kube-prometheus部署

一、自定义配置(二选一,不建议用这个)

grafana-service.yml

apiVersion: v1
kind: Service
metadata:name: grafananamespace: kube-monitoringlabels:app: grafanacomponent: core
spec:type: NodePortports:- port: 3000nodePort: 30011selector:app: grafanacomponent: core

grafana-statefulset.yml

apiVersion: apps/v1
kind: StatefulSet
metadata:name: grafana-corenamespace: kube-monitoringlabels:app: grafanacomponent: core
spec:serviceName: "grafana"selector:matchLabels:app: grafanareplicas: 1template:metadata:labels:app: grafanacomponent: corespec:containers:- image: grafana/grafana:6.5.3name: grafana-coreimagePullPolicy: IfNotPresentenv:# The following env variables set up basic auth twith the default admin user and admin password.- name: GF_AUTH_BASIC_ENABLEDvalue: "true"- name: GF_AUTH_ANONYMOUS_ENABLEDvalue: "false"# - name: GF_AUTH_ANONYMOUS_ORG_ROLE#   value: Admin# does not really work, because of template variables in exported dashboards:# - name: GF_DASHBOARDS_JSON_ENABLED#   value: "true"readinessProbe:httpGet:path: /loginport: 3000# initialDelaySeconds: 30# timeoutSeconds: 1volumeMounts:- name: grafana-persistent-storagemountPath: /var/lib/grafanasubPath: grafanavolumeClaimTemplates:- metadata:name: grafana-persistent-storagespec:storageClassName: managed-nfs-storageaccessModes:- ReadWriteOnceresources:requests:storage: "1Gi"

 kube-monitoring.yml

apiVersion: v1
kind: Namespace
metadata:name: kube-monitoring

prometheus-config.yml

apiVersion: v1
kind: ConfigMap
metadata:name: prometheus-confignamespace: kube-monitoring
data:prometheus.yml: |global:scrape_interval: 15s evaluation_interval: 15sscrape_configs:- job_name: 'prometheus'static_configs:- targets: ['localhost:9090']- job_name: 'kubernetes-nodes'tls_config:ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crtbearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/tokenkubernetes_sd_configs:- role: node- job_name: 'kubernetes-service'tls_config:ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crtbearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/tokenkubernetes_sd_configs:- role: service- job_name: 'kubernetes-endpoints'tls_config:ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crtbearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/tokenkubernetes_sd_configs:- role: endpoints- job_name: 'kubernetes-ingress'tls_config:ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crtbearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/tokenkubernetes_sd_configs:- role: ingress- job_name: 'kubernetes-kubelet'scheme: httpstls_config:ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crtbearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/tokenkubernetes_sd_configs:- role: noderelabel_configs:- action: labelmapregex: __meta_kubernetes_node_label_(.+)- target_label: __address__replacement: kubernetes.default.svc:443- source_labels: [__meta_kubernetes_node_name]regex: (.+)target_label: __metrics_path__replacement: /api/v1/nodes/${1}/proxy/metrics- job_name: 'kubernetes-cadvisor'scheme: httpstls_config:ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crtbearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/tokenkubernetes_sd_configs:- role: noderelabel_configs:- target_label: __address__replacement: kubernetes.default.svc:443- source_labels: [__meta_kubernetes_node_name]regex: (.+)target_label: __metrics_path__replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor- action: labelmapregex: __meta_kubernetes_node_label_(.+)- job_name: 'kubernetes-pods'kubernetes_sd_configs:- role: podrelabel_configs:- source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape]action: keepregex: true- source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]action: replacetarget_label: __metrics_path__regex: (.+)- source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]action: replaceregex: ([^:]+)(?::\d+)?;(\d+)replacement: $1:$2target_label: __address__- action: labelmapregex: __meta_kubernetes_pod_label_(.+)- source_labels: [__meta_kubernetes_namespace]action: replacetarget_label: kubernetes_namespace- source_labels: [__meta_kubernetes_pod_name]action: replacetarget_label: kubernetes_pod_name- job_name: 'kubernetes-apiservers'kubernetes_sd_configs:- role: endpointsscheme: httpstls_config:ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crtbearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/tokenrelabel_configs:- source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]action: keepregex: default;kubernetes;https- target_label: __address__replacement: kubernetes.default.svc:443- job_name: 'kubernetes-services'metrics_path: /probeparams:module: [http_2xx]kubernetes_sd_configs:- role: servicerelabel_configs:- source_labels: [__meta_kubernetes_service_annotation_prometheus_io_probe]action: keepregex: true- source_labels: [__address__]target_label: __param_target- target_label: __address__replacement: blackbox-exporter.default.svc.cluster.local:9115- source_labels: [__param_target]target_label: instance- action: labelmapregex: __meta_kubernetes_service_label_(.+)- source_labels: [__meta_kubernetes_namespace]target_label: kubernetes_namespace- source_labels: [__meta_kubernetes_service_name]target_label: kubernetes_name- job_name: 'kubernetes-ingresses'metrics_path: /probeparams:module: [http_2xx]kubernetes_sd_configs:- role: ingressrelabel_configs:- source_labels: [__meta_kubernetes_ingress_annotation_prometheus_io_probe]action: keepregex: true- source_labels: [__meta_kubernetes_ingress_scheme,__address__,__meta_kubernetes_ingress_path]regex: (.+);(.+);(.+)replacement: ${1}://${2}${3}target_label: __param_target- target_label: __address__replacement: blackbox-exporter.default.svc.cluster.local:9115- source_labels: [__param_target]target_label: instance- action: labelmapregex: __meta_kubernetes_ingress_label_(.+)- source_labels: [__meta_kubernetes_namespace]target_label: kubernetes_namespace- source_labels: [__meta_kubernetes_ingress_name]target_label: kubernetes_name

