一、Prometheus简介
Prometheus 是一个开源的系统监控和警报工具,用于收集、存储和查询时间序列数据。它专注于监控应用程序和基础设施的性能和状态,并提供丰富的查询语言和灵活的告警机制
1、Prometheus基本介绍
2.Prometheus特点
3.Prometheus生态包含组件
二、安装Prometheus
1.安装采集节点资源指标组件 node-exporter
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: node-exporter
namespace: monitor-sa
labels:
name: node-exporter
spec:
selector:
matchLabels:
name: node-exporter
template:
metadata:
labels:
name: node-exporter
spec:
hostIPC: true
hostNetwork: true
hostPID: true
containers:
- name: node-exporter
image: docker.io/prom/node-exporter:v0.16.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9100
resources:
requests:
cpu: 0.15
securityContext:
privileged: true
args:
- --path.procfs
- /host/proc #指定 proc 文件系统的路径为/host/proc。Node Exporter 使用proc 文件系统来获取有关进程和系统信息的指标数据。
- --path.sysfs
- /host/sys #指定 sys 文件系统的路径为/host/sys。Node Exporter 使用 sys 文件系统来获取有关系统硬件资源和内核信息的指标数据。
- --collector.filesystem.ignored-mount-points
- '"^/(sys|proc|dev|host|etc)($|/)"' #配置要忽略的文件系统挂载点的正则表达式。这个正则表达式指定了一些常见的文件系统挂载点,如/sys、/proc、/dev、/host 和/etc。Node Exporter 将忽略这些挂载点上的文件系统,不采集与其相关的指标数据
volumeMounts:
- name: dev
mountPath: /host/dev
- name: proc
mountPath: /host/proc
- name: sys
mountPath: /host/sys
- name: rootfs
mountPath: /rootfs
tolerations:
- key: "node-role.kubernetes.io/control-plane"
operator: "Exists"
effect: "NoSchedule"
volumes:
- name: proc
hostPath:
path: /proc
- name: dev
hostPath:
path: /dev
- name: sys
hostPath:
path: /sys
- name: rootfs
hostPath:
path: /
2.配置Prometheus server服务的configmap
#创建一个namespace
kubectl create ns monitor-sa
#创建一个sa账号
kubectl create serviceaccount monitor -n monitor-sa
#把sa账号monitor通过clusterrolebing绑定到clusterrole
kubectl create clusterrolebinding monitor-clusterrolebinding --clusterrole=cluster-admin --serviceaccount=monitor-sa:monitor
创建数据目录
mkdir /data
chmod 777 /data
#配置prometheus的configmap
参考地址:
github:https://github.com/prometheus/prometheus/blob/release-2.31/documentation/examples/prometheus-kubernetes.yml
官网:https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config
vim prometheus-cfg.yaml
---
kind: ConfigMap
apiVersion: v1
metadata:
labels:
app: test-prometheus
name: prometheus-config
namespace: monitor-sa
data:
prometheus.yml: |
global:
scrape_interval: 15s
scrape_timeout: 10s
evaluation_interval: 1m
scrape_configs:
- job_name: 'kubernetes-node'
kubernetes_sd_configs:
- role: node
relabel_configs:
- source_labels: [__address__]
regex: '(.*):10250'
replacement: '${1}:9100'
target_label: __address__
action: replace
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- job_name: 'kubernetes-node-cadvisor'
kubernetes_sd_configs:
- role: node
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- target_label: __address__
replacement: kubernetes.default.svc:443
- source_labels: [__meta_kubernetes_node_name]
regex: (.+)
target_label: __metrics_path__
replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor
- job_name: 'kubernetes-apiserver'
kubernetes_sd_configs:
- role: endpoints
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
relabel_configs:
- source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
action: keep
regex: default;kubernetes;https
- job_name: 'kubernetes-service-endpoints'
kubernetes_sd_configs:
- role: endpoints
relabel_configs:
- source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape]
action: keep
regex: true
- source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme]
action: replace
target_label: __scheme__
regex: (https?)
