一、进程监控
如果想要对主机的进程进行监控,例如chronyd,sshd等服务进程以及自定义脚本程序运行状态监控。我们使用node exporter就不能实现需求了,此时就需要使用process exporter来做进程状态的监控。
项目地址:https://github.com/ncabatoff/process-exporter
二、process-exporter安装
下载地址:https://github.com/ncabatoff/process-exporter/releases
2.1 二进制安装
wget https://github.com/ncabatoff/process-exporter/releases/download/v0.7.10/process-exporter-0.7.10.linux-amd64.tar.gz tar zxvf process-exporter-0.7.10.linux-amd64.tar.gz mkdir /opt/prometheus -p mv process-exporter-0.7.10.linux-amd64 /opt/prometheus/process_exporter ls -l /opt/prometheus/process_exporter # 创建用户 useradd -M -s /usr/sbin/nologin prometheus #修改目录权限 chown prometheus:prometheus -R /opt/prometheus # 修改配置文件 # 监控所有进程 cat >>/opt/prometheus/process_exporter/process.yml<<"EOF" process_names: - name: "{{.Comm}}" # 匹配模板 cmdline: - '.+' # 匹配名称 EOF # 创建systemd cat <<"EOF" >/etc/systemd/system/process_exporter.service [Unit] Description=process_exporter After=network.target [Service] Type=simple User=prometheus Group=prometheus ExecStart=/opt/prometheus/process_exporter/process-exporter -config.path=/opt/prometheus/process_exporter/process.yml Restart=on-failure [Install] WantedBy=multi-user.target EOF # 启动 systemctl daemon-reload systemctl start process_exporter systemctl enable process_exporter
2.2 docker安装
# 创建数据目录 mkdir /data/process_exporter -p cd /data/process_exporter # 创建配置文件 # Process-Exporter 的做法是配置需要监控的进程的名称,他会去搜索该进程从而得到其需要的监控信息,其实也就是我们常做的 ps -efl | grep xxx 命令来查看对应的进程 # 监控所有进程 mkdir config cat >>config/process.yml <<"EOF" process_names: - name: "{{.Comm}}" # 匹配模板 cmdline: - '.+' # 匹配所有名称 EOF # 监控指定进程 process_names: # - name: "{{.Comm}}" # cmdline: # - '.+' - name: "{{.Matches}}" cmdline: - 'nginx' #唯一标识 - name: "{{.Matches}}" cmdline: - 'mongod' - name: "{{.Matches}}" cmdline: - 'mysqld' - name: "{{.Matches}}" cmdline: - 'redis-server' - name: "{{.Matches}}" cmdline: - 'org.apache.zookeeper.server.quorum.QuorumPeerMain' - name: "{{.Matches}}" cmdline: - 'org.apache.hadoop.mapreduce.v2.hs.JobHistoryServer' - name: "{{.Matches}}" cmdline: - 'org.apache.hadoop.hdfs.qjournal.server.JournalNode' ##注 cmdline: 所选进程的唯一标识,ps -ef 可以查询到。如果改进程不存在,则不会有该进程的数据采集到。
2.3 docker或docker-compose安装(二选一)
docker run -d -p 9256:9256 --privileged -v /proc:/host/proc -v `pwd`/config:/config --name process-exporter ncabatoff/process-exporter --procfs /host/proc -config.path /config/process.yml
cat > docker-compose.yaml <<"EOF" version: '3' services: process-exporter: image: ncabatoff/process-exporter container_name: process-exporter restart: always privileged: true volumes: - /proc:/host/proc - ./config:/config command: /bin/process-exporter --procfs /host/proc -config.path /config/process-exporter.yml ports: - "9256:9256" EOF
启动:docker-compose up -d
检查:
http://192.168.10.100:9256/metrics
2.4 配置说明
- 匹配模板
|
参数 |
解释 |
|
{{.Comm}} |
包含原始可执行文件的名称,即/proc//stat |
|
{{.ExeBase}} |
包含可执行文件的名称(默认) |
|
{{.ExeFull}} |
包含可执行文件的路径 |
|
{{.Username}} |
包含的用户名 |
|
{{.Matches}} |
包含所有正则表达式而产生的匹配项(建议使用) |
|
{{.PID}} |
包含进程的PID,一个PID仅包含一个进程(不建议使用) |
|
{{.StartTime}} |
包含进程的开始时间(不建议使用) |
3. Prometheus配置
cd /data/docker-prometheus cat >> prometheus/prometheus.yml <<"EOF" - job_name: 'process' scrape_interval: 30s scrape_timeout: 15s static_configs: - targets: ['192.168.10.100:9256'] EOF # 重载配置 curl -X POST http://localhost:9090/-/reload
检查:http://192.168.10.14:9090/targets?search=
3.1.metrics说明
namedprocess_
namedprocess_namegroup_states{state="Zombie"} 查看僵尸
# 上下文切换数量
# Counter
namedprocess_namegroup_context_switches_total
# CPU user/system 时间(秒)
# Counter
namedprocess_namegroup_cpu_seconds_total
# 主要页缺失次数
# Counter
namedprocess_namegroup_major_page_faults_total
# 次要页缺失次数
# Counter
namedprocess_namegroup_minor_page_faults_total
# 内存占用(byte)
# Gauge
namedprocess_namegroup_memory_bytes
# 同名进程数量
# Gauge
namedprocess_namegroup_num_procs
# 同名进程状态分布
# Gauge
namedprocess_namegroup_states
# 线程数量
# Gauge
namedprocess_namegroup_num_threads
# 启动时间戳
# Gauge
namedprocess_namegroup_oldest_start_time_seconds
# 打开文件描述符数量
# Gauge
namedprocess_namegroup_open_filedesc
