node-exporter可以提供相當豐富的系統資源指標,在指標收集中有舉足輕重的地位。編寫文章之時所參考的文件和相關操作都是有效的,但是軟體版本更新很快,不應完全照抄。
1. node-exporter部署:參考部落格:https://www.wqblogs.com/2020/04/17/k8s%E9%83%A8%E7%BD%B2node-exporter/#%E4%BA%A4%E4%BB%98node-exporter
# node_exporter.yamlapiVersion: apps/v1kind: DaemonSetmetadata: name: node-exporter namespace: default labels: name: node-exporter # 注意放在恰當的名稱空間中spec: selector: matchLabels: name: node-exporter template: metadata: labels: name: node-exporter spec: hostPID: true hostIPC: true hostNetwork: true containers: - name: node-exporter image: prom/node-exporter:v1.0.1 # 注意用相對較新的版本 ports: - containerPort: 9100 resources: requests: cpu: 0.15 securityContext: privileged: true args: - --path.procfs - /host/proc - --path.sysfs - /host/sys - --collector.filesystem.ignored-mount-points - '"^/(sys|proc|dev|host|etc)($|/)"' volumeMounts: - name: dev mountPath: /host/dev - name: proc mountPath: /host/proc - name: sys mountPath: /host/sys - name: rootfs mountPath: /rootfs tolerations: - key: "node-role.kubernetes.io/master" operator: "Exists" effect: "NoSchedule" volumes: - name: proc hostPath: path: /proc - name: dev hostPath: path: /dev - name: sys hostPath: path: /sys - name: rootfs hostPath: path: /kubectl get pods -o wide # 檢視node-exporter使用的ip,埠在上面的配置檔案中寫了:9100目標是在scrape_configs中配置job
- job_name: node-exporter honor_timestamps: true scrape_interval: 30s scrape_timeout: 10s metrics_path: /metrics scheme: http static_configs: - targets: - 192.168.39.170:9100 # 從第二步中獲取這是Prometheus的yaml配置檔案整體,除了node-exporter的job是自行田間,其他都是istio提供的Prometheus配置檔案預設內容。下面是配置檔案的整體:
# prometheus.yaml---# Source: prometheus/templates/server/serviceaccount.yamlapiVersion: v1kind: ServiceAccountmetadata: labels: component: "server" app: prometheus release: prometheus chart: prometheus-11.16.2 heritage: Helm name: prometheus namespace: istio-system annotations: {}---# Source: prometheus/templates/server/cm.yamlapiVersion: v1kind: ConfigMapmetadata: labels: component: "server" app: prometheus release: prometheus chart: prometheus-11.16.2 heritage: Helm name: prometheus namespace: istio-systemdata: alerting_rules.yml: | {} alerts: | {} prometheus.yml: | global: evaluation_interval: 1m scrape_interval: 1m scrape_timeout: 10s rule_files: - /etc/config/recording_rules.yml - /etc/config/alerting_rules.yml - /etc/config/rules - /etc/config/alerts scrape_configs: - job_name: prometheus static_configs: - targets: - localhost:9090 - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token job_name: kubernetes-apiservers kubernetes_sd_configs: - role: endpoints relabel_configs: - action: keep regex: default;kubernetes;https source_labels: - __meta_kubernetes_namespace - __meta_kubernetes_service_name - __meta_kubernetes_endpoint_port_name scheme: https tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt insecure_skip_verify: true - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token job_name: kubernetes-nodes kubernetes_sd_configs: - role: node relabel_configs: - action: labelmap regex: __meta_kubernetes_node_label_(.+) - replacement: kubernetes.default.svc:443 target_label: __address__ - regex: (.+) replacement: /api/v1/nodes/$1/proxy/metrics source_labels: - __meta_kubernetes_node_name target_label: __metrics_path__ scheme: https tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt insecure_skip_verify: true - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token job_name: kubernetes-nodes-cadvisor kubernetes_sd_configs: - role: node relabel_configs: - action: labelmap regex: __meta_kubernetes_node_label_(.+) - replacement: kubernetes.default.svc:443 target_label: __address__ - regex: (.+) replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor source_labels: - __meta_kubernetes_node_name target_label: __metrics_path__ scheme: https tls_config: ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt insecure_skip_verify: true - job_name: kubernetes-service-endpoints kubernetes_sd_configs: - role: endpoints relabel_configs: - action: keep regex: true source_labels: - __meta_kubernetes_service_annotation_prometheus_io_scrape - action: replace regex: (https?) source_labels: - __meta_kubernetes_service_annotation_prometheus_io_scheme target_label: __scheme__ - action: replace regex: (.