kubernetes全面監控之prometheus-operator部署

1.官網地址
https://github.com/coreos/prometheus-operator/tree/master/helm

2.使用helm部署
確保helm環境正常

[root@k8s-master1 ~]# helm version
Client: &version.Version{SemVer:"v2.11.0", GitCommit:"2e55dbe1fdb5fdb96b75ff144a339489417b146b", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.11.0", GitCommit:"2e55dbe1fdb5fdb96b75ff144a339489417b146b", GitTreeState:"clean"}

3.helm安裝第一步報錯

[root@k8s-master1 prometheus-operator]# helm install coreos/prometheus-operator --name prometheus-operator --namespace monitoring
Error: release prometheus-operator failed: namespaces "monitoring" is forbidden: User "system:serviceaccount:kube-system:default" cannot get namespaces in the namespace "monitoring"

解決方法參考:https://github.com/helm/helm/issues/3130

#重置helm

[root@k8s-master1 prometheus-operator]# helm reset --force
Tiller (the Helm server-side component) has been uninstalled from your Kubernetes Cluster.

#配置rbac

[root@k8s-master1 prometheus-operator]# kubectl create -f rbac-config.yaml
serviceaccount "tiller" created
clusterrolebinding.rbac.authorization.k8s.io "tiller" created

[root@k8s-master1 prometheus-operator]# cat rbac-config.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: tiller
  namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: tiller-clusterrolebinding
subjects:
- kind: ServiceAccount
  name: tiller
  namespace: kube-system
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: ""
[root@k8s-master1 prometheus-operator]#

#初始化指定serviceaccount

[root@k8s-master1 prometheus-operator]# helm init --service-account tiller --upgrade -i registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.11.0 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts

$HELM_HOME has been configured at /root/.helm.

Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.

Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
To prevent this, run `helm init` with the --tiller-tls-verify flag.
For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation
Happy Helming!

4.加源

[root@k8s-master1 prometheus-operator]# helm repo add coreos https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/

5.部署prometheus-operator包

[root@k8s-master1 prometheus-operator]# helm install coreos/prometheus-operator --name prometheus-operator --namespace monitoring
NAME:  prometheus-operator
LAST DEPLOYED: Wed Nov 14 21:09:33 2018
NAMESPACE: monitoring
STATUS: DEPLOYED

RESOURCES:
==> v1beta1/ClusterRoleBinding
NAME                    AGE
prometheus-operator      12s
psp-prometheus-operator  12s

==> v1beta1/Deployment
prometheus-operator  12s

==> v1/Pod(related)

NAME                                READY  STATUS            RESTARTS  AGE
prometheus-operator-d75587d6-lmqnb  0/1    ContainerCreating  0        12s

==> v1beta1/PodSecurityPolicy

NAME                AGE
prometheus-operator  13s

==> v1/ConfigMap
prometheus-operator  12s

==> v1/ServiceAccount
prometheus-operator  12s

==> v1beta1/ClusterRole
prometheus-operator      12s
psp-prometheus-operator  12s

NOTES:
The Prometheus Operator has been installed. Check its status by running:
  kubectl --namespace monitoring get pods -l "app=prometheus-operator,release=prometheus-operator"

Visit https://github.com/coreos/prometheus-operator for instructions on how
to create & configure Alertmanager and Prometheus instances using the Operator.

