Cloud孙文波
Cloud孙文波

k8s集群监控指标及告警阀值大全【超级详细,全是干货,直接粘贴复制】

目录

kube-apiserver

coredns

etcd

kube-controller-manager

kubelet

kube-scheduler

kube-state-metrics

node

deployment

ingress-nginx

pod

kube-apiserver

groups:
- name: kube-apiserver.rule
  rules:
  - alert: K8SAPIAerverDown
    expr: up{job="apiserver"} == 0
    for: 1m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: kube-apiserver {{ $labels.instance }} is down. {{ $labels.instance }} isn't reachable or have disappeared from service
        discovery.
      summary: kube-apiserver is down
  - alert: K8SApiserverDown
    expr: absent(up{job="apiserver"} == 1)
    for: 10m
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      description: No API servers are reachable or all have disappeared from service
        discovery
      summary: No API servers are reachable
  - alert: K8SApiserverUserCPU
    expr: sum(rate(container_cpu_user_seconds_total{pod=~"kube-apiserver.*",container_name!="POD"}[5m]))by(pod) > 1 
    for: 5m
    labels:
      severity: P3
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetes apserver {{ $labels.instance }} is user cpu time > 1s. {{ $labels.instance }} isn't reachable"
      summary: "kubernetes apserver 负载较高超过1s,当前值为{{$value}}"
  - alert: K8SApiserverUserCPU
    expr: sum(rate(container_cpu_user_seconds_total{pod=~"kube-apiserver.*",container_name!="POD"}[5m]))by(pod) > 5
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetes apserver {{ $labels.instance }} is user cpu time > 5s. {{ $labels.instance }} isn't reachable"
      summary: "kubernetes apserver 负载较高超过5s,当前值为{{$value}}"
  - alert: K8SApiserverUserCPU
    expr: sum(rate(container_cpu_user_seconds_total{pod=~"kube-apiserver.*",container_name!="POD"}[5m]))by(pod) > 10
    for: 5m
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetes apserver {{ $labels.instance }} is user cpu time > 10s. {{ $labels.instance }} isn't reachable"
      summary: "kubernetes apserver 负载较高超过10s,当前值为{{$value}}"
  - alert: K8SApiserverUseMemory
    expr: sum(rate(container_memory_usage_bytes{pod=~"kube-apserver.*",container_name!="POD"}[5m])/1024/1024)by(pod) > 150
    for: 5m
    labels:
      severity: P3
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetess apserver {{ $labels.instance }} is use memory More than 150MB"
      summary: "kubernetes apserver 使用内存超过150MB,当前值为{{$value}}MB"
  - alert: K8SApiserverUseMemory
    expr: sum(rate(container_memory_usage_bytes{pod=~"kube-apserver.*",container_name!="POD"}[5m])/1024/1024)by(pod) > 300
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetess apserver {{ $labels.instance }} is use memory More than 300MB"
      summary: "kubernetes apserver 使用内存超过300MB,当前值为{{$value}}MB"
  - alert: K8SApiserverUseMemory
    expr: sum(rate(container_memory_usage_bytes{pod=~"kube-apserver.*",container_name!="POD"}[5m])/1024/1024)by(pod) > 600
    for: 5m
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetess apserver {{ $labels.instance }} is use memory More than 600MB"
      summary: "kubernetes apserver 使用内存超过600MB,当前值为{{$value}}MB"
  - alert: K8SApiserverApiError
    expr: sum(rate(apiserver_request_total{job="apiserver",code=~"[45].."}[5m]))by (resource,subresource,verb) /sum(rate(apiserver_request_total{job="apiserver"}[5m])) by (resource,subresource,verb) > 0.5
    for: 10m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetess apserver {{ $labels.instance }} API 4xx,5xx too many"
      summary: "kubernetes apserver 4xx,5xx错误很多,请检查"
  - alert: K8SApiserverWorkerQueue
    expr: sum(apiserver_current_inflight_requests{job="apiserver"}) > 200
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetess apserver {{ $labels.instance }} worker queue accumulation"
      summary: "kubernetes apserver 待处理的请求数量 > {{$value}} "
  - alert: K8SApiserverWorkerQueue
    expr: sum(apiserver_current_inflight_requests{job="apiserver"}) > 400
    for: 5m
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetess apserver {{ $labels.instance }} worker queue accumulation"
      summary: "kubernetes apserver 待处理的请求数量 > {{$value}} "
  - alert: K8SApiserverQueueWite
    expr: histogram_quantile(0.99, sum(rate(workqueue_queue_duration_seconds_bucket{ job="apiserver"}[5m])) by (le)) > 1
    for: 5m
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetess apserver {{ $labels.instance }} worker queue wite"
      summary: "kubernetes apserver 工作队列中停留的时间延时较大 > {{$value}} "
  - alert: K8SApiserverWorkerAddCount
    expr: sum(rate(workqueue_adds_total{job="apiserver"}[5m])) > 100
    for: 5m
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetess apserver {{ $labels.instance }}"
      summary: "kubernetes apserver 工作队列处理的添加总数,可能有堆积请检查 > {{$value}} "

#ssl证书
groups:
- name: kubernetes.rules
  rules:
  - alert: K8s证书即将过期
    expr: sum by (job) (rate(apiserver_client_certificate_expiration_seconds_bucket{le="1296000"}[1m])) > 0
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: Kubernetes API Client Certificate is expiring soon (less than 15 days)
      summary: Kubernetes API Certificate Client 15 天后将过期

  - alert: K8sCertificateExpirationNotice
    expr: sum by (job) (rate(apiserver_client_certificate_expiration_seconds_bucket{le="604800"}[1m])) > 0
    labels:
      severity: P0
      cluster: prodidc
    annotations:
      description: Kubernetes API Certificate Client is expiring in less than 7 day
      summary: Kubernetes API Certificate Client 7 天后将过期

