Kubernetes 是一款流行的容器编排工具,广泛应用于云原生场景中。在 Kubernetes 中,监控是非常重要的一环,它能够帮助我们快速发现系统中的问题并进行修复,提高系统的可用性和稳定性。
本文将介绍 Kubernetes 中监控的相关技术和方案,并提供示例代码供读者参考和学习。
节点监控
Kubernetes 的节点监控主要关注节点的物理资源和运行状态。通常使用 Prometheus 和 Grafana 进行监控和可视化展示。
首先需要在每个节点上安装 Prometheus 代理节点 - Node Exporter,这个组件会收集节点的各项数据指标(CPU、内存、磁盘使用情况等)。同时,在监控服务器上需要安装 Prometheus Server,并配置指标抓取规则,将节点的指标数据发送到 Prometheus Server 上。最后,再通过 Grafana 对数据进行可视化展示。
以下是在 Kubernetes 集群中安装和使用 Prometheus 和 Grafana 的示例代码:
# prometheus
apiVersion: apps/v1
kind: Deployment
metadata:
name: prometheus
spec:
replicas: 1
selector:
matchLabels:
app: prometheus
template:
metadata:
labels:
app: prometheus
spec:
containers:
- name: prometheus
image: prom/prometheus:v2.20.1
args:
- --config.file=/etc/prometheus/prometheus.yml
- --storage.tsdb.path=/prometheus
- --web.console.libraries=/usr/share/prometheus/console_libraries
- --web.console.templates=/usr/share/prometheus/consoles
ports:
- containerPort: 9090
volumeMounts:
- name: config-volume
mountPath: /etc/prometheus
- name: data-volume
mountPath: /prometheus
volumes:
- name: config-volume
configMap:
name: prometheus-config
- name: data-volume
emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
name: prometheus
spec:
type: ClusterIP
ports:
- port: 9090
selector:
app: prometheus
---
apiVersion: v1
kind: ConfigMap
metadata:
name: prometheus-config
data:
prometheus.yml: |
global:
scrape_interval: 30s
external_labels:
monitor: 'codelab-monitor'
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- job_name: 'node-exporter'
static_configs:
- targets: ['node-exporter:9100']
---
# grafana
apiVersion: apps/v1
kind: Deployment
metadata:
name: grafana
spec:
replicas: 1
selector:
matchLabels:
app: grafana
template:
metadata:
labels:
app: grafana
spec:
containers:
- name: grafana
image: grafana/grafana:7.3.1
ports:
- containerPort: 3000
volumeMounts:
- name: grafana-storage
mountPath: /var/lib/grafana
volumes:
- name: grafana-storage
emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
name: grafana
spec:
type: ClusterIP
ports:
- port: 80
selector:
app: grafana应用监控
Kubernetes 中的应用监控是指监控容器中运行的应用程序的运行状态和数据指标。常用的解决方案包括:Prometheus Operator 和 Heapster+InfluxDB+Grafana。
Prometheus Operator 的优势在于它可以自动发现 Kubernetes 集群中的 Pod 和 Service,并根据应用程序的标签自动配置指标抓取规则和告警规则。它还提供了自动扩缩容和灰度发布等功能。
Heapster+InfluxDB+Grafana 则需要手动配置抓取规则和监控项,它的优势在于可以进行更加细致的监控配置。
以下是使用 Prometheus Operator 监控应用程序的示例代码:
# prometheus-operator
apiVersion: v1
kind: Namespace
metadata:
name: monitoring
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: prometheus-k8s
namespace: monitoring
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: prometheus-k8s
rules:
- apiGroups:
- ''
resources:
- nodes
- nodes/proxy
- services
- endpoints
- pods
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- list
- watch
- nonResourceURLs:
- '/metrics'
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: prometheus-k8s
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: prometheus-k8s
subjects:
- kind: ServiceAccount
name: prometheus-k8s
namespace: monitoring
---
apiVersion: monitoring.coreos.com/v1
kind: Prometheus
metadata:
name: prometheus
spec:
replicas: 1
serviceAccountName: prometheus-k8s
serviceMonitorSelector:
matchLabels:
app: my-app
ruleSelector:
matchLabels:
app: my-app
alerting:
alertmanagers:
- namespace: monitoring
name: alertmanager
port: web
storage:
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: my-app
labels:
app: my-app
spec:
selector:
matchLabels:
app: my-app
endpoints:
- port: web
path: /metrics日志监控
日志监控是指收集和分析容器中的日志信息,以便快速诊断和修复问题。ELK(Elasticsearch、Logstash、Kibana)是典型的日志监控方案,它可以收集、分析和可视化日志信息。
以下是在 Kubernetes 中使用 ELK 进行日志监控的示例代码:
# elasticsearch
apiVersion: apps/v1
kind: Deployment
metadata:
name: elasticsearch
spec:
replicas: 1
selector:
matchLabels:
app: elasticsearch
template:
metadata:
labels:
app: elasticsearch
spec:
containers:
- name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:7.9.1
env:
- name: discovery.type
value: single-node
ports:
- containerPort: 9200
volumeMounts:
- name: data
mountPath: /usr/share/elasticsearch/data
volumes:
- name: data
emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
name: elasticsearch
spec:
type: ClusterIP
ports:
- port: 9200
selector:
app: elasticsearch
---
# logstash
apiVersion: apps/v1
kind: Deployment
metadata:
name: logstash
spec:
replicas: 1
selector:
matchLabels:
app: logstash
template:
metadata:
labels:
app: logstash
spec:
containers:
- name: logstash
image: docker.elastic.co/logstash/logstash:7.9.1
ports:
- containerPort: 5000
volumeMounts:
- name: config
mountPath: /usr/share/logstash/pipeline/logstash.conf
subPath: logstash.conf
volumes:
- name: config
configMap:
name: logstash-config
---
apiVersion: v1
kind: ConfigMap
metadata:
name: logstash-config
data:
logstash.conf: |
input {
tcp {
port => 5000
codec => json_lines
}
}
output {
elasticsearch {
hosts => ["elasticsearch:9200"]
}
}
---
# kibana
apiVersion: apps/v1
kind: Deployment
metadata:
name: kibana
spec:
replicas: 1
selector:
matchLabels:
app: kibana
template:
metadata:
labels:
app: kibana
spec:
containers:
- name: kibana
image: docker.elastic.co/kibana/kibana:7.9.1
ports:
- containerPort: 5601
---
apiVersion: v1
kind: Service
metadata:
name: kibana
spec:
type: ClusterIP
ports:
- port: 5601
selector:
app: kibana总结
本文介绍了 Kubernetes 中的监控相关技术和方案,其中包括节点监控、应用监控和日志监控。这些监控方案能够帮助我们更好地管理和维护 Kubernetes 集群,提高系统的可用性和稳定性。
读者可以根据本文提供的示例代码进行学习和实践,也可以结合实际场景进行灵活应用。希望本文能够对读者有所帮助,谢谢阅读!
来源:JavaScript中文网 ,转载请注明来源 本文地址:https://www.javascriptcn.com/post/65b50040add4f0e0ffdd4a17