Kubernetes实战:部署集群监控prometheus-operator

1. 下载最新版、解压

wget https://github.com/coreos/prometheus-operator/archive/v0.23.2.tar.gz

2. 部署

官方提示默认在default命名空间下创建,这里我们修改一下

Note: make sure to adapt the namespace in the ClusterRoleBinding if deploying in another namespace than the default namespace.

编辑prometheus-operator-0.23.2目录下的bundle.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: prometheus-operator
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: prometheus-operator
subjects:
- kind: ServiceAccount
  name: prometheus-operator
  namespace: monitoring
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: prometheus-operator
rules:
- apiGroups:
  - apiextensions.k8s.io
  resources:
  - customresourcedefinitions
  verbs:
  - '*'
- apiGroups:
  - monitoring.coreos.com
  resources:
  - alertmanagers
  - prometheuses
  - prometheuses/finalizers
  - alertmanagers/finalizers
  - servicemonitors
  - prometheusrules
  verbs:
  - '*'
- apiGroups:
  - apps
  resources:
  - statefulsets
  verbs:
  - '*'
- apiGroups:
  - ""
  resources:
  - configmaps
  - secrets
  verbs:
  - '*'
- apiGroups:
  - ""
  resources:
  - pods
  verbs:
  - list
  - delete
- apiGroups:
  - ""
  resources:
  - services
  - endpoints
  verbs:
  - get
  - create
  - update
- apiGroups:
  - ""
  resources:
  - nodes
  verbs:
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - namespaces
  verbs:
  - list
  - watch
---
apiVersion: apps/v1beta2
kind: Deployment
metadata:
  labels:
    k8s-app: prometheus-operator
  name: prometheus-operator
  namespace: monitoring
spec:
  replicas: 1
  selector:
    matchLabels:
      k8s-app: prometheus-operator
  template:
    metadata:
      labels:
        k8s-app: prometheus-operator
    spec:
      containers:
      - args:
        - --kubelet-service=kube-system/kubelet
        - --logtostderr=true
        - --config-reloader-image=quay.io/coreos/configmap-reload:v0.0.1
        - --prometheus-config-reloader=quay.io/coreos/prometheus-config-reloader:v0.23.2
        image: quay.io/coreos/prometheus-operator:v0.23.2
        name: prometheus-operator
        ports:
        - containerPort: 8080
          name: http
        resources:
          limits:
            cpu: 200m
            memory: 200Mi
          requests:
            cpu: 100m
            memory: 100Mi
        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
      nodeSelector:
        beta.kubernetes.io/os: linux
      securityContext:
        runAsNonRoot: true
        runAsUser: 65534
      serviceAccountName: prometheus-operator
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: prometheus-operator
  namespace: monitoring

⚠️注意:上文有三处namespace需要修改

-> 执行创建

kubectl create -f bundle.yaml 

-> 部署kube-prometheus

kubectl create -f prometheus-operator-0.23.2/contrib/kube-prometheus/manifests

-> 查看结果

[root@master manifests]# kubectl get all -n monitoring 
NAME                                       READY     STATUS    RESTARTS   AGE
pod/alertmanager-main-0                    2/2       Running   0          3h
pod/alertmanager-main-1                    2/2       Running   0          3h
pod/alertmanager-main-2                    2/2       Running   0          3h
pod/grafana-8668cff847-dxl8p               1/1       Running   0          3h
pod/kube-state-metrics-f884b88b-5cg5t      4/4       Running   0          3h
pod/node-exporter-cx8pq                    2/2       Running   0          3h
pod/node-exporter-knvm4                    2/2       Running   0          3h
pod/node-exporter-whdx7                    2/2       Running   0          3h
pod/node-exporter-zjx4s                    2/2       Running   0          3h
pod/prometheus-k8s-0                       3/3       Running   1          3h
pod/prometheus-k8s-1                       3/3       Running   1          3h
pod/prometheus-operator-6694d94d6b-jbjvh   1/1       Running   0          3h

NAME                            TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)             AGE
service/alertmanager-main       NodePort    10.105.80.137    <none>        9093:31113/TCP      3h
service/alertmanager-operated   ClusterIP   None             <none>        9093/TCP,6783/TCP   3h
service/grafana                 NodePort    10.101.237.193   <none>        3000:31112/TCP      3h
service/kube-state-metrics      ClusterIP   None             <none>        8443/TCP,9443/TCP   3h
service/node-exporter           ClusterIP   None             <none>        9100/TCP            3h
service/prometheus-k8s          NodePort    10.106.94.116    <none>        9090:31114/TCP      3h
service/prometheus-operated     ClusterIP   None             <none>        9090/TCP            3h
service/prometheus-operator     ClusterIP   None             <none>        8080/TCP            3h

NAME                           DESIRED   CURRENT   READY     UP-TO-DATE   AVAILABLE   NODE SELECTOR                 AGE
daemonset.apps/node-exporter   4         4         4         4            4           beta.kubernetes.io/os=linux   3h

NAME                                  DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/grafana               1         1         1            1           3h
deployment.apps/kube-state-metrics    1         1         1            1           3h
deployment.apps/prometheus-operator   1         1         1            1           3h

NAME                                             DESIRED   CURRENT   READY     AGE
replicaset.apps/grafana-8668cff847               1         1         1         3h
replicaset.apps/kube-state-metrics-6dfc9b9844    0         0         0         3h
replicaset.apps/kube-state-metrics-f884b88b      1         1         1         3h
replicaset.apps/prometheus-operator-6694d94d6b   1         1         1         3h

NAME                                 DESIRED   CURRENT   AGE
statefulset.apps/alertmanager-main   3         3         3h
statefulset.apps/prometheus-k8s      2         2         3h

修改访问方式(集群外部访问)
svc的访问方式改为NodePort模式,使用kubectl edit svc [svcname] -n monitoring方式修改

[root@master manifests]# kubectl get svc -n monitoring 
alertmanager-main       NodePort    10.105.80.137    <none>        9093:31113/TCP      3h
alertmanager-operated   ClusterIP   None             <none>        9093/TCP,6783/TCP   3h
grafana                 NodePort    10.101.237.193   <none>        3000:31112/TCP      3h
kube-state-metrics      ClusterIP   None             <none>        8443/TCP,9443/TCP   3h
node-exporter           ClusterIP   None             <none>        9100/TCP            3h
prometheus-k8s          NodePort    10.106.94.116    <none>        9090:31114/TCP      3h
prometheus-operated     ClusterIP   None             <none>        9090/TCP            3h
prometheus-operator     ClusterIP   None             <none>        8080/TCP            3h

3. 测试

访问alertmanager-main
https://masterIp:31113

访问prometheus-k8s
https://masterIp:31114

访问grafana
https://masterIp:31112

输入密码就可以了(初始化用户名密码admin)

推荐阅读更多精彩内容