职业资格培训 發表於 2019-8-8 14:54:00

prometheus operator(Kubernetes 集群监控)

<h2>一、Prometheus Operator 介绍</h2>
<p><span style="font-size: 18px">Prometheus Operator 是 CoreOS 开发的基于 Prometheus 的 Kubernetes 监控方案,也可能是目前功能最全面的开源方案。</span></p>
<h3><span style="font-size: 18px">Prometheus Operator架构图</span></h3>
<p><img src="https://img2018.cnblogs.com/blog/1242171/201908/1242171-20190808142934086-2014452661.png" alt=""></p>
<p>&nbsp;</p>
<h2>二、安装prometheus operator</h2>
<p><strong><span style="font-size: 18px">测试环境:</span></strong></p>
<div class="cnblogs_code">
<pre># kubectl get node
NAME    STATUS   ROLES    AGE   VERSION
k8s</span>-m   Ready    master   5h27m   v1.<span style="color: rgba(128, 0, 128, 1)">15.2</span><span style="color: rgba(0, 0, 0, 1)">
node    Ready    </span>&lt;none&gt;   5h26m   v1.<span style="color: rgba(128, 0, 128, 1)">15.2</span></pre>
</div>
<p>&nbsp;</p>
<h3><span style="font-size: 18px">1、安装metrucs-server</span></h3>
<p><span style="font-size: 18px">https://www.cnblogs.com/zhangb8042/p/10204997.html</span></p>
<p>&nbsp;</p>
<h3><span style="font-size: 18px">2、部署Prometheus监控方案</span></h3>
<div class="cnblogs_code">
<pre>#下载prometheus-<span style="color: rgba(0, 0, 0, 1)">operator代码
git clone https:</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">github.com/AliyunContainerService/prometheus-operator</span>
cd prometheus-operator/contrib/kube-prometheus/<span style="color: rgba(0, 0, 0, 1)">

#部署Prometheus监控方案
kubectlapply </span>-f manifests/<span style="color: rgba(0, 0, 0, 1)">

#查看
# kubectl get namespaces monitoring
NAME         STATUS   AGE
monitoring   Active   71s</span></pre>
</div>
<h3>3、把服务对公网开放(没有需要的话可以忽略这步)</h3>
<p><strong><span style="font-size: 18px">方法一、</span></strong><br><strong><span style="font-size: 18px">把相对应的service类型改为NodePort(这样就会映射一个30000-32767的外网端口用于访问)</span></strong></p>
<p>&nbsp;</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">#随机端口
kubectl</span><span style="color: rgba(0, 0, 255, 1)">patch</span> svcprometheus-k8s -n monitoring -p <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{"spec":{"type":"NodePort"}}</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">

#指定端口30090
kubectl</span><span style="color: rgba(0, 0, 255, 1)">patch</span> svcprometheus-k8s -n monitoring -p <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{"spec":{"type":"NodePort","ports":[{"name":"web","port":9090,"protocol":"TCP","targetPort":"web","nodePort":30090}]}}</span><span style="color: rgba(128, 0, 0, 1)">'</span></pre>
</div>
<p>&nbsp;</p>
<p><span style="font-size: 18px"><strong>方法二、</strong></span><br><span style="font-size: 18px"><strong>使用Proxy的方式临时访问</strong></span><br><span style="font-size: 18px"><strong>例如:(临时允许访问服务器的3000端口,注意:该方法只能是访问使用了下面这条命令的服务器IP)</strong></span></p>
<p>&nbsp;</p>
<div class="cnblogs_code">
<pre>kubectl --namespace monitoring port-forward svc/grafana --address=<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">0.0.0.0</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 128, 1)">3000</span></pre>
</div>
<p><span style="font-size: 18px"><strong>方法三、使用ingress的方式让外网访问</strong></span></p>
<p>&nbsp;</p>
<p><span style="font-size: 18px"><strong>开放公网访问(我用的是nodePort方法)</strong></span></p>
<p><span style="font-size: 18px">#grafana使用30030、prometheus使用30090、alertmanager使用30093。成功后浏览器访问即可</span><br><span style="font-size: 18px">#grafana登录的账号密码都是admin</span></p>
<div class="cnblogs_code">
<pre>kubectl<span style="color: rgba(0, 0, 255, 1)">patch</span> svcgrafana -n monitoring -p <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{"spec":{"type":"NodePort","ports":[{"name":"http","port":3000,"protocol":"TCP","targetPort":"http","nodePort":30030}]}}</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
kubectl</span><span style="color: rgba(0, 0, 255, 1)">patch</span> svcprometheus-k8s -n monitoring -p <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{"spec":{"type":"NodePort","ports":[{"name":"web","port":9090,"protocol":"TCP","targetPort":"web","nodePort":30090}]}}</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
kubectl</span><span style="color: rgba(0, 0, 255, 1)">patch</span> svcalertmanager-main -n monitoring -p <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">{"spec":{"type":"NodePort","ports":[{"name":"web","port":9093,"protocol":"TCP","targetPort":"web","nodePort":30093}]}}</span><span style="color: rgba(128, 0, 0, 1)">'</span></pre>
</div>
<p>&nbsp;</p>
<h2>三、监控模板配置</h2>
<p><strong><span style="font-size: 18px">所有的监控项都在这个文件中(上面git下载的),可以直接删除或者添加新的监控项(感觉有不少默认的监控模板用不到)</span></strong><br><span style="font-size: 18px">/root/prometheus-operator/contrib/kube-prometheus/manifests/prometheus-rules.yaml</span></p>
<p><strong><span style="font-size: 18px">#添加一个监控项,在rometheus-rules.yaml文件的最后添加即可</span></strong></p>
<p>&nbsp;</p>
<div class="cnblogs_code">
<pre>#在prometheus-<span style="color: rgba(0, 0, 0, 1)">rules.yaml文件最后添加上(1分钟的负载大于1就报警)
</span>- name: test-load-<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
    rules:
    </span>- alert: test-load-<span style="color: rgba(128, 0, 128, 1)">1</span>
      <span style="color: rgba(0, 0, 255, 1)">expr</span>: node_load1 &gt; <span style="color: rgba(128, 0, 128, 1)">1</span>
      <span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)">: 2m
      labels:
       team: node
      annotations:
       summary: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">{{$labels.instance}}: load 1 &gt;1</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">
       description: </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">{{$labels.instance}}: job {{$labels.job}} 测试测试 负载大于1</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">

