多应用+插件架构,代码干净,二开方便,首家独创一键云编译技术,文档视频完善,免费商用码云13.8K 广告
1、kube-state-metrics部署 下载docker镜像, ``` docker pull quay.io/coreos/kube-state-metrics:v1.5.0 docker tag 91599517197a harbor.od.com/public/kube-state-metrics:v1.5.0 docker push harbor.od.com/public/kube-state-metrics:v1.5.0 ``` 准备资源配置清单, [root@hdss-79 kube-state-metrics]# cat rbac.yaml ``` apiVersion: v1 kind: ServiceAccount metadata: labels: addonmanager.kubernetes.io/mode: Reconcile kubernetes.io/cluster-service: "true" name: kube-state-metrics namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: addonmanager.kubernetes.io/mode: Reconcile kubernetes.io/cluster-service: "true" name: kube-state-metrics rules: - apiGroups: - "" resources: - configmaps - secrets - nodes - pods - services - resourcequotas - replicationcontrollers - limitranges - persistentvolumeclaims - persistentvolumes - namespaces - endpoints verbs: - list - watch - apiGroups: - policy resources: - poddisruptionbudgets verbs: - list - watch - apiGroups: - extensions resources: - daemonsets - deployments - replicasets verbs: - list - watch - apiGroups: - apps resources: - statefulsets verbs: - list - watch - apiGroups: - batch resources: - cronjobs - jobs verbs: - list - watch - apiGroups: - autoscaling resources: - horizontalpodautoscalers verbs: - list - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: addonmanager.kubernetes.io/mode: Reconcile kubernetes.io/cluster-service: "true" name: kube-state-metrics roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: kube-state-metrics subjects: - kind: ServiceAccount name: kube-state-metrics namespace: kube-system ``` [root@hdss-79 kube-state-metrics]# cat dp.yaml ``` apiVersion: extensions/v1beta1 kind: Deployment metadata: annotations: deployment.kubernetes.io/revision: "2" labels: grafanak8sapp: "true" app: kube-state-metrics name: kube-state-metrics namespace: kube-system spec: selector: matchLabels: grafanak8sapp: "true" app: kube-state-metrics strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: creationTimestamp: null labels: grafanak8sapp: "true" app: kube-state-metrics spec: containers: - image: harbor.od.com/public/kube-state-metrics:v1.5.0 name: kube-state-metrics ports: - containerPort: 8080 name: http-metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /healthz port: 8080 scheme: HTTP initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 imagePullPolicy: IfNotPresent imagePullSecrets: - name: harbor restartPolicy: Always serviceAccount: kube-state-metrics serviceAccountName: kube-state-metrics ``` 应用资源配置清单: ``` kubectl apply -f http://k8s-yaml.od.com/kube-state-metrics/rbac.yaml kubectl apply -f http://k8s-yaml.od.com/kube-state-metrics/dp.yaml ``` 2、node-exporter部署 由于node-exporter是监控node的,所有需要每个节点启动一个,所以使用ds控制器 下载docker镜像 ``` docker pull prom/node-exporter:v0.15.0 docker tag 12d51ffa2b22 harbor.od.com/public/node-exporter:v0.15.0 docker push harbor.od.com/public/node-exporter:v0.15.0 ``` 准备目录 ``` mkdir /data/k8s-yaml/node-exporter cd /data/k8s-yaml/node-exporter ``` 准备资源配置清单, cat node-exporter-ds.yaml ``` kind: DaemonSet apiVersion: extensions/v1beta1 metadata: name: node-exporter namespace: kube-system labels: daemon: "node-exporter" grafanak8sapp: "true" spec: selector: matchLabels: daemon: "node-exporter" grafanak8sapp: "true" template: metadata: name: node-exporter labels: daemon: "node-exporter" grafanak8sapp: "true" spec: volumes: - name: proc hostPath: path: /proc type: "" - name: sys hostPath: path: /sys type: "" containers: - name: node-exporter image: harbor.od.com/public/node-exporter:v0.15.0 args: - --path.procfs=/host_proc - --path.sysfs=/host_sys ports: - name: node-exporter hostPort: 9100 containerPort: 9100 protocol: TCP volumeMounts: - name: sys readOnly: true mountPath: /host_sys - name: proc readOnly: true mountPath: /host_proc imagePullSecrets: - name: harbor restartPolicy: Always hostNetwork: true ``` 应用资源配置清单: ``` kubectl apply -f http://k8s-yaml.od.com/node-exporter/ds.yaml ``` 