chore: fix database monitor, use vm. (#4677)

* chore: fix database monitor, use vm. Signed-off-by: yy <[email protected]> --------- Signed-off-by: yy <[email protected]>
labring · Apr 12, 2024 · e3c82b4 · e3c82b4
1 parent 5cb7e44
commit e3c82b4
Show file tree

Hide file tree

Showing 2 changed files with 104 additions and 190 deletions.
diff --git a/scripts/cloud/install.sh b/scripts/cloud/install.sh
@@ -378,200 +378,113 @@ spec:
 "
     echo "$ingress_config" > $CLOUD_DIR/ingress-nginx-config.yaml
 
-    kb_addon_prometheus_server_patch='
-data:
-  prometheus.yml: |
-    global:
-      evaluation_interval: 15s
-      scrape_interval: 15s
-      scrape_timeout: 10s
-    rule_files:
-    - /etc/config/recording_rules.yml
-    - /etc/config/alerting_rules.yml
-    - /etc/config/kubelet_alert_rules.yml
-    - /etc/config/mysql_alert_rules.yml
-    - /etc/config/postgresql_alert_rules.yml
-    - /etc/config/redis_alert_rules.yml
-    - /etc/config/kafka_alert_rules.yml
-    - /etc/config/mongodb_alert_rules.yml
-    scrape_configs:
-    - job_name: prometheus
-      static_configs:
-      - targets:
-        - localhost:9090
+    vm_secret='
+apiVersion: v1
+kind: Secret
+metadata:
+  name: additional-scrape-configs
+  namespace: vm
+stringData:
+  prometheus-additional.yaml: |
     - honor_labels: true
       job_name: kubeblocks-service
       kubernetes_sd_configs:
-      - role: endpoints
-      relabel_configs:
-      - action: keep
-        regex: kubeblocks
-        source_labels:
-        - __meta_kubernetes_service_label_app_kubernetes_io_managed_by
-      - action: drop
-        regex: agamotto
-        source_labels:
-        - __meta_kubernetes_service_label_monitor_kubeblocks_io_managed_by
-      - action: keep
-        regex: true
-        source_labels:
-        - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scrape
-      - action: replace
-        regex: (https?)
-        source_labels:
-        - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scheme
-        target_label: __scheme__
-      - action: replace
-        regex: (.+)
-        source_labels:
-        - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_path
-        target_label: __metrics_path__
-      - action: replace
-        regex: (.+?)(?::\d+)?;(\d+)
-        replacement: $1:$2
-        source_labels:
-        - __address__
-        - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_port
-        target_label: __address__
-      - action: labelmap
-        regex: __meta_kubernetes_service_annotation_monitor_kubeblocks_io_param_(.+)
-        replacement: __param_$1
-      - action: labelmap
-        regex: __meta_kubernetes_service_label_(.+)
-      - action: replace
-        source_labels:
-        - __meta_kubernetes_namespace
-        target_label: namespace
-      - action: replace
-        source_labels:
-        - __meta_kubernetes_service_name
-        target_label: service
-      - action: replace
-        source_labels:
-        - __meta_kubernetes_pod_node_name
-        target_label: node
-      - action: replace
-        source_labels:
-        - __meta_kubernetes_pod_name
-        target_label: pod
-      - action: drop
-        regex: Pending|Succeeded|Failed|Completed
-        source_labels:
-        - __meta_kubernetes_pod_phase
-    - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-      job_name: kubernetes-apiservers
-      kubernetes_sd_configs:
-      - role: endpoints
-      relabel_configs:
-      - action: keep
-        regex: default;kubernetes;https
-        source_labels:
-        - __meta_kubernetes_namespace
-        - __meta_kubernetes_service_name
-        - __meta_kubernetes_endpoint_port_name
-      scheme: https
-      tls_config:
-        ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
-        insecure_skip_verify: true
-    - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-      job_name: kubernetes-nodes
-      kubernetes_sd_configs:
-      - role: node
-      relabel_configs:
-      - action: labelmap
-        regex: __meta_kubernetes_node_label_(.+)
-      - replacement: kubernetes.default.svc:443
-        target_label: __address__
-      - regex: (.+)
-        replacement: /api/v1/nodes/$1/proxy/metrics
-        source_labels:
-        - __meta_kubernetes_node_name
-        target_label: __metrics_path__
-      scheme: https
-      tls_config:
-        ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
-        insecure_skip_verify: true
-    - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-      job_name: kubernetes-nodes-cadvisor
-      kubernetes_sd_configs:
-      - role: node
+        - role: endpoints
       relabel_configs:
-      - action: labelmap
-        regex: __meta_kubernetes_node_label_(.+)
-      - replacement: kubernetes.default.svc:443
-        target_label: __address__
-      - regex: (.+)
-        replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor
-        source_labels:
-        - __meta_kubernetes_node_name
-        target_label: __metrics_path__
-      scheme: https
-      tls_config:
-        ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
-        insecure_skip_verify: true
+        - action: keep
+          regex: kubeblocks
+          source_labels:
+            - __meta_kubernetes_service_label_app_kubernetes_io_managed_by
+        - action: drop