+) source_labels: - __meta_kubernetes_service_annotation_prometheus_io_path target_label: __metrics_path__ - action: replace regex: ([^:]+)(?::\d+)?;(\d+) replacement: $1:$2 source_labels: - __address__ - __meta_kubernetes_service_annotation_prometheus_io_port target_label: __address__ - action: labelmap regex: __meta_kubernetes_service_label_(.+) - action: replace source_labels: - __meta_kubernetes_namespace target_label: kubernetes_namespace - action: replace source_labels: - __meta_kubernetes_service_name target_label: kubernetes_name - action: replace source_labels: - __meta_kubernetes_pod_node_name target_label: kubernetes_node - job_name: kubernetes-service-endpoints-slow kubernetes_sd_configs: - role: endpoints relabel_configs: - action: keep regex: true source_labels: - __meta_kubernetes_service_annotation_prometheus_io_scrape_slow - action: replace regex: (https?) source_labels: - __meta_kubernetes_service_annotation_prometheus_io_scheme target_label: __scheme__ - action: replace regex: (.+) source_labels: - __meta_kubernetes_service_annotation_prometheus_io_path target_label: __metrics_path__ - action: replace regex: ([^:]+)(?::\d+)?;(\d+) replacement: $1:$2 source_labels: - __address__ - __meta_kubernetes_service_annotation_prometheus_io_port target_label: __address__ - action: labelmap regex: __meta_kubernetes_service_label_(.+) - action: replace source_labels: - __meta_kubernetes_namespace target_label: kubernetes_namespace - action: replace source_labels: - __meta_kubernetes_service_name target_label: kubernetes_name - action: replace source_labels: - __meta_kubernetes_pod_node_name target_label: kubernetes_node scrape_interval: 5m scrape_timeout: 30s - honor_labels: true job_name: prometheus-pushgateway kubernetes_sd_configs: - role: service relabel_configs: - action: keep regex: pushgateway source_labels: - __meta_kubernetes_service_annotation_prometheus_io_probe - job_name: kubernetes-services kubernetes_sd_configs: - role: service metrics_path: /probe params: module: - http_2xx relabel_configs: - action: keep regex: true source_labels: - __meta_kubernetes_service_annotation_prometheus_io_probe - source_labels: - __address__ target_label: __param_target - replacement: blackbox target_label: __address__ - source_labels: - __param_target target_label: instance - action: labelmap regex: __meta_kubernetes_service_label_(.+) - source_labels: - __meta_kubernetes_namespace target_label: kubernetes_namespace - source_labels: - __meta_kubernetes_service_name target_label: kubernetes_name - job_name: kubernetes-pods kubernetes_sd_configs: - role: pod relabel_configs: - action: keep regex: true source_labels: - __meta_kubernetes_pod_annotation_prometheus_io_scrape - action: replace regex: (.+) source_labels: - __meta_kubernetes_pod_annotation_prometheus_io_path target_label: __metrics_path__ - action: replace regex: ([^:]+)(?::\d+)?;(\d+) replacement: $1:$2 source_labels: - __address__ - __meta_kubernetes_pod_annotation_prometheus_io_port target_label: __address__ - action: labelmap regex: __meta_kubernetes_pod_label_(.+) - action: replace source_labels: - __meta_kubernetes_namespace target_label: kubernetes_namespace - action: replace source_labels: - __meta_kubernetes_pod_name target_label: kubernetes_pod_name - action: drop regex: Pending|Succeeded|Failed source_labels: - __meta_kubernetes_pod_phase - job_name: kubernetes-pods-slow kubernetes_sd_configs: - role: pod relabel_configs: - action: keep regex: true source_labels: - __meta_kubernetes_pod_annotation_prometheus_io_scrape_slow - action: replace regex: (.+) source_labels: - __meta_kubernetes_pod_annotation_prometheus_io_path target_label: __metrics_path__ - action: replace regex: ([^:]+)(?::\d+)?;(\d+) replacement: $1:$2 source_labels: - __address__ - __meta_kubernetes_pod_annotation_prometheus_io_port target_label: __address__ - action: labelmap regex: __meta_kubernetes_pod_label_(.