coredns

groups:
- name: coredns.rule
  rules:
  - alert: coredns-responses-P1
    expr:  histogram_quantile(0.99, sum(rate(coredns_dns_request_duration_seconds_bucket{job="kube-dns"}[5m])) by(server, zone, le)) > 3
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      current_value: "{{$value}}"
      description:  "{{ $labels.instance }}  Coredns has longer response time, response More than 3 seconds , please check !"
      summary: "{{ $labels.instance }} 警告! 响应时间较长 Coredns response delay 大于 3 秒 当前值为{{$value}}"
  - alert: coredns-responses-P2
    expr:  histogram_quantile(0.99, sum(rate(coredns_dns_request_duration_seconds_bucket{job="kube-dns"}[5m])) by(server, zone, le)) > 2.5
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: "{{$value}}"
      description:  "{{ $labels.instance }}  Coredns has longer response time, response More than 2.5 seconds , please check !"
      summary: "{{ $labels.instance }} 严重! 响应时间较长 Coredns response delay 大于 2.5 秒 当前值为{{$value}}"
  - alert: coredns-responses-P3
    expr:  histogram_quantile(0.99, sum(rate(coredns_dns_request_duration_seconds_bucket{job="kube-dns"}[5m])) by(server, zone, le)) > 1.5
    labels:
      severity: P3
      cluster: prodidc
    annotations:
      current_value: "{{$value}}"
      description:  "{{ $labels.instance }}  Coredns has longer response time, response More than 1.5 seconds , please check !"
      summary: "{{ $labels.instance }} 非常严重! 响应时间较长 Coredns response delay 大于 1.5 秒 当前值为{{$value}}"
  - alert: coredns abort
    expr:  coredns_panic_count_total > 0 
    labels:
      severity: P0
      cluster: prodidc
    annotations:
      current_value: "{{$value}}"
      description: "{{ $labels.instance }} Error Coredns process abnormal interrupt!!"
      summary: "毁灭性错误!{{ $labels.instance }} Coredns 进程异常中断!请检查!"
  - alert: Coredns Query per minute P3
    expr:  sum(irate(coredns_dns_request_count_total{zone !="dropped"}[1m]))  > 30000 #计算最近两个数据点每秒查询的次数
    labels:
      severity: P3
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: Counter of DNS requests made per zone, protocol and family.
      summary: "严重!{{ $labels.instance }} coredns 每分钟查询次数高于阀值25000.当前值为{{$value}}"
  - alert: Coredns Query per minute P2
    expr:  sum(irate(coredns_dns_request_count_total{zone !="dropped"}[1m]))  > 40000
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: Counter of DNS requests made per zone, protocol and family.
      summary: "严重!{{ $labels.instance }} coredns 每分钟查询次数高于阀值30000.当前值为{{$value}}"
  - alert: Coredns Query per minute P1
    expr:  sum(irate(coredns_dns_request_count_total{zone !="dropped"}[1m]))  > 50000
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: Counter of DNS requests made per zone, protocol and family.
      summary: "非常严重!{{ $labels.instance }} coredns 每分钟查询次数高于阀值50000.当前值为{{$value}}"
  - alert: Coredns SERVFAIL Count
    expr: irate(coredns_dns_response_rcode_count_total{rcode!="NOERROR"} [1m]) and irate(coredns_dns_response_rcode_count_total{rcode!="NXDOMAIN"} [1m]) > 10
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: The server failed, the authority server for this domain name refused to respond or REFUSE,
      summary: "警告!coredns 服务器处理请求失败超过10次,当前失败的处理次数{{$value}} 原因服务器拒绝响应或响应拒绝."
  - alert: Coredns Cache misses P3
    expr: irate(coredns_cache_misses_total  [1m]) > 10
    labels:
      severity: P3
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: DNS cache misses statistical
      summary: "警告!{{ $labels.instance }}  coredns 每分钟服务器缓存misses超过10.当前值为{{$value}}"
  - alert: Coredns Cache misses P2
    expr: irate(coredns_cache_misses_total  [1m]) > 30
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: DNS cache misses statistical
      summary: "严重!{{ $labels.instance }}  coredns 每分钟服务器缓存misses超过30.当前值为{{$value}}"
  - alert: Coredns Cache misses P1
    expr: irate(coredns_cache_misses_total  [1m]) > 80
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: DNS cache misses statistical
      summary: "非常严重!{{ $labels.instance }}  coredns 每分钟服务器缓存misses超过50.当前值为{{$value}}"
  - alert: Coredns Request Time P3
    expr: histogram_quantile(0.99,sum(rate(coredns_health_request_duration_seconds_bucket [1m]) ) by(server, zone, le)) > 0.05 #请求所用的时间
    labels:
      severity: P3
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      summary: "警告!实例 {{ $labels.instance }} 每一分钟请求dns 超过设置阀值0.05秒 当前值为{{$value}}"
  - alert: Coredns Request Time P2
    expr: histogram_quantile(0.99,sum(rate(coredns_health_request_duration_seconds_bucket [1m]) ) by(server, zone, le)) > 0.1
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      summary: "严重!实例 {{ $labels.instance }} 每一分钟请求dns 超过设置阀值0.1秒 当前值为{{$value}}"
  - alert: Coredns Request Time P1
    expr: histogram_quantile(0.99,sum(rate(coredns_health_request_duration_seconds_bucket [1m]) ) by(server, zone, le)) > 1
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      summary: "非常严重!实例 {{ $labels.instance }} 每一分钟请求dns 超过设置阀值1秒 当前值为{{$value}}"
  - alert: Coredns  The maximum number  open file P1
    expr: sum(rate(process_max_fds [1m]) ) > 2000000
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: 
      summary: "非常严重!实例 {{ $labels.instance }} 每一分钟打开文件数超过设置阀值200000 当前值为{{$value}}"
  - alert: Coredns  The maximum number  open file P2
    expr: sum(rate(process_max_fds [1m]) ) > 1500000
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: 
      summary: "严重!实例 {{ $labels.instance }} 每一分钟打开文件数超过设置阀值150000 当前值为{{$value}}"
  - alert: Coredns  The maximum number  open file P3
    expr: sum(rate(process_max_fds [1m]) ) > 1000000
    labels:
      severity: P3
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: 
      summary: "警告!实例 {{ $labels.instance }} 每一分钟打开文件数超过设置阀值100000 当前值为{{$value}}"

 etcd

groups:
- name: etcd.rule
  rules:
  - alert: etcdDown
    expr: up{job="etcd"} == 0
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: etcd {{ $labels.instance }} is down. {{ $labels.instance }} isn't reachable and continueed 1 minute.
      summary: etcd is down
  - alert: NoLeader
    expr: etcd_server_has_leader{job="etcd"} == 0
    labels:
      severity: P0
      cluster: prodidc
    annotations:
      description: etcd member {{ $labels.instance }} has no leader
      summary: etcd member has no leader
  - alert: HighNumberOfLeaderChanges
    expr: increase(etcd_server_leader_changes_seen_total{job="etcd"}[10m]) > 3
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      description: etcd instance {{ $labels.instance }} has seen {{ $value }} leader
        changes within the last hour
  - record: instance:fd_utilization
    expr: process_open_fds / process_max_fds
  - alert: FdExhaustionClose
    expr: predict_linear(instance:fd_utilization[1h], 3600 * 4) > 1
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: '{{ $labels.job }} instance {{ $labels.instance }} will exhaust
        its file descriptors soon'
      summary: file descriptors 预测4个小时内耗尽
  - alert: FdExhaustionClose
    expr: predict_linear(instance:fd_utilization[10m], 3600) > 1
    for: 5m
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      description: '{{ $labels.job }} instance {{ $labels.instance }} will exhaust
        its file descriptors soon'
      summary: file descriptors 预测1个小时内耗尽
  - alert: EtcdMemberCommunicationSlow
    expr: histogram_quantile(0.99, rate(etcd_network_peer_round_trip_time_seconds_bucket[5m]))
      > 0.15
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: etcd instance {{ $labels.instance }} member communication with
        {{ $labels.To }} is slow
      summary: etcd member communication is slow
  - alert: HighNumberOfFailedProposals
    expr: increase(etcd_server_proposals_failed_total{job="etcd"}[1h]) > 5
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: etcd instance {{ $labels.instance }} has seen {{ $value }} proposal
        failures within the last hour
      summary: etcd 集群大量的提案失败
  - alert: HighFsyncDurations
    expr: histogram_quantile(0.99, rate(etcd_disk_wal_fsync_duration_seconds_bucket[5m]))
      > 0.05
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: etcd instance {{ $labels.instance }} fync durations are high
      summary: etcd Wal(预写日志系统)调用的fsync提交的延迟高
  - alert: HighCommitDurations
    expr: histogram_quantile(0.99, rate(etcd_disk_backend_commit_duration_seconds_bucket[5m]))
      > 0.25
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: etcd instance {{ $labels.instance }} commit durations are high
      summary: etcd 磁盘后端提交持续时间长
  - alert: EtcdDiskPressure
    expr: sum(etcd_mvcc_db_total_size_in_bytes{job="etcd"}/1024/1024/1024) by (instance) > 200
    for: 60m
    labels:
      severity: P3
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "Etcd {{ $labels.instance }} Disk Pressuer"
      summary: "Etcd 数据占用系统盘200G,当前值:{{$value}} "

