From e3c82b4a62044be604df7a9ce4c653bd9ab4300b Mon Sep 17 00:00:00 2001 From: yy <56745951+lingdie@users.noreply.github.com> Date: Fri, 12 Apr 2024 12:09:08 +0800 Subject: [PATCH] chore: fix database monitor, use vm. (#4677) * chore: fix database monitor, use vm. Signed-off-by: yy --------- Signed-off-by: yy --- scripts/cloud/install.sh | 292 ++++++------------ service/database/deploy/manifests/deploy.yaml | 2 +- 2 files changed, 104 insertions(+), 190 deletions(-) diff --git a/scripts/cloud/install.sh b/scripts/cloud/install.sh index 1f9346424ae..0a72d1f033c 100644 --- a/scripts/cloud/install.sh +++ b/scripts/cloud/install.sh @@ -378,200 +378,113 @@ spec: " echo "$ingress_config" > $CLOUD_DIR/ingress-nginx-config.yaml - kb_addon_prometheus_server_patch=' -data: - prometheus.yml: | - global: - evaluation_interval: 15s - scrape_interval: 15s - scrape_timeout: 10s - rule_files: - - /etc/config/recording_rules.yml - - /etc/config/alerting_rules.yml - - /etc/config/kubelet_alert_rules.yml - - /etc/config/mysql_alert_rules.yml - - /etc/config/postgresql_alert_rules.yml - - /etc/config/redis_alert_rules.yml - - /etc/config/kafka_alert_rules.yml - - /etc/config/mongodb_alert_rules.yml - scrape_configs: - - job_name: prometheus - static_configs: - - targets: - - localhost:9090 + vm_secret=' +apiVersion: v1 +kind: Secret +metadata: + name: additional-scrape-configs + namespace: vm +stringData: + prometheus-additional.yaml: | - honor_labels: true job_name: kubeblocks-service kubernetes_sd_configs: - - role: endpoints - relabel_configs: - - action: keep - regex: kubeblocks - source_labels: - - __meta_kubernetes_service_label_app_kubernetes_io_managed_by - - action: drop - regex: agamotto - source_labels: - - __meta_kubernetes_service_label_monitor_kubeblocks_io_managed_by - - action: keep - regex: true - source_labels: - - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scrape - - action: replace - regex: (https?) - source_labels: - - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scheme - target_label: __scheme__ - - action: replace - regex: (.+) - source_labels: - - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_path - target_label: __metrics_path__ - - action: replace - regex: (.+?)(?::\d+)?;(\d+) - replacement: $1:$2 - source_labels: - - __address__ - - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_port - target_label: __address__ - - action: labelmap - regex: __meta_kubernetes_service_annotation_monitor_kubeblocks_io_param_(.+) - replacement: __param_$1 - - action: labelmap - regex: __meta_kubernetes_service_label_(.+) - - action: replace - source_labels: - - __meta_kubernetes_namespace - target_label: namespace - - action: replace - source_labels: - - __meta_kubernetes_service_name - target_label: service - - action: replace - source_labels: - - __meta_kubernetes_pod_node_name - target_label: node - - action: replace - source_labels: - - __meta_kubernetes_pod_name - target_label: pod - - action: drop - regex: Pending|Succeeded|Failed|Completed - source_labels: - - __meta_kubernetes_pod_phase - - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - job_name: kubernetes-apiservers - kubernetes_sd_configs: - - role: endpoints - relabel_configs: - - action: keep - regex: default;kubernetes;https - source_labels: - - __meta_kubernetes_namespace - - __meta_kubernetes_service_name - - __meta_kubernetes_endpoint_port_name - scheme: https - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - insecure_skip_verify: true - - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - job_name: kubernetes-nodes - kubernetes_sd_configs: - - role: node - relabel_configs: - - action: labelmap - regex: __meta_kubernetes_node_label_(.+) - - replacement: kubernetes.default.svc:443 - target_label: __address__ - - regex: (.