k8s
组件 资源清单
pod 生命周期
pod 控制器
服务发现
runcher
KubeSphere
Helm
helm命令
helm 常用内置对象
helm 内置函数
helm 的逻辑 和 流程控制
helm 中变量在作用域、列表、元祖、字典中的引用
helm 使用define定义子模版、template和include调用
helm 获取其他文件的内容和文件名
社区的Helm chart仓库
helm几个常用仓库
存储 configMap
进入k8s pod
k8s Node节点的调试
k8s 部署
sealos 部署
kubeadm 1.28部署
增加 node 节点
在aws 上自建k8s
利用NFS动态提供Kubernetes后端存储卷
rook-ceph
CephFS挂载
Ceph Dashboard
ingress
k8s集成kube-prometheus
ServiceMonitor 添加配置
Prometheus 长期远程存储方案 VictoriaMetrics
解决ControllerManager、Scheduler、watchdog监控问题
抓取配置说明
kubernetes配置imagePullSecrets秘钥来拉取镜像
在 Kubernetes 裡跑 curl 來測試內部服務
MetalLB
cloudflare-tunnel-ingress-controller
K8S kubectl 自动补全
argocd
helm部署redis-culster集群
改变默认 StorageClass
自定义指标HPA
istio
kiali
k8s接入graylog
Labels
DNS
HPA
ConfigMap挂载导致容器目录覆盖的问题
污点容忍度
身份认证与权限 RBAC
command
运行crictl ps -a 报错
etcd
cka证书
cert-manager
Kubernetes 创建普通账号
部署 metrics-server 指标
deployment 重启
Kubernetes中如何优雅的解决Pod时区问题
alertmanager
oom killed
eks挂载efs
eks创建集群
eksctl awscli kubectl
污点和容忍度
Kubernetes 删除namespace Terminating解决脚本
k8s 部署 kafka 集群
ack ingress获取客户端客户端真实IP
ingress 反向代理 ws
本文档使用 MrDoc 发布
-
+
首页
k8s集成kube-prometheus
https://github.com/prometheus-operator/kube-prometheus --- 注:在release-0.11版本之后新增了NetworkPolicy 默认是允许自己访问,如果了解NetworkPolicy可以修改一下默认的规则,可以用查看 ls *networkPolicy*,如果不修改的话则会影响到修改NodePort类型也无法访问 如果不会Networkpolicy可以直接删除就行。 ``` kubectl delete networkpolicy --all -n monitoring ``` https://blog.csdn.net/weixin_45444133/article/details/120434811 --- ## 推荐模板  https://grafana.com/grafana/dashboards/13105-1-k8s-for-prometheus-dashboard-20211010/ https://grafana.com/grafana/dashboards/16098-1-node-exporter-for-prometheus-dashboard-cn-0417-job/ ## 修改类型为 NodePort 为了可以从外部访问prometheus,alertmanager,grafana,我们这里修改promethes,alertmanager,grafana的service类型为NodePort类型。 * 修改prometheus的service ``` cat prometheus-service.yaml apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: prometheus app.kubernetes.io/name: prometheus app.kubernetes.io/part-of: kube-prometheus app.kubernetes.io/version: 2.29.1 prometheus: k8s name: prometheus-k8s namespace: monitoring spec: type: NodePort # 新增 ports: - name: web port: 9090 nodePort: 30090 # 新增 targetPort: web selector: app: prometheus app.kubernetes.io/component: prometheus app.kubernetes.io/name: prometheus app.kubernetes.io/part-of: kube-prometheus prometheus: k8s sessionAffinity: ClientIP ``` * 修改alertmanager的service ``` apiVersion: v1 kind: Service metadata: labels: alertmanager: main app.kubernetes.io/component: alert-router app.kubernetes.io/name: alertmanager app.kubernetes.io/part-of: kube-prometheus app.kubernetes.io/version: 0.22.2 name: alertmanager-main namespace: monitoring spec: type: NodePort # 新增 ports: - name: web port: 9093 nodePort: 30093 # 新增 targetPort: web selector: alertmanager: main app: alertmanager app.kubernetes.io/component: alert-router app.kubernetes.io/name: alertmanager app.kubernetes.io/part-of: kube-prometheus sessionAffinity: ClientIP ``` * 修改grafana的service ``` cat grafana-service.yaml apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: grafana app.kubernetes.io/name: grafana app.kubernetes.io/part-of: kube-prometheus app.kubernetes.io/version: 8.1.1 name: grafana namespace: monitoring spec: type: NodePort # 新增 ports: - name: http port: 3000 nodePort: 32000 # 新增 targetPort: http selector: app.kubernetes.io/component: grafana app.kubernetes.io/name: grafana app.kubernetes.io/part-of: kube-prometheus ``` ## 通过Ingres访问Prometheus ``` cat > prometheus-ingress.yaml << 'EOF' apiVersion: networking.k8s.io/v1 kind: Ingress metadata: namespace: monitoring name: prometheus-ingress spec: ingressClassName: nginx rules: - host: grafana.davidops.info # 访问 Grafana 域名 http: paths: - pathType: Prefix path: "/" backend: service: name: grafana port: number: 3000 - host: prometheus.davidops.info # 访问 Prometheus 域名 http: paths: - path: / pathType: Prefix backend: service: name: prometheus-k8s port: number: 9090 - host: alertmanager.davidops.info # 访问 alertmanager 域名 http: paths: - path: / pathType: Prefix backend: service: name: alertmanager-main port: number: 9093 EOF ``` ## grafana 集成ldap https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/ldap/ ``` # vim ./grafana-config.yaml apiVersion: v1 kind: Secret metadata: labels: app.kubernetes.io/component: grafana app.kubernetes.io/name: grafana app.kubernetes.io/part-of: kube-prometheus app.kubernetes.io/version: 9.5.3 name: grafana-config namespace: monitoring stringData: grafana.ini: | [date_formats] default_timezone = UTC [auth.ldap] enabled = true config_file = /etc/grafana/ldap.toml allow_sign_up = true ldap.toml: | [[servers]] host = "129.168.1.116" port = 389 use_ssl = false start_tls = false ssl_skip_verify = false bind_dn = "cn=admin,dc=leg,dc=cg" bind_password = 'admin' search_filter = "(cn=%s)" search_base_dns = ["ou=People,dc=leg,dc=cg"] [servers.attributes] member_of = "memberOf" email = "email" ``` # 自定义配置 https://www.cnblogs.com/koktlzz/p/15268185.html https://ytool.cloud/logs/prometheus/operator.html
admin
2024年2月4日 17:38
转发文档
收藏文档
上一篇
下一篇
手机扫码
复制链接
手机扫一扫转发分享
复制链接
Markdown文件
分享
链接
类型
密码
更新密码