kube-controller-manager

groups:
- name: kube-controller-manager.rule
  rules:
  - alert: K8SControllerManagerDown
    expr: absent(up{job="kubernetes-controller-manager"} == 1)
    for: 1m
    labels:
      severity: P0
      cluster: prodidc
    annotations:
      description: There is no running K8S controller manager. Deployments and replication controllers are not making progress.
      summary: No kubernetes controller manager are reachable

  - alert: K8SControllerManagerDown
    expr: up{job="kubernetes-controller-manager"} == 0
    for: 1m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: kubernetes controller manager {{ $labels.instance }} is down. {{ $labels.instance }} isn't reachable
      summary: kubernetes controller manager is down

  - alert: K8SControllerManagerUserCPU
    expr: sum(rate(container_cpu_user_seconds_total{pod=~"kube-controller-manager.*",container_name!="POD"}[5m]))by(pod) > 5
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: kubernetes controller manager {{ $labels.instance }} is user cpu time > 5s. {{ $labels.instance }} isn't reachable
      summary: kubernetes controller 负载较高超过5s

  - alert: K8SControllerManagerUseMemory
    expr: sum(rate(container_memory_usage_bytes{pod=~"kube-controller-manager.*",container_name!="POD"}[5m])/1024/1024)by(pod) > 20
    for: 5m
    labels:
      severity: P3
      cluster: prodidc
    annotations:
      description: kubernetes controller manager {{ $labels.instance }} is use memory More than 20MB
      summary: kubernetes controller 使用内存超过20MB

  - alert: K8SControllerManagerQueueTimedelay
    expr: histogram_quantile(0.99, sum(rate(workqueue_queue_duration_seconds_bucket{job="kubernetes-controller-manager"}[5m])) by(le)) > 10
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: kubernetes controller manager {{ $labels.instance }} is QueueTimedelay More than 10s
      summary: kubernetes controller 队列停留时间超过10秒,请检查ControllerManager

kubelet

groups:
- name: kubelet.rule
  rules:
  - alert: K8SNodeNotReady
    expr: kube_node_status_condition{condition="Ready",status="true"} == 0
    for: 2m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      summary: "Node status is NotReady"
      description: "The Kubelet on {{ $labels.node }} has not checked in with the API, or has set itself to NotReady, for more than an hour"
  - alert: K8SManyNodesNotReady
    expr: count(kube_node_status_condition{condition="Ready",status="true"} == 0)
      > 1 and (count(kube_node_status_condition{condition="Ready",status="true"} ==
      0) / count(kube_node_status_condition{condition="Ready",status="true"})) > 0.2
    for: 5m
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      summary: "大量的node节点没有Ready"
      description: '{{ $value }}% of Kubernetes nodes are not ready'
  - alert: K8SKubeletDown
    expr: count(up{job="kubelet"} == 0) / count(up{job="kubelet"}) * 100 > 10
    for: 2m
    labels:
      severity: P3
      cluster: prodidc
    annotations:
      description: Prometheus failed to scrape {{ $value }}% of kubelets.
      summary: kubelet cannot be scraped
  - alert: K8SManyKubeletDown
    expr: (absent(up{job="kubelet"} == 1) or count(up{job="kubelet"} == 0) / count(up{job="kubelet"}))
      * 100 > 30
    for: 10m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: Prometheus failed to scrape {{ $value }}% of kubelets, or all Kubelets have disappeared from service discovery.
      summary: Many Kubelets cannot be scraped
  - alert: K8SKubeletTooManyPods
    expr: kubelet_running_pod_count > 50
    for: 10m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: Kubelet {{$labels.instance}} is running {{$value}} pods, close to the limit of 50
      summary: 单节点pod数大于50

kube-scheduler

groups:
- name: kube-scheduler.rule
  rules:
  - alert: K8SSchedulerDown
    expr: absent(up{job="kubernetes-scheduler"} == 1)
    for: 1m
    labels:
      severity: P0
      cluster: prodidc
    annotations:
      description: "There is no running K8S scheduler. New pods are not being assigned to nodes."
      summary: "all k8s scheduler is down"
  - alert: K8SSchedulerDown
    expr: up{job="kubernetes-scheduler"} == 0
    for: 1m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: "K8S scheduler {{ $labels.instance }} is no running. New pods are not being assigned to nodes."
      summary: "k8s scheduler {{ $labels.instance }} is down"
  - alert: K8SSchedulerUserCPU
    expr: sum(rate(container_cpu_user_seconds_total{pod=~"kube-scheduler.*",container_name!="POD"}[5m]))by(pod) > 1
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetes scheduler {{ $labels.instance }} is user cpu time > 1s. {{ $labels.instance }} isn't reachable"
      summary: "kubernetes scheduler 负载较高超过1s,当前值为{{$value}}"

  - alert: K8SSchedulerUseMemory
    expr: sum(rate(container_memory_usage_bytes{pod=~"kube-scheduler.*",container_name!="POD"}[5m])/1024/1024)by(pod) > 20
    for: 5m
    labels:
      severity: P3
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetess scheduler {{ $labels.instance }} is use memory More than 20MB"
      summary: "kubernetes scheduler 使用内存超过20MB,当前值为{{$value}}MB"

  - alert: K8SSchedulerPodPending
    expr: sum(scheduler_pending_pods{job="kubernetes-scheduler"})by(queue) > 5
    for: 5m
    labels:
      severity: P3
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: "kubernetess scheduler {{ $labels.instance }} is Pending pod More than 5"
      summary: "kubernetes scheduler pod无法调度 > 5,当前值为{{$value}}"

  - alert: K8SSchedulerPodPending
    expr: sum(scheduler_pending_pods{job="kubernetes-scheduler"})by(queue) > 10
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: kubernetess scheduler {{ $labels.instance }} is Pending pod More than 10
      summary: "kubernetes scheduler pod无法调度 > 10,当前值为{{$value}}"

  - alert: K8SSchedulerPodPending
    expr: sum(rate(scheduler_binding_duration_seconds_count{job="kubernetes-scheduler"}[5m])) > 1
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: kubernetess scheduler {{ $labels.instance }}
      summary: "kubernetes scheduler pod 无法绑定调度有问题,当前值为{{$value}}"