+) - replacement: /api/v1/nodes/$1/proxy/metrics - source_labels: - - __meta_kubernetes_node_name - target_label: __metrics_path__ - scheme: https - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - insecure_skip_verify: true - - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - job_name: kubernetes-nodes-cadvisor - kubernetes_sd_configs: - - role: node + - role: endpoints relabel_configs: - - action: labelmap - regex: __meta_kubernetes_node_label_(.+) - - replacement: kubernetes.default.svc:443 - target_label: __address__ - - regex: (.+) - replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor - source_labels: - - __meta_kubernetes_node_name - target_label: __metrics_path__ - scheme: https - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - insecure_skip_verify: true + - action: keep + regex: kubeblocks + source_labels: + - __meta_kubernetes_service_label_app_kubernetes_io_managed_by + - action: drop + regex: agamotto + source_labels: + - __meta_kubernetes_service_label_monitor_kubeblocks_io_managed_by + - action: keep + regex: true + source_labels: + - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scrape + - action: replace + regex: (https?) + source_labels: + - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scheme + target_label: __scheme__ + - action: replace + regex: (.+) + source_labels: + - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_path + target_label: __metrics_path__ + - action: replace + regex: (.+?)(?::\d+)?;(\d+) + replacement: $1:$2 + source_labels: + - __address__ + - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_port + target_label: __address__ + - action: labelmap + regex: __meta_kubernetes_service_annotation_monitor_kubeblocks_io_param_(.+) + replacement: __param_$1 + - action: labelmap + regex: __meta_kubernetes_service_label_(.+) + - action: replace + source_labels: + - __meta_kubernetes_namespace + target_label: namespace + - action: replace + source_labels: + - __meta_kubernetes_service_name + target_label: service + - action: replace + source_labels: + - __meta_kubernetes_pod_node_name + target_label: node + - action: replace + source_labels: + - __meta_kubernetes_pod_name + target_label: pod + - action: drop + regex: Pending|Succeeded|Failed|Completed + source_labels: + - __meta_kubernetes_pod_phase - honor_labels: true job_name: kubeblocks-agamotto kubernetes_sd_configs: - - role: endpoints + - role: endpoints relabel_configs: - - action: keep - regex: agamotto - source_labels: - - __meta_kubernetes_service_label_monitor_kubeblocks_io_managed_by - - action: keep - regex: true - source_labels: - - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scrape - - action: replace - regex: (https?) - source_labels: - - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scheme - target_label: __scheme__ - - action: replace - regex: (.+) - source_labels: - - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_path - target_label: __metrics_path__ - - action: replace - regex: (.+?)(?::\d+)?;(\d+) - replacement: $1:$2 - source_labels: - - __address__ - - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_port - target_label: __address__ - - action: labelmap - regex: __meta_kubernetes_service_annotation_monitor_kubeblocks_io_param_(.+) - replacement: __param_$1 - - action: drop - regex: Pending|Succeeded|Failed|Completed - source_labels: - - __meta_kubernetes_pod_phase - alerting: - alertmanagers: - - kubernetes_sd_configs: - - role: pod - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - relabel_configs: - - source_labels: [__meta_kubernetes_namespace] - regex: kb-system - action: keep - - source_labels: [__meta_kubernetes_pod_label_app] - regex: prometheus - action: keep - - source_labels: [__meta_kubernetes_pod_label_component] - regex: alertmanager - action: keep - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_probe] - regex: .* - action: keep - - source_labels: [__meta_kubernetes_pod_container_port_number] - regex: "9093" - action: keep + - action: keep + regex: agamotto + source_labels: + - __meta_kubernetes_service_label_monitor_kubeblocks_io_managed_by + - action: keep + regex: true + source_labels: + - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scrape + - action: replace + regex: (https?) + source_labels: + - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_scheme + target_label: __scheme__ + - action: replace + regex: (.