3、部署cadvisor 准备docker镜像 ``` docker pull google/cadvisor:v0.28.3 docker tag 75f88e3ec333 harbor.od.com/public/cadvisor:v0.28.3 docker push harbor.od.com/public/cadvisor:v0.28.3 ``` 准备资源配置清单: cat daemonset.yaml ``` apiVersion: apps/v1 kind: DaemonSet metadata: name: cadvisor namespace: kube-system labels: app: cadvisor spec: selector: matchLabels: name: cadvisor template: metadata: labels: name: cadvisor spec: hostNetwork: true tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule containers: - name: cadvisor image: harbor.od.com/public/cadvisor:v0.28.3 imagePullPolicy: IfNotPresent volumeMounts: - name: rootfs mountPath: /rootfs readOnly: true - name: var-run mountPath: /var/run - name: sys mountPath: /sys readOnly: true - name: docker mountPath: /var/lib/docker readOnly: true ports: - name: http containerPort: 4194 protocol: TCP readinessProbe: tcpSocket: port: 4194 initialDelaySeconds: 5 periodSeconds: 10 args: - --housekeeping_interval=10s - --port=4194 terminationGracePeriodSeconds: 30 volumes: - name: rootfs hostPath: path: / - name: var-run hostPath: path: /var/run - name: sys hostPath: path: /sys - name: docker hostPath: path: /data/docker ``` 应用清单前,先在每个node上做以下软连接,否则服务可能报错 ``` mount -o remount,rw /sys/fs/cgroup/ ln -s /sys/fs/cgroup/cpu,cpuacct /sys/fs/cgroup/cpuacct,cpu ``` 应用资源配置清单: ``` kubectl apply -f http://k8s-yaml.od.com/cadvisor/ds.yaml ``` 4、 部署blackbox-exporter 准备docker镜像 ``` docker pull prom/blackbox-exporter:v0.15.1 docker tag 81b70b6158be harbor.od.com/public/blackbox-exporter:v0.15.1 docker push harbor.od.com/public/blackbox-exporter:v0.15.1 ``` 准备目录 ``` mkdir /data/k8s-yaml/blackbox-exporter cd /data/k8s-yaml/blackbox-exporter ``` 准备cm资源清单 cat cm.yaml ``` apiVersion: v1 kind: ConfigMap metadata: labels: app: blackbox-exporter name: blackbox-exporter namespace: kube-system data: blackbox.yml: |- modules: http_2xx: prober: http timeout: 2s http: valid_http_versions: ["HTTP/1.1", "HTTP/2"] valid_status_codes: [200,301,302] method: GET preferred_ip_protocol: "ip4" tcp_connect: prober: tcp timeout: 2s ``` cat dp.yaml ``` kind: Deployment apiVersion: extensions/v1beta1 metadata: name: blackbox-exporter namespace: kube-system labels: app: blackbox-exporter annotations: deployment.kubernetes.io/revision: 1 spec: replicas: 1 selector: matchLabels: app: blackbox-exporter template: metadata: labels: app: blackbox-exporter spec: volumes: - name: config configMap: name: blackbox-exporter defaultMode: 420 containers: - name: blackbox-exporter image: harbor.od.com/public/blackbox-exporter:v0.14.0 imagePullPolicy: IfNotPresent args: - --config.file=/etc/blackbox_exporter/blackbox.yml - --log.level=info - --web.listen-address=:9115 ports: - name: blackbox-port containerPort: 9115 protocol: TCP resources: limits: cpu: 200m memory: 256Mi requests: cpu: 100m memory: 50Mi volumeMounts: - name: config mountPath: /etc/blackbox_exporter readinessProbe: tcpSocket: port: 9115 initialDelaySeconds: 5 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 ``` cat svc.yaml ``` kind: Service apiVersion: v1 metadata: name: blackbox-exporter namespace: kube-system spec: selector: app: blackbox-exporter ports: - name: blackbox-port protocol: TCP port: 9115 ``` cat ingress.yaml ``` apiVersion: extensions/v1beta1 kind: Ingress metadata: name: blackbox-exporter namespace: kube-system spec: rules: - host: blackbox.od.com http: paths: - path: / backend: serviceName: blackbox-exporter servicePort: blackbox-port ``` 这里用到了一个域名,添加解析 ``` vi /var/named/od.com.zone blackbox A 10.4.7.10 systemctl restart named ``` 应用资源配置清单 ``` kubectl apply -f http://k8s-yaml.od.com/blackbox-exporter/cm.yaml kubectl apply -f http://k8s-yaml.od.com/blackbox-exporter/dp.yaml kubectl apply -f http://k8s-yaml.od.com/blackbox-exporter/svc.yaml kubectl apply -f http://k8s-yaml.od.com/blackbox-exporter/ingress.yaml ``` 访问http://blackbox.od.com,显示如下界面,表示blackbox已经运行成 ![](https://img.kancloud.cn/e5/6f/e56f8ca369f5beecea4a4928af60e869_454x373.png)