  - alert: K8SSchedulerVolumeSpeed
    expr: sum(rate(scheduler_volume_scheduling_duration_seconds_count{job="kubernetes-scheduler"}[5m])) > 1
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: kubernetess scheduler {{ $labels.instance }}
      summary: "kubernetes scheduler pod Volume 速度延迟,当前值为{{$value}}"

  - alert: K8SSchedulerClientRequestSlow
    expr: histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{job="kubernetes-scheduler"}[5m])) by (verb, url, le)) > 1
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      description: kubernetess scheduler {{ $labels.instance }}
      summary: "kubernetes scheduler 客户端请求速度延迟,当前值为{{$value}}"

kube-state-metrics

groups:
- name: kube-state-metrics.rules
  rules:
  - alert: DaemonSetNotReady
    expr: kube_daemonset_status_number_ready / kube_daemonset_status_desired_number_scheduled
      * 100 < 100
    for: 15m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: Only {{$value}}% of desired pods scheduled and ready for daemonset {{$labels.namespace}}/{{$labels.daemonset}}
      summary: DaemonSet pod status is not ready
  - alert: DaemonSetsNotScheduled
    expr: kube_daemonset_status_desired_number_scheduled - kube_daemonset_status_current_number_scheduled
      > 0
    for: 10m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: daemonsets {{$labels.namespace}}/{{$labels.daemonset}} is not scheduled.
      summary: Daemonsets are not scheduled correctly
  - alert: DaemonSetsMissScheduled
    expr: kube_daemonset_status_number_misscheduled > 0
    for: 2m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: A number of daemonsets are running where they are not supposed to run.
      summary: Daemonsets {{ $labels.daemonset }} are not scheduled correctly

node

groups:
- name: node.rules
  rules:
  - alert: NodeMemUseHigh
    expr: sum by (node)(node_memory_MemTotal_bytes - node_memory_MemAvailable_bytes) / sum by (node)(node_memory_MemTotal_bytes) > 0.9
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: "Node memory usage 高于90%"
      summary: "Node memory usage 高于90%"
  - alert: NodeUnschedulable
    expr: sum(kube_node_spec_unschedulable) > 0
    for: 5m
    labels:
      severity: P4
      cluster: prodidc
    annotations:
      description: a node is unschedulable for 5 minutes
      summary: Node is unschedulable
  - alert: NodeExporterDown
    expr: absent(up{job="prometheus-node-exporter"} == 1)
    for: 2m
    labels:
      severity: P3
      cluster: prodidc
    annotations:
      description: Prometheus could not scrape a node-exporter/{{$labels.node}} for more than 2m, or node-exporters have disappeared from discovery
      summary: Prometheus could not scrape a node-exporter

  - alert: NodeCpuUseHigh
    expr: 1-avg(irate(node_cpu_seconds_total{mode="idle"}[5m])) by (node) > 0.9
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: "node/{{$labels.node}} CPU使用率高于90%"
      summary: "node/{{$labels.node}} CPU使用率高于90%"

deployment

groups:
- name: Deployment.rule
  rules:
  - alert: ReplicasUnavailable
    expr: kube_deployment_status_replicas_unavailable > 0
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      summary: "Deployment replicas status unavailable"
      description: "Deployment {{ $labels.namespace }}/{{ $labels.deployment }} status is unavailable, have {{ $value }} pod is unavailable more than 15 minutes."
  - alert: DeploymentReplicasNotUpdated
    expr: ((kube_deployment_status_replicas_updated != kube_deployment_spec_replicas)
      or (kube_deployment_status_replicas_available != kube_deployment_spec_replicas))
      unless (kube_deployment_spec_paused == 1)
    for: 15m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      description: Replicas are not updated and available for deployment {{$labels.namespace}}/{{$labels.deployment}}
      summary: pod个数小于replicas预期值

ingress-nginx

groups:
- name: ingress-nginx.rule
  rules:
  - alert: ingressDown
    expr: kube_pod_status_ready{condition="true",pod=~"ingress.*-controller.*"} < 1
    for: 1m
    labels:
      severity: P0
      cluster: prodidc
    annotations:
      summary: "ingress nginx namespace:{{$labels.namespace}} podname:{{$labels.pod}} is Down"
      description: "ingress nginx namespace:{{$labels.namespace}} podname:{{$labels.pod}}, for more than an minute"

  - alert: ingressControllerConn
    expr: sum by (instance)(avg_over_time(nginx_ingress_controller_nginx_process_connections{}[2m])) > 100000 
    for: 5m
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      summary: "ingress nginx {{$labels.instance}} connection more than 100000"
      description: "ingress nginx {{$labels.instance}} connection more than 100000, for more than five minute"

  - alert: ingressMemUseage
    expr: sum(container_memory_working_set_bytes{pod=~"ingress-.*",container!~"|filebeat|POD"} ) by (namespace,pod,service) / sum(container_spec_memory_limit_bytes{pod=~"ingress-.*",container!~"|filebeat|POD",namespace!=""}) by (namespace,pod,service) * 100 > 90  and (sum(container_memory_working_set_bytes) by (namespace,pod,service)/sum(container_spec_memory_limit_bytes) by (namespace,pod,service)) != Inf
    for: 2m
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      summary: "ingress controller {{$labels.instance}} memory useage moth than 90%"
      description: "ingress controller {{$labels.instance}} memory useage moth than 90%, for more than five minute"

  - alert: ingressCpuUseage
    expr: sum(rate(container_cpu_usage_seconds_total{pod=~"ingress-.*",image!=""}[1m])) by (pod, namespace,service) / (sum(container_spec_cpu_quota{pod=~"ingress-.*",image!=""}/100000) by (pod, namespace,service)) * 100  > 90 and  sum by (pod,namespace,service)( rate(container_cpu_usage_seconds_total{image!="", namespace!=""}[1m] ) ) * 100  != Inf
    for: 2m
    labels:
      severity: P1
      cluster: prodidc
    annotations:
      summary: "ingress controller {{$labels.instance}} memory useage moth than 90%"
      description: "ingress controller {{$labels.instance}} memory useage moth than 90%, for more than five minute"

  - alert: controllerSSLtime
    expr: nginx_ingress_controller_ssl_expire_time_seconds < (time() + (20 * 24 * 3600))
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      summary: "ingress ssl证书有效期小于20天"
      description: "ingress controller ssl time less than 20 day"

pod

groups:
- name: Pods.rule
  rules:
  - alert: PodHighCPUUsage
    expr: sum(rate(container_cpu_usage_seconds_total{image!=""}[1m])) by (pod, namespace,service) / (sum(container_spec_cpu_quota{image!=""}/100000) by (pod, namespace,service)) * 100  > 95 and  sum by (pod,namespace,service)( rate(container_cpu_usage_seconds_total{image!="", namespace!=""}[1m] ) ) * 100  != Inf
    for: 5m
    labels:
      severity: P2
      cluster: prodidc
    annotations:
      current_value: '{{$value}}'
      summary:  "Pod cpu Usage 高于95%"
      description: "{{ $labels.namespace }}.{{ $labels.pod  }} cpu usage is high above 95%  for more than 5 minute."

