书籍来源:《CKA/CKAD应试指南:从Docker到Kubernetes完全攻略》
一边学习一边整理老师的课程内容及试验笔记,并与大家分享,侵权即删,谢谢支持!
附上汇总贴:CKA备考实验 | 汇总-CSDN博客
14.4节讲了helm的使用,这一节主要用helm部署prometheus,来监控我们的k8s集群。
首先看一个简单的架构图,了解一下prometheus的结构,如图14-2所示。
exporter是用来收集数据的,要监测不同的东西,就需要有不同的exporter。比如要监测mysql,需要创建一个mysql的exporter,要监测pod,则需要pod的exporter,要监测kube-proxy,需要一个kube-proxy的exporter等。
prometheus server会从exporter获取并存储数据,然后通过grafana进行画图,这样可以以图形化的界面展示出当前环境的负载情况,如图14-3所示。
prometheus Operator是CoreOS基于prometheus开发的专门面向kubernetes的一套监控方案,以简化prometheus在kubernetes环境下的部署及配置。下面开始部署Prometheus Operator。
因为前面创建了很多的pod,为了看得清晰一些,单独创建一个命名空间mon,并进入此命名空间。
步骤1:创建命名空间mon并切换到此命名空间。
##########实操验证##########
[root@vms10 ~]# kubectl create ns mon
namespace/mon created
[root@vms10 ~]# kubens mon
Context "kubernetes-admin@kubernetes" modified.
Active namespace is "mon".
[root@vms10 ~]#
步骤2:直接从azure仓库安装prometheus-operator。
##########实操验证##########
[root@vms10 ~]# helm install mon ali/prometheus-operator
Error: failed to download "ali/prometheus-operator" (hint: running `helm repo update` may help)
[root@vms10 ~]# helm install mon github/prometheus-operator
WARNING: This chart is deprecated
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
NAME: mon
LAST DEPLOYED: Wed Sep 27 14:44:40 2023
NAMESPACE: mon
STATUS: deployed
REVISION: 1
NOTES:
*******************
*** DEPRECATED ****
*******************
* stable/prometheus-operator chart is deprecated.
* Further development has moved to https://github.com/prometheus-community/helm-charts
* The chart has been renamed kube-prometheus-stack to more clearly reflect
* that it installs the `kube-prometheus` project stack, within which Prometheus
* Operator is only one component.
The Prometheus Operator has been installed. Check its status by running:
kubectl --namespace mon get pods -l "release=mon"
Visit https://github.com/coreos/prometheus-operator for instructions on how
to create & configure Alertmanager and Prometheus instances using the Operator.
[root@vms10 ~]#
步骤3:等待一段时间之后,确保所有的pod状态都是正常运行的。
##########实操验证##########
[root@vms10 ~]# kubectl get pods --no-headers
alertmanager-mon-prometheus-operator-alertmanager-0 2/2 Running 0 84s
mon-grafana-6864b79886-tq2sk 2/2 Running 0 2m6s
mon-kube-state-metrics-547c46cbfc-zsttq 1/1 Running 0 2m6s
mon-prometheus-node-exporter-msqmc 1/1 Running 0 2m6s
mon-prometheus-node-exporter-pvn7p 1/1 Running 0 2m6s
mon-prometheus-node-exporter-r9xsg 1/1 Running 0 2m6s
mon-prometheus-operator-operator-576b76984c-bb852 2/2 Running 0 2m6s
prometheus-mon-prometheus-operator-prometheus-0 3/3 Running 1 75s
[root@vms10 ~]#
因为我们要浏览grafana,所以这里先把grafana的服务类型改为NodePort。
步骤4:修改服务grafana的类型为NodePort。
##########实操验证##########
[root@vms10 ~]# kubectl get svc --no-headers
alertmanager-operated ClusterIP None <none> 9093/TCP,9094/TCP,9094/UDP 103s
mon-grafana ClusterIP 10.110.120.22 <none> 80/TCP 2m24s
mon-kube-state-metrics ClusterIP 10.102.207.203 <none> 8080/TCP 2m24s
mon-prometheus-node-exporter ClusterIP 10.96.1.184 <none> 9100/TCP 2m24s