[root@k8s-master1 prometheus-operator]#

6.部署kube-prometheus包

[root@k8s-master1 prometheus-operator]# helm install coreos/kube-prometheus --name kube-prometheus --namespace monitoring
NAME:  kube-prometheus
LAST DEPLOYED: Wed Nov 14 21:11:07 2018
NAMESPACE: monitoring
STATUS: DEPLOYED

RESOURCES:
==> v1/Alertmanager
NAME            AGE
kube-prometheus  7s

==> v1/Prometheus
kube-prometheus  3s

==> v1/PrometheusRule
kube-prometheus-alertmanager                      3s
kube-prometheus-exporter-kube-controller-manager  3s
kube-prometheus-exporter-kube-etcd                3s
kube-prometheus-exporter-kube-scheduler          3s
kube-prometheus-exporter-kube-state              3s
kube-prometheus-exporter-kubelets                3s
kube-prometheus-exporter-kubernetes              3s
kube-prometheus-exporter-node                    3s
kube-prometheus-rules                            3s
kube-prometheus                                  3s

==> v1/Secret
alertmanager-kube-prometheus  13s
kube-prometheus-grafana      13s

==> v1beta1/Deployment
kube-prometheus-exporter-kube-state  11s
kube-prometheus-grafana              11s

==> v1beta1/Role
kube-prometheus-exporter-kube-state  12s

==> v1/Service
kube-prometheus-alertmanager                      12s
kube-prometheus-exporter-kube-controller-manager  12s
kube-prometheus-exporter-kube-dns                12s
kube-prometheus-exporter-kube-etcd                12s
kube-prometheus-exporter-kube-scheduler          12s
kube-prometheus-exporter-kube-state              12s
kube-prometheus-exporter-node                    12s
kube-prometheus-grafana                          12s
kube-prometheus                                  12s

==> v1/ServiceAccount
kube-prometheus-exporter-kube-state  13s
kube-prometheus-exporter-node        13s
kube-prometheus-grafana              12s
kube-prometheus                      12s

==> v1beta1/ClusterRoleBinding
psp-kube-prometheus-alertmanager        12s
kube-prometheus-exporter-kube-state      12s
psp-kube-prometheus-exporter-kube-state  12s
psp-kube-prometheus-exporter-node        12s
psp-kube-prometheus-grafana              12s
kube-prometheus                          12s
psp-kube-prometheus                      12s

==> v1/ConfigMap
kube-prometheus-grafana  13s

==> v1/Pod(related)

NAME                                                  READY  STATUS            RESTARTS  AGE
kube-prometheus-exporter-kube-state-844bb6f589-k7b25  0/2    ContainerCreating  0        11s
kube-prometheus-grafana-57d5b4d79f-d7dwf              0/2    ContainerCreating  0        11s

==> v1beta1/RoleBinding

NAME                                AGE
kube-prometheus-exporter-kube-state  12s

==> v1beta1/DaemonSet
kube-prometheus-exporter-node  12s

==> v1/ServiceMonitor
kube-prometheus-alertmanager                      3s
kube-prometheus-exporter-kube-controller-manager  2s
kube-prometheus-exporter-kube-dns                2s
kube-prometheus-exporter-kube-etcd                2s
kube-prometheus-exporter-kube-scheduler          2s
kube-prometheus-exporter-kube-state              2s
kube-prometheus-exporter-kubelets                2s
kube-prometheus-exporter-kubernetes              2s
kube-prometheus-exporter-node                    2s
kube-prometheus-grafana                          2s
kube-prometheus                                  2s

==> v1beta1/PodSecurityPolicy
kube-prometheus-alertmanager        13s
kube-prometheus-exporter-kube-state  13s
kube-prometheus-exporter-node        13s
kube-prometheus-grafana              13s
kube-prometheus                      13s

==> v1beta1/ClusterRole
psp-kube-prometheus-alertmanager        12s
kube-prometheus-exporter-kube-state      12s
psp-kube-prometheus-exporter-kube-state  12s
psp-kube-prometheus-exporter-node        12s
psp-kube-prometheus-grafana              12s
kube-prometheus                          12s
psp-kube-prometheus                      12s

NOTES:
DEPRECATION NOTICE:

- alertmanager.ingress.fqdn is not used anymore, use alertmanager.ingress.hosts []
- prometheus.ingress.fqdn is not used anymore, use prometheus.ingress.hosts []
- grafana.ingress.fqdn is not used anymore, use prometheus.grafana.hosts []

- additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- prometheus.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- alertmanager.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- exporter-kube-controller-manager.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- exporter-kube-etcd.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- exporter-kube-scheduler.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- exporter-kubelets.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
- exporter-kubernetes.additionalRulesConfigMapLabels is not used anymore, use additionalRulesLabels
[root@k8s-master1 prometheus-operator]#

7.檢測看看pod,svc都起來了嗎？

[root@k8s-master1 prometheus-operator]# kubectl get pod,svc,deployment,servicemonitor -n monitoring
NAME                                                       READY     STATUS    RESTARTS   AGE
pod/alertmanager-kube-prometheus-0                         2/2       Running   0          54m
pod/kube-prometheus-exporter-kube-state-54895dd84c-nj47b   2/2       Running   0          53m
pod/kube-prometheus-grafana-57d5b4d79f-d7dwf               2/2       Running   0          54m
pod/prometheus-kube-prometheus-0                           3/3       Running   0          54m
pod/prometheus-operator-d75587d6-lmqnb                     1/1       Running   0          55m

NAME                                          TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)             AGE
service/alertmanager-operated                 ClusterIP   None             <none>        9093/TCP,6783/TCP   54m
service/kube-prometheus                       ClusterIP   10.254.194.73    <none>        9090/TCP            54m
service/kube-prometheus-alertmanager          ClusterIP   10.254.145.184   <none>        9093/TCP            54m
service/kube-prometheus-exporter-kube-state   ClusterIP   10.254.135.58    <none>        80/TCP              54m
service/kube-prometheus-exporter-node         ClusterIP   10.254.3.37      <none>        9100/TCP            54m
service/kube-prometheus-grafana               ClusterIP   10.254.125.203   <none>        80/TCP              54m
service/prometheus-operated                   ClusterIP   None             <none>        9090/TCP            54m

NAME                                                        DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
deployment.extensions/kube-prometheus-exporter-kube-state   1         1         1            1           54m
deployment.extensions/kube-prometheus-grafana               1         1         1            1           54m
deployment.extensions/prometheus-operator                   1         1         1            1           55m

NAME                                                                                    AGE
servicemonitor.monitoring.coreos.com/kube-prometheus                                    54m
servicemonitor.monitoring.coreos.com/kube-prometheus-alertmanager                       54m
servicemonitor.monitoring.coreos.com/kube-prometheus-exporter-kube-controller-manager   54m
servicemonitor.monitoring.coreos.com/kube-prometheus-exporter-kube-dns                  54m
servicemonitor.monitoring.coreos.com/kube-prometheus-exporter-kube-etcd                 54m
servicemonitor.monitoring.coreos.com/kube-prometheus-exporter-kube-scheduler            54m
servicemonitor.monitoring.coreos.com/kube-prometheus-exporter-kube-state                54m
servicemonitor.monitoring.coreos.com/kube-prometheus-exporter-kubelets                  54m
servicemonitor.monitoring.coreos.com/kube-prometheus-exporter-kubernetes                54m
servicemonitor.monitoring.coreos.com/kube-prometheus-exporter-node                      54m
servicemonitor.monitoring.coreos.com/kube-prometheus-grafana                            54m
servicemonitor.monitoring.coreos.com/prometheus-operator                                55m
[root@k8s-master1 prometheus-operator]#

8.全部起來後，訪問service/kube-prometheus-grafana
可以看到各種監控數據，參考見下:

9.訪問service/kube-prometheus，參考見下:

kubernetes全面監控之prometheus-operator部署

SQL優化-20231016

k8s實踐8:traefik基礎部署(外部訪問kuberntes業務應用)

k8s集羣部署v1.15實踐12:work節點部署kube-proxy

k8s集羣部署v1.15實踐9:部署高可用 kube-scheduler 集羣

k8s實踐4:容器應用配置文件管理利器configmap

k8s實踐18:helm部署安裝grafana配置測試

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結