  - alert: PodRssMemHigh
    expr: sum by(namespace, pod) (container_memory_rss{container!~"|filebeat|POD",namespace!="",pod!=""}) / sum by(namespace, pod) (container_spec_memory_limit_bytes{container!~"|filebeat|POD",namespace!="",pod!=""}) * 100 > 95 and (sum by(namespace, pod) (container_memory_rss) / sum by(namespace, pod) (container_spec_memory_limit_bytes)) != +Inf
    for: 10m
    labels:
      cluster: prodidc
      severity: P2
    annotations:
      description: "Pod ({{$labels.namespace}}/{{$labels.pod}}) Rss memory 高于95%,请检查合理性"
      summary: "Pod ({{$labels.namespace}}/{{$labels.pod}}) Rss memory 高于95%,请检查合理性"

  - alert: PodNotReady
    expr: sum(kube_pod_status_ready{condition='true',pod!~".*-pt-.*"} != 1) by (namespace,pod)
    for: 3m
    labels:
      severity: P0
      cluster: prodidc
    annotations:
      summary: "Pod ({{$labels.namespace}}/{{$labels.pod}}) is NotReady"
      description: "服务({{$labels.namespace}}/{{$labels.pod}})异常,请尽快检查"

你可能感兴趣的:(kubernetes,1024程序员节,监控告警,kubernetes,rules)

