From 292b0ef8d494143fee92fda218b3aaa68ba3f10a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=AD=99=E5=B0=8F=E4=BA=91?= Date: Wed, 10 Sep 2025 15:34:13 +0800 Subject: [PATCH] xx --- grafana/grafana-deployment.yaml | 58 ++++++++++++++++++++++ grafana/grafana-ingress.yaml | 26 ++++++++++ grafana/grafana-service.yaml | 15 ++++++ grafana/install-grafana.sh | 16 +++++++ prometheus/install-prometheus.sh | 18 +++++++ prometheus/prometheus-configmap.yaml | 33 +++++++++++++ prometheus/prometheus-deployment.yaml | 69 +++++++++++++++++++++++++++ prometheus/prometheus-ingress.yaml | 26 ++++++++++ prometheus/prometheus-rbac.yaml | 34 +++++++++++++ prometheus/prometheus-service.yaml | 15 ++++++ 10 files changed, 310 insertions(+) create mode 100644 grafana/grafana-deployment.yaml create mode 100644 grafana/grafana-ingress.yaml create mode 100644 grafana/grafana-service.yaml create mode 100644 grafana/install-grafana.sh create mode 100644 prometheus/install-prometheus.sh create mode 100644 prometheus/prometheus-configmap.yaml create mode 100644 prometheus/prometheus-deployment.yaml create mode 100644 prometheus/prometheus-ingress.yaml create mode 100644 prometheus/prometheus-rbac.yaml create mode 100644 prometheus/prometheus-service.yaml diff --git a/grafana/grafana-deployment.yaml b/grafana/grafana-deployment.yaml new file mode 100644 index 0000000..5435b33 --- /dev/null +++ b/grafana/grafana-deployment.yaml @@ -0,0 +1,58 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: grafana + namespace: default + labels: + app: grafana +spec: + replicas: 1 + selector: + matchLabels: + app: grafana + template: + metadata: + labels: + app: grafana + spec: + nodeSelector: + node-role.kubernetes.io/control-plane: "true" + containers: + - name: grafana + image: registry.t-aaron.com/grafana/grafana:latest + ports: + - containerPort: 3000 + env: + - name: GF_SECURITY_ADMIN_PASSWORD + value: "admin123" + resources: + requests: + memory: "256Mi" + cpu: "250m" + limits: + memory: "512Mi" + cpu: "500m" + volumeMounts: + - name: grafana-storage + mountPath: /var/lib/grafana + volumes: + - name: grafana-storage + hostPath: + path: /opt/grafana/data + type: DirectoryOrCreate +--- +apiVersion: v1 +kind: Service +metadata: + name: grafana-service + namespace: default + labels: + app: grafana +spec: + type: ClusterIP + ports: + - port: 3000 + targetPort: 3000 + protocol: TCP + selector: + app: grafana diff --git a/grafana/grafana-ingress.yaml b/grafana/grafana-ingress.yaml new file mode 100644 index 0000000..31e8cb2 --- /dev/null +++ b/grafana/grafana-ingress.yaml @@ -0,0 +1,26 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: grafana-ingress + namespace: default + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: web,websecure + traefik.ingress.kubernetes.io/router.tls: "true" +spec: + tls: + - hosts: + - grafana-ops.t-aaron.com + secretName: tls + rules: + - host: grafana-ops.t-aaron.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: grafana-service + port: + number: 3000 + + diff --git a/grafana/grafana-service.yaml b/grafana/grafana-service.yaml new file mode 100644 index 0000000..3cb0aaa --- /dev/null +++ b/grafana/grafana-service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: grafana-service + namespace: default +spec: + selector: + app: grafana + ports: + - name: http + port: 3000 + targetPort: 3000 + type: ClusterIP + + diff --git a/grafana/install-grafana.sh b/grafana/install-grafana.sh new file mode 100644 index 0000000..1113621 --- /dev/null +++ b/grafana/install-grafana.sh @@ -0,0 +1,16 @@ +#!/bin/bash +set -euo pipefail + +echo "开始安装 Grafana..." +sudo chown -R 65534:65534 /opt/prometheus/data +kubectl apply -f grafana-deployment.yaml +kubectl apply -f grafana-service.yaml +kubectl apply -f grafana-ingress.yaml + +echo "等待 Grafana 启动..." +kubectl wait --for=condition=available --timeout=300s deployment/grafana + +echo "Grafana 安装完成!" +echo "查看状态: kubectl get pods -l app=grafana" + + diff --git a/prometheus/install-prometheus.sh b/prometheus/install-prometheus.sh new file mode 100644 index 0000000..79dc344 --- /dev/null +++ b/prometheus/install-prometheus.sh @@ -0,0 +1,18 @@ +#!