 prometheus-daemonset.yml

apiVersion: apps/v1
kind: DaemonSet
metadata:name: node-exporternamespace: kube-monitoring
spec:selector:matchLabels:app: node-exportertemplate:metadata:annotations:prometheus.io/scrape: 'true'prometheus.io/port: '9100'prometheus.io/path: 'metrics'labels:app: node-exportername: node-exporterspec:containers:- image: prom/node-exporterimagePullPolicy: IfNotPresentname: node-exporterports:- containerPort: 9100hostPort: 9100name: scrapehostNetwork: truehostPID: true

prometheus-deploy.yml

apiVersion: v1
kind: Service
metadata:name: prometheuslabels:name: prometheus
spec:ports:- name: prometheusprotocol: TCPport: 9090targetPort: 9090selector:app: prometheustype: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:labels:name: prometheusname: prometheus
spec:replicas: 1selector:app: prometheustemplate:metadata:labels:app: prometheusspec:containers:- name: prometheusimage: prom/prometheus:v2.2.1command:- "/bin/prometheus"args:- "--config.file=/etc/prometheus/prometheus.yml"ports:- containerPort: 9090protocol: TCPvolumeMounts:- mountPath: "/etc/prometheus"name: prometheus-configvolumes:- name: prometheus-configconfigMap:name: prometheus-config

 prometheus-deployment.yml

apiVersion: apps/v1
kind: Deployment
metadata:labels:name: prometheusname: prometheusnamespace: kube-monitoring
spec:replicas: 1selector:matchLabels:app: prometheustemplate:metadata:labels:app: prometheusspec:serviceAccountName: prometheusserviceAccount: prometheuscontainers:- name: prometheusimage: prom/prometheus:v2.2.1command:- "/bin/prometheus"args:- "--config.file=/etc/prometheus/prometheus.yml"ports:- containerPort: 9090protocol: TCPvolumeMounts:- mountPath: "/etc/prometheus"name: prometheus-config- mountPath: "/etc/localtime"name: timezonevolumes:- name: prometheus-configconfigMap:name: prometheus-config- name: timezonehostPath:path: /usr/share/zoneinfo/Asia/Shanghai