  • react-intl——react国际化使用方案 苹果酱0567 面试题汇总与解析java开发语言中间件springboot后端
    国际化介绍i18n:internationalization国家化简称,首字母+首尾字母间隔的字母个数+尾字母,类似的还有k8s(Kubernetes)React-intl是React中最受欢迎的库。使用步骤安装#usenpmnpminstallreact-intl-D#useyarn项目入口文件配置//index.tsximportReactfrom"react";importReactDOMf
  • Python实现关联规则推荐 这孩子谁懂哈 PythonMachineLearningpython关联规则机器学习
    1.什么关联规则关联规则(AssociationRules)是反映一个事物与其他事物之间的相互依存性和关联性,如果两个或多个事物之间存在一定的关联关系,那么,其中一个事物就能通过其他事物预测到。关联规则是数据挖掘的一个重要技术,用于从大量数据中挖掘出有价值的数据项之间的相关关系。关联规则挖掘的最经典的例子就是沃尔玛的啤酒与尿布的故事,通过对超市购物篮数据进行分析,即顾客放入购物篮中不同商品之间的关
  • Kubernetes数据持久化 看清所苡看轻 kubernetes(k8s)emptyDirHostPathpvpvckubernetes
    在k8s中,Volume(数据卷)存在明确的生命周期(与包含该数据卷的容器组(pod)相同)。因此Volume的生命周期比同一容器组(pod)中任意容器的生命周期要更长,不管容器重启了多少次,数据都被保留下来。当然,如果pod不存在了,数据卷自然退出了。此时,根据pod所使用的数据卷类型不同,数据可能随着数据卷的退出而删除,也可能被真正持久化,并在下次容器组重启时仍然可以使用。从根本上来说,一个数
  • Kubernetes部署MySQL数据持久化 沫殇-MS KubernetesMySQL数据库kubernetesmysql容器
    一、安装配置NFS服务端1、安装nfs-kernel-server:sudoapt-yinstallnfs-kernel-server2、服务端创建共享目录#列出所有可用块设备的信息lsblk#格式化磁盘sudomkfs-text4/dev/sdb#创建一个目录:sudomkdir-p/data/nfs/mysql#更改目录权限:sudochown-Rnobody:nogroup/data/nfs
  • Kubernetes的3种数据持久化方式 Seal^_^ 【云原生】容器化与编排技术持续集成#Kuberneteskubernetes容器云原生EmptyDir面试HostPath
    Kubernetes的3种数据持久化方式1.EmptyDir2.HostPath3.PersistentVolume(PV)TheBegin点点关注,收藏不迷路Kubernetes提供了几种数据持久化方式,以满足不同场景的需求:1.EmptyDir用途:临时数据存储,Pod内容器间共享。特点:生命周期与Pod相同,Pod删除时数据也删除。2.HostPath用途:访问宿主机特定文件或目录。特点:增
  • 【Kubernetes】常见面试题汇总(十一) summer.335 Kuberneteskubernetes容器云原生
    目录33.简述Kubernetes外部如何访问集群内的服务?34.简述Kubernetesingress?35.简述Kubernetes镜像的下载策略?33.简述Kubernetes外部如何访问集群内的服务?(1)对于Kubernetes,集群外的客户端默认情况,无法通过Pod的IP地址或者Service的虚拟IP地址:虚拟端口号进行访问。(2)通常可以通过以下方式进行访问Kubernetes集群
  • k8s中Service暴露的种类以及用法 听说唐僧不吃肉 K8Skubernetes容器云原生
    一、说明在Kubernetes中,有几种不同的方式可以将服务(Service)暴露给外部流量。这些方式通过定义服务的spec.type字段来确定。二、详解1.ClusterIP定义:默认类型,服务只能在集群内部访问。作用:通过集群内部IP地址暴露服务。示例:spec:type:ClusterIPports:-port:80targetPo
  • PCIe进阶之TL:Memory, I/O, and Configuration Request Rules & TPH Rules 芯芯之火,可以燎原 PCIe进阶PCIe进阶硬件工程信息与通信
    1Memory,I/O,andConfigurationRequestRules下述规则适用于Memory请求、IO请求和配置请求。除了公共的header字段外,所有Memory请求、IO请求和配置请求还包括以下字段:(1)RequesterID[15:0]和Tag[9:0],组成了TransactionID。(2)LastDWBE[3:0]和1stDWBE[3:0]字段。对于TH字段置1的Mem
  • Kubernetes 自定义控制器开发 IT回忆录 Kubeneteskubernetes
    目录前言一、CRD二、创建数据库表(Mysql)二、控制器开发1.使用kubernetes的examplecontroller模板2.在controller.go中新增数据表监听方法3.修改tools工具生成资源对象结构体定义这里记录开发k8s控制器的一般方式,controller开发主要使用k8s提供的client-go库进行。前言Controller监听集群内部资源对象的变化,编辑资源对象(增
  • 用kubedam搭建的k8s证书过期处理方法 我滴鬼鬼呀wks k8s1024程序员节
    kubeadm部署的k8s证书过期1、查看证书过期时间kubeadmalphacertscheck-expiration若证书已经过期无法试用kubectl命令建议修改服务器时间到未过期的时间段2、配置kube-controller-manager.yaml文件cat/etc/kubernetes/manifests/kube-controller-manager.yamlapiVersion:v
  • k8s证书过期问题处理 olina_qin kubernetes容器云原生
    k8s证书过期问题处理opensslx509-in/etc/kubernetes/pki/apiserver.crt-noout-dateskubeadmcertsrenewallsystemctlrestartkubeleopensslx509-in/etc/kubernetes/pki/apiserver.crt-noout-text|grep"NotAfter"cp/etc/kubernet
  • Kubernetes Ingress 控制器(Nginx)安装与使用教程 农优影
    KubernetesIngress控制器(Nginx)安装与使用教程kubernetes-ingressNGINXandNGINXPlusIngressControllersforKubernetes项目地址:https://gitcode.com/gh_mirrors/ku/kubernetes-ingress1.项目目录结构及介绍在nginxinc/kubernetes-ingress仓库中,
  • 【K8s】专题十一:Kubernetes 集群证书过期处理方法 行者Sun1989 Kuberneteskubernetes云原生容器
    本文内容均来自个人笔记并重新梳理,如有错误欢迎指正!如果对您有帮助,烦请点赞、关注、转发、订阅专栏!专栏订阅入口Linux专栏|Docker专栏|Kubernetes专栏往期精彩文章【Docker】(全网首发)KylinV10下MySQL容器内存占用异常的解决方法【Docker】(全网首发)KylinV10下MySQL容器内存占用异常的解决方法(续)【Docker】MySQL源码构建Docker镜
  • 好看的vue登录页面(附 源代码 背景图) 小小薛定谔 vue.jsjavascriptcss前端
    一、效果展示二、代码你好!欢迎回来登录忘记密码?注册exportdefault{name:"MedLogin",data(){return{confirm_disabled:false,loginForm:{no:'',password:''},rules:{no:[{required:true,message:'请输入账号',trigger:'blur'},{min:3,max:6,messag
  • Docker学习十一:Kubernetes概述 爱打羽球的程序猿 Docker学习系列dockerkubernetes学习
    一、Kubernetes简介2006年,Google提出了云计算的概念,当时的云计算领域还是以虚拟机为代表的云平台。2013年,Docker横空出世,Docker提出了镜像、仓库等核心概念,规范了服务的交付标准,使得复杂服务的落地变得更加简单,之后Docker又定义了OCI标准,Docker在容器领域称为事实的标准。但是,Docker诞生只是帮助定义了开发和交付标准,如果想要在生产环境中大批量的使
  • Cloud Native Weekly | 华为云抢先发布Redis5.0,红帽宣布收购混合云提供商 weixin_34302561 数据库devops大数据
    1——华为云抢先发布Redis5.02——DigitalOceanK8s服务正式上线3——红帽宣布收购混合云提供商NooBaa4——微软发布多项AzureKubernetes服务更新1华为云抢先发布Redis5.012月17日,华为云在DCS2.0的基础上,快人一步,抢先推出了新的Redis5.0产品,这是一个崭新的突破。目前国内在缓存领域的发展普遍停留在Redis4.0阶段,华为云率先发布了Re
  • PCIe进阶之TL:Common Packet Header Fields & TLPs with Data Payloads Rules 芯芯之火,可以燎原 PCIe进阶PCIe进阶硬件工程信息与通信
    1TransactionLayerProtocol-PacketDefinitionTLP有四种事务类型:Memory、I/O、Configuration和Messages,两种地址格式:32bit和64bit。构成TLP时,所有标记为Reserved的字段(有时缩写为R)都必须全为0。接收者Rx必须忽略此字段中的值,PCIeSwitch必须对其进行原封不动的转发。请注意,对于某些字段,既有指定值
  • (k8s)Kubernetes 从0到1容器编排之旅 道不贱卖,法不轻传 kubernetskubernetes容器云原生
    一、引言在当今数字化的浪潮中,Kubernetes如同一艘强大的航船,引领着容器化应用的部署与管理。它以其卓越的灵活性、可扩展性和可靠性,成为众多企业和开发者的首选。然而,要真正发挥Kubernetes的强大威力,仅仅掌握基本操作是远远不够的。本文将带你深入探索Kubernetes使用过程中的奇技妙法,为你开启一段优雅的容器编排之旅。二、高级资源管理之精妙艺术1.资源配额与限制:雕琢资源之美•Ku
