Openshift从3.9版本开始官方支持Prometheus和Grafana
从官方部署脚本 openshift-ansible 中的目录playbooks下的列表 中可以看到相关部署脚本
openshift-prometheus
openshift-grafana
既然官方支持,部署安装就十分简单了。
部署安装Prometheus
/etc/ansible/hosts添加配置
[OSEv3:vars]
openshift_hosted_prometheus_deploy=true
执行安装
ansible-playbook playbooks/openshift-prometheus/config.yml
打开宿主机的9100端口(kubernetes-nodes-exporter)
ansible all -m shell -a 'iptables -A OS_FIREWALL_ALLOW -p tcp -m state --state NEW -m tcp --dport 9100 -j ACCEPT; service iptables save'
完成
查看下资源状态
prometheus会默认部署在新创建的project中:openshift-metrics
1个statefulset资源:prometheus
1个DaemonSet资源:prometheus-node-exporter
4个Service资源:alertmanager 、alerts、prometheus、prometheus-node-exporter
3个route资源:alertmanager、alerts、prometheus
3个ServiceAccount:prometheus、prometheus-node-exporter、prometheus-reader
部署安装Grafana
注意,3.9-release分支下的grafana安装脚本有问题,请使用最新master分支下的脚本进行安装
检查节点的label
oc get node -l node-role.kubernetes.io/infra=true如果没有node-role.kubernetes.io/infra=true标签的Node节点的话,需要给Node配置标签
oc label node nodename1 node-role.kubernetes.io/infra=true
/etc/ansible/hosts添加配置
[OSEv3:vars]
grafana_namespace=openshift-grafana
grafana_user=grafana
grafana_password=grafana
grafana_datasource_name="default"
grafana_prometheus_namespace="openshift-metrics"
grafana_prometheus_sa=prometheus
grafana_node_exporter=false
grafana_graph_granularity="2m"
执行安装
ansible-playbook playbooks/openshift-grafana/config.yml
完成
查看下资源状态
1个deployment:grafana
1个service: grafana
1个route: grafana
1个serviceaccount: grafana
1个configmap:grafana-config
最终效果图
展示图1
展示图2
网友评论
- -ssl-insecure-skip-verify=true
- '-openshift-review-url=https://openshift.default.svc/apis/authorization.openshift.io/v1/subjectaccessreviews'
- '-redeem-url=https://openshift.default.svc/oauth/token'
- '-validate-url=https://openshift.default.svc/apis/user.openshift.io/v1/users/~'
TASK [openshift_grafana : Add new datasource to grafana] ************************************************************************************************************************************
fatal: [oc-1]: FAILED! => {"changed": false, "msg": "Failed to connect to grafana-openshift-grafana.100cloud.net at port 443: [Errno -2] Name or service not known"}
to retry, use: --limit @/root/openshift-ansible/playbooks/openshift-grafana/config.retry
TASK [openshift_grafana : Add new datasource to grafana] ********************************************************************************************************************
fatal: [master.example.com]: FAILED! => {
"changed": false
}
MSG:
Failed to validate the SSL certificate for grafana-openshift-grafana.router.default.svc.cluster.local:443. Make sure your managed systems have a valid CA certificate installed. You can use validate_certs=False if you do not need to confirm the servers identity but this is unsafe and not recommended. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible. The exception msg was: hostname 'grafana-openshift-grafana.router.default.svc.cluster.local' doesn't match either of '', '*.'.
然后按照您的提示使用manser分之安装:也还是报错:
TASK [Run variable sanity checks] *******************************************************************************************************************************************
fatal: [master.example.com]: FAILED! => {}
MSG:
last_checked_host: master.example.com, last_checked_var: openshift_master_manage_htpasswd;openshift_master_identity_providers contains a provider of kind==HTPasswdPasswordIdentityProvider and filename is set. Please migrate your htpasswd files to /etc/origin/master/htpasswd and update your existing master configs, and remove the filename keybefore proceeding.
请教下有遇到过这个错误吗,感谢