Prometheus Consul Blackbox | export 监控实现

pivoteic
发布于 2023-7-12 17:33
浏览
0收藏

前言:

• blackbox_exporter

是Prometheus 官方提供的 exporter 之一,主要提供http、dns、tcp、icmp 的监控数据采集。

• Consul

主要提供,服务发现,健康检查,等功能,本次集成主要使用到服务发现功能。

本文主要实现,基于consul_sd_config  & consul 的 prometheus  服务发现,实现网路设备ping监控,站点可用行监控,以及证书相关信息监控。

安装环境:

• k8s

• consul

• Prometheus

• blackbox_exporter

1:  Consul 安装

1.1:使用helm 安装 consul

Bash
# 添加 consul helm 源
helm repo add hashicorp https://helm.releases.hashicorp.com
# 安装consul 
helm -n consul  install  \
--set storageClass=alicloud-disk-efficiency  \
consul hashicorp/consul \
--version=0.32.1

1.2:查看服务安装状态

Bash
[root@xxxxxxxx consul_install]# kubectl -n consul get pods
NAME                     READY   STATUS    RESTARTS   AGE
consul-consul-9lxfc      1/1     Running   0          6d1h
consul-consul-ntqcf      1/1     Running   0          6d1h
consul-consul-q7c6f      1/1     Running   0          6d1h
consul-consul-server-0   1/1     Running   0          6d1h
consul-consul-server-1   1/1     Running   0          6d1h
consul-consul-server-2   1/1     Running   0          6d1h

1.3:nginx-ingress consul

• consul_ingress.yml

Bash
# consul.xxxxxx.cn  ----->  替换为正确域名

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: consul-ingress
  namespace: consul
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: consul.xxxxxx.cn
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: consul-consul-ui
            port: 
              number: 80

• 执行部署

Bash
kubectl apply -f consul_ingress.yml

1.4:访问测试

2: Blackbox_export

2.1:blackbox 安装

• blackbox-exporter-config.yaml

Bash
apiVersion: v1
kind: ConfigMap
metadata:
  name: blackbox-exporter
  labels:
    app: blackbox-exporter
data:
  blackbox.yml: |-
    modules:
      ## ----------- DNS 检测配置 -----------
      dns_tcp:  
        prober: dns
        dns:
          transport_protocol: "tcp"
          preferred_ip_protocol: "ip4"
          query_name: "kubernetes.default.svc.cluster.local" # 用于检测域名可用的网址
          query_type: "A" 
      ## ----------- TCP 检测模块配置 -----------
      tcp_connect:
        prober: tcp
        timeout: 5s
      ## ----------- ICMP 检测配置 -----------
      ping:
        prober: icmp
        timeout: 5s
        icmp:
          preferred_ip_protocol: "ip4"
      ## ----------- HTTP GET 2xx 检测模块配置 -----------
      http_get_2xx:  
        prober: http
        timeout: 10s
        http:
          method: GET
          preferred_ip_protocol: "ip4"
          valid_http_versions: ["HTTP/1.1","HTTP/2"]
          valid_status_codes: [200]           # 验证的HTTP状态码,默认为2xx
          no_follow_redirects: false          # 是否不跟随重定向
      ## ----------- HTTP GET 3xx 检测模块配置 -----------
      http_get_3xx:  
        prober: http
        timeout: 10s
        http:
          method: GET
          preferred_ip_protocol: "ip4"
          valid_http_versions: ["HTTP/1.1","HTTP/2"]
          valid_status_codes: [301,302,304,305,306,307]  # 验证的HTTP状态码,默认为2xx
          no_follow_redirects: false                     # 是否不跟随重定向
      ## ----------- HTTP POST 监测模块 -----------
      http_post_2xx: 
        prober: http
        timeout: 10s
        http:
          method: POST
          preferred_ip_protocol: "ip4"
          valid_http_versions: ["HTTP/1.1", "HTTP/2"]
          #headers:                             # HTTP头设置
          #  Content-Type: application/json
          #body: '{}'                           # 请求体设置

• blackbox-exporter-deploy.yaml

Bash
apiVersion: v1
kind: Service
metadata:
  name: blackbox-exporter
  labels:
    k8s-app: blackbox-exporter
spec:
  type: ClusterIP
  ports:
  - name: http
    port: 9115
    targetPort: 9115
  selector:
    k8s-app: blackbox-exporter
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: blackbox-exporter
  labels:
    k8s-app: blackbox-exporter
spec:
  replicas: 1
  selector:
    matchLabels:
      k8s-app: blackbox-exporter
  template:
    metadata:
      labels:
        k8s-app: blackbox-exporter
    spec:
      containers:
      - name: blackbox-exporter
        image: prom/blackbox-exporter:v0.19.0
        args:
        - --config.file=/etc/blackbox_exporter/blackbox.yml
        - --web.listen-address=:9115
        - --log.level=info
        ports:
        - name: http
          containerPort: 9115
        resources:
          limits:
            cpu: 3
            memory: 6000Mi
          requests:
            cpu: 100m
            memory: 50Mi
        livenessProbe:
          tcpSocket:
            port: 9115
          initialDelaySeconds: 5
          timeoutSeconds: 5
          periodSeconds: 10
          successThreshold: 1
          failureThreshold: 3
        readinessProbe:
          tcpSocket:
            port: 9115
          initialDelaySeconds: 5
          timeoutSeconds: 5
          periodSeconds: 10
          successThreshold: 1
          failureThreshold: 3
        volumeMounts:
        - name: config
          mountPath: /etc/blackbox_exporter
      volumes:
      - name: config
        configMap:
          name: blackbox-exporter
          defaultMode: 420