  • 【监控告警】02-Promtheus的学习之路 Kearey. 监控告警微服务网关学习方法
    prometheus采用的是拉模式为主,推模式为辅的方式采集数据。Prometheus作为一个指标系统天生就不是精确的——由于指标本身就是稀疏采样的,事实上所有的图表和警报都是”估算”,我们也就不必太纠结于图表和警报的对应性,能够帮助我们发现问题解决问题就是一个好监控系统。当然,有时候我们也得证明这个警报确实没问题,那可以看一眼`ALERTS`指标。`ALERTS`是Prometheus在警报计算
  • 【K8S】kubernetes集群架构与组件 奇奇怪怪^ LinuxIT运维服务器linux
    文章目录【K8S】kubernetes集群架构与组件kubernetes组件**master组件**node组件整体流程POD终止过程【K8S】kubernetes集群架构与组件kubernetes组件K8S是属于主从设备模型(Master-slave架构),即有Master节点负责集群的调度、管理和运维,Slave节点是集群中的运算工作负载节点在K8S中,主节点一般被称为Master节点,而从节
  • K8S学习笔记02——K8S组件 沉淅尘 #Docker#K8Skubernetes
    Kubernetes组件一、控制平面组件(ControlPlaneComponents)(1)kube-apiserver(2)etcd(3)kube-scheduler(4)kube-controller-manager(5)cloud-controller-manager二、Node组件1.kubelet2.kube-proxy3.容器运行时(ContainerRuntime)三、插件(Add
  • Kubernetes——组件 窒息う Kuberneteskubernetes容器
    文章目录K8S的优势核心架构角色与功能集群图例K8S的优势能管理大量跨主机容器快速部署应用快速扩展应用无缝对接新的应用节省资源,优化硬件资源的使用核心架构master(管理节点)node(计算节点)images(镜像节点)角色与功能Master功能提供集群的控制对集群进行全局决策检测和响应集群事件Master节点核心组件APIServer是整个系统的对外接口,提供客户端和其他组件调用后端元数据存储
  • Kubernetes组件 汉只只 网络docker大数据分布式hadoop
    Kubernetes核心组件Kubernetes定义了一组构建块,它们可以共同提供部署、维护和扩展应用程序的机制。组成Kubernetes的组件设计为松耦合和可扩展的,这样可以满足多种不同的工作负载。可扩展性在很大程度上由KubernetesAPI提供——它被作为扩展的内部组件以及Kubernetes上运行的容器等使用。Kubernetes主要由以下几个核心组件组成:etcd保存了整个集群的状态;
  • 【Linux 从基础到进阶】Kubernetes 集群搭建与管理 爱技术的小伙子 Linux从基础到进阶linuxkubernetes运维
    Kubernetes集群搭建与管理Kubernetes(简称K8s)是一个用于自动化部署、扩展和管理容器化应用程序的开源平台。它提供了容器编排功能,能够管理大量的容器实例,并支持应用的自动扩展、高可用性和自愈能力。本文将详细介绍如何在CentOS和Ubuntu系统上安装和配置Kubernetes集群,并讲解Kubernetes的基本概念和管理操作。1.Kubernetes基础概念在了解如何搭建Ku
  • 【Kubernetes】常见面试题汇总(十三) summer.335 Kuberneteskubernetes容器云原生
    目录39.简述KubernetesScheduler使用哪两种算法将Pod绑定到worker节点?40.简述Kuberneteskubelet的作用?41.简述Kuberneteskubelet监控Worker节点资源是使用什么组件来实现的?39.简述KubernetesScheduler使用哪两种算法将Pod绑定到worker节点?KubernetesScheduler根据如下两种调度算法将Po
  • 服务器运维小技巧(二)——如何进行监控告警 baiolkdnhjaio 网络安全
    服务器运维难度高的原因,很大程度是因为服务器一旦出现问题,生产环境的业务就会受到严重影响,极有可能带来难以承担的后果。因此这份工作要求工程师保持高要求的服务质量,能够快速响应问题,及时解决问题。但是“及时”的这一点很难做到,需要通过优化工作流程、建立预警系统,搭建自动化等行为快速响应。今天主要介绍如何通过服务器运维工具搭建监控预警的手段来辅助缩短响应时间。首先打开牧云主机管理助手,进入系统设置界面
  • Ansible自动化部署kubernetes集群 theo.wu kubernetesansible自动化
    机器环境介绍1.1.机器信息介绍IPhostnameapplicationCPUMemory192.168.204.129k8s-master01etcd,kube-apiserver,kube-controller-manager,kube-scheduler,kubelet,kube-proxy,containerd2C4G192.168.204.130k8s-worker01etcd,kub
  • 一张图详解开源监控夜莺(Nightingale)的架构 夜莺开源监控 开源架构夜莺监控Nightingale开源夜莺
    夜莺监控是一款开源云原生观测分析工具,采用All-in-One的设计理念,集数据采集、可视化、监控告警、数据分析于一体,与云原生生态紧密集成,提供开箱即用的企业级监控分析和告警能力。夜莺于2020年3月20日,在github上发布v1版本,已累计迭代100多个版本。夜莺最初由滴滴开发和开源,并于2022年5月11日,捐赠予中国计算机学会开源发展委员会(CCFODC),为CCFODC成立后接受捐赠的
  • K8S - Emptydir - 取代ELK 使用fluentd 构建logging saidcar nvd11 K8Skubernetes
    由于k8s的无状态service通常部署在多个POD中,实现多实例面向高并发。但是k8s本身并没有提供集中查询多个pod的日志的功能其中1个常见方案就是ELK.本文的方案是利用fluentdsidecar和emptydir把多个pod的日志导向到bigquery的table中。Emptydir的简介Kubernetes中的EmptyDir是一种用于容器之间共享临时存储的空目录卷类型。EmptyDi
  • kubernetes里面那些事————控制器 背锅攻城师 kuberneteskubernetes容器云原生
    资源-控制器一,控制器作用二,控制器类型2.1,Deployment:无状态应用部署2.2,DaemonSet:确保所有Node运行同一个pod2.3,StatefulSet:有状态应用部署2.4,Job:一次性任务2.5,CronJob:定时任务2.6,pod2.7,service2.8,replicaset2.9,endpoints三,控制器yaml应用3.1,Deployment3.2,Da
  • java短路运算符和逻辑运算符的区别 3213213333332132 java基础
    /* * 逻辑运算符——不论是什么条件都要执行左右两边代码 * 短路运算符——我认为在底层就是利用物理电路的“并联”和“串联”实现的 * 原理很简单,并联电路代表短路或(||),串联电路代表短路与(&&)。 * * 并联电路两个开关只要有一个开关闭合,电路就会通。 * 类似于短路或(||),只要有其中一个为true(开关闭合)是
  • Java异常那些不得不说的事 白糖_ javaexception
    一、在finally块中做数据回收操作 比如数据库连接都是很宝贵的,所以最好在finally中关闭连接。 JDBCAgent jdbc = new JDBCAgent(); try{ jdbc.excute("select * from ctp_log"); }catch(SQLException e){ ... }finally{ jdbc.close();
  • utf-8与utf-8(无BOM)的区别 dcj3sjt126com PHP
    BOM——Byte Order Mark,就是字节序标记   在UCS 编码中有一个叫做"ZERO WIDTH NO-BREAK SPACE"的字符,它的编码是FEFF。而FFFE在UCS中是不存在的字符,所以不应该出现在实际传输中。UCS规范建议我们在传输字节流前,先传输 字符"ZERO WIDTH NO-BREAK SPACE"。这样如
  • JAVA Annotation之定义篇 周凡杨 java注解annotation入门注释
        Annotation: 译为注释或注解 An annotation, in the Java computer programming language, is a form of syntactic metadata that can be added to Java source code. Classes, methods, variables, pa
  • tomcat的多域名、虚拟主机配置 g21121 tomcat
    众所周知apache可以配置多域名和虚拟主机,而且配置起来比较简单,但是项目用到的是tomcat,配来配去总是不成功。查了些资料才总算可以,下面就跟大家分享下经验。 很多朋友搜索的内容基本是告诉我们这么配置: 在Engine标签下增面积Host标签,如下: <Host name="www.site1.com" appBase="webapps"
  • Linux SSH 错误解析(Capistrano 的cap 访问错误 Permission ) 510888780 linuxcapistrano
    1.ssh -v [email protected] 出现 Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). 错误 运行状况如下: OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013 debug1: Reading configuratio
  • log4j的用法 Harry642 javalog4j
    一、前言:     log4j 是一个开放源码项目,是广泛使用的以Java编写的日志记录包。由于log4j出色的表现,     当时在log4j完成时,log4j开发组织曾建议sun在jdk1.4中用log4j取代jdk1.4 的日志工具类,但当时jdk1.4已接近完成,所以sun拒绝使用log4j,当在java开发中
  • mysql、sqlserver、oracle分页,java分页统一接口实现 aijuans oraclejave