+) - action: replace source_labels: - __meta_kubernetes_namespace target_label: kubernetes_namespace - action: replace source_labels: - __meta_kubernetes_pod_name target_label: kubernetes_pod_name - action: drop regex: Pending|Succeeded|Failed source_labels: - __meta_kubernetes_pod_phase scrape_interval: 5m scrape_timeout: 30s - job_name: node-exporter honor_timestamps: true scrape_interval: 30s scrape_timeout: 10s metrics_path: /metrics scheme: http static_configs: - targets: - 127.0.0.1:9100 - 192.168.39.170:9100 recording_rules.yml: | {} rules: | {}---# Source: prometheus/templates/server/clusterrole.yamlapiVersion: rbac.authorization.k8s.io/v1kind: ClusterRolemetadata: labels: component: "server" app: prometheus release: prometheus chart: prometheus-11.16.2 heritage: Helm name: prometheusrules: - apiGroups: - "" resources: - nodes - nodes/proxy - nodes/metrics - services - endpoints - pods - ingresses - configmaps verbs: - get - list - watch - apiGroups: - "extensions" - "networking.k8s.io" resources: - ingresses/status - ingresses verbs: - get - list - watch - nonResourceURLs: - "/metrics" verbs: - get---# Source: prometheus/templates/server/clusterrolebinding.yamlapiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata: labels: component: "server" app: prometheus release: prometheus chart: prometheus-11.16.2 heritage: Helm name: prometheussubjects: - kind: ServiceAccount name: prometheus namespace: istio-systemroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: prometheus---# Source: prometheus/templates/server/service.yamlapiVersion: v1kind: Servicemetadata: labels: component: "server" app: prometheus release: prometheus chart: prometheus-11.16.2 heritage: Helm name: prometheus namespace: istio-systemspec: ports: - name: http port: 9090 protocol: TCP targetPort: 9090 selector: component: "server" app: prometheus release: prometheus sessionAffinity: None type: "ClusterIP"---# Source: prometheus/templates/server/deploy.yamlapiVersion: apps/v1kind: Deploymentmetadata: labels: component: "server" app: prometheus release: prometheus chart: prometheus-11.16.2 heritage: Helm name: prometheus namespace: istio-systemspec: selector: matchLabels: component: "server" app: prometheus release: prometheus replicas: 1 template: metadata: annotations: sidecar.istio.io/inject: "false" labels: component: "server" app: prometheus release: prometheus chart: prometheus-11.16.2 heritage: Helm spec: serviceAccountName: prometheus containers: - name: prometheus-server-configmap-reload image: "jimmidyson/configmap-reload:v0.4.0" imagePullPolicy: "IfNotPresent" args: - --volume-dir=/etc/config - --webhook-url=http://127.0.0.1:9090/-/reload resources: {} volumeMounts: - name: config-volume mountPath: /etc/config readOnly: true - name: prometheus-server image: "prom/prometheus:v2.21.0" imagePullPolicy: "IfNotPresent" args: - --storage.tsdb.retention.time=60d - --config.file=/etc/config/prometheus.yml - --storage.tsdb.path=/data - --web.console.libraries=/etc/prometheus/console_libraries - --web.console.templates=/etc/prometheus/consoles - --web.enable-lifecycle ports: - containerPort: 9090 readinessProbe: httpGet: path: /-/ready port: 9090 initialDelaySeconds: 0 periodSeconds: 5 timeoutSeconds: 30 failureThreshold: 3 successThreshold: 1 livenessProbe: httpGet: path: /-/healthy port: 9090 initialDelaySeconds: 30 periodSeconds: 15 timeoutSeconds: 30 failureThreshold: 3 successThreshold: 1 resources: {} volumeMounts: - name: config-volume mountPath: /etc/config - name: storage-volume mountPath: /data subPath: "" securityContext: fsGroup: 65534 runAsGroup: 65534 runAsNonRoot: true runAsUser: 65534 terminationGracePeriodSeconds: 300 volumes: - name: config-volume configMap: name: prometheus - name: storage-volume emptyDir: {}埠暴露要注意,使用 minikube tunnel暴露叢集的服務,都可以在主機上訪問。
kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=prometheus -o jsonpath='{.items[0].metadata.name}') 9090:9090 &
最新評論