自定义Helm项目
bash
[root@ip-172-31-26-146 domain-exporter]# tree
.
├── Chart.yaml
├── domain-values.yaml
├── templates
│ ├── _helpers.tpl
│ ├── configmap.yaml
│ ├── deployment.yaml
│ ├── service.yaml
│ └── servicemonitor.yaml
└── values.yamlChart.yaml文本
yaml
apiVersion: v2
name: domain-exporter
description: A Helm chart for Kubernetes to deploy domain_exporter
type: application
version: 0.1.0
appVersion: "1.24.1" # 对应 caarlos0/domain_exporter 的版本domain-values.yaml文本
yaml
domains:
# 对于 parasial.net,改用对象格式,并指定 host
#- name: parasial.network
# host: whois.godaddy.com # <--- 这里填你的注册商 WHOIS 服务器
- a.network
- b.ventures
- c.io
serviceMonitor:
enabled: true # 如果你有 Prometheus Operator
labels:
release: kube-prometheus # 根据你的 Prometheus 实例标签进行调整templates/_helpers.tpl文本
yaml
{{/*
Expand the name of the chart.
*/}}
{{- define "domain-exporter.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
*/}}
{{- define "domain-exporter.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "domain-exporter.labels" -}}
helm.sh/chart: {{ include "domain-exporter.chart" . }}
{{ include "domain-exporter.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "domain-exporter.selectorLabels" -}}
app.kubernetes.io/name: {{ include "domain-exporter.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "domain-exporter.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}templates/configmap.yaml文本
yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "domain-exporter.fullname" . }}
labels:
{{- include "domain-exporter.labels" . | nindent 4 }}
data:
domain-exporter.yaml: |
domains:
{{- range .Values.domains }}
{{- if kindIs "string" . }}
- name: {{ . }}
{{- else }}
- name: {{ .name }}
{{- if .host }}
host: {{ .host }}
{{- end }}
{{- end }}
{{- end }}templates/deployment.yaml文本
yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "domain-exporter.fullname" . }}
labels:
{{- include "domain-exporter.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- include "domain-exporter.selectorLabels" . | nindent 6 }}
template:
metadata:
annotations:
# 确保 ConfigMap 变更时 Pod 会重启
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
# 为没有 ServiceMonitor 的 Prometheus 添加注解
prometheus.io/scrape: "true"
prometheus.io/port: "9222"
labels:
{{- include "domain-exporter.selectorLabels" . | nindent 8 }}
spec:
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
args:
- "--config"
- "/etc/domain_exporter/domain-exporter.yaml" # <--- 修改这里:后缀改为 .yaml
- "--bind"
- ":9222"
#- "--log-format" # 建议加上 json 格式日志,方便排查
#- "json"
ports:
- name: http
containerPort: 9222
protocol: TCP
livenessProbe:
httpGet:
path: /metrics
port: http
readinessProbe:
httpGet:
path: /metrics
port: http
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumeMounts:
- name: config
mountPath: /etc/domain_exporter
readOnly: true
volumes:
- name: config
configMap:
name: {{ include "domain-exporter.fullname" . }}templates/service.yaml文本
yaml
apiVersion: v1
kind: Service
metadata:
name: {{ include "domain-exporter.fullname" . }}
labels:
{{- include "domain-exporter.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "domain-exporter.selectorLabels" . | nindent 4 }}templates/servicemonitor.yaml文本
yaml
{{- if .Values.serviceMonitor.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ include "domain-exporter.fullname" . }}
labels:
{{- include "domain-exporter.labels" . | nindent 4 }}
{{- if .Values.serviceMonitor.labels }}
{{- toYaml .Values.serviceMonitor.labels | nindent 4 }}
{{- end }}
spec:
selector:
matchLabels:
{{- include "domain-exporter.selectorLabels" . | nindent 6 }}
endpoints:
- port: http
interval: {{ .Values.serviceMonitor.interval }}
scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }}
{{- end }}values.yaml
yaml
# 镜像配置
image:
repository: caarlos0/domain_exporter
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: "v1.24.1"
# 副本数
replicaCount: 1
# 服务配置
service:
type: ClusterIP
port: 9222
# 要监控的域名列表 (在此处修改)
domains:
- google.com
- github.com
- your-domain.com
# 资源限制
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 10m
memory: 32Mi
# Prometheus ServiceMonitor 配置 (如果你使用 Prometheus Operator)
serviceMonitor:
enabled: false
# namespace: monitoring
labels: {}
interval: 1m
scrapeTimeout: 30s2、部署domain-exporter
bash
helm upgrade --install domain . -n monitoring -f domain-values.yaml3、验证
bash
[root@ip-172-31-26-146 domain-exporter]# helm list -n monitoring
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
domain monitoring 13 2025-12-16 07:27:09.287695031 +0000 UTC deployed domain-exporter-0.1.0 1.24.14、创建alert rules
包括domain注册过期时间以及ssl证书过期时间
yaml
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: domain-monitoring-alerts
namespace: monitoring
labels:
# 关键!这个 label 必须和你的 kube-prometheus-stack 的匹配规则一致
# 也就是之前你在 ServiceMonitor 里用的那个 release 名称
release: kube-prometheus
spec:
groups:
# ==============================
# 组 1: SSL 证书监控 (Blackbox)
# ==============================
- name: ssl-expiry-alerts
rules:
# 告警级别:警告 (剩余时间 < 10 天)
- alert: SslCertificateExpiringSoon
expr: (probe_ssl_earliest_cert_expiry - time()) < 86400 * 10
for: 10m
labels:
severity: warning
annotations:
summary: "SSL证书将在30天内过期: {{ $labels.instance }}"
description: "域名 {{ $labels.instance }} 的 SSL 证书还有 {{ humanizeDuration (query (printf \"probe_ssl_earliest_cert_expiry{instance='%s'} - time()\" .Labels.instance)) }} 过期。"
# 告警级别:严重 (剩余时间 < 7 天)
- alert: SslCertificateExpiringCritical
expr: (probe_ssl_earliest_cert_expiry - time()) < 86400 * 5
for: 5m
labels:
severity: critical
annotations:
summary: "SSL证书将在7天内过期 (严重): {{ $labels.instance }}"
description: "紧急!域名 {{ $labels.instance }} 的 SSL 证书将在 1 周内过期,请立即续费!"
# ==============================
# 组 2: 域名有效期监控 (Domain Exporter)
# ==============================
- name: domain-expiry-alerts
rules:
# 假设你的 domain-exporter 指标是 domain_expiry_days
# 如果是时间戳,请参考上面 SSL 的写法:(metric - time()) < ...
# 告警级别:警告 (剩余天数 < 10 天)
- alert: DomainExpiringSoon
expr: domain_expiry_days < 10
for: 10m
labels:
severity: warning
annotations:
summary: "域名将在30天内过期: {{ $labels.domain }}"
description: "域名 {{ $labels.domain }} 将在 {{ $value }} 天后过期,请安排续费。"
# 告警级别:严重 (剩余天数 < 5 天)
- alert: DomainExpiringCritical
expr: domain_expiry_days < 5
for: 5m
labels:
severity: critical
annotations:
summary: "域名将在7天内过期 (严重): {{ $labels.domain }}"
description: "紧急!域名 {{ $labels.domain }} 只有 {{ $value }} 天有效期了,请立即处理!"部署
bash
[root@ip-172-31-26-146 prometheus-blackbox-exporter]# kubectl apply -f domain-ssl-rules.yaml