# 打开文件数 / 允许打开文件数
# Gauge
namedprocess_namegroup_worst_fd_ratio
# 读数据量(byte)
# Counter
namedprocess_namegroup_read_bytes_total
# 写数据量(byte)
# Counter
namedprocess_namegroup_write_bytes_total
# 内核wchan等待线程数量
# Gauge
namedprocess_namegroup_threads_wchan
3.2. 常用指数
|
指标名 |
解释 |
|
namedprocess_namegroup_num_procs |
运行的进程数 |
|
namedprocess_namegroup_num_threads |
线程数 |
|
namedprocess_namegroup_states |
Running/Sleeping/Other/Zombie状态的进程数 |
|
namedprocess_namegroup_cpu_seconds_total |
获取/proc/[pid]/stat 进程CPU utime、stime状态时间 |
|
namedprocess_namegroup_read_bytes_total |
获取/proc/[pid]/io 进程读取字节数 |
|
namedprocess_namegroup_write_bytes_total |
获取/proc/[pid]/io 进程写入字节数 |
|
namedprocess_namegroup_memory_bytes |
获取进程使用的内存字节数 |
|
namedprocess_namegroup_open_filedesc |
获取进程使用的文件描述符数量 |
|
namedprocess_namegroup_worst_fd_ratio |
进程文件描述符使用率 |
|
namedprocess_namegroup_thread_count |
运行的线程数 |
|
namedprocess_namegroup_thread_cpu_seconds_total |
获取线程CPU状态时间 |
|
namedprocess_namegroup_thread_io_bytes_total |
获取线程IO字节数 |
3.3 添加触发器
cat > prometheus/rules/process.yml <<"EOF" groups: - name: process rules: - alert: 进程数多告警 expr: sum(namedprocess_namegroup_states) by (instance) > 1000 for: 1m labels: severity: warning annotations: summary: "进程数超过1000" description: "服务器当前有{{ $value }}个进程" - alert: 僵尸进程数告警 expr: sum by(instance, groupname) (namedprocess_namegroup_states{state="Zombie"}) > 0 for: 1m labels: severity: warning annotations: summary: "有僵尸进程数" description: "进程{{ $labels.groupname }}有{{ $value }}个僵尸进程" - alert: 进程重启告警 expr: ceil(time() - max by(instance, groupname) (namedprocess_namegroup_oldest_start_time_seconds)) < 60 for: 15s labels: severity: warning annotations: summary: "进程重启" description: "进程{{ $labels.groupname }}在{{ $value }}秒前重启过" - alert: 进程退出告警 expr: max by(instance, groupname) (delta(namedprocess_namegroup_oldest_start_time_seconds{groupname=~"^java.*|^nginx.*"}[1d])) < 0 for: 1m labels: severity: warning annotations: summary: "进程退出" description: "进程{{ $labels.groupname }}退出了" - alert: 进程打开文件描述符告警 expr: namedprocess_namegroup_worst_fd_ratio * 100 > 80 for: 1m labels: severity: warning annotations: summary: "进程打开文件描述符过高" description: "进程{{ $labels.groupname }},打开文件描述符过高" EOF
重新加载:
curl -X POST http://localhost:9090/-/reload
检查:http://192.168.10.14:9090/alerts?search=
4.Grafana Dashboard图形化
https://grafana.com/grafana/dashboards/8378-system-processes-metrics/
Top processes by Total CPU cores used 和 Top processes by System CPU cores used 图形显示不正常
process-exporter 升级到 0.5.0后 ,namedprocess_namegroup_cpu_user_seconds_total和namedprocess_namegroup_cpu_system_seconds_total合为一个指标名namedprocess_namegroup_cpu_seconds_total
namedprocess_namegroup_cpu_user_seconds_total变成namedprocess_namegroup_cpu_seconds_total{mode="system"}
namedprocess_namegroup_cpu_system_seconds_total变成namedprocess_namegroup_cpu_seconds_total{mode="user"}
|
指标 |
监控项含义 |
单位 |
说明 |
|
namedprocess_namegroup_cpu_seconds_total{mode="system"} |
当前内核空间占用CPU百分比。 |
% |
系统上下文切换的消耗。如果该监控项数值比较高,则说明服务器开了太多的进程或线程。 |
|
namedprocess_namegroup_cpu_seconds_total{mode="user"} |
当前用户空间占用CPU百分比。 |
% |
用户进程对CPU的消耗。 |
解决方法:
Top processes by System CPU cores used图形修改如下:
topk(5,
rate(namedprocess_namegroup_cpu_seconds_total{mode="system",groupname=~"$processes",instance=~"$host"}[$interval])
or
(
irate(namedprocess_namegroup_cpu_seconds_total{mode="system",groupname=~"$processes",instance=~"$host"}[5m])))
Top processes by Total CPU cores used图形修改如下:
topk(5,sum by (groupname,instance) (rate(namedprocess_namegroup_cpu_seconds_total{groupname=~"$processes",instance=~"$host"}[$interval]))
or
sum by (groupname,instance) (irate(namedprocess_namegroup_cpu_seconds_total{groupname=~"$processes",instance=~"$host"}[5m])))
或者图形改名为:Top processes by User CPU cores used 用户进程cpu使用率排名
topk(5,
rate(namedprocess_namegroup_cpu_seconds_total{mode="user",groupname=~"$processes",instance=~"$host"}[$interval])
or
(
irate(namedprocess_namegroup_cpu_seconds_total{mode="user",groupname=~"$processes",instance=~"$host"}[5m])))
修改完成后可以显示了
