Prometheus监控携带metrics接口的服务
Prometheus监控携带metrics接口的服务
prometheus监控分为两种:
1、携带metircs接口的服务
2、不携带metrics接口的服务
一、prometheus监控携带metrics接口的服务的流程:
携带metrics接口的服务就表示可以通过metrics接口获取服务的监控项和监控信息
(PS:此处以ETCD为例)
1、通过endprints获取锁需要监控的ETCD的地址
2、创建Service,给予集群内部的ServiceMoniter使用
3、创建ServiceMoniter部署需要的访问证书
4、重启promutheus监控Pod,载入监控项
二、通过prometheus监控ETCD
ETCD服务携带metrics接口,prometheus监控它的流程为:
1、通过EndPrints获取所要监控的ETCD的地址
2、创建Service,给予集群内部的ServiceMoniter使用
3、创建ServiceMoniter部署需要访问证书,给予prometheus-k8s-0来使用
4、重启prometheus监控Pod (prometheus-k8s-0),载入监控项
1、测试ETCD服务的metrics接口
[root@k8s-master-01 ~]# netstat -lnutp | grep etcd tcp 0 0 192.168.15.31:2379 0.0.0.0:* LISTEN 2692/etcd tcp 0 0 127.0.0.1:2379 0.0.0.0:* LISTEN 2692/etcd tcp 0 0 192.168.15.31:2380 0.0.0.0:* LISTEN 2692/etcd tcp 0 0 127.0.0.1:2381 0.0.0.0:* LISTEN 2692/etcd [root@k8s-master-01 ~]# curl -k --cert /etc/kubernetes/pki/apiserver-etcd-client.crt --key /etc/kubernetes/pki/apiserver-etcd-client.key https://127.0.0.1:2379/metrics #ETCD端口: 2379 提供HTTP API服务 2380 和集群中其他节点通信
2、通过EndPrints获取所需监控的ETCD的地址
kind: Endpoints apiVersion: v1 metadata: namespace: kube-system name: etcd-moniter labels: k8s: etcd subsets: - addresses: - ip: "192.168.15.31" ports: - port: 2379 protocol: TCP name: etcd
[root@k8s-master-01 ~]# kubectl apply -f endprints.yaml endpoints/etcd-moniter created [root@k8s-master-01 ~]# kubectl get endpoints -n kube-system NAME ENDPOINTS AGE etcd-moniter 192.168.15.31:2379 17s
3、创建Service,给予集群内部的ServiceMoniter使用
kind: Service apiVersion: v1 metadata: name: etcd-moniter namespace: kube-system labels: k8s: etcd spec: ports: - port: 2379 targetPort: 2379 name: etcd protocol: TCP
[root@k8s-master-01 ~]# kubectl apply -f service.yaml service/etcd-moniter created [root@k8s-master-01 ~]# kubectl get svc -n kube-system NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE etcd-moniter ClusterIP 10.103.237.209 <none> 2379/TCP 13s kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 25d kubelet ClusterIP None <none> 10250/TCP,10255/TCP,4194/TCP 44h [root@k8s-master-01 ~]# kubectl describe -n kube-system svc etcd-moniter Name: etcd-moniter Namespace: kube-system Labels: k8s=etcd Annotations: <none> Selector: <none> Type: ClusterIP IP Families: <none> IP: 10.103.237.209 IPs: 10.103.237.209 Port: etcd 2379/TCP TargetPort: 2379/TCP Endpoints: 192.168.15.31:2379 Session Affinity: None Events: <none>
4、创建ServiceMoniter部署需要访问证书
kind: ServiceMonitor apiVersion: monitoring.coreos.com/v1 metadata: labels: k8s: etcd name: etcd-monitor namespace: monitoring spec: endpoints: - interval: 3s port: etcd scheme: https tlsConfig: caFile: /etc/prometheus/secrets/etcd-certs/ca.crt certFile: /etc/prometheus/secrets/etcd-certs/peer.crt keyFile: /etc/prometheus/secrets/etcd-certs/peer.key insecureSkipVerify: true selector: matchLabels: k8s: etcd namespaceSelector: matchNames: - "kube-system"
[root@k8s-master-01 ~]# kubectl apply -f servicemoniter.yaml servicemonitor.monitoring.coreos.com/etcd-monitor created [root@k8s-master-01 ~]# kubectl get ServiceMonitor -n monitoring NAME AGE etcd-monitor 24s
5、重启prometheus监控Pod(prometheus-k8s-0),载入监控项
创建一个secrets,用来保存prometheus监控的etcd的证书
[root@k8s-master-01 ~]# kubectl create secret generic etcd-certs -n monitoring --from-file=/etc/kubernetes/pki/etcd/ca.crt --from-file=/etc/kubernetes/pki/etcd/peer.crt --from-file=/etc/kubernetes/pki/etcd/peer.key secret/etcd-certs created [root@k8s-master-01 ~]# kubectl get secret -n monitoring NAME TYPE DATA AGE etcd-certs Opaque 3 14s
kind: Prometheus apiVersion: monitoring.coreos.com/v1 metadata: labels: prometheus: k8s name: k8s namespace: monitoring spec: alerting: alertmanagers: - name: alertmanager-main namespace: monitoring port: web - name: alertmanager-main-etcd namespace: kube-system port: etcd image: quay.io/prometheus/prometheus:v2.15.2 nodeSelector: kubernetes.io/os: linux podMonitorNamespaceSelector: {} podMonitorSelector: {} replicas: 2 resources: requests: memory: 400Mi ruleSelector: matchLabels: prometheus: k8s role: alert-rules securityContext: fsGroup: 2000 runAsNonRoot: true runAsUser: 1000 serviceAccountName: prometheus-k8s serviceMonitorNamespaceSelector: {} serviceMonitorSelector: {} version: v2.15.2 secrets: - etcd-certs
结果
[root@k8s-master-01 ~]# kubectl apply -f prometheus-k8s-0.yaml prometheus.monitoring.coreos.com/k8s configured [root@k8s-master-01 ~]# kubectl get pod -n monitoring NAME READY STATUS RESTARTS AGE prometheus-k8s-0 3/3 Running 0 24s prometheus-k8s-1 0/3 Pending 0 24s
6、检测是否监控成功
补充:grafana图形美化
1、去grafana官网寻找合适个模板
2、使用模板
3、模板使用成功,看上去很装逼
本文作者:大胡萝卜没有须
本文链接:https://www.cnblogs.com/c-moon/p/16797237.html
版权声明:本作品采用知识共享署名-非商业性使用-禁止演绎 2.5 中国大陆许可协议进行许可。
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 25岁的心里话
· 闲置电脑爆改个人服务器(超详细) #公网映射 #Vmware虚拟网络编辑器
· 零经验选手,Compose 一天开发一款小游戏!
· 通过 API 将Deepseek响应流式内容输出到前端
· AI Agent开发,如何调用三方的API Function,是通过提示词来发起调用的吗