安装 Monitor
确定 pv
找个 pv 给监控使用落盘
kubectl get pv |grep Available
local-pv-30334450 196Gi RWO Delete Available backup-storage <unset> 3h12m
local-pv-4d58327b 196Gi RWO Delete Available backup-storage <unset> 3h50m
local-pv-674f6f25 196Gi RWO Delete Available backup-storage <unset> 3h12m
local-pv-6c36381 196Gi RWO Delete Available monitoring-storage <unset> 3h12m
local-pv-7c4c943 196Gi RWO Delete Available monitoring-storage <unset> 3h50m
local-pv-994a98e5 196Gi RWO Delete Available log-storage <unset> 3h1m
local-pv-b8a30e00 196Gi RWO Delete Available monitoring-storage <unset> 3h12m
这里使用 monitoring-storage
install yaml
cat > monitor-deploy.yaml << EOF
apiVersion: pingcap.com/v1alpha1
kind: TidbMonitor
metadata:
name: tidb-monitor
spec:
clusters:
- name: tidb-wj
persistent: true
storageClassName: monitoring-storage
storage: 196Gi
prometheus:
baseImage: prom/prometheus
version: v2.27.1
service:
type: NodePort
grafana:
baseImage: grafana/grafana
version: 7.5.11
service:
type: NodePort
initializer:
baseImage: pingcap/tidb-monitor-initializer
version: v7.5.1
reloader:
baseImage: pingcap/tidb-monitor-reloader
version: v1.0.1
prometheusReloader:
baseImage: quay.io/prometheus-operator/prometheus-config-reloader
version: v0.49.0
imagePullPolicy: IfNotPresent
EOF
kubectl apply -f monitor-deploy.yaml -n tidb
这里修改了:
metadata:
name: tidb-monitor
spec:
clusters:
- name: tidb-wj
storageClassName: monitoring-storage
storage: 196Gi
initializer:
baseImage: pingcap/tidb-monitor-initializer
version: v7.5.1
查看:
$ kubectl get tm -n tidb
NAME AGE
tidb-monitor 47s
$ kubectl get all -n tidb | grep monitor
pod/tidb-monitor-monitor-0 0/4 PodInitializing 0 77s
service/tidb-monitor-grafana NodePort 10.104.117.189 <none> 3000:30420/TCP 77s
service/tidb-monitor-monitor-reloader ClusterIP 10.105.192.205 <none> 9089/TCP 77s
service/tidb-monitor-prometheus NodePort 10.97.132.11 <none> 9090:30236/TCP 77s
statefulset.apps/tidb-monitor-monitor 0/1 77s
# 去对应 PV 节点可以看到:
$ tree /k8s-monitor/mount/
/k8s-monitor/mount/
├── grafana
│ ├── grafana.db
│ └── png
├── latest-rules
│ └── tidb:v7.5.1
└── prometheus
├── chunks_head
│ └── 000001
├── lock
├── queries.active
└── wal
└── 00000000
7 directories, 5 files
通过访问 10.104.117.189:3000
即可访问监控
开启 ngmonitor
# 修改配置
cat << EOF | kubectl apply -n tidb -f -
apiVersion: pingcap.com/v1alpha1
kind: TidbNGMonitoring
metadata:
name: tidb-ngmonitor
spec:
clusters:
- name: tidb-wj
namespace: tidb
ngMonitoring:
requests:
storage: 196Gi
version: v7.5.1
storageClassName: monitoring-storage
baseImage: pingcap/ng-monitoring
EOF
$ kubectl get all -n tidb |grep ngmonitor
pod/tidb-ngmonitor-ng-monitoring-0 0/1 ContainerCreating 0 13s
service/tidb-ngmonitor-ng-monitoring ClusterIP None <none> 12020/TCP 13s
statefulset.apps/tidb-ngmonitor-ng-monitoring 0/1 13s
开启后,在 pd dashboard 中就能看 top SQL 等面板。
配置告警
独立部署 altermanager 服务
配置编辑
在 k8s 中装一个 alertmanager 服务
- 使用邮箱告警
- ns 为 monitor
使用 kubectl apply -f alertmanager.yaml 方式来安装
kubectl create ns monitor
# 编辑 altermanager 的告警配置
## 1. 编辑一个有想告警配置:
cat > alertmanager.yaml << EOF
global:
# 设置SMTP服务器的主机名和端口。Alertmanager 会通过这个服务器发送邮件。
smtp_smarthost: "smtp.qq.com:465" # 替换为您的SMTP服务器地址和端口
# 设置发送者的邮箱地址。这将显示在邮件的“发件人”字段中。
smtp_from: "xxx@qq.com" # 更改为实际的发件人邮箱地址