+          regex: agamotto
+          source_labels:
+            - __meta_kubernetes_service_label_monitor_kubeblocks_io_managed_by
+        - action: keep
+          regex: true
+          source_labels:
+            - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scrape
+        - action: replace
+          regex: (https?)
+          source_labels:
+            - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scheme
+          target_label: __scheme__
+        - action: replace
+          regex: (.+)
+          source_labels:
+            - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_path
+          target_label: __metrics_path__
+        - action: replace
+          regex: (.+?)(?::\d+)?;(\d+)
+          replacement: $1:$2
+          source_labels:
+            - __address__
+            - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_port
+          target_label: __address__
+        - action: labelmap
+          regex: __meta_kubernetes_service_annotation_monitor_kubeblocks_io_param_(.+)
+          replacement: __param_$1
+        - action: labelmap
+          regex: __meta_kubernetes_service_label_(.+)
+        - action: replace
+          source_labels:
+            - __meta_kubernetes_namespace
+          target_label: namespace
+        - action: replace
+          source_labels:
+            - __meta_kubernetes_service_name
+          target_label: service
+        - action: replace
+          source_labels:
+            - __meta_kubernetes_pod_node_name
+          target_label: node
+        - action: replace
+          source_labels:
+            - __meta_kubernetes_pod_name
+          target_label: pod
+        - action: drop
+          regex: Pending|Succeeded|Failed|Completed
+          source_labels:
+            - __meta_kubernetes_pod_phase
     - honor_labels: true
       job_name: kubeblocks-agamotto
       kubernetes_sd_configs:
-      - role: endpoints
+        - role: endpoints
       relabel_configs:
-      - action: keep
-        regex: agamotto
-        source_labels:
-        - __meta_kubernetes_service_label_monitor_kubeblocks_io_managed_by
-      - action: keep
-        regex: true
-        source_labels:
-        - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scrape
-      - action: replace
-        regex: (https?)
-        source_labels:
-        - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scheme
-        target_label: __scheme__
-      - action: replace
-        regex: (.+)
-        source_labels:
-        - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_path
-        target_label: __metrics_path__
-      - action: replace
-        regex: (.+?)(?::\d+)?;(\d+)
-        replacement: $1:$2
-        source_labels:
-        - __address__
-        - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_port
-        target_label: __address__
-      - action: labelmap
-        regex: __meta_kubernetes_service_annotation_monitor_kubeblocks_io_param_(.+)
-        replacement: __param_$1
-      - action: drop
-        regex: Pending|Succeeded|Failed|Completed
-        source_labels:
-        - __meta_kubernetes_pod_phase
-    alerting:
-      alertmanagers:
-      - kubernetes_sd_configs:
-          - role: pod
-        tls_config:
-          ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
-        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-        relabel_configs:
-        - source_labels: [__meta_kubernetes_namespace]
-          regex: kb-system
-          action: keep
-        - source_labels: [__meta_kubernetes_pod_label_app]
-          regex: prometheus
-          action: keep
-        - source_labels: [__meta_kubernetes_pod_label_component]
-          regex: alertmanager
-          action: keep
-        - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_probe]
-          regex: .*
-          action: keep
-        - source_labels: [__meta_kubernetes_pod_container_port_number]
-          regex: "9093"
-          action: keep
+        - action: keep
+          regex: agamotto
+          source_labels:
+            - __meta_kubernetes_service_label_monitor_kubeblocks_io_managed_by
+        - action: keep
+          regex: true
+          source_labels:
+            - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scrape
+        - action: replace
+          regex: (https?)
+          source_labels:
+            - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scheme
+          target_label: __scheme__
+        - action: replace
+          regex: (.+)
+          source_labels:
+            - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_path
+          target_label: __metrics_path__
+        - action: replace
+          regex: (.+?)(?::\d+)?;(\d+)
+          replacement: $1:$2
+          source_labels:
+            - __address__
+            - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_port
+          target_label: __address__
+        - action: labelmap
+          regex: __meta_kubernetes_service_annotation_monitor_kubeblocks_io_param_(.+)
+          replacement: __param_$1
+        - action: drop
+          regex: Pending|Succeeded|Failed|Completed
+          source_labels:
+            - __meta_kubernetes_pod_phase
 '
-    echo "$kb_addon_prometheus_server_patch" > $CLOUD_DIR/kb-addon-prometheus-server-patch.yaml
 
