1.prometheus简介
Prometheus是一个开源的系统监控和警报工具包,最初由SoundCloud开发的,社区活跃,2016年加入了云原生计算基金会成为继Kubernetes之后的第二个托管项目;普罗米修斯以时间序列数据的形式收集并存储度量值;大部分模块由Go语言编写的。
Prometheus架构图
2.部署Prometheus
1)部署Prometheus deploy
cat prome_deploy.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: prometheus
namespace: work
labels:
app: prometheus
spec:
selector:
matchLabels:
app: prometheus
template:
metadata:
labels:
app: prometheus
spec:
securityContext: #指定运行的用户为root
runAsUser: 0
serviceAccountName: prometheus
containers:
- image: prom/prometheus:v2.30.2
name: prometheus
args:
- "--config.file=/etc/prometheus/prometheus.yml" #通过volume挂载prometheus.yml
- "--storage.tsdb.path=/prometheus" #通过vlolume挂载目录/prometheus
- "--storage.tsdb.retention.time=24h"
- "--web.enable-admin-api" #控制对admin HTTP API的访问
- "--web.enable-lifecycle" #支持热更新,直接执行localhost:9090/-/reload立即生效
ports:
- containerPort: 9090
name: http
volumeMounts:
- mountPath: "/etc/prometheus"
name: config-volume
- mountPath: "/prometheus"
name: data
resources:
requests:
cpu: 100m
memory: 512Mi
limits:
cpu: 100m
memory: 512Mi
volumes:
- name: data
persistentVolumeClaim:
claimName: prometheus-data #本地存储
- name: config-volume
configMap:
name: prometheus-config #定义的prometeus.yaml
kubectl apply -f prome_deploy.yml
2)部署Prometheus service
cat prome_svc.yml
apiVersion: v1
kind: Service
metadata:
name: prometheus
namespace: work
labels:
app: prometheus
spec:
selector:
app: prometheus
type: NodePort
ports:
- name: web
port: 9090
targetPort: http
kubectl apply -f prome_svc.yml
3)部署configmap
cat pome_cfg.yml
apiVersion: v1
kind: ConfigMap
metadata:
name: prometheus-config
namespace: work
data:
prometheus.yml: |
global:
scrape_interval: 15s
scrape_timeout: 15s
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
kubectl apply -f prome_cfg.yml
4)部署PV,PVC
apiVersion: v1
kind: PersistentVolume
metadata:
name: prometheus-local
labels:
app: prometheus
spec:
accessModes:
- ReadWriteOnce
capacity:
storage: 5Gi
storageClassName: local-storage
local:
path: /data/k8s/prometheus #在k8s节点创建此目录
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- node #指定运行在node节点
persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: prometheus-data
namespace: work
spec:
selector:
matchLabels:
app: prometheus
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: local-storage
kubectl apply -f prome_pvc.yml
5)配置rabc
apiVersion: v1
kind: ServiceAccount #创建一个serviceaccount
metadata:
name: prometheus
namespace: work
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole 创建一个clusterrole
metadata:
name: prometheus
rules:
- apiGroups:
- ""
resources:
- nodes
- services
- endpoints
- pods
- nodes/proxy
verbs:
- get
- list
- watch
- apiGroups:
- "extensions"
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- configmaps
- nodes/metrics
verbs:
- get
- nonResourceURLs:
- /metrics
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: prometheus
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: prometheus
subjects:
- kind: ServiceAccount
name: prometheus
namespace: work
kubectl apply -f prome_rabc.yml
查看部署的Prometheus服务
[root@master ~]# kubectl get pod,svc,configmap,sa -n work
NAME READY STATUS RESTARTS AGE
pod/prometheus-5f58d57f4c-fflv7 1/1 Running 3 3d20h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/prometheus NodePort 10.100.21.177 <none> 9090:32075/TCP 3d20h
NAME DATA AGE
configmap/prometheus-config 1 3d20h
NAME SECRETS AGE
serviceaccount/default 1 3d20h
serviceaccount/prometheus 1 3d20h
在浏览器访问Prometheus
访问地址是node节点IP加上service的nodeport端口
3.部署grafana
1)部署deployment
cat grafana.yml
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
app: grafana
name: grafana
namespace: work
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: grafana
template:
metadata:
labels:
app: grafana
spec:
securityContext:
runAsNonRoot: true
runAsUser: 10555
fsGroup: 10555
containers:
- name: grafana
image: grafana/grafana:8.4.4
imagePullPolicy: IfNotPresent
env:
- name: GF_AUTH_BASIC_ENABLED
value: "true"
- name: GF_AUTH_ANONYMOUS_ENABLED
value: "false"
readinessProbe:
httpGet:
path: /login
port: 3000
volumeMounts:
- mountPath: /var/lib/grafana
name: grafana-data-volume
ports:
- containerPort: 3000
protocol: TCP
volumes:
- name: grafana-data-volume
emptyDir: {}
kubectl apply -f grafana.yml
2)部署svc
cat grafana_svc.yml
kind: Service
apiVersion: v1
metadata:
labels:
app: grafana
name: grafana-service
namespace: work
spec:
ports:
- port: 3000
targetPort: 3000
selector:
app: grafana
type: NodePort
kubectl apply -f grafana_svc.yml
查看部署的grafana服务
[root@master prometheus]# kubectl get pod,svc -n work |grep grafana
pod/grafana-5b86ddbbff-sq5nx 1/1 Running 0 5m33s
service/grafana-service NodePort 10.107.134.50 <none> 3000:30362/TCP 5m25s
访问grafana
grafana访问地址为pod所在node节点IP+nodeport的端口
首次登录grafana,用户名和密码都是admin,登陆之后会要求修改admin的密码