# 如果SMTP服务器需要身份验证,提供用户名。
smtp_auth_username: "xxx@qq.com" # SMTP服务器的认证用户名
# 提供SMTP服务器的密码。
smtp_auth_password: "xxx" # SMTP服务器的认证密码
# 如果SMTP服务器要求TLS连接,请取消这行的注释。
smtp_require_tls: true
route:
# 设置默认接收器名称,这里我们指向下方定义的邮件接收器。
receiver: "blackhole"
# 定义如何将进入的告警分组。告警将根据这些标签进行分组。
group_by: ["env", "instance", "alertname", "type", "group", "job"]
# 设置Alertmanager在发送初始通知之前等待的时间,目的是将短时间内的多个告警批量化。
group_wait: 30s
# 设置Alertmanager在首次通知发送后,等待多久发送该组新的告警。
group_interval: 3m
# 设置Alertmanager在成功发送告警后,重新发送通知之前的等待时间。
repeat_interval: 3m
routes: # 这里就是配置子 route 节点
- match_re:
level: "^(critical|emergency)$" # 表示匹配级别为“emergency”和“critical”的告警
receiver: db-alert-email # 级别为“emergency”和“critical”的告警都发送给 pingcap-alert
continue: false # 表示告警是否继续对后面的 route 节点进行匹配,默认值就是 false,false 表示不继续匹配
receivers:
# 定义名为"db-alert-email"的接收器,用于发送电子邮件通知。
- name: "db-alert-email"
email_configs:
- to: "xxx@qq.com" # 收件人邮箱地址,替换为实际接收告警的邮箱
send_resolved: true # 告警解决后也发送通知,确保你了解到问题已解决
require_tls: false
# 黑洞接收器,它实际上不会发送任何告警。可以用作默认接收器,确保没有未配置接收器的告警不会发送出去。
- name: "blackhole"
EOF
## 加密
base64 -w 0 alertmanager.yaml > encoded.txt
## 2. 将文件加密,将加密内容输入到 | 下面
cat > alertmanager-config.yaml << EOF
apiVersion: v1
kind: Secret
metadata:
name: alertmanager-config
namespace: monitor
type: Opaque
data:
alertmanager.yaml: |
# 这里填写 encoded.txt 内容,yaml 格式规范
EOF
# 部署 yaml
cat > alertmanager-deployment.yaml << EOF
apiVersion: apps/v1
kind: Deployment
metadata:
name: alertmanager
namespace: monitor
spec:
replicas: 1
selector:
matchLabels:
app: alertmanager
template:
metadata:
labels:
app: alertmanager
spec:
containers:
- name: alertmanager
image: prom/alertmanager:v0.21.0
args:
- "--config.file=/etc/alertmanager/alertmanager.yaml"
- "--storage.path=/alertmanager"
- "--log.level=info"
ports:
- containerPort: 9093
volumeMounts:
- name: config-volume
mountPath: /etc/alertmanager
- name: data
mountPath: /alertmanager
volumes:
- name: config-volume
secret:
secretName: alertmanager-config
- name: data
emptyDir: {}
EOF
# service 配置
cat > alertmanager-service.yaml << EOF
apiVersion: v1
kind: Service
metadata:
name: alertmanager
namespace: monitor
spec:
type: ClusterIP
ports:
- name: web
port: 9093
protocol: TCP
targetPort: 9093
selector:
app: alertmanager
EOF
应用
kubectl apply -f alertmanager-config.yaml
kubectl apply -f alertmanager-deployment.yaml
kubectl apply -f alertmanager-service.yaml
部署完成之后,关于 altermanager 的告警配置相关可以用下面方法查看:
# 查看 pod
kubectl get po -n monitor
NAME READY STATUS RESTARTS AGE
alertmanager-5494c78fbf-zs92w 1/1 Running 0 5m22s
# 查看配置文件
kubectl exec -it alertmanager-5494c78fbf-zs92w -n monitor -- cat /etc/alertmanager/alertmanager.yaml
如果使用 altermanager 服务,可以使用 service 的 ip
kubectl get all -n monitor
NAME READY STATUS RESTARTS AGE
pod/alertmanager-5494c78fbf-zs92w 1/1 Running 0 5m55s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/alertmanager ClusterIP 10.99.215.89 <none> 9093/TCP 17m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/alertmanager 1/1 1 1 17m
NAME DESIRED CURRENT READY AGE
replicaset.apps/alertmanager-5494c78fbf 1 1 1 17m
tidb 告警使用
对之前 Prometheus 安装文件中添加 alertmanagerURL 即可:
$ vi monitor-deploy.yaml
kubePrometheusURL: http://10.97.132.11:9090
alertmanagerURL: 10.99.215.89:9093
# 添加配置
kubectl apply -f monitor-deploy.yaml -n tidb
这里可以手动删除一个 pd follower 的 pod 来触发告警。