prometheus-rbac-setup.yml

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:name: prometheus
rules:
- apiGroups: [""]resources:- nodes- nodes/proxy- services- endpoints- podsverbs: ["get", "list", "watch"]
- apiGroups:- extensionsresources:- ingressesverbs: ["get", "list", "watch"]
- nonResourceURLs: ["/metrics"]verbs: ["get"]
---
apiVersion: v1
kind: ServiceAccount
metadata:name: prometheusnamespace: kube-monitoring
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:name: prometheus
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: prometheus
subjects:
- kind: ServiceAccountname: prometheusnamespace: kube-monitoring

 prometheus-service.yml

apiVersion: v1
kind: Service
metadata:name: prometheuslabels:name: prometheusnamespace: kube-monitoring
spec:ports:- name: prometheusprotocol: TCPport: 9090targetPort: 9090selector:app: prometheustype: NodePort

把这些文件传到/opt/k8s/k8s/prometheus下

 kubectl apply -f prometheus/kube-monitoring.yml

 kubectl apply -f prometheus/

#查看

kubectl get all -n kube-monitoring

grafana访问地址:

prometheus访问地址:

二、kube-prometheus部署(二选一,建议用这个)

#在github上面下载kube-prometheus

https://github.com/prometheus-operator/kube-prometheus.git

注意下载版本要跟k8s兼容

我这里k8s是1.23,我用kube-prometheus的release-0.10

#替换国内镜像

sed -i 's/quay.io/quay.mirrors.ustc.edu.cn/g' prometheusOperator-deployment.yaml
sed -i 's/quay.io/quay.mirrors.ustc.edu.cn/g' prometheus-prometheus.yaml
sed -i 's/quay.io/quay.mirrors.ustc.edu.cn/g' alertmanager-alertmanager.yaml
sed -i 's/quay.io/quay.mirrors.ustc.edu.cn/g' kubeStateMetrics-deployment.yaml
sed -i 's/k8s.gcr.io/lank8s.cn/g' kubeStateMetrics-deployment.yaml
sed -i 's/quay.io/quay.mirrors.ustc.edu.cn/g' nodeExporter-daemonset.yaml
sed -i 's/quay.io/quay.mirrors.ustc.edu.cn/g' prometheusAdapter-deployment.yaml
sed -i 's/k8s.gcr.io/lank8s.cn/g' prometheusAdapter-deployment.yaml

# 查看是否还有国外镜像
grep "image: " * -r

#修改访问入口(选择是用这个还是配置ingress)

分别修改 prometheus、alertmanager、grafana 中的 spec.type 为 NodePort 方便测试访问

#安装

kubectl create -f manifests/setup/

kubectl apply -f manifests/

#检查

kubectl get all -n monitoring

kubectl get pod -n monitoring

kubectl get svc -n monitoring

#配置ingress(注意,需要先装ingress-nginx。或者也可以不执行这个,用上一步改nodeport也行,就是为了k8s集群外可以访问到prometheus、alertmanager、grafana的界面)

# 创建 ingress
kubectl apply -f prometheus-ingress.yaml 

# 通过域名访问(没有域名可以在主机配置 hosts)
192.168.113.121 grafana.wolfcode.cn
192.168.113.121 prometheus.wolfcode.cn
192.168.113.121 alertmanager.wolfcode.cn# 创建 prometheus-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:namespace: monitoringname: prometheus-ingress
spec:ingressClassName: nginxrules:- host: grafana.wolfcode.cn  # 访问 Grafana 域名http:paths:- path: /pathType: Prefixbackend:service:name: grafanaport:number: 3000- host: prometheus.wolfcode.cn  # 访问 Prometheus 域名http:paths:- path: /pathType: Prefixbackend:service:name: prometheus-k8s port:number: 9090- host: alertmanager.wolfcode.cn  # 访问 alertmanager 域名http:paths:- path: /pathType: Prefixbackend:service:name: alertmanager-mainport:number: 9093

#卸载

kubectl delete --ignore-not-found=true -f manifests/ -f manifests/setup

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.mzph.cn/bicheng/53284.shtml

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

uniapp 懒加载、预加载、缓存机制深度解析

uniapp 懒加载、预加载、缓存机制深度解析 文章目录 uniapp 懒加载、预加载、缓存机制深度解析一、为什么要使用uniapp的懒加载、预加载和缓存机制二、如何使用uniapp的懒加载、预加载和缓存机制1. 懒加载2. 预加载3. 缓存机制 四、扩展与高级技巧1. 结合懒加载和预加载优化页面…

链表.......

