监控方案
方案一
对于一个 Pod 中只有一个业务容器的情况,可以考虑在该 Pod 中增加一个辅助容器,来完成对业务容器的监控。辅助容器可以使用各种监控工具的采集器,如Prometheus的exporter、ELK的filebeat、Zabbix的agent或者是自研的采集器等等,来收集业务容器的运行状态、性能指标和日志等信息,实现对业务容器的监控。在 Kubernetes 中,一个 Pod 中可以包含多个容器,每个容器可以共享同一个网络命名空间、存储卷和进程命名空间等资源。这意味着在同一个 Pod 中,辅助容器可以与业务容器共享相同的网络和存储,从而方便地监控业务容器。
方案二
第二个方案,也可以另外拉起一个监控 Pod,对业务 Pod 进行监控。这种方式可以将监控容器与业务容器分离,避免互相影响。同时,监控 Pod 可以独立部署和升级,不会影响业务容器的正常运行。不过,这种方式会增加部署和维护的复杂度,需要额外考虑容器之间的网络连接和数据传输等问题。
选择辅助容器还是另外拉起监控 Pod,取决于具体的情况和需求,需要根据实际情况进行选择和权衡。在本文中,业务POD里假设运行的是logstash,为了减少对业务POD的影响,采用了第二个方案。
在docker上测试logstash-exporter
- 拉取exporter镜像
docker pull alxrem/prometheus-logstash-exporter
- 拉起logstash容器
docker run --name logstash-container -d -it -p 9600:9600 logstash:7.13.2
- 拉起exporter容器
docker run -d -p 9198:9198 alxrem/prometheus-logstash-exporter -web.listen-address=":9198" -logstash.host=http://logstash-container -logstash.port=9600
- 访问
curl http://192.168.11.229:9198/metrics
- 推送到harbor
docker push 192.168.11.230/elk/prometheus-logstash-exporter:latest
之所以要在本地docker环境测试这个镜像,是为了搞清楚它的使用套路,比如有什么参数、启动方式等等,当在k8s部署的时候就会减少发懵的状态。
部署到K8S
继续上次的架构,这次是要对运行在K8S集群里的logstash pod进行监控,本架构中有2套不同配置的logstash。
记得在上一篇中,只讲了logstash里面的配置,但没有讲logstash的deployment,这次刚好补上,分享给大家。
- 创建和编辑logstash-deployment.yaml,添加以下内容:
apiVersion: v1 kind: Namespace metadata: name: logstash --- apiVersion: apps/v1 kind: Deployment metadata: name: logstash01 namespace: logstash spec: selector: matchLabels: k8s-app: logstash01 replicas: 3 template: metadata: labels: k8s-app: logstash01 spec: containers: - name: logstash01 image: 192.168.11.230/elk/logstash01:20230315v1 ports: - containerPort: 9600 resources: limits: cpu: 1 requests: cpu: 1 imagePullSecrets: - name: harborsecret --- apiVersion: apps/v1 kind: Deployment metadata: name: logstash02 namespace: logstash spec: selector: matchLabels: k8s-app: logstash02 replicas: 3 template: metadata: labels: k8s-app: logstash02 spec: containers: - name: logstash02 image: 192.168.11.230/elk/logstash02:20230315v1 ports: - containerPort: 9600 resources: limits: cpu: 1 requests: cpu: 1 imagePullSecrets: - name: harborsecret --- apiVersion: v1 kind: Service metadata: name: logstash01-service namespace: logstash spec: selector: k8s-app: logstash01 ports: - name: jmx port: 9600 --- apiVersion: v1 kind: Service metadata: name: logstash02-service namespace: logstash spec: selector: k8s-app: logstash02 ports: - name: jmx port: 9600
- 创建和编辑prometheus-logstash-exporter-deployment.yaml,添加以下内容:
这里是本文的重头戏,关于细节,自行深挖、理解、吸收。
apiVersion: apps/v1 kind: Deployment metadata: name: prometheus-logstash01-exporter namespace: logstash spec: replicas: 3 selector: matchLabels: app: prometheus-logstash01-exporter template: metadata: labels: app: prometheus-logstash01-exporter spec: containers: - name: prometheus-logstash01-exporter image: 192.168.11.230/elk/prometheus-logstash-exporter:latest ports: - containerPort: 9198 args: - -web.listen-address=:9198 - -logstash.host=logstash01-service - -logstash.port=9600 --- apiVersion: apps/v1 kind: Deployment metadata: name: prometheus-logstash02-exporter namespace: logstash spec: replicas: 3 selector: matchLabels: app: prometheus-logstash02-exporter template: metadata: labels: app: prometheus-logstash02-exporter spec: containers: - name: prometheus-logstash02-exporter image: 192.168.11.230/elk/prometheus-logstash-exporter:latest ports: - containerPort: 9199 args: - -web.listen-address=:9199 - -logstash.host=logstash02-service - -logstash.port=9600 --- apiVersion: v1 kind: Service metadata: name: prometheus-logstash01-exporter-services namespace: logstash spec: selector: app: prometheus-logstash01-exporter ports: - name: exporter-port nodePort: 30008 port: 80 protocol: TCP targetPort: 9198 type: NodePort --- apiVersion: v1 kind: Service metadata: name: prometheus-logstash02-exporter-services namespace: logstash spec: selector: app: prometheus-logstash02-exporter ports: - name: exporter-port nodePort: 30009 port: 80 protocol: TCP targetPort: 9199 type: NodePort
看最终成果
