配置文件编辑
# cat prometheus-config.yaml
apiVersion: v1
kind: Namespace
metadata:
name: kube-prom
---
apiVersion: v1
kind: ConfigMap
metadata:
name: prometheus-config
namespace: kube-prom
data:
prometheus.yml: |
global:
scrape_interval: 10s
evaluation_interval: 10s
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
# https://github.com/prometheus/prometheus/blob/release-2.21/documentation/examples/prometheus-kubernetes.yml
- job_name: 'kubernetes-apiservers'
kubernetes_sd_configs:
- role: endpoints
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
relabel_configs:
- source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
action: keep
regex: default;kubernetes;https
- job_name: 'kubernetes-nodes'
kubernetes_sd_configs:
- role: node
relabel_configs:
- source_labels: [__address__]
regex: (.*):10250
replacement: ${1}:9100
action: replace
target_label: __address__
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- job_name: 'kubernetes-pods'
kubernetes_sd_configs:
- role: pod
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
- job_name: 'kubernetes-cadvisor'
scheme: https
tls_config:
ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
kubernetes_sd_configs:
- role: node
relabel_configs:
- target_label: __address__
replacement: kubernetes.default.svc:443
- source_labels: [__meta_kubernetes_node_name]
regex: (.+)
replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor
target_label: __metrics_path__
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)部署
# kubectl apply -f prometheus-config.yaml
namespace/kube-prom created
configmap/prometheus-config createdpod yaml文件编辑
# cat prometheus.yaml
apiVersion: v1
kind: Namespace
metadata:
name: kube-prom
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: prometheus
namespace: kube-prom
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: prometheus
rules:
- apiGroups: [""]
resources:
- nodes
- nodes/proxy
- services
- endpoints
- pods
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources:
- configmaps
- nodes/metrics
verbs: ["get", "list", "watch"]
- nonResourceURLs: ["/metrics"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: prometheus
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: prometheus
subjects:
- kind: ServiceAccount
name: prometheus
namespace: kube-prom
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
name: prometheus
name: prometheus
namespace: kube-prom
spec:
replicas: 1
selector:
matchLabels:
app: prometheus
template:
metadata:
labels:
app: prometheus
spec:
nodeSelector:
disktype: ssd
serviceAccountName: prometheus
hostAliases:
- ip: 192.168.12.9
hostnames:
- "k8s-master"
- ip: 192.168.12.16
hostnames:
- "k8s-worker01"
- ip: 192.168.12.17
hostnames:
- "k8s-worker02"
containers:
- image: registry.cn-beijing.aliyuncs.com/mayaping/prometheus:v2.0.0
name: prometheus
command:
- "/bin/prometheus"
args:
- "--config.file=/etc/prometheus/prometheus.yml"
- "--storage.tsdb.path=/prometheus"
- "--storage.tsdb.retention=72h"
- "--web.enable-admin-api"
- "--web.enable-lifecycle"
securityContext:
privileged: true
runAsUser: 0
ports:
- containerPort: 9090
protocol: TCP
volumeMounts:
- mountPath: "/prometheus"
name: data
- mountPath: "/etc/prometheus"
name: config-volume
resources:
requests:
cpu: 100m
memory: 100Mi
limits:
cpu: 5000m
memory: 2500Mi
volumes:
- name: data
hostPath:
path: /opt/data/prometheus
- name: config-volume
configMap:
name: prometheus-config
---
apiVersion: v1
kind: Service
metadata:
name: prometheus
namespace: kube-prom
labels:
app: prometheus
spec:
ports:
- name: http
port: 9090
protocol: TCP
targetPort: 9090
nodePort: 9090
selector:
app: prometheus
type: NodePorthostAliases:
部署
# kubectl apply -f prometheus.yaml
namespace/kube-prom unchanged
serviceaccount/prometheus created
clusterrole.rbac.authorization.k8s.io/prometheus created
clusterrolebinding.rbac.authorization.k8s.io/prometheus created
deployment.apps/prometheus created
service/prometheus created访问测试
# curl http://192.168.12.9:9090
<a href="/graph">Found</a>.查看服务启动情况
# kubectl get pods --namespace kube-prom
NAME READY STATUS RESTARTS AGE
prometheus-7749bcdfd8-g2hmx 1/1 Running 0 60s