「Kubernetes 系列」 Prometheus Operator 定製指南

2020-08-30 極客24h

前置要求

  • Kubernetes版本:1.16
  • Kube-Prometheus版本:release-0.4
  • 編譯工具:jb、jsontoyaml、jsonnet

Kube-Prometheus簡介

Git地址:https://github.com/coreos/kube-prometheus.git

Prometheus 在K8S 中部署主要通過Coreos 所開發的Prometheus Operator 方式部署的,Operator也是Coreos開發的用於擴展K8S API的,具體會單獨一章細講。這裡我們針對Prometheus監控感受下它。

包含組件:

  • The Prometheus Operator
  • 高可用Prometheus
  • 高可用 Alertmanager
  • Prometheus node-exporter
  • Prometheus Adapter for Kubernetes Metrics APIs
  • kube-state-metrics
  • Grafana

格式:倉庫代碼格式都是jsonnet格式的文件,方便我們高效定製開發,但是相應的也需要一些學習門檻。

工具安裝

go get github.com/brancz/gojsontoyaml

go get github.com/jsonnet-bundler/jsonnet-bundler/cmd/jb (更新jb)

jb update (更新kube-prometheus)

部署

git clone jsonnet

定製編譯入口

Prometheus 和 Grafana 都不提供靜態的Configmap 配置文件方式。

默認會有一個基礎版的example.jsonnet,這裡面定義了我們所需組件的一些變量和配置等。同樣在examples目錄中有一些特殊定製的案例:

這裡我們會修改這個example.jsonnet文件加入一些生產環境所需配置:

  • Prometheus持久化存儲(prometheus-data:10G)
  • Grafana 增加配置(GF_AUTH_GENERIC_OAUTH_ENABLED&39;true&39;ksonnet/ksonnet.beta.4/k.libsonnet&34;persistentVolumeClaim:: {&persistentvolumeclaim-v1-core (defines variable named &39; of type &39;)

    local env = k.apps.v1.deployment.mixin.spec.template.spec.containersType.envType;

    local kp =

    (import &39;) +

    (import &39;) +

    (import &39;) +

    // Uncomment the following imports to enable its patches

    // (import &39;) +

    // (import &39;) +

    // (import &39;) +

    // (import &39;) +

    // (import &39;) +

    {

    _config+:: {

    namespace: &39;,

    versions+:: {

    grafana: &39;,

    },

    grafana+:: {

    plugins+: [&39;],

    env+: [

    env.new(&39;, &39;),

    ],

    },

    },

    prometheus+:: {

    prometheus+: {

    spec+: { // https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md39;t specified for &39;, then by default the &39; arg will be passed to prometheus by prometheus-operator.

    // The possible values for a prometheus <duration> are:

    // * https://github.com/prometheus/common/blob/c7de230/model/time.go34;^([0-9]+)(y|w|d|h|m|s|ms)$&39;30d&39;storage.volumeClaimTemplate&39;t created), prometheus will be created with an EmptyDir for the &39; volume (for the prom tsdb).

    // This &39; causes the following to be automatically created (via dynamic provisioning) for each prometheus pod:

    // * PersistentVolumeClaim (and a corresponding PersistentVolume)

    // * the actual volume (per the StorageClassName specified below)

    storage: { // https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md39;pvc&core.v1.persistentVolumeClaim.new

    pvc.mixin.spec.withAccessModes(&39;) +

    // https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/39;requests&storage-resource-quota (defines &39;)

    pvc.mixin.spec.resources.withRequests({ storage: &39; }) +

    // A StorageClass of the following name (which can be seen via `kubectl get storageclass` from a node in the given K8s cluster) must exist prior to kube-prometheus being deployed.

    pvc.mixin.spec.withStorageClassName(&39;),

    // The following &39; is only needed if you&manual-storage-provisioning).