- source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path]
action: replace
target_label: __metrics_path__
regex: (.+)
- source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port]
action: replace
target_label: __address__
regex: ([^:]+)(?::\d+)?;(\d+)
replacement: $1:$2
- action: labelmap
regex: __meta_kubernetes_service_label_(.+)
- source_labels: [__meta_kubernetes_namespace]
action: replace
target_label: kubernetes_namespace
- source_labels: [__meta_kubernetes_service_name]
action: replace
target_label: kubernetes_name
3.通过deployment部署Prometheus
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: test-prometheus
labels:
app: test-prometheus
spec:
replicas: 1
selector:
matchLabels:
app: test-prometheus
template:
metadata:
labels:
app: test-prometheus
annotations:
prometheus.io/scrape: 'true'
spec:
securityContext:
runAsUser: 0
containers:
- name: test-prometheus
image: docker.io/prom/prometheus:v2.33.5
imagePullPolicy: Always
command:
- prometheus
- --config.file=/etc/prometheus/prometheus.yml
- --storage.tsdb.path=/prometheus #数据存储目录
- --storage.tsdb.retention=168h #数据保存时长
- --web.enable-lifecycle #开启热加载
ports:
- containerPort: 9090
protocol: TCP
volumeMounts:
- mountPath: /etc/prometheus/prometheus.yml
name: prometheus-config
subPath: prometheus.yml
- mountPath: /prometheus/
name: prometheus-storage-volume
resources:
requests:
memory: 1Gi
cpu: "1"
limits:
memory: 2Gi
cpu: "1"
volumes:
- name: prometheus-config
configMap:
name: prometheus-config
items:
- key: prometheus.yml
path: prometheus.yml
mode: 0644
- name: prometheus-storage-volume
hostPath:
path: /var/lib/docker/data/{{ $.Chart.Name }}/data
type: DirectoryOrCreate
4.给Prometheus pod创建一个service
---
apiVersion: v1
kind: Service
metadata:
name: prometheussvc
labels:
app: test-prometheus
namespace: monitor-sa
spec:
type: NodePort
ports:
- port: 9090
targetPort: 9090
protocol: TCP
selector:
app: test-prometheus
#查看映射端口
[root@master1 prometheus]# kubectl describe svc test-prometheus -n monitor-sa
Name: test-prometheus
Namespace: monitor-sa
Labels: app=test-prometheus
app.kubernetes.io/managed-by=Helm
Annotations: meta.helm.sh/release-name: prometheus
meta.helm.sh/release-namespace: monitor-sa
name: test-prometheus
prometheus.io/scrape: true
Selector: app=test-prometheus
Type: NodePort
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.96.128.98
IPs: 10.96.128.98
Port: http 9090/TCP
TargetPort: 9090/TCP
NodePort: http 31439/TCP
Endpoints: 10.244.247.6:9090
Session Affinity: None
External Traffic Policy: Cluster
Events: >
#页面访问测试
http://192.168.100.17:31439/graph
5.安装配置可视化UI界面graphna
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: test-grafana
spec:
replicas: 1
selector:
matchLabels:
app: test-grafana
template:
metadata:
labels:
app: test-grafana
spec:
containers:
- name: test-grafana
image: docker.io/grafana/grafana:8.4.5
imagePullPolicy: Always
ports:
- containerPort: 3000
protocol: TCP
volumeMounts:
- mountPath: /etc/ssl/certs
name: ca-certificates
readOnly: true
- mountPath: /var/lib/grafana
name: grafana-storage
resources:
requests:
memory: 1Gi
cpu: "1"
limits:
memory: 1Gi
cpu: "1"
env:
- name: INFLUXDB_HOST
value: monitoring-influxdb
- name: GF_SERVER_HTTP_PORT
value: "3000"
- name: GF_AUTH_BASIC_ENABLED
value: "false"
- name: GF_AUTH_ANONYMOUS_ENABLED
value: "true"
- name: GF_AUTH_ANONYMOUS_ORG_ROLE
value: Admin
- name: GF_SERVER_ROOT_URL
value: /
volumes:
- name: ca-certificates
hostPath:
path: /etc/ssl/certs
- name: grafana-storage
emptyDir:
medium: Memory
---
apiVersion: v1
kind: Service
metadata:
labels:
app: test-grafana
name: test-grafana
spec:
ports:
- name: http
port: 3000
targetPort: 3000
protocol: TCP
selector:
app: test-grafana
type: NodePort
#查看转发端口
kubectl get svc -n monitor-sa
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
test-grafana NodePort 10.100.121.25 <none> 3000:31562/TCP 4m4s
三、页面展示
#访问:
http://192.168.100.16:31562/
6.配置grafana界面
选择 Add your first data source
附:面板导入下载:https://grafana.com/grafana/dashboards/
五、安装kube-state-metrics 组件
kube-state-metrics 是一个开源的 Kubernetes 监控工具,它通过将 Kubernetes 集群中的资源状态转换为可观察的指标(metrics),提供了对 Kubernetes 对象的详细监控和可视化。以下是 kube-state-metrics 的基本介绍:
安装与配置kube-state-metrics
创建SA并对SA授权
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: kube-state-metrics
namespace: monitor-sa
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kube-state-metrics
rules:
- apiGroups: [""]
resources: ["nodes", "pods", "services", "resourcequotas", "replicationcontrollers", "limitranges", "persistentvolumeclaims", "persistentvolumes", "namespaces", "endpoints"]
verbs: ["list", "watch"]
- apiGroups: ["extensions"]
resources: ["daemonsets", "deployments", "replicasets"]
verbs: ["list", "watch"]
- apiGroups: ["apps"]
resources: ["statefulsets"]
verbs: ["list", "watch"]
- apiGroups: ["batch"]
resources: ["cronjobs", "jobs"]
verbs: ["list", "watch"]
- apiGroups: ["autoscaling"]
resources: ["horizontalpodautoscalers"]
verbs: ["list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kube-state-metrics
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kube-state-metrics
subjects:
- kind: ServiceAccount
name: kube-state-metrics
namespace: monitor-sa
创建deployment/service
apiVersion: apps/v1
kind: Deployment
metadata:
name: kube-state-metrics
namespace: monitor-sa
spec:
replicas: 1
selector:
matchLabels:
app: kube-state-metrics
template:
metadata:
labels:
app: kube-state-metrics
spec:
serviceAccountName: kube-state-metrics
containers:
- name: kube-state-metrics
image: quay.io/coreos/kube-state-metrics:v1.9.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
annotations:
prometheus.io/scrape: 'true'
name: kube-state-metrics
namespace: monitor-sa
labels:
app: kube-state-metrics
spec:
ports:
- name: kube-state-metrics
port: 8080
protocol: TCP
selector:
app: kube-state-metrics
在granfana的web界面中导入Kubernetes cluster monitoring (via Prometheus) (k8s 1.16)-1577691996738.json即可