diff --git a/deployment/README.md b/deployment/README.md index 60975c09..3fd35507 100644 --- a/deployment/README.md +++ b/deployment/README.md @@ -5,7 +5,7 @@ ### 后期考虑功能: * HPA自动扩缩容 * MySQL主从、Redis集群、服务集群 -* Prometheus + Grafana 监控告警, ELK日志收集 +* ELK日志收集 ## 容器分布 ~~~ @@ -28,7 +28,11 @@ namespace │ └── skywalking │ └── skywalking-ui ├── minio - └── minio +│ └── minio +├── monitor-sa +│ └── node-exporter +│ └── prometheus-server +│ └── monitoring-grafana ~~~ ## 部署顺序及要点 diff --git a/deployment/monitor/monitor-namespace.yaml b/deployment/monitor/monitor-namespace.yaml new file mode 100644 index 00000000..c82fa354 --- /dev/null +++ b/deployment/monitor/monitor-namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: monitor-sa diff --git a/deployment/monitor/node-exporter.yaml b/deployment/monitor/node-exporter.yaml new file mode 100644 index 00000000..c9c90dba --- /dev/null +++ b/deployment/monitor/node-exporter.yaml @@ -0,0 +1,63 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: node-exporter + namespace: monitor-sa + labels: + name: node-exporter +spec: + selector: + matchLabels: + name: node-exporter + template: + metadata: + labels: + name: node-exporter + spec: + hostPID: true + hostIPC: true + hostNetwork: true # 共享宿主机网络和进程 + containers: + - name: node-exporter + image: prom/node-exporter:v0.16.0 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 9100 # 容器暴露端口为9100 + resources: + requests: + cpu: 0.15 + securityContext: + privileged: true # 开启特权模式 + args: + - --path.procfs + - /host/proc + - --path.sysfs + - /host/sys + - --collector.filesystem.ignored-mount-points + - '"^/(sys|proc|dev|host|etc)($|/)"' + volumeMounts: # 挂载宿主机目录以收集宿主机信息 + - name: dev + mountPath: /host/dev + - name: proc + mountPath: /host/proc + - name: sys + mountPath: /host/sys + - name: rootfs + mountPath: /rootfs + tolerations: # 定义容忍度,使其可调度到默认有污点的master + - key: "node-role.kubernetes.io/master" + operator: "Exists" + effect: "NoSchedule" + volumes: # 定义存储卷 + - name: proc + hostPath: + path: /proc + - name: dev + hostPath: + path: /dev + - name: sys + hostPath: + path: /sys + - name: rootfs + hostPath: + path: / \ No newline at end of file diff --git a/deployment/monitor/prometheus-config.yaml b/deployment/monitor/prometheus-config.yaml new file mode 100644 index 00000000..d0327098 --- /dev/null +++ b/deployment/monitor/prometheus-config.yaml @@ -0,0 +1,169 @@ +apiVersion: v1 +kind: ConfigMap # +metadata: + name: prometheus-config + namespace: kube-system + labels: + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: EnsureExists +data: + prometheus.yml: | + rule_files: + - /etc/config/rules/*.rules + + scrape_configs: + - job_name: prometheus + static_configs: + - targets: + - localhost:9090 + + - job_name: kubernetes-nodes + scrape_interval: 30s + static_configs: + - targets: + - 192.168.73.135:9100 + - 192.168.73.138:9100 + - 192.168.73.139:9100 + - 192.168.73.140:9100 + + - job_name: kubernetes-apiservers + kubernetes_sd_configs: + - role: endpoints + relabel_configs: + - action: keep + regex: default;kubernetes;https + source_labels: + - __meta_kubernetes_namespace + - __meta_kubernetes_service_name + - __meta_kubernetes_endpoint_port_name + scheme: https + tls_config: + ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + insecure_skip_verify: true + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + + - job_name: kubernetes-nodes-kubelet + kubernetes_sd_configs: + - role: node + relabel_configs: + - action: labelmap + regex: __meta_kubernetes_node_label_(.+) + scheme: https + tls_config: + ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + insecure_skip_verify: true + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + + - job_name: kubernetes-nodes-cadvisor + kubernetes_sd_configs: + - role: node + relabel_configs: + - action: labelmap + regex: __meta_kubernetes_node_label_(.