persistentVolumeClaim: claimName: prometheus-storage-pvc --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: prometheus-storage-pvc namespace: monitoring spec: accessModes: - ReadWriteOnce storageClassName: nfs-client resources: requests: storage: 5Gi- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
3.3.暴露Prometheus
对于如何配置ingress,请参考 运维开发实践 - Kubernetes - 从外部访问集群应用
--- apiVersion: v1 kind: Service metadata: name: prometheus-server-svc namespace: monitoring spec: ports: - port: 9090 targetPort: 9090 selector: app: prometheus-server --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: prometheus-ingress namespace: monitoring spec: ingressClassName: nginx rules: - host: prometheus-liyuan.com http: paths: - path: / pathType: Prefix backend: service: name: prometheus-server-svc port: number: 9090- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
Reference
遇到疑问欢迎留言,也欢迎关注我的公众号[ 从零开始的Go学习 ]
-
相关阅读:
04.封装
零基础学JavaScript(二)ECMAScript 基础
ipv6一致性-NDP测试
[Emeuelc]DC模拟器Flycast按键设置相关研究
达梦数据库安装使用教程系列(三)
基于低代码平台的疫情管理系统,源码交付更放心
谷粒商城一
Maven的安装和环境变量配置
干货!网络丢包故障定位全景指南
[windows][操作系统]复制文件夹到桌面经常到跑左上角导致桌面图标位置错乱
- 原文地址:https://blog.csdn.net/Yuan_xii/article/details/127759301