    // And note that this is not supported/allowed by AWS - uncommenting the following &39; line (when deploying kube-prometheus to a K8s cluster in AWS) will cause the pvc to be stuck in the Pending status and have the following error:

    // * &34;ssd&39;

    //pvc.mixin.spec.selector.withMatchLabels({}),

    }, // storage

    }, // spec

    }, // prometheus

    }, // prometheus

    };

    { [&39; + name]: kp.kubePrometheus[name] for name in std.objectFields(kp.kubePrometheus) } +

    {

    [&39; + name]: kp.prometheusOperator[name]

    for name in std.filter((function(name) name != &39;), std.objectFields(kp.prometheusOperator))

    } +

    // serviceMonitor is separated so that it can be created after the CRDs are ready

    { &39;: kp.prometheusOperator.serviceMonitor } +

    { [&39; + name]: kp.nodeExporter[name] for name in std.objectFields(kp.nodeExporter) } +

    { [&39; + name]: kp.kubeStateMetrics[name] for name in std.objectFields(kp.kubeStateMetrics) } +

    { [&39; + name]: kp.alertmanager[name] for name in std.objectFields(kp.alertmanager) } +

    { [&39; + name]: kp.prometheus[name] for name in std.objectFields(kp.prometheus) } +

    { [&39; + name]: kp.prometheusAdapter[name] for name in std.objectFields(kp.prometheusAdapter) } +

    { [&39; + name]: kp.grafana[name] for name in std.objectFields(kp.grafana) }

    編譯生成K8S manifest文件

    cd kube-prometheus

    jb install (生成vendor目錄。關鍵步驟,否則下面編譯無法通過)

    ./build.sh example.jsonnet

    (which uses vendor/ to render all manifests in a json structure of {filename: manifest-content})

    (import &39;) +

    (import &39;) +

    查看生成的manifest文件:

    apiVersion: monitoring.coreos.com/v1

    kind: Prometheus

    metadata:

    labels:

    prometheus: k8s

    name: k8s

    namespace: monitoring

    spec:

    alerting:

    alertmanagers:

    - name: alertmanager-main

    namespace: monitoring

    port: web

    image: quay.io/prometheus/prometheus:v2.19.2

    nodeSelector:

    kubernetes.io/os: linux

    podMonitorNamespaceSelector: {}

    podMonitorSelector: {}

    replicas: 2

    resources:

    requests:

    memory: 400Mi

    retention: 30d

    ruleSelector:

    matchLabels:

    prometheus: k8s

    role: alert-rules

    securityContext:

    fsGroup: 2000

    runAsNonRoot: true

    runAsUser: 1000

    serviceAccountName: prometheus-k8s

    serviceMonitorNamespaceSelector: {}

    serviceMonitorSelector: {}

    storage:

    volumeClaimTemplate:

    apiVersion: v1

    kind: PersistentVolumeClaim

    spec:

    accessModes:

    - ReadWriteOnce

    resources:

    requests:

    storage: 10Gi

    storageClassName: prometheus-data

    version: v2.19.2

    部署

    $ kubectl apply -f manifests/setup

    $ kubectl apply -f manifests/

    每天三分鐘,知識效率高。輕文章,更高效。

    歡迎關注同名微信公眾帳號極客24h。

相關焦點

  • k8s監控系統prometheus-operator
    簡介prometheus-operatorPrometheus作為kubernetes官方推薦的監控系統,用Prometheus來監控kubernetes集群的狀況和運行在集群上的應用運行狀況。可以理解為,Prometheus Operator就是用於管理部署Prometheus到kubernetes的工具,其目的是簡化和自動化對Prometheus組件的維護。
  • 使用operator部署Prometheus
    nbsp;            3/3     Running   1          2m27sprometheus-operator
  • Go 監控的標配:實戰 Prometheus
    預設的配置文件是「/etc/prometheus/prometheus.yml」,如果我們要修改配置文件的話,那麼按照官方文檔[5]裡的說明,需要自定義一個 Dockerfile 文件:FROMPrometheus book[23]」,「Prometheus監控Kubernetes
  • k8s裡prometheus-operator監控jvm
    在配置prometheus-operator 監控jvm之前,我們必須要了解prometheus-operator的4個crd不然後續會蒙蔽。ServiceMonitor: 一個Kubernetes自定義資源(和kind: Prometheus一樣是CRD),該資源描述了Prometheus Server的Target列表,Operator 會監聽這個資源的變化來動態的更新Prometheus Server的Scrape targets並讓prometheus server去reload配置(prometheus有對應reload
  • Prometheus 監控外部 Kubernetes 集群
    : apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: prometheussubjects:- kind: ServiceAccount name: prometheus namespace: kube-mon在 Kubernetes 集群中創建上面的資源對象
  • 集群外部署Prometheus+Grafana監控K8S解析
    " operator: "Exists" effect: "NoSchedule"---kind: ServiceapiVersion: v1metadata: annotations: prometheus.io/scrape: 'true' labels: app: node-exporter
  • Prometheus Operator自定義監控項
    而對應的報警規則文件位於:/etc/prometheus/rules/prometheus-k8s-rulefiles-0/目錄下面所有的 YAML 文件。這裡的 PrometheusRule 的 name 為 prometheus-k8s-rules,namespace 為 monitoring,我們可以猜想到我們創建一個 PrometheusRule 資源對象後,會自動在上面的 prometheus-k8s-rulefiles-0 目錄下面生成一個對應的-.yaml文件,所以如果以後我們需要自定義一個報警選項的話
  • Prometheus監控Kubernetes 集群節點及應用
    prometheus.configmap.yamlconfigmap "prometheus-config" deleted[root@abcdocker prometheus]# kubectl create -f prometheus.configmap.yamlconfigmap/prometheus-config created[root@abcdocker prometheus]# kubectl
  • 「Kubernetes17」教你快速搭建 k8s 監控平臺
    Check its status by running:kubectl --namespace monitor get pods -l "release=prometheus-stack"Visit https://github.com/prometheus-operator/kube-prometheus for instructions on how to create & configure
  • kubernetes-Prometheus基於郵件告警
    3)推送告警:在Pometheus中指定指定告警規則,並設置告警伺服器(prometheus.yml告警規則文件為「/etc/prometheus/rules/」目錄下的所有規則文件。global: scrape_interval: 15s # Set the scrape interval to every 15 seconds.
  • 「運維」Prometheus 常用函數
    ",instance="120.77.65.193:9090",job="prometheus",method="get"} 1{code="200",handler="prometheus",instance="120.77.65.193:9090",job="prometheus"
  • k8s安裝Prometheus+Grafana(無坑版)
    目前網際網路公司常用的組件大部分都有exporter可以直接使用,比如Varnish、Haproxy、Nginx、MySQL、Linux 系統信息 (包括磁碟、內存、CPU、網絡等等),具體支持的源看:https://github.com/prometheus。
  • Prometheus 監控MySQL資料庫
    Prometheus 監控mysql容器Prometheus這裡我們演示中,prometheus以及mysqld_exporter都使用容器進行運行。@abcdocker local]# id prometheusuid=1002(prometheus) gid=1002(prometheus) groups=1002(prometheus)cat >>/etc/systemd/system/node_exporter.service<<EOF[
  • kubernetes pod 級別的 JVM 監控
    maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/0.13.0/jmx_prometheus_javaagent-0.13.0.jar
  • 不懂Prometheus?看完這個你就入門了
    後端用 C 開發,界面用 PHP 開發,定製化難度很高。https://prometheus.io/download/[root@prometheus-72 src]# wget https://github.com/prometheus/prometheus/releases/download/v2.22.0-rc.0/prometheus-2.22.0-rc.0.linux-amd64.tar.gz[root@prometheus
  • 「Kubernetes 系列」 Prometheus自動發現(K8S)
    Prometheus Operator:Kube-Prometheus(https://github.com/coreos/kube-prometheus.>Tips:通常生產環境中部署Prometheus 方式都是通過Operator方式。
  • prometheus+grafana監控SQLerver
    valid_lft forever preferred_lft forever部署exporterdocker run -e SERVER=172.17.0.1 -e USERNAME=SA -e PASSWORD=qkD4x3yy -e DEBUG=app -p 4000:4000 --name prometheus-mssql-exporter
  • 監控工具之Prometheus普羅米修斯,搭建和使用
    >4.驗證,查看版本號cd prometheus/.touch /usr/lib/systemd/system/prometheus.servicechown prometheus:prometheus /usr/lib/systemd/system/prometheus.service
  • CentOS7下簡單搭建Prometheus+Grafana監控系統
    -g prometheus -m -d /opt/prometheus/ -s /sbin/nologin prometheustar -zxf /data/prometheus-2.17.2.linux-amd64.tar.gz -C /optcd /opt/mv prometheus-2.17.2.linux-amd64/* prometheus
  • 運維監控系統之Prometheus Server安裝
    /prometheus/releases/download/v2.23.0/prometheus-2.23.0.linux-amd64.tar.gz tar zxvf prometheus-2.23.0.linux-amd64.tar.gz 運行