prometheus-operator

官方安装说明

https://prometheus-operator.dev/docs/prologue/quick-start/

安装服本

git clone https://github.com/prometheus-operator/kube-prometheus.git
# 或者直接下载代码包
# github.com/prometheus-operator/kube-prometheus/archive/main.zip

cd kube-prometheus

#创建命信空间，CRDs
kubectl create -f manifests/setup

# 等待 servicemonitors CRD创建完成，输出 “No resources found” 表示成功
until kubectl get servicemonitors --all-namespaces ; do date; sleep 1; echo ""; done

kubectl create -f manifests/

rm -rf kube-prometheus

僮像处理

部分镜像国内无法正常下载，可以通过代理网站下载后改名,或者安装前改掉原始 yaml 中的镜像名。

ctr -n k8s.io image pull m.daocloud.io/registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.18.0 && \
ctr -n k8s.io image tag m.daocloud.io/registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.18.0 registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.18.0 && \
ctr -n k8s.io image pull m.daocloud.io/registry.k8s.io/prometheus-adapter/prometheus-adapter:v0.12.0 && \
ctr -n k8s.io image tag m.daocloud.io/registry.k8s.io/prometheus-adapter/prometheus-adapter:v0.12.0 registry.k8s.io/prometheus-adapter/prometheus-adapter:v0.12.0 && \
ctr -n k8s.io image pull 0c105db5188026850f80c001def654a0.mirror.swr.myhuaweicloud.com/grafana/grafana:13.0.1 && \
ctr -n k8s.io image tag 0c105db5188026850f80c001def654a0.mirror.swr.myhuaweicloud.com/grafana/grafana:13.0.1 docker.io/grafana/grafana:13.0.1

创建 ingress

ingress.yaml

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: prometheus
  namespace: monitoring
spec:
  rules:
  - host: monitoring-prometheus.internal.liu12.com
    http:
      paths:
      - backend:
          service:
            name: prometheus-k8s
            port:
              number: 9090
        path: /
        pathType: Prefix
  tls:
  - hosts:
    - monitoring-prometheus.internal.liu12.com
    secretName: internal.liu12.com

---

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: grafana
  namespace: monitoring
spec:
  rules:
  - host: monitoring-grafana.internal.liu12.com
    http:
      paths:
      - backend:
          service:
            name: grafana
            port:
              number: 3000
        path: /
        pathType: Prefix
  tls:
  - hosts:
    - monitoring-grafana.internal.liu12.com
    secretName: internal.liu12.com

kubectl apply -f ingress.yaml

使用 nginx 给 prometheus 配置访问密码

htpasswd -c ./monitoring-prometheus.internal.liu12.com.htpasswd admin

server {
    listen       443 ssl;
    server_name monitoring-prometheus.internal.liu12.com;

    ssl_certificate /etc/nginx/certs/internal.liu12.com/internal.liu12.com.pem;
    ssl_certificate_key /etc/nginx/certs/internal.liu12.com/internal.liu12.com.key;

    location / {
       auth_basic "Prometheus";
       auth_basic_user_file /etc/nginx/conf.d/x.internal.liu12.com/monitoring-prometheus.internal.liu12.com.htpasswd;

       proxy_set_header scheme https;
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection $connection_upgrade;

       proxy_redirect off;
       proxy_http_version 1.1;
       proxy_buffering off;
       proxy_read_timeout 3600s;
       proxy_send_timeout 3600s;
       proxy_pass https://k8s-443;
    }

}