系統環境:json
Prometheus Operator版本: 0.29 Kubernetes 版本: 1.14.0api
1、Traefik 配置文件設置 Prometheus
要監控 Traefik 控制器,首先要控制 Traeik 將 Metrics 數據暴露出來,這須要在配置文件中加入下面配置:bash
[metrics] [metrics.prometheus] entryPoint = "traefik" buckets = [0.1,0.3,1.2,5.0]
安裝 Traefik 時候已經將配置文件外掛到 Kubernetes ConfigMap 中,詳情能夠參考 Kubernetes 部署 Traefik Ingress 一文。session
例如,集羣中將 Traefik 配置文件掛載到 Kubernetes ConfigMap 中,能夠用 「kubectl etid」 命令編輯 Traefik 配置文件,加上 Prometheus 配置,這裏提供本人完整配置以下:app
$ kubectl edit ConfigMap traefik-config -n kube-system
apiVersion: v1
data:
traefik.toml: |
# traefik.toml debug = true InsecureSkipVerify = true defaultEntryPoints = ["http","https"] [entryPoints] [entryPoints.http] address = ":80" compress = true [entryPoints.https] address = ":443" compress = true [entryPoints.https.tls] [[entryPoints.https.tls.certificates]] CertFile = "/ssl/tls.crt" KeyFile = "/ssl/tls.key" [entryPoints.traefik] address = ":8080" [kubernetes] [traefikLog] format = "json" #filePath = "/data/traefik.log" [accessLog] #filePath = "/data/access.log" format = "json" [accessLog.filters] retryAttempts = true minDuration = "10ms" [accessLog.fields] defaultMode = "keep" [accessLog.fields.names] "ClientUsername" = "drop" [accessLog.fields.headers] defaultMode = "keep" [accessLog.fields.headers.names] "User-Agent" = "redact" "Authorization" = "drop" "Content-Type" = "keep" [api] entryPoint = "traefik" dashboard = true [metrics] [metrics.prometheus] entryPoint = "traefik" buckets = [0.1,0.3,1.2,5.0]
2、Traefik Service 設置標籤
Prometheus Operator 是經過 Label 匹配的,須要提早設置 Service 貼上「k8s-app: traefik-ingress」標籤ui
一、查看 Traefik Service
$ kubectl get service -n kube-system kube-dns ClusterIP 10.10.0.10 <none> 53/UDP,53/TCP,9153/TCP 79d kubelet ClusterIP None <none> 10250/TCP 35d traefik-ingress-service ClusterIP 10.10.114.105 <none> 80/TCP,443/TCP,8080/TCP 56d
二、編輯該 Service 設置 Label
編輯 Traefik Servicespa
$ kubectl edit service traefik-ingress-service -n kube-system
設置 Label 「k8s-app: traefik-ingress」debug
apiVersion: v1 kind: Service metadata: creationTimestamp: "2019-04-15T05:06:41Z" name: traefik-ingress-service namespace: kube-system resourceVersion: "85575" selfLink: /api/v1/namespaces/kube-system/services/traefik-ingress-service uid: 4172b4df-5f3c-11e9-9287-000c29d98697 labels: k8s-app: traefik-ingress #---增長標籤 「k8s-app: traefik-ingress」 spec: clusterIP: 10.10.114.105 ports: - name: http port: 80 protocol: TCP targetPort: 80 - name: https port: 443 protocol: TCP targetPort: 443 - name: admin #---Prometheus metrics 數據是經過8080端口暴露的 port: 8080 protocol: TCP targetPort: 8080 selector: k8s-app: traefik-ingress-lb sessionAffinity: None type: ClusterIP status: loadBalancer: {}
3、Prometheus Operator 配置監控規則
配置服務監控資源,用於監控 Traefik 控制器:code
traefik-monitor.yamlorm
apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: traefik-ingress namespace: monitoring labels: k8s-app: traefik-ingress spec: jobLabel: k8s-app endpoints: - port: admin #---設置爲traefik 8080端口名稱 admin interval: 30s selector: matchLabels: k8s-app: traefik-ingress namespaceSelector: matchNames: - kube-system
建立該Service Monitor
$ kubectl apply -f traefik-monitor.yaml
4、查看 Prometheus 規則
打開 Prometheus UI,查看 Prometheus 規則,能夠看到 traefik 數據已經存在。
5、Grafana 引入儀表盤
打開 Grafana,在其中引入編號「4475」的儀表盤
而後就能夠看到儀表盤
若是沒有數據,請提早經過 Traefik Ingress 訪問其配置的域名,刷新出一些數據,而後調整小時間範圍。