mon-prometheus-operator-alertmanager ClusterIP 10.100.187.2 <none> 9093/TCP 2m24s
mon-prometheus-operator-operator ClusterIP 10.106.58.243 <none> 8080/TCP,443/TCP 2m24s
mon-prometheus-operator-prometheus ClusterIP 10.103.254.82 <none> 9090/TCP 2m24s
prometheus-operated ClusterIP None <none> 9090/TCP 93s
[root@vms10 ~]#
通过命令kubectl edit svc mon-grafana,把mon-grafana的服务类型改为NodePort,获得nodeport端口为31041(这个端口是随机生成的,每个人的不一样)。
##########实操验证##########
[root@vms10 ~]# kubectl edit svc mon-grafana
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
annotations:
meta.helm.sh/release-name: mon
meta.helm.sh/release-namespace: mon
creationTimestamp: "2023-09-27T06:45:07Z"
labels:
app.kubernetes.io/instance: mon
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: grafana
app.kubernetes.io/version: 7.0.3
helm.sh/chart: grafana-5.3.0
name: mon-grafana
namespace: mon
resourceVersion: "44100"
uid: 161a7f89-d60f-43e5-bf71-e9b7bcc8e018
spec:
clusterIP: 10.110.120.22
clusterIPs:
- 10.110.120.22
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports:
- name: service
port: 80
protocol: TCP
targetPort: 3000
selector:
app.kubernetes.io/instance: mon
app.kubernetes.io/name: grafana
sessionAffinity: None
type: NodePort
status:
loadBalancer: {}
[root@vms10 ~]# kubectl get svc --no-headers
alertmanager-operated ClusterIP None <none> 9093/TCP,9094/TCP,9094/UDP 3m26s
mon-grafana NodePort 10.110.120.22 <none> 80:31345/TCP 4m7s
mon-kube-state-metrics ClusterIP 10.102.207.203 <none> 8080/TCP 4m7s
mon-prometheus-node-exporter ClusterIP 10.96.1.184 <none> 9100/TCP 4m7s
mon-prometheus-operator-alertmanager ClusterIP 10.100.187.2 <none> 9093/TCP 4m7s
mon-prometheus-operator-operator ClusterIP 10.106.58.243 <none> 8080/TCP,443/TCP 4m7s
mon-prometheus-operator-prometheus ClusterIP 10.103.254.82 <none> 9090/TCP 4m7s
prometheus-operated ClusterIP None <none> 9090/TCP 3m16s
[root@vms10 ~]#
在浏览器里输入192.168.26.10:31041,如图14-4所示。
这里用户名和密码分别是多少呢?我们来查一下。
步骤5:查看当前命名空间里的secret。
##########实操验证##########
[root@vms10 ~]# kubectl get secrets | grep grafana
mon-grafana Opaque 3 4m59s
mon-grafana-test-token-mk47s kubernetes.io/service-account-token 3 4m59s
mon-grafana-token-b9tvr kubernetes.io/service-account-token 3 4m59s
[root@vms10 ~]#
查看名字为mon-grafana的secret的具体信息。
##########实操验证##########
[root@vms10 ~]# kubectl get secrets mon-grafana -o yaml | head -5
apiVersion: v1
data:
admin-password: cHJvbS1vcGVyYXRvcg==
admin-user: YWRtaW4=
ldap-toml: ""
[root@vms10 ~]#
这里黑体字admin-usr是用户名,admin-password是密码,分别是用base64编码过的,现在需要解码。
##########实操验证##########
[root@vms10 ~]# echo -n "YWRtaW4=" | base64 -d
admin[root@vms10 ~]#
[root@vms10 ~]# echo -n "cHJvbS1vcGVyYXRvcg==" | base64 -d
prom-operator[root@vms10 ~]#
[root@vms10 ~]#
可以得到,用户名为admin,密码为prom-operator。
步骤6:登录grafana,之后依次单击“设置”-->“Data Sources”,如图14-5所示。
可以看到这里已经把prometheus添加到数据源了,如图14-6所示。
单击最下方的Test,会看到已经成功连接数据源,如图14-7所示。
依次单击左上角的Logo,然后单击Home,如图14-8。
此时会显示出很多监测项,如图14-9所示。
这里单击Pods,就能看到pod相关的监控信息,如图14-10所示。
发布于 2023-09-27 15:03・IP 属地广东