k8s 部署 prometheus 采集监控
安装
git clone [email protected]:prometheus-operator/kube-prometheus.git
cd kube-prometheus
kubectl apply --server-side -f manifests/setup
kubectl wait --for condition=Established --all CustomResourceDefinition --namespace=monitoring
kubectl apply -f manifests/
由于kube-prometheus 有 networkpolicy,所以不能访问 monitoring 命名空间的 pod,需要把 networkpolicy 删除掉
kubectl -n monitoring delete networkpolicies.networking.k8s.io --all
问题排查
如果配置了 servicemonitor还是不能访问,检查servicemonitor配置,给 prometheus 增加权限
--- a/manifests/prometheus-clusterRole.yaml
+++ b/manifests/prometheus-clusterRole.yaml
@@ -12,10 +12,12 @@ rules:
- apiGroups:
- ""
resources:
+ - nodes
+ - services
+ - endpoints
+ - pods
- nodes/metrics
- verbs:
- - get
+ verbs: ["get", "list", "watch"]
- nonResourceURLs:
- /metrics
- verbs:
- - get
+ verbs: ["get", "list", "watch"]