本人不研究监控方向,只是记录一下问题。
基于https://github.com/prometheus-operator/kube-prometheus的安装,网上都有资料,一些怎么换镜像源这类小问题不说了,主要说下setup下yaml需要create -f创建,然后再apply -f manifest资源后会发现......不论prometheus、grafana都访问不了,即便将svc设置成nodeport模式直接ip+port,还是不行;也有可能出现刚部署完可以访问到,但是过上半分钟就寄了的情况
kubectl delete -f manifests/prometheus-networkPolicy.yaml kubectl delete -f manifests/grafana-networkPolicy.yaml kubectl delete -f manifests/alertmanager-networkPolicy.yaml
需要删除这三个网络策略,三个内容类似,说白了就是设置了个只能自己组件直接访问,其他渠道访问不了,这样确实安全了很多,不过对日常排查就麻烦了
1 apiVersion: networking.k8s.io/v1 2 kind: NetworkPolicy 3 metadata: 4 labels: 5 app.kubernetes.io/component: alert-router 6 app.kubernetes.io/instance: main 7 app.kubernetes.io/name: alertmanager 8 app.kubernetes.io/part-of: kube-prometheus 9 app.kubernetes.io/version: 0.25.0 10 name: alertmanager-main 11 namespace: monitoring 12 spec: 13 egress: 14 - {} 15 ingress: 16 - from: 17 - podSelector: 18 matchLabels: 19 app.kubernetes.io/name: prometheus 20 ports: 21 - port: 9093 22 protocol: TCP 23 - port: 8080 24 protocol: TCP 25 - from: 26 - podSelector: 27 matchLabels: 28 app.kubernetes.io/name: alertmanager 29 ports: 30 - port: 9094 31 protocol: TCP 32 - port: 9094 33 protocol: UDP 34 podSelector: 35 matchLabels: 36 app.kubernetes.io/component: alert-router 37 app.kubernetes.io/instance: main 38 app.kubernetes.io/name: alertmanager 39 app.kubernetes.io/part-of: kube-prometheus 40 policyTypes: 41 - Egress 42 - Ingress
- prometheus grafana 问题prometheus grafana prometheus模板grafana prometheus grafana docker alertmanager prometheus grafana prometheus windows grafana jmeter node-exporter prometheus exporter grafana node_exporter prometheus exporter grafana 磁盘prometheus内存grafana prometheus grafana服务器 资源 上集prometheus grafana helm