    定义:pageStart 起始页,pageEnd 终止页,pageSize页面容量 oracle分页:     select * from ( select mytable.*,rownum num from (实际传的SQL) where rownum<=pageEnd) where num>=pageStart sqlServer分页:  
  • Hessian 简单例子 antlove javaWebservicehessian
    hello.hessian.MyCar.java package hessian.pojo; import java.io.Serializable; public class MyCar implements Serializable { private static final long serialVersionUID = 473690540190845543
  • 数据库对象的同义词和序列 百合不是茶 sql序列同义词ORACLE权限
    回顾简单的数据库权限等命令; 解锁用户和锁定用户 alter user scott account lock/unlock; //system下查看系统中的用户 select * dba_users; //创建用户名和密码 create user wj identified by wj; identified by //授予连接权和建表权 grant connect to
  • 使用Powermock和mockito测试静态方法 bijian1013 持续集成单元测试mockitoPowermock
            实例: package com.bijian.study; import static org.junit.Assert.assertEquals; import java.io.IOException; import org.junit.Before; import org.junit.Test; import or
  • 精通Oracle10编程SQL(6)访问ORACLE bijian1013 oracle数据库plsql
    /* *访问ORACLE */ --检索单行数据 --使用标量变量接收数据 DECLARE v_ename emp.ename%TYPE; v_sal emp.sal%TYPE; BEGIN select ename,sal into v_ename,v_sal from emp where empno=&no; dbms_output.pu
  • 【Nginx四】Nginx作为HTTP负载均衡服务器 bit1129 nginx
     Nginx的另一个常用的功能是作为负载均衡服务器。一个典型的web应用系统,通过负载均衡服务器,可以使得应用有多台后端服务器来响应客户端的请求。一个应用配置多台后端服务器,可以带来很多好处:   负载均衡的好处 增加可用资源 增加吞吐量 加快响应速度,降低延时 出错的重试验机制 Nginx主要支持三种均衡算法: round-robin l
  • jquery-validation备忘 白糖_ jquerycssF#Firebug
    留点学习jquery validation总结的代码:   function checkForm(){ validator = $("#commentForm").validate({// #formId为需要进行验证的表单ID errorElement :"span",// 使用"div"标签标记错误, 默认:&
  • solr限制admin界面访问(端口限制和http授权限制) ronin47 限定Ip访问
    solr的管理界面可以帮助我们做很多事情,但是把solr程序放到公网之后就要限制对admin的访问了。 可以通过tomcat的http基本授权来做限制,也可以通过iptables防火墙来限制。 我们先看如何通过tomcat配置http授权限制。 第一步: 在tomcat的conf/tomcat-users.xml文件中添加管理用户,比如: <userusername="ad
  • 多线程-用JAVA写一个多线程程序,写四个线程,其中二个对一个变量加1,另外二个对一个变量减1 bylijinnan java多线程
    public class IncDecThread { private int j=10; /* * 题目:用JAVA写一个多线程程序,写四个线程,其中二个对一个变量加1,另外二个对一个变量减1 * 两个问题: * 1、线程同步--synchronized * 2、线程之间如何共享同一个j变量--内部类 */ public static
  • 买房历程 cfyme
        2015-06-21: 万科未来城,看房子   2015-06-26: 办理贷款手续,贷款73万,贷款利率5.65=5.3675   2015-06-27: 房子首付,签完合同   2015-06-28,央行宣布降息 0.25,就2天的时间差啊,没赶上。   首付,老婆找他的小姐妹接了5万,另外几个朋友借了1-
  • [军事与科技]制造大型太空战舰的前奏 comsci 制造
           天气热了........空调和电扇要准备好..........        最近,世界形势日趋复杂化,战争的阴影开始覆盖全世界..........        所以,我们不得不关
  • dateformat dai_lm DateFormat
    "Symbol Meaning Presentation Ex." "------ ------- ------------ ----" "G era designator (Text) AD" "y year
  • Hadoop如何实现关联计算 datamachine mapreducehadoop关联计算
        选择Hadoop,低成本和高扩展性是主要原因,但但它的开发效率实在无法让人满意。     以关联计算为例。     假设:HDFS上有2个文件,分别是客户信息和订单信息,customerID是它们之间的关联字段。如何进行关联计算,以便将客户名称添加到订单列表中?   &nbs
  • 用户模型中修改用户信息时,密码是如何处理的 dcj3sjt126com yii
    当我添加或修改用户记录的时候对于处理确认密码我遇到了一些麻烦,所有我想分享一下我是怎么处理的。 场景是使用的基本的那些(系统自带),你需要有一个数据表(user)并且表中有一个密码字段(password),它使用 sha1、md5或其他加密方式加密用户密码。 面是它的工作流程: 当创建用户的时候密码需要加密并且保存,但当修改用户记录时如果使用同样的场景我们最终就会把用户加密过的密码再次加密,这
  • 中文 iOS/Mac 开发博客列表 dcj3sjt126com Blog
      本博客列表会不断更新维护,如果有推荐的博客,请到此处提交博客信息。 本博客列表涉及的文章内容支持 定制化Google搜索,特别感谢 JeOam 提供并帮助更新。 本博客列表也提供同步更新的OPML文件(下载OPML文件),可供导入到例如feedly等第三方定阅工具中,特别感谢 lcepy 提供自动转换脚本。这里有导入教程。
  • js去除空格,去除左右两端的空格 蕃薯耀 去除左右两端的空格js去掉所有空格js去除空格
    js去除空格,去除左右两端的空格 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>&g
  • SpringMVC4零配置--web.xml hanqunfeng springmvc4
    servlet3.0+规范后,允许servlet,filter,listener不必声明在web.xml中,而是以硬编码的方式存在,实现容器的零配置。 ServletContainerInitializer:启动容器时负责加载相关配置 package javax.servlet; import java.util.Set; public interface ServletContainer
  • 《开源框架那些事儿21》:巧借力与借巧力 j2eetop 框架UI
    同样做前端UI,为什么有人花了一点力气,就可以做好?而有的人费尽全力,仍然错误百出?我们可以先看看几个故事。 故事1:巧借力,乌鸦也可以吃核桃 有一个盛产核桃的村子,每年秋末冬初,成群的乌鸦总会来到这里,到果园里捡拾那些被果农们遗落的核桃。 核桃仁虽然美味,但是外壳那么坚硬,乌鸦怎么才能吃到呢?原来乌鸦先把核桃叼起,然后飞到高高的树枝上,再将核桃摔下去,核桃落到坚硬的地面上,被撞破了,于是,
  • JQuery EasyUI 验证扩展 可怜的猫 jqueryeasyui验证
      最近项目中用到了前端框架-- EasyUI,在做校验的时候会涉及到很多需要自定义的内容,现把常用的验证方式总结出来,留待后用。   以下内容只需要在公用js中添加即可。   使用类似于如下: <input class="easyui-textbox" name="mobile" id="mobile&
  • 架构师之httpurlconnection----------读取和发送(流读取效率通用类) nannan408
    1.前言.    如题. 2.代码. /* * Copyright (c) 2015, S.F. Express Inc. All rights reserved. */ package com.test.test.test.send; import java.io.IOException; import java.io.InputStream
  • Jquery性能优化 r361251 JavaScriptjquery
    一、注意定义jQuery变量的时候添加var关键字 这个不仅仅是jQuery,所有javascript开发过程中,都需要注意,请一定不要定义成如下: $loading = $('#loading'); //这个是全局定义,不知道哪里位置倒霉引用了相同的变量名,就会郁闷至死的 二、请使用一个var来定义变量 如果你使用多个变量的话,请如下方式定义: . 代码如下: var page
  • 在eclipse项目中使用maven管理依赖 tjj006 eclipsemaven
    概览: 如何导入maven项目至eclipse中 建立自有Maven  Java类库服务器 建立符合maven代码库标准的自定义类库 Maven在管理Java类库方面有巨大的优势,像白衣所说就是非常“环保”。 我们平时用IDE开发都是把所需要的类库一股脑的全丢到项目目录下,然后全部添加到ide的构建路径中,如果用了SVN/CVS,这样会很容易就 把
  • 中国天气网省市级联页面 x125858805 级联
    1、页面及级联js <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> &l
按字母分类: ABCDEFGHIJKLMNOPQRSTUVWXYZ其他