k8s-prometheus安装部署
环境:
OS:Centos 7
k8s:1.28.2
1.下载
下载地址:https://github.com/prometheus-operator/kube-prometheus/archive/refs/tags/v0.14.0.tar.gz
根据k8s版本,选择相应的版本下载
cd /soft
wget https://github.com/prometheus-operator/kube-prometheus/archive/refs/tags/v0.14.0.tar.gz
2.解压
[root@node2 soft]# cd /soft
[root@node2 soft]# tar -xvf kube-prometheus-0.14.0.tar.gz
3.修改镜像
prometheus-adapter
[root@node2 manifests]# cd /soft/kube-prometheus-0.14.0/manifests
[root@node2 manifests]#vi prometheusAdapter-deployment.yaml
[root@node2 manifests]#cat prometheusAdapter-deployment.yaml|grep image
image: registry.k8s.io/prometheus-adapter/prometheus-adapter:v0.12.0
修改为:
registry.cn-shenzhen.aliyuncs.com/hxlk8s/prometheus-adapter:v0.12.0
kube-state-metrics
[root@node2 manifests]# cat kubeStateMetrics-deployment.yaml|grep image
image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.13.0
image: quay.io/brancz/kube-rbac-proxy:v0.18.1
image: quay.io/brancz/kube-rbac-proxy:v0.18.1
修改为:
image: registry.cn-shenzhen.aliyuncs.com/hxlk8s/kube-state-metrics:v2.13.0
image: registry.cn-shenzhen.aliyuncs.com/hxlk8s/kube-rbac-proxy:v0.18.1
image: registry.cn-shenzhen.aliyuncs.com/hxlk8s/kube-rbac-proxy:v0.18.1
blackboxExporter-deployment.yaml
原来的:
[root@node2 manifests]# cat blackboxExporter-deployment.yaml|grep image
image: quay.io/prometheus/blackbox-exporter:v0.25.0
image: ghcr.io/jimmidyson/configmap-reload:v0.13.1
image: quay.io/brancz/kube-rbac-proxy:v0.18.1
修改为:
[root@node2 manifests]# cat blackboxExporter-deployment.yaml|grep image
image: registry.cn-shenzhen.aliyuncs.com/hxlk8s/blackbox-exporter:v0.25.0
image: registry.cn-shenzhen.aliyuncs.com/hxlk8s/configmap-reload:v0.13.1
image: registry.cn-shenzhen.aliyuncs.com/hxlk8s/kube-rbac-proxy:v0.18.1
grafana-deployment.yaml
原来的:
[root@node2 manifests]# cat grafana-deployment.yaml|grep image
image: grafana/grafana:11.2.0
修改为:
[root@node2 manifests]# cat grafana-deployment.yaml|grep image
image: registry.cn-shenzhen.aliyuncs.com/hxlk8s/grafana:11.2.0
4.另外修改下service类型为nodeport
grafana-service.yaml
[root@node2 manifests]# cd /soft/kube-prometheus-0.14.0/manifests
[root@node2 manifests]# vi grafana-service.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
app.kubernetes.io/version: 9.3.2
name: grafana
namespace: monitoring
spec:
ports:
- name: http
port: 3000
targetPort: http
selector:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
type: NodePort
prometheus-service.yaml
[root@node2 manifests]# more prometheus-service.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: prometheus
app.kubernetes.io/instance: k8s
app.kubernetes.io/name: prometheus
app.kubernetes.io/part-of: kube-prometheus
app.kubernetes.io/version: 2.54.1
name: prometheus-k8s
namespace: monitoring
spec:
type: NodePort
ports:
- name: web
port: 9090
targetPort: web
- name: reloader-web
port: 8080
targetPort: reloader-web
selector:
app.kubernetes.io/component: prometheus
app.kubernetes.io/instance: k8s
app.kubernetes.io/name: prometheus
app.kubernetes.io/part-of: kube-prometheus
sessionAffinity: ClientIP
alertmanager-service.yaml
[root@node2 manifests]# more alertmanager-service.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: alert-router
app.kubernetes.io/instance: main
app.kubernetes.io/name: alertmanager
app.kubernetes.io/part-of: kube-prometheus
app.kubernetes.io/version: 0.27.0
name: alertmanager-main
namespace: monitoring
spec:
type: NodePort
ports:
- name: web
port: 9093
targetPort: web
- name: reloader-web
port: 8080
targetPort: reloader-web
selector:
app.kubernetes.io/component: alert-router