• 执行安装

Bash
kubectl apply -f blackbox-exporter-deploy.yaml
kubectl apply -f blackbox-exporter-config.yaml

2.2:nginx ingress blackbox-exporter • blackbox_ingress.yml

Bash
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: blackbox-ingress
  namespace: monitoring
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: blackbox-devops.xxx
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: blackbox-exporter
            port:
              number: 9115

• 执行安装

Bash
kubectl apply -f blackbox_ingress.yml

3: rometheus 添加 服务动态发现

Bash
#####  http_get_2xx 数据获取
 - job_name: http_get_2xx
      params:
        module:
        - http_get_2xx
      scrape_interval: 2s
      scrape_timeout: 2s
      metrics_path: /probe
      consul_sd_configs:
      # consul 服务地址
      - server: consul-consul-server.consul.svc.cluster.local:8500
        tag_separator: ','
        services:
        - http_get_2xx
      relabel_configs:
        - source_labels: ['__meta_consul_service_address']
          target_label: __param_target
        - source_labels: ['__meta_consul_service_address']
          target_label: instance
        - target_label: __address__
          ## blackbox-export  地址
          replacement: blackbox-exporter.monitoring.svc.cluster.local:9115
 ####### icmp 配置 
     - job_name: blackbox_icmp
      params:
        module:
        - ping
      scrape_interval: 2s
      scrape_timeout: 2s
      metrics_path: /probe
      consul_sd_configs:
      # consul 服务地址
      - server: consul-consul-server.consul.svc.cluster.local:8500
        tag_separator: ','
        services:
        - ping
      relabel_configs:
        - source_labels: ['__meta_consul_service_address']
          target_label: __param_target
        - source_labels: ['__meta_consul_service_address']
          target_label: instance
        - target_label: __address__
          ## blackbox-export  地址
          replacement: blackbox-exporter.monitoring.svc.cluster.local:9115

4:添加 icmp 监控

4.1:添加监控地址到consul

• icmp_list

Bash
192.168.1.1
192.168.1.2

• add_consul_service_icmp.sh

Bash
#!/usr/bin/env bash

ip_addr=$1


if test "$ip_addr";then
        curl -X PUT -d '{
            "id": "icmp_'${ip_addr}'",
            "name": "ping",
            "address": "'${ip_addr}'",
            "port": 443,
            "Meta": {
              "env": "prod",
              "team": "network",
              "project": "network",
              "owner": "Mike"
            },
            "tags": ["node"],
            "checks": [{"http": "http://blackbox-exporter.monitoring.svc.cluster.local:9115/","interval": "15s"}]}' \
            http://consul-consul-server:8500/v1/agent/service/register
else
        echo "请输入参数"
fi

• 添加service ping

Bash
for i in `cat icmp_list`;do bash add_consul_service_icmp.sh  $i;done

4.2:查看consul 服务

Prometheus Consul Blackbox | export 监控实现-鸿蒙开发者社区

4.3:删除ping 监控地址脚本

Bash
#!/usr/bin/env bash
ip_addr=$1

curl -X PUT http://consul-consul-server:8500/v1/agent/service/deregister/icmp_${ip_addr}

5: 添加http_get_2xx

5.1:添加监控域名

• domain_name_list

Bash
wwww.baidu.com
wwww.1111.com
wwww.2222.com

• add_consul_service_http_get_2xx.sh

Bash
#!/usr/bin/env bash

service_name=$1


if test "$service_name";then
        curl -X PUT -d '{
            "id": "http_get_2xx_'${service_name}'",
            "name": "http_get_2xx",
            "address": "https://'${service_name}'",
            "port": 443,
            "Meta": {
              "env": "prod",
              "team": "web",
              "project": "web",
              "owner": "Devops"
            },
            "tags": ["node"],
            "checks": [{"http": "http://blackbox-exporter.monitoring.svc.cluster.local:9115/","interval": "15s"}]}' \
            http://consul-consul-server:8500/v1/agent/service/register
else
        echo "请输入参数"
fi

• 添加 service  http_get_2xx

Bash
for i  in `cat domain_name_list`;do bash  add_consul_service_http_get_2xx.sh  $i;done

5.2:查看consul 服务

Prometheus Consul Blackbox | export 监控实现-鸿蒙开发者社区

5.3:删除域名监控脚本

• del_consul_service_http_get_2xx.sh

Bash
#!/usr/bin/env bash
ip_addr=$1

curl -X PUT http://consul-consul-server:8500/v1/agent/service/deregister/http_get_2xx_${ip_addr}

6:查看prometheus 监控

Prometheus Consul Blackbox | export 监控实现-鸿蒙开发者社区

总结:

使用上述方案,黑盒监控与自建cmdb 平台很容易进行集成,使其监控自动化,不需要过多的人工干预,可以省去大量的人工成本,grafana 的配置这里就不进行过多介绍,自行通过谷歌完成。


文章转载自公众号:新钛云服

分类
标签
已于2023-7-12 17:33:24修改
收藏
回复
举报
回复
    相关推荐