typora/note/K8S/实战笔记/docker部署监控.md

### prometheus 部署

- 部署网络和持久化存储卷

```bash
docker network create monitoring
docker volume create prometheus-data
```

- 初始配置文件，prometheus.yml

``` yaml
global:
  scrape_interval: 15s

scrape_configs:
  - job_name: 'prometheus'
    static_configs:
      - targets: ['localhost:9090']
      
```

- 启动prometheus

```bash
docker run -itd \
  --name prometheus \
  --network internal \
  -v /mnt/sdb3/Configs/prometheus/data:/prometheus \
  -v /mnt/sdb3/Configs/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml \
  prom/prometheus:v2.45.1 \
  --web.enable-lifecycle \
  --config.file=/etc/prometheus/prometheus.yml \
  --web.external-url=/prometheus/
```



### grafana 部署

- 持久化存储

```bash
docker volume create grafana-data
```

- 启动容器

```bash
docker run -d \
  --name grafana \
  --network internal \
  -v /mnt/sdb3/Configs/grafana/data:/var/lib/grafana \
  -v /mnt/sdb3/Configs/grafana/grafana.ini:/etc/grafana/grafana.ini \
  grafana/grafana
```

### Nginx 子路径 Grafana

- 配置grafana.ini

```bash
root_url = https://home.heysq.com:8443/grafana/

# Serve Grafana from subpath specified in `root_url` setting. By default it is set to `false` for compatibility reasons.
serve_from_sub_path = true
```

- 添加nginx配置

```nginx
location /grafana/ {
    proxy_set_header Host $http_host;
    proxy_pass http://grafana;
}

# Proxy Grafana Live WebSocket connections.
location /grafana/api/live/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
    proxy_set_header Host $http_host;
    proxy_pass http://grafana;
}
```


### Nginx 监控

- nginx 开启stub_status

```nginx
server {
    listen 8444;
    keepalive_timeout 0;

    access_log off;

    allow 0.0.0.0/0;
    deny all;

    location /stub_status {
        stub_status on;
    }
}
```

- docker 部署nginx_exporter

```bash
docker run -itd -p 9113:9113 \
--name=nginx_exporter \
--network=monitoring \
nginx/nginx-prometheus-exporter:0.11 \
-nginx.scrape-uri=http://192.168.0.3:8444/stub_satus
```

### IKuai监控

```bash
docker run -itd \
-p 8001:8001 \
--name ikuai-aio \
--restart always \
-e HTTP_INSECURE_SKIP_VERIFY=false \
-e HTTP_TIMEOUT=30s \
-e TZ=Asia/Shanghai \
-e IKUAI_ADDR=http://192.168.0.1 \
-e IKUAI_USERNAME=admin \
-e IKUAI_PASSWORD=Sunqi0220. \
-e IKUAI_CRON_SKIP_START=false \
-e IKUAI_EXPORTER_LISTEN_ADDR=0.0.0.0:8001 \
ghcr.io/nervebing/ikuai-aio:latest
```

- grafana 面板 https://grafana.com/grafana/dashboards/19247-ikuai/

### openwrt 配置 nginx

```bash
docker run -itd \
--name nginx \
--network=internal \
--restart=always \
-p 8443:8443 \
-v /mnt/sdb3/Configs/nginx/conf.d:/etc/nginx/conf.d \
-v /mnt/sdb3/Configs/nginx/ssl/:/etc/nginx/ssl \
-v /mnt/sdb3/Configs/nginx/logs:/var/log/nginx/ \
-v /mnt/sdb3/Configs/nginx/nginx.conf:/etc/nginx/nginx.conf \
-v /mnt/sdb3/Configs/nginx/htpasswd_file:/etc/nginx/htpasswd_file \
nginx:1.22
```

### cAdvisor 部署

```bash
docker run \
  --volume=/:/rootfs:ro \
  --volume=/var/run:/var/run:ro \
  --volume=/sys:/sys:ro \
  --volume=/mnt/sdb3/:/var/lib/docker:ro \
  --network=internal \
  --detach=true \
  --name=cadvisor \
  --privileged \
  --device=/dev/kmsg \
  google/cadvisor:latest
```