app.kubernetes.io/instance: main
app.kubernetes.io/name: alertmanager
app.kubernetes.io/part-of: kube-prometheus
sessionAffinity: ClientIP
5.修改网络策略
去掉红色标注的
grafana-networkPolicy.yaml
[root@node2 manifests]# more /tmp/grafana-networkPolicy.yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
app.kubernetes.io/version: 11.2.0
name: grafana
namespace: monitoring
spec:
egress:
- {}
ingress:
- from:
- podSelector:
matchLabels:
app.kubernetes.io/name: prometheus
ports:
- port: 3000
protocol: TCP
podSelector:
matchLabels:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
policyTypes:
- Egress
- Ingress
alertmanager-networkPolicy.yaml
[root@node2 tmp]# more alertmanager-networkPolicy.yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
app.kubernetes.io/component: alert-router
app.kubernetes.io/instance: main
app.kubernetes.io/name: alertmanager
app.kubernetes.io/part-of: kube-prometheus
app.kubernetes.io/version: 0.27.0
name: alertmanager-main
namespace: monitoring
spec:
egress:
- {}
ingress:
- from:
- podSelector:
matchLabels:
app.kubernetes.io/name: prometheus
ports:
- port: 9093
protocol: TCP
- port: 8080
protocol: TCP
- from:
- podSelector:
matchLabels:
app.kubernetes.io/name: alertmanager
ports:
- port: 9094
protocol: TCP
- port: 9094
protocol: UDP
podSelector:
matchLabels:
app.kubernetes.io/component: alert-router
app.kubernetes.io/instance: main
app.kubernetes.io/name: alertmanager
app.kubernetes.io/part-of: kube-prometheus
policyTypes:
- Egress
- Ingress
prometheus-networkPolicy.yaml
[root@node2 manifests]# more /tmp/prometheus-networkPolicy.yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
app.kubernetes.io/component: prometheus
app.kubernetes.io/instance: k8s
app.kubernetes.io/name: prometheus
app.kubernetes.io/part-of: kube-prometheus
app.kubernetes.io/version: 2.54.1
name: prometheus-k8s
namespace: monitoring
spec:
egress:
- {}
ingress:
- from:
- podSelector:
matchLabels:
app.kubernetes.io/name: prometheus
ports:
- port: 9090
protocol: TCP
- port: 8080
protocol: TCP
- from:
- podSelector:
matchLabels:
app.kubernetes.io/name: prometheus-adapter
ports:
- port: 9090
protocol: TCP
- from:
- podSelector:
matchLabels:
app.kubernetes.io/name: grafana
ports:
- port: 9090
protocol: TCP
podSelector:
matchLabels:
app.kubernetes.io/component: prometheus
app.kubernetes.io/instance: k8s
app.kubernetes.io/name: prometheus
app.kubernetes.io/part-of: kube-prometheus
policyTypes:
- Egress
- Ingress
6.部署
cd /soft/kube-prometheus-0.14.0/manifests
kubectl create -f setup/
kubectl create -f .
删除命令
cd /soft/kube-prometheus-0.14.0/manifests
kubectl delete -f .
kubectl delete -f setup/
7.访问grafana
查看grafana的service地址和端口
[root@node2 manifests]# kubectl get svc -n monitoring
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
alertmanager-main NodePort 10.1.186.72 <none> 9093:32547/TCP,8080:30454/TCP 56s
alertmanager-operated ClusterIP None <none> 9093/TCP,9094/TCP,9094/UDP 43s
blackbox-exporter ClusterIP 10.1.67.239 <none> 9115/TCP,19115/TCP 55s
grafana NodePort 10.1.152.138 <none> 3000:30180/TCP 53s
kube-state-metrics ClusterIP None <none> 8443/TCP,9443/TCP 53s
node-exporter ClusterIP None <none> 9100/TCP 51s
prometheus-adapter ClusterIP 10.1.134.79 <none> 443/TCP 49s
prometheus-k8s NodePort 10.1.88.233 <none> 9090:32371/TCP,8080:30833/TCP 50s
prometheus-operated ClusterIP None <none> 9090/TCP 41s
prometheus-operator ClusterIP None <none> 8443/TCP 48s
然后使用node节点的公网ip加30280访问,默认账号密码是admin/admin
grafana进入容器重置密码
通过浏览器进行访问
http://192.168.1.106:30180
初始账号密码是:admin/admin
初次登录后修改为:admin123
浙公网安备 33010602011771号