部署Prometheus
1. 创建一个命名空间
首先,我们可以创建一个专门用于Prometheus的命名空间,以便管理和隔离资源。
kubectl create namespace monitoring
|
2. 配置Prometheus的ConfigMap
为了配置Prometheus的抓取目标(scrape targets),我们需要创建一个ConfigMap,用于存储prometheus.yml配置文件。
apiVersion: v1
kind: ConfigMap
metadata:
name: prometheus-config
namespace: monitoring
data:
prometheus.yml: |
global:
scrape_interval: 15s
scrape_configs:
- job_name: 'kubernetes-nodes'
kubernetes_sd_configs:
- role: node
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
insecure_skip_verify: false
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- target_label: __address__
replacement: kubernetes.default.svc:443
- source_labels: [__meta_kubernetes_node_name]
regex: (.+)
target_label: __metrics_path__
replacement: /api/v1/nodes/${1}/proxy/metrics
- job_name: 'kubernetes-pods'
kubernetes_sd_configs:
- role: pod
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
- action: replace
source_labels: [__meta_kubernetes_namespace]
target_label: kubernetes_namespace
- action: replace
source_labels: [__meta_kubernetes_pod_name]
target_label: kubernetes_pod_name
|
将上述配置保存为prometheus-config.yaml文件,并应用它:
kubectl apply -f prometheus-config.yaml
|
3. 创建Prometheus Pod和Service
接下来,创建一个Pod来运行Prometheus,并通过NodePort暴露它的服务。
apiVersion: v1
kind: Pod
metadata:
name: prometheus-pod
namespace: monitoring
labels:
app: prometheus
spec:
containers:
- name: prometheus
image: quay.io/prometheus/prometheus:v2.44.0
args:
- --config.file=/etc/prometheus/prometheus.yml
- --storage.tsdb.path=/prometheus/
ports:
- containerPort: 9090
volumeMounts:
- name: prometheus-config-volume
mountPath: /etc/prometheus/
- name: prometheus-data-volume
mountPath: /prometheus/
volumes:
- name: prometheus-config-volume
configMap:
name: prometheus-config
- name: prometheus-data-volume
emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
name: prometheus-service
namespace: monitoring
spec:
type: NodePort
ports:
- port: 9090
targetPort: 9090
nodePort: 30000
selector:
app: prometheus
|
将上述配置保存为prometheus-pod-service.yaml文件,并应用它:
kubectl apply -f prometheus-pod-service.yaml
|
4. 设置适当的权限
确保Prometheus有足够的权限访问Kubernetes API。创建一个ClusterRole和ClusterRoleBinding。
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: prometheus
rules:
- apiGroups: [""]
resources:
- nodes
- nodes/proxy
- services
- endpoints
- pods
verbs: ["get", "list", "watch"]
- apiGroups:
- extensions
- apps
resources:
- deployments
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: prometheus
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: prometheus
subjects:
- kind: ServiceAccount
name: default
namespace: monitoring
|
将上述配置保存为prometheus-rbac.yaml文件,并应用它:
kubectl apply -f prometheus-rbac.yaml
|
5. 访问Prometheus
你现在可以通过NodePort访问Prometheus的Web界面。假设你的集群中的节点IP为<Node-IP>,你可以通过以下URL访问Prometheus:
6. 验证抓取目标
访问Prometheus Web界面后,在“Status” -> “Targets”页面查看Prometheus是否正确发现并抓取了Kubernetes节点和Pod的监控数据。
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)