前言:
满心欢天喜地为了方便,直接购买了阿里云的K8S,是方便了很多操作,但是也不乏有很多的新坑,今天就说说搭建prometheus的坑
为了更好的监控K8S以及JVM的信息,所以采用搭建k8s里面搭建prometheus系统
环境:
阿里云的K8S V1.11
步骤:
1.clone github k8s项目,并切换分支v1.11,然后进入kubernetes/cluster/addons/prometheus
git clone https://github.com/kubernetes/kubernetes.git2.prometheus持久化设置,新增2个PV(具体根据 alertmanager-pvc.yaml prometheus-statefulset.yaml设置,自己设置持久化存储)
--- apiVersion: v1 kind: PersistentVolume metadata: name: prometheus-pv spec: storageClassName: standard capacity: storage: 16Gi accessModes: - ReadWriteOnce nfs: path: /data/prometheus/prometheus-data server: 192.168.0.34 --- apiVersion: v1 kind: PersistentVolume metadata: name: alertmanager-pv spec: storageClassName: standard capacity: storage: 2Gi accessModes: - ReadWriteOnce nfs: path: /data/prometheus/alertmanager-data server: 192.168.0.343.如果需要暴露prometheus server端口,修改prometheus-service.yaml ,根据自己生产修改端口,并设置type为NodePort
spec: ports: - name: http port: 9090 protocol: TCP targetPort: 9090 nodePort: 32189 type: NodePort4.应用配置
kubectl apply -f .5.进入prometheus server检查 http://ip:nodeport
注意:默认阿里云环境kubernetes-nodes-cadvisor kubernetes-nodes-kubelet 会报错401,无法检测数据
根据https://github.com/coreos/prometheus-operator/tree/master/contrib/kube-prometheus需要修改kubelet配置文件
kubelet需要开启--authentication-token-webhook=true --authorization-mode=Webhook两个参数才能采集
阿里云K8S每个node修改
阿里云环境修改/etc/systemd/system/kubelet.service.d/10-kubeadm.conf吧原来的 Environment="KUBELET_AUTHZ_ARGS=--authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/ca.crt" 改为 Environment="KUBELET_AUTHZ_ARGS=--authorization-mode=Webhook --authentication-token-webhook=true --client-ca-file=/etc/kubernetes/pki/ca.crt" 从新systemctl daemon-reload&&systemctl restart kubelet就正常了
git地址:
kuberbetes项目地址:https://github.com/kubernetes/kubernetes.git
对应prometheus addone组件:https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/prometheus
评论区