Loading... ## Prometheus 部署 <div class="tab-container post_tab box-shadow-wrap-lg"> <ul class="nav no-padder b-b scroll-hide" role="tablist"> <li class='nav-item active' role="presentation"><a class='nav-link active' style="" data-toggle="tab" aria-controls='tabs-a79a599fe7e076cb8e90c92816f83352740' role="tab" data-target='#tabs-a79a599fe7e076cb8e90c92816f83352740'>在容器中运行</a></li><li class='nav-item ' role="presentation"><a class='nav-link ' style="" data-toggle="tab" aria-controls='tabs-e7b334c382856d924c4e74e6f1daba1b41' role="tab" data-target='#tabs-e7b334c382856d924c4e74e6f1daba1b41'>在服务器上运行</a></li> </ul> <div class="tab-content no-border"> <div role="tabpanel" id='tabs-a79a599fe7e076cb8e90c92816f83352740' class="tab-pane fade active in"> ### 准备 创建 prometheus 使用的 docker 网络、文件夹 ``` docker network create prometheus mkdir -p /data/prometheus/data mkdir -p /data/prometheus/conf touch /data/prometheus/conf/prometheus.yml ``` ### 生成证书 使用 OpenSSL 生成证书 ```bash cd /usr/local/prometheus openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -keyout node_exporter.key -out node_exporter.crt -subj "/C=CN/ST=FJ/L=FJ/O=qwerto.local/CN=qwerto.local" ``` 运行完会生成两个文件:`node_exporter.crt`、`node_exporter.key` ### 启动容器 ```bash docker run --name prometheus --restart=always -d \ -p 127.0.0.1:9090:9090 \ -v /etc/localtime:/etc/localtime:ro \ -v /data/prometheus/conf/:/etc/prometheus/ \ -v /data/prometheus/data/:/prometheus/ \ --user root \ --network prometheus \ prom/prometheus:v2.53.0 \ --config.file=/etc/prometheus/prometheus.yml \ --web.console.libraries=/usr/share/prometheus/console_libraries \ --web.console.templates=/usr/share/prometheus/consoles \ --web.config.file=/etc/prometheus/web-config.yml \ --storage.tsdb.retention=30d \ --web.external-url https://prometheus.qwerto.local ``` 如果需要重载配置文件,也是可以通过发送 SIGHUP 信号重载: ```bash docker kill -s SIGHUP prometheus ``` </div><div role="tabpanel" id='tabs-e7b334c382856d924c4e74e6f1daba1b41' class="tab-pane fade "> ### 下载并解压 从[官网](https://prometheus.io/download/)下载对应版本的 Prometheus 安装包并解压到 `/usr/local/prometheus` Promtheus 会将采集的数据存放在本地的文件中,在运行前,需要在路径下创建一个数据目录 data ```bash wget https://github.com/prometheus/prometheus/releases/download/v2.45.3/prometheus-2.45.3.linux-amd64.tar.gz tar zxvf prometheus-2.45.3.linux-amd64.tar.gz mv prometheus-2.45.3.linux-amd64 /usr/local/prometheus mkdir /usr/local/prometheus/data ``` ### 生成证书 使用 OpenSSL 生成证书 ```bash cd /usr/local/prometheus openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -keyout node_exporter.key -out node_exporter.crt -subj "/C=CN/ST=FJ/L=FJ/O=qwerto.local/CN=qwerto.local" ``` 运行完会生成两个文件:`node_exporter.crt`、`node_exporter.key` ### 手动启动 手动启动服务,默认会加载路径下 prometheus.yml 文件作为配置文件 ``` ./prometheus ``` 如果需要手动指定数据目录,启动时可使用参数 `--storage.tsdb.path <数据目录绝对路径>` 如果需要手动指定配置文件路径,启动时可使用参数 `--config.file <配置文件绝对路径>` ### 通过服务启动 创建服务 `vim /etc/systemd/system/prometheus.service`,要根据实际情况修改启动参数 ```bash [Unit] Description=Prometheus Wants=network-online.target After=network-online.target [Service] User=prometheus Group=prometheus Type=simple ExecStart=/usr/local/prometheus/prometheus \ --config.file /usr/local/prometheus/prometheus.yml \ --storage.tsdb.path /usr/local/prometheus/ \ --web.console.templates /usr/local/prometheus/consoles \ --web.console.libraries /usr/local/prometheus/console_libraries \ --web.external-url https://prometheus.internal.qwerto.cc \ --storage.tsdb.retention 90d ExecReload=/bin/kill -s HUP $MAINPID [Install] WantedBy=multi-user.target