+) + source_labels: + - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_path + target_label: __metrics_path__ + - action: replace + regex: (.+?)(?::\d+)?;(\d+) + replacement: $1:$2 + source_labels: + - __address__ + - __meta_kubernetes_service_annotation_monitor_kubeblocks_io_port + target_label: __address__ + - action: labelmap + regex: __meta_kubernetes_service_annotation_monitor_kubeblocks_io_param_(.+) + replacement: __param_$1 + - action: drop + regex: Pending|Succeeded|Failed|Completed + source_labels: + - __meta_kubernetes_pod_phase ' - echo "$kb_addon_prometheus_server_patch" > $CLOUD_DIR/kb-addon-prometheus-server-patch.yaml + echo "$vm_secret" > $CLOUD_DIR/vm-secret.yaml sealos_gen_cmd="sealos gen ${image_registry}/${image_repository}/kubernetes:v${kubernetes_version#v:-1.27.11}\ ${master_ips:+--masters $master_ips}\ @@ -637,6 +550,9 @@ EOF # TODO use sealos run to install cockroachdb-operator sealos run "${image_registry}/${image_repository}/cockroach:latest" + get_prompt "installing_monitoring" + sealos run "${image_registry}/${image_repository}/victoria-metrics-k8s-stack:v${victoria_metrics_k8s_stack_version#v:-1.96.0}" + get_prompt "ingress_installation" sealos run ${image_registry}/${image_repository}/ingress-nginx:v${ingress_nginx_version#v:-1.9.4} --config-file $CLOUD_DIR/ingress-nginx-config.yaml @@ -646,11 +562,11 @@ EOF ${image_registry}/${image_repository}/kubeblocks-mongodb:v${kubeblocks_version#v:-0.8.2} \ ${image_registry}/${image_repository}/kubeblocks-redis:v${kubeblocks_version#v:-0.8.2} - kbcli addon enable prometheus kbcli addon enable snapshot-controller - get_prompt "installing_monitoring" - sealos run "${image_registry}/${image_repository}/victoria-metrics-k8s-stack:v${victoria_metrics_k8s_stack_version#v:-1.96.0}" + kubectl apply -f $CLOUD_DIR/vm-secret.yaml + kubectl patch vmagent -n vm victoria-metrics-k8s-stack --type merge -p '{"spec":{"additionalScrapeConfigs":{"key":"prometheus-additional.yaml","name":"additional-scrape-configs"}}}' + kubectl rollout restart deploy -n vm vmagent-victoria-metrics-k8s-stack || true get_prompt "patching_ingress" kubectl patch cm -n ingress-nginx ingress-nginx-controller --patch '{"data":{"allow-snippet-annotations":"true","annotation-value-word-blocklist":"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount"}}' @@ -658,8 +574,6 @@ EOF kubectl get daemonset ingress-nginx-controller -n ingress-nginx -o json | grep https-port= >/dev/null || kubectl patch daemonset ingress-nginx-controller -n ingress-nginx --type='json' -p="[{'op': 'add', 'path': '/spec/template/spec/containers/0/args/-', 'value': '--https-port=${cloud_port:-443}'}]" kubectl get daemonset ingress-nginx-controller -n ingress-nginx -o json | grep default-ssl-certificate= >/dev/null || kubectl patch daemonset ingress-nginx-controller -n ingress-nginx --type='json' -p="[{'op': 'add', 'path': '/spec/template/spec/containers/0/args/-', 'value': '--default-ssl-certificate=sealos-system/wildcard-cert'}]" - kubectl patch cm kb-addon-prometheus-server -n kb-system --patch-file $CLOUD_DIR/kb-addon-prometheus-server-patch.yaml - get_prompt "installing_cloud" setMongoVersion diff --git a/service/database/deploy/manifests/deploy.yaml b/service/database/deploy/manifests/deploy.yaml index 22c56966c07..bb675343097 100644 --- a/service/database/deploy/manifests/deploy.yaml +++ b/service/database/deploy/manifests/deploy.yaml @@ -36,7 +36,7 @@ spec: - /manager env: - name: PROMETHEUS_SERVICE_HOST - value: http://kb-addon-prometheus-server.kb-system.svc.cluster.local + value: http://vmsingle-victoria-metrics-k8s-stack.vm.svc.cluster.local:8429 image: ghcr.io/labring/sealos-database-service:latest imagePullPolicy: Always name: database-monitor