在K8S中基于 traefik ingress 来监控每个域名的请求数量

olivee 5年前 ⋅ 1154 阅读

前提

已安装好prometheus。

本文安装的traefik版本为v1.7.11。prometheus版本为:v2.11.0。

1. 配置serviceAccount的权限

ingress-rbac.yml的配置如下:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: ingress
  namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: ingress
subjects:
  - kind: ServiceAccount
    name: ingress
    namespace: kube-system
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io

2. 部署ingres的daemonset

这里主要在启动参数中增加了--metrics--metrics.prometheus--metrics.prometheus.entrypoint=traefik参数,增加这个参数后好像不能修改web.address修改端口,智能用默认的8080端口。(查看参数的帮助说明用命令:kubectl exec -ti -n kube-system traefik-ingress-lb-lg24f -- /traefik -h,其中kube-system traefik-ingress-lb-lg24f是pod的名称)。完成完成后等待pod启动完成。

daemonset.yml的配置如下:

apiVersion: apps/v1 
kind: DaemonSet
metadata:
  name: traefik-ingress-lb
  namespace: kube-system
  labels:
    k8s-app: traefik-ingress-lb
spec:
  selector:
    matchLabels:
      k8s-app: traefik-ingress-lb
      name: traefik-ingress-lb
  template:
    metadata:
      labels:
        k8s-app: traefik-ingress-lb
        name: traefik-ingress-lb
    spec:
      terminationGracePeriodSeconds: 60
      hostNetwork: true
      restartPolicy: Always
      serviceAccountName: ingress
      containers:
      - image: traefik:v1.7.11
        imagePullPolicy: IfNotPresent
        name: traefik-ingress-lb
        ports:
        - name: http
          containerPort: 80
          hostPort: 80
        - name: metrics
          containerPort: 8080
          hostPort: 8080
        args:
        - --kubernetes
        - --metrics
        - --metrics.prometheus
        - --metrics.prometheus.entrypoint=traefik
      nodeSelector:
        kubernetes.io/arch: amd64

3. 配置service.yml

这里配置的服务的selector为k8s-app: traefik-ingress-lb,端口名称metrics映射的端口是8080

service.yml的配置如下:

apiVersion: v1
kind: Service
metadata:
  name: traefik-web-ui
  namespace: kube-system
  labels:
    k8s-app: traefik-ingress-lb
spec:
  selector:
    k8s-app: traefik-ingress-lb
  ports:
  - name: metrics 
    port: 8080
    targetPort: 8080 

4. 配置servicemonitor.yml

这里监控的服务的selector为k8s-app: traefik-ingress-lb,端口名称metrics映射的端口是8080,命名空间为kube-system

servicemonitor.yml的配置如下:

apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
  labels:
    k8s-app: traefik-ingress-lb
  name: traefik
  namespace: kube-system
spec:
  endpoints:
  - interval: 5s
    port: metrics 
  namespaceSelector:
    matchNames:
    - kube-system
  selector:
    matchLabels:
      k8s-app: traefik-ingress-lb

5. 配置完成后再去prometheus去验证

5.1 查看targets是否正常

比如查看我本地的prometheus的targets:http://prometheus.testdomain.com/targets 1.png

5.2 查看traefik_backend_requests_total数据

比如查看我本地的prometheus的traefik_backend_requests_total数据:http://prometheus.testdomain.com/graph?g0.range_input=1h&g0.expr=traefik_backend_requests_total&g0.tab=1 2.png