/bin/bash +set -euo pipefail + +echo "开始安装 Prometheus..." +sudo chown -R 65534:65534 /opt/prometheus/data +kubectl apply -f prometheus-configmap.yaml +kubectl apply -f prometheus-rbac.yaml +kubectl apply -f prometheus-deployment.yaml +kubectl apply -f prometheus-service.yaml +kubectl apply -f prometheus-ingress.yaml + +echo "等待 Prometheus 启动..." +kubectl wait --for=condition=available --timeout=300s deployment/prometheus + +echo "Prometheus 安装完成!" +echo "查看状态: kubectl get pods -l app=prometheus" + + diff --git a/prometheus/prometheus-configmap.yaml b/prometheus/prometheus-configmap.yaml new file mode 100644 index 0000000..b6d712e --- /dev/null +++ b/prometheus/prometheus-configmap.yaml @@ -0,0 +1,33 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: prometheus-config + namespace: default +data: + prometheus.yml: | + global: + scrape_interval: 15s + evaluation_interval: 15s + rule_files: + scrape_configs: + - job_name: 'prometheus' + static_configs: + - targets: ['localhost:9090'] + - job_name: 'kubernetes-pods' + kubernetes_sd_configs: + - role: pod + relabel_configs: + - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape] + action: keep + regex: true + - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path] + action: replace + target_label: __metrics_path__ + regex: (.+) + - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port] + action: replace + regex: ([^:]+)(?::\d+)?;(\d+) + replacement: $1:$2 + target_label: __address__ + + diff --git a/prometheus/prometheus-deployment.yaml b/prometheus/prometheus-deployment.yaml new file mode 100644 index 0000000..bc0ebb1 --- /dev/null +++ b/prometheus/prometheus-deployment.yaml @@ -0,0 +1,69 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: prometheus + namespace: default + labels: + app: prometheus +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: prometheus + template: + metadata: + labels: + app: prometheus + spec: + serviceAccountName: prometheus + nodeSelector: + node-role.kubernetes.io/control-plane: "true" + containers: + - name: prometheus + image: registry.t-aaron.com/prom/prometheus:latest + ports: + - containerPort: 9090 + args: + - "--config.file=/etc/prometheus/prometheus.yml" + - "--storage.tsdb.path=/prometheus/" + - "--web.console.libraries=/etc/prometheus/console_libraries" + - "--web.console.templates=/etc/prometheus/consoles" + - "--storage.tsdb.retention.time=200h" + - "--web.enable-lifecycle" + resources: + requests: + memory: "512Mi" + cpu: "500m" + limits: + memory: "1Gi" + cpu: "1000m" + volumeMounts: + - name: prometheus-config + mountPath: /etc/prometheus/ + - name: prometheus-storage + mountPath: /prometheus/ + volumes: + - name: prometheus-config + configMap: + name: prometheus-config + - name: prometheus-storage + hostPath: + path: /opt/prometheus/data + type: DirectoryOrCreate +--- +--- +apiVersion: v1 +kind: Service +metadata: + name: prometheus-service + namespace: default +spec: + selector: + app: prometheus + ports: + - name: http + port: 9090 + targetPort: 9090 + type: ClusterIP diff --git a/prometheus/prometheus-ingress.yaml b/prometheus/prometheus-ingress.yaml new file mode 100644 index 0000000..d4250c4 --- /dev/null +++ b/prometheus/prometheus-ingress.yaml @@ -0,0 +1,26 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: prometheus-ingress + namespace: default + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: web,websecure + traefik.ingress.kubernetes.io/router.tls: "true" +spec: + tls: + - hosts: + - prom-ops.t-aaron.com + secretName: tls + rules: + - host: prom-ops.t-aaron.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: prometheus-service + port: + number: 9090 + + diff --git a/prometheus/prometheus-rbac.yaml b/prometheus/prometheus-rbac.yaml new file mode 100644 index 0000000..39e8f74 --- /dev/null +++ b/prometheus/prometheus-rbac.yaml @@ -0,0 +1,34 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: prometheus + namespace: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: prometheus +rules: +- apiGroups: [""] + resources: ["nodes", "nodes/proxy", "services", "endpoints", "pods"] + verbs: ["get", "list", "watch"] +- apiGroups: ["extensions", "networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get", "list", "watch"] +- nonResourceURLs: ["/metrics"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: prometheus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: prometheus +subjects: +- kind: ServiceAccount + name: prometheus + namespace: default + + diff --git a/prometheus/prometheus-service.yaml b/prometheus/prometheus-service.yaml new file mode 100644 index 0000000..653f63d --- /dev/null +++ b/prometheus/prometheus-service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: prometheus-service + namespace: default +spec: + selector: + app: prometheus + ports: + - name: http + port: 9090 + targetPort: 9090 + type: ClusterIP + +