+    echo "$vm_secret" > $CLOUD_DIR/vm-secret.yaml
 
     sealos_gen_cmd="sealos gen ${image_registry}/${image_repository}/kubernetes:v${kubernetes_version#v:-1.27.11}\
         ${master_ips:+--masters $master_ips}\
@@ -637,6 +550,9 @@ EOF
     # TODO use sealos run to install cockroachdb-operator
     sealos run "${image_registry}/${image_repository}/cockroach:latest"
 
+    get_prompt "installing_monitoring"
+    sealos run "${image_registry}/${image_repository}/victoria-metrics-k8s-stack:v${victoria_metrics_k8s_stack_version#v:-1.96.0}"
+
     get_prompt "ingress_installation"
     sealos run ${image_registry}/${image_repository}/ingress-nginx:v${ingress_nginx_version#v:-1.9.4} --config-file $CLOUD_DIR/ingress-nginx-config.yaml
 
@@ -646,20 +562,18 @@ EOF
       ${image_registry}/${image_repository}/kubeblocks-mongodb:v${kubeblocks_version#v:-0.8.2} \
       ${image_registry}/${image_repository}/kubeblocks-redis:v${kubeblocks_version#v:-0.8.2}
 
-    kbcli addon enable prometheus
     kbcli addon enable snapshot-controller
 
-    get_prompt "installing_monitoring"
-    sealos run "${image_registry}/${image_repository}/victoria-metrics-k8s-stack:v${victoria_metrics_k8s_stack_version#v:-1.96.0}"
+    kubectl apply -f $CLOUD_DIR/vm-secret.yaml
+    kubectl patch vmagent -n vm victoria-metrics-k8s-stack --type merge -p '{"spec":{"additionalScrapeConfigs":{"key":"prometheus-additional.yaml","name":"additional-scrape-configs"}}}'
+    kubectl rollout restart deploy -n vm vmagent-victoria-metrics-k8s-stack || true
 
     get_prompt "patching_ingress"
     kubectl patch cm -n ingress-nginx ingress-nginx-controller --patch '{"data":{"allow-snippet-annotations":"true","annotation-value-word-blocklist":"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount"}}'
     kubectl -n ingress-nginx patch ds ingress-nginx-controller -p '{"spec":{"template":{"spec":{"tolerations":[{"key":"node-role.kubernetes.io/control-plane","operator":"Exists","effect":"NoSchedule"}]}}}}'
     kubectl get daemonset ingress-nginx-controller -n ingress-nginx -o json | grep https-port= >/dev/null || kubectl patch daemonset ingress-nginx-controller -n ingress-nginx --type='json' -p="[{'op': 'add', 'path': '/spec/template/spec/containers/0/args/-', 'value': '--https-port=${cloud_port:-443}'}]"
     kubectl get daemonset ingress-nginx-controller -n ingress-nginx -o json | grep default-ssl-certificate= >/dev/null || kubectl patch daemonset ingress-nginx-controller -n ingress-nginx --type='json' -p="[{'op': 'add', 'path': '/spec/template/spec/containers/0/args/-', 'value': '--default-ssl-certificate=sealos-system/wildcard-cert'}]"
 
-    kubectl patch cm kb-addon-prometheus-server -n kb-system --patch-file $CLOUD_DIR/kb-addon-prometheus-server-patch.yaml
-
     get_prompt "installing_cloud"
 
     setMongoVersion

diff --git a/service/database/deploy/manifests/deploy.yaml b/service/database/deploy/manifests/deploy.yaml
@@ -36,7 +36,7 @@ spec:
         - /manager
         env:
         - name: PROMETHEUS_SERVICE_HOST
-          value: http://kb-addon-prometheus-server.kb-system.svc.cluster.local
+          value: http://vmsingle-victoria-metrics-k8s-stack.vm.svc.cluster.local:8429
         image: ghcr.io/labring/sealos-database-service:latest
         imagePullPolicy: Always
         name: database-monitor