从右到左 更新尾部 typedef typedef struct ListNode { int value; struct ListNode *next;(这里不能用listnode*应为还没有定义) } ListNode; #include <stdio.h> #include <stdlib.h> // 定义链表节点结构体 struct ListNode { int value; s…

Python中的“类与对象:实例化对象”——掌握面向对象编程的核心技能

引言 面向对象编程不仅是一种编程范式&#xff0c;更是一种思考方式。它允许我们以“对象”为中心来组织代码&#xff0c;每个对象都包含数据&#xff08;属性&#xff09;和可以操作这些数据的方法。类则是定义了对象的蓝图或模板&#xff0c;描述了该类型的对象应该具有哪些…

开发台球助教小程序前景分析

开发台球助教小程序的前景分析可从以下维度展开探讨&#xff1a; 市场需求的增长 台球作为一项受欢迎的休闲运动&#xff0c;其爱好者群体正在扩大。随着大众对这项运动兴趣的增加&#xff0c;寻求系统化培训的需求也愈发明显。台球助教小程序正好填补了这一市场空白&#xf…

【Hadoop|HDFS篇】HDFS的Shell操作

1. 基本语法 hadoop fs 具体命令或者hadoop dfs 具体命令。 两个是完全相同的。 2. 命令大全 hadoop fs&#xff1a; Usage: hadoop fs [generic options][-appendToFile <localsrc> ... <dst>][-cat [-ignoreCrc] <src> ...][-checksum <src> ..…

当小程序遭遇攻击或超出流量峰值时:SCDN边缘加速的高效防护策略!

在数字化时代&#xff0c;小程序因其便捷性和丰富的功能而备受用户喜爱&#xff0c;但这也使其成为了网络攻击的目标之一。DDoS攻击、CC攻击等不仅会影响小程序的正常运行&#xff0c;还会损害用户体验和品牌形象。在这种情况下&#xff0c;选择合适的安全防护措施至关重要。边…

LeetCode93 复原 IP 地址

前言 题目&#xff1a; 93. 复原 IP 地址 文档&#xff1a; 代码随想录——复原 IP 地址 编程语言&#xff1a; C 解题状态&#xff1a; 没思路… 思路 依旧是切割问题&#xff0c;但同时还需要操作字符串添加逗号作为分隔符&#xff0c;并验证区间的合法性。 代码 class So…

DrissionPage设置启动浏览器为edge

1.查看浏览器启动路径 在浏览器地址栏输入下面地址&#xff0c;拿到可执行文件的路径 。 edge://version/ 2.替换路径 打开DrissionPage._configs. chromium_options.py文件&#xff0c;找到def browser_path(self)这个函数&#xff0c;将返回内容替换为edge的启动路径&#x…

数据访问:JPA关联MyBatis

JPA&#xff08;Java Persistence API&#xff09;和 MyBatis 是 Java 中常用的两种持久层框架。它们在数据访问和持久化方面有不同的设计理念和优缺点。下面是将 JPA 和 MyBatis 关联起来的一些总结&#xff1a; 1. JPA 和 MyBatis 的基本概念 JPA&#xff1a;JPA 是一种规范…

jupyter 笔记本中如何判定bash块是否执行完毕

jupyter notebook中 后台执行bash卡住解决 jupyter版本 !jupyter --version Selected Jupyter core packages... IPython : 8.27.0 ipykernel : 6.29.5 ipywidgets : 8.1.5 jupyter_client : 8.6.2 jupyter_core : 5.7.2 jupyter_server : 2.…