#重新导入配置文件
# kubectl apply -f   prometheus-<span style="color: rgba(0, 0, 0, 1)">rules.yaml
prometheusrule.monitoring.coreos.com</span>/prometheus-k8s-rules configured</pre>
</div>
<p>&nbsp;</p>
<h2>四、修改alertmanager的报警方式(邮件方式)</h2>
<h3><span style="font-size: 18px">1、创建一个邮件报警的配置文件(25端口不行)</span></h3>
<div class="cnblogs_code">
<pre># <span style="color: rgba(0, 0, 255, 1)">cat</span><span style="color: rgba(0, 0, 0, 1)"> alertmanger.yaml
global:
resolve_timeout: 5m #处理超时时间,默认为5min
smtp_smarthost: </span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">smtp.163.com:465</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)"> # 邮箱smtp服务器代理
smtp_from: </span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">xxxx@163.com</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)"> # 发送邮箱名称
smtp_auth_username: </span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">xxxx@163.com</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)"> # 邮箱名称
smtp_auth_password: </span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">xxxxxxxxx</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)"> #邮箱密码
smtp_require_tls: </span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">
route:
group_by: [</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">alertname</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">] # 报警分组名称
group_wait: 10s # 最初即第一次等待多久时间发送一组警报的通知
group_interval: 10s # 在发送新警报前的等待时间
repeat_interval: 1m # 发送重复警报的周期
receiver: </span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">email</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)"> # 发送警报的接收者的名称,以下receivers name的名称

receivers:
</span>- name: <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">email</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)"> # 警报
    email_configs: # 邮箱配置
    </span>- to: <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">xxxxxx@163.com</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)"># 接收警报的email配置

inhibit_rules:
</span>-<span style="color: rgba(0, 0, 0, 1)"> source_match:
      severity: </span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">critical</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
    target_match:
      severity: </span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">warning</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(0, 0, 0, 1)">
    equal: [</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">alertname</span><span style="color: rgba(128, 0, 0, 1)">'</span>, <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">dev</span><span style="color: rgba(128, 0, 0, 1)">'</span>, <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">instance</span><span style="color: rgba(128, 0, 0, 1)">'</span>]</pre>
</div>
<p>&nbsp;</p>
<h3><span style="font-size: 18px">2、将alertmanger.yaml(上面创建的) 配置文件进行base64编码</span></h3>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 255, 1)">cat</span>alertmanger.yaml|base64 </pre>
</div>
<p>&nbsp;</p>
<h3>3、把alertmanager配置的文件创建成一个Opaque(把刚才配置文件base64编码的内容放入secret配置中,记得删除换行符,要把所有内容放在一行中)</h3>
<p><span style="font-size: 18px"><strong>注意</strong>:除了data中的和我这里不一样,其它的不要改。(因为本质上是修改原先Opaque的内容)</span></p>
<div class="cnblogs_code">
<pre># <span style="color: rgba(0, 0, 255, 1)">cat</span>   alertmanager-<span style="color: rgba(0, 0, 0, 1)">secret.yaml
apiVersion: v1
data:
alertmanager.yaml: Z2xvYmFsOiAKICByZXNvbHZlX3RpbWVvdXQ6IDVtICPlpITnkIbotoXml7bml7bpl7TvvIzpu5jorqTkuLo1bWl</span>vbScgIyDlj5HpgIHpgq7nrrHlkI3np7AKICBzbXRwX2F1dGhfdXNl<span style="color: rgba(0, 0, 0, 1)">
name: alertmanager</span>-<span style="color: rgba(0, 0, 0, 1)">main
namespace: monitoring
type: Opaque</span></pre>
</div>
<p>&nbsp;</p>
<h3>4、导入</h3>
<div class="cnblogs_code">
<pre># kubectl apply -falertmanager-<span style="color: rgba(0, 0, 0, 1)">secret.yaml
secret</span>/alertmanager-main configured</pre>
</div>
<p>&nbsp;</p>
<h3>5、查看与测试</h3>
<p><span style="font-size: 18px"><strong>达到了报警条件</strong></span></p>
<p><img src="https://img2018.cnblogs.com/blog/1242171/201908/1242171-20190808145232655-1901528755.png" alt=""></p>
<p><span style="font-size: 18px"><strong>查看邮箱</strong></span></p>
<p><span style="font-size: 18px"><strong><img src="https://img2018.cnblogs.com/blog/1242171/201908/1242171-20190808145329339-924664207.png" alt=""></strong></span></p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;<img src="https://img2018.cnblogs.com/blog/1242171/201908/1242171-20190808145343107-99009071.png" alt=""></p>
<p>&nbsp;</p><br><br>
来源:https://www.cnblogs.com/zhangb8042/p/11321133.html
頁: [1]
查看完整版本: prometheus operator(Kubernetes 集群监控)