typora/note/K8S/实战笔记/docker部署监控.md

prometheus 部署

• 部署网络和持久化存储卷

docker network create monitoring
docker volume create prometheus-data

• 初始配置文件，prometheus.yml

global:
  scrape_interval: 15s

scrape_configs:
  - job_name: 'prometheus'
    static_configs:
      - targets: ['localhost:9090']
      

• 启动prometheus

docker run -itd \
  --name prometheus \
  --network internal \
  -v /mnt/sdb3/Configs/prometheus/data:/prometheus \
  -v /mnt/sdb3/Configs/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml \
  prom/prometheus:v2.45.1 \
  --web.enable-lifecycle \
  --config.file=/etc/prometheus/prometheus.yml \
  --web.external-url=/prometheus/

grafana 部署

• 持久化存储

docker volume create grafana-data

• 启动容器

docker run -d \
  --name grafana \
  --network internal \
  -v /mnt/sdb3/Configs/grafana/data:/var/lib/grafana \
  -v /mnt/sdb3/Configs/grafana/grafana.ini:/etc/grafana/grafana.ini \
  grafana/grafana

Nginx 子路径 Grafana

• 配置grafana.ini

root_url = https://home.heysq.com:8443/grafana/

# Serve Grafana from subpath specified in `root_url` setting. By default it is set to `false` for compatibility reasons.
serve_from_sub_path = true

• 添加nginx配置

location /grafana/ {
    proxy_set_header Host $http_host;
    proxy_pass http://grafana;
}

# Proxy Grafana Live WebSocket connections.
location /grafana/api/live/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
    proxy_set_header Host $http_host;
    proxy_pass http://grafana;
}

Nginx 监控

• nginx 开启stub_status

server {
    listen 8444;
    keepalive_timeout 0;

    access_log off;

    allow 0.0.0.0/0;
    deny all;

    location /stub_status {
        stub_status on;
    }
}

• docker 部署nginx_exporter

docker run -itd -p 9113:9113 \
--name=nginx_exporter \
--network=monitoring \
nginx/nginx-prometheus-exporter:0.11 \
-nginx.scrape-uri=http://192.168.0.3:8444/stub_satus

IKuai监控

docker run -itd \
-p 8001:8001 \
--name ikuai-aio \
--restart always \
-e HTTP_INSECURE_SKIP_VERIFY=false \
-e HTTP_TIMEOUT=30s \
-e TZ=Asia/Shanghai \
-e IKUAI_ADDR=http://192.168.0.1 \
-e IKUAI_USERNAME=admin \
-e IKUAI_PASSWORD=Sunqi0220. \
-e IKUAI_CRON_SKIP_START=false \
-e IKUAI_EXPORTER_LISTEN_ADDR=0.0.0.0:8001 \
ghcr.io/nervebing/ikuai-aio:latest

• grafana 面板 https://grafana.com/grafana/dashboards/19247-ikuai/

openwrt 配置 nginx

docker run -itd \
--name nginx \
--network=internal \
--restart=always \
-p 8443:8443 \
-v /mnt/sdb3/Configs/nginx/conf.d:/etc/nginx/conf.d \
-v /mnt/sdb3/Configs/nginx/ssl/:/etc/nginx/ssl \
-v /mnt/sdb3/Configs/nginx/logs:/var/log/nginx/ \
-v /mnt/sdb3/Configs/nginx/nginx.conf:/etc/nginx/nginx.conf \
-v /mnt/sdb3/Configs/nginx/htpasswd_file:/etc/nginx/htpasswd_file \
nginx:1.22

cAdvisor 部署

docker run \
  --volume=/:/rootfs:ro \
  --volume=/var/run:/var/run:ro \
  --volume=/sys:/sys:ro \
  --volume=/mnt/sdb3/:/var/lib/docker:ro \
  --network=internal \
  --detach=true \
  --name=cadvisor \
  --privileged \
  --device=/dev/kmsg \
  google/cadvisor:latest