【网络安全】服务基础第一阶段——第十节:Windows系统管理基础---- 组策略高级应用

目录 一、组策略的基本概念 1.1 组策略的基本概念 1.1.1 组策略对象 1.2 配置 1.2.1 计算机配置&#xff08;Computer Configuration&#xff09; 1.2.2 用户配置&#xff08;User Configuration&#xff09; 1.3 作用范围 1.4 继承和优先级 1.4.1 继承&#xff08;In…

【WPF动画】

关于 WPF 中 System.Windows.Media.Animation 命名空间下常用动画类的简要介绍、使用方法和适用场景的表格 使用场景解释&#xff1a;示例代码1示例代码2&#xff1a;使用 Storyboard 组合多个动画代码解释应用场景 动画类描述使用示例适用场景DoubleAnimation用于为 double 类…

Qt:玩转QPainter序列九(文本,文本框,填充)

前言 继续承接序列八 正文 1. drawImage系列函数 绘制图像 inline void drawImage(const QPoint &p, const QImage &image); 作用: 在指定的点 p 上绘制 QImage 图像。图像的左上角将对齐到 p 点。 inline void drawImage(int x, int y, const QImage &image,…

ArkUI-状态管理-@Provide、@Consume、@Observed、@ObjectLink

ArkUI-状态管理 Provide装饰器和Consume装饰器&#xff1a;与后代组件双向同步概述观察变化框架行为Provide支持allowOverride参数 Observed装饰器和ObjectLink装饰器&#xff1a;嵌套类对象属性变化概述限制条件观察变化框架行为 Provide装饰器和Consume装饰器&#xff1a;与后…

Spring Security 有什么用?附使用教程

SecurityConfig 是一个 Spring Security 的配置类&#xff0c;用于配置应用程序的安全性。它主要用于定义如何保护应用程序的各种端点、身份验证和授权策略。SecurityConfig 在应用程序启动时被加载&#xff0c;并在整个应用程序生命周期中提供安全保护。 SecurityConfig的作用…

毕业设计选题系统

一、项目概述 Hi&#xff0c;大家好&#xff0c;今天分享的项目是《毕业设计选题系统》。 毕业论文选题是大学教学管理中的重要环节&#xff0c;关系到高校的教学质量。传统的手工管理方式工作效率低下、管理繁琐&#xff0c;浪费教师和学生的时间与精力的问题。本系统以提高…

87、k8s之污点

node 亲和性----nodename—nodeSelector ​ 软策略和硬策略 pod&#xff1a;亲和性 ​ 反亲和性 标签------>node节点的标签比app&#xff1a;nginx1标签优先级高 -------------------------------以上总结------------------------------------------ 一、污点 查看…

基于微信的热门景点推荐小程序的设计与实现(论文+源码)_kaic

摘 要 近些年来互联网迅速发展人们生活水平也稳步提升&#xff0c;人们也越来越热衷于旅游来提高生活品质。互联网的应用与发展也使得人们获取旅游信息的方法也更加丰富&#xff0c;以前的景点推荐系统现在已经不足以满足用户的要求了&#xff0c;也不能满足不同用户自身的个…

Leetcode面试经典150题-92.反转链表II

解法都在代码里&#xff0c;不懂就留言或者私信 比反转链表I略微难一点点 /*** Definition for singly-linked list.* public class ListNode {* int val;* ListNode next;* ListNode() {}* ListNode(int val) { this.val val; }* ListNode(int val, Li…

在移动应用程序中集成模糊方法的基于物联网的天气监测系统的实现

这篇论文的标题是《IMPLEMENTATION OF WEATHER MONITORING SYSTEM BASED INTERNET OF THINGS USING INTEGRATED FUZZY METHOD IN MOBILE APPLICATIONS》&#xff0c;作者是 Muhammad Malik Amin&#xff0c;来自 Politeknik Negeri Jakarta 的 D-IV INSTRUMENTASI DAN KONTROL …