+) + - target_label: __metrics_path__ + replacement: /metrics/cadvisor + scheme: https + tls_config: + ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + insecure_skip_verify: true + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + + - job_name: kubernetes-service-endpoints + kubernetes_sd_configs: + - role: endpoints + relabel_configs: + - action: keep + regex: true + source_labels: + - __meta_kubernetes_service_annotation_prometheus_io_scrape + - action: replace + regex: (https?) + source_labels: + - __meta_kubernetes_service_annotation_prometheus_io_scheme + target_label: __scheme__ + - action: replace + regex: (.+) + source_labels: + - __meta_kubernetes_service_annotation_prometheus_io_path + target_label: __metrics_path__ + - action: replace + regex: ([^:]+)(?::\d+)?;(\d+) + replacement: $1:$2 + source_labels: + - __address__ + - __meta_kubernetes_service_annotation_prometheus_io_port + target_label: __address__ + - action: labelmap + regex: __meta_kubernetes_service_label_(.+) + - action: replace + source_labels: + - __meta_kubernetes_namespace + target_label: kubernetes_namespace + - action: replace + source_labels: + - __meta_kubernetes_service_name + target_label: kubernetes_name + + - job_name: kubernetes-services + kubernetes_sd_configs: + - role: service + metrics_path: /probe + params: + module: + - http_2xx + relabel_configs: + - action: keep + regex: true + source_labels: + - __meta_kubernetes_service_annotation_prometheus_io_probe + - source_labels: + - __address__ + target_label: __param_target + - replacement: blackbox + target_label: __address__ + - source_labels: + - __param_target + target_label: instance + - action: labelmap + regex: __meta_kubernetes_service_label_(.+) + - source_labels: + - __meta_kubernetes_namespace + target_label: kubernetes_namespace + - source_labels: + - __meta_kubernetes_service_name + target_label: kubernetes_name + + - job_name: kubernetes-pods + kubernetes_sd_configs: + - role: pod + relabel_configs: + - action: keep + regex: true + source_labels: + - __meta_kubernetes_pod_annotation_prometheus_io_scrape + - action: replace + regex: (.+) + source_labels: + - __meta_kubernetes_pod_annotation_prometheus_io_path + target_label: __metrics_path__ + - action: replace + regex: ([^:]+)(?::\d+)?;(\d+) + replacement: $1:$2 + source_labels: + - __address__ + - __meta_kubernetes_pod_annotation_prometheus_io_port + target_label: __address__ + - action: labelmap + regex: __meta_kubernetes_pod_label_(.+) + - action: replace + source_labels: + - __meta_kubernetes_namespace + target_label: kubernetes_namespace + - action: replace + source_labels: + - __meta_kubernetes_pod_name + target_label: kubernetes_pod_name + alerting: + alertmanagers: + - static_configs: + - targets: ["alertmanager:80"] \ No newline at end of file diff --git a/deployment/servers/ruoyi/gateway/jar/ruoyi-gateway.jar b/deployment/servers/ruoyi/gateway/jar/ruoyi-gateway.jar deleted file mode 100644 index 59b53712..00000000 Binary files a/deployment/servers/ruoyi/gateway/jar/ruoyi-gateway.jar and /dev/null differ diff --git a/deployment/skywalking/agent.dockerfile b/deployment/skywalking/agent.dockerfile index d49c85af..94aae35d 100644 --- a/deployment/skywalking/agent.dockerfile +++ b/deployment/skywalking/agent.dockerfile @@ -3,9 +3,9 @@ FROM docker.io/library/busybox:latest AS base # 使用 ADD 下载 java-agent,你也可以使用其他下载命令,或者下载到本地,再 使用 COPY或者ADD 指令添加到 镜像里 -ADD https://dlcdn.apache.org/skywalking/java-agent/8.14.0/apache-skywalking-java-agent-8.14.0.tgz /tmp/ +ADD https://dlcdn.apache.org/skywalking/java-agent/9.0.0/apache-skywalking-java-agent-9.0.0.tgz /tmp/ RUN mkdir -p /opt \ - && tar -xzf /tmp/apache-skywalking-java-agent-8.14.0.tgz -C /opt/ \ + && tar -xzf /tmp/apache-skywalking-java-agent-9.0.0.tgz -C /opt/ \ && rm -rf /tmp/* #ADD skywalking-agent.tar.gz /opt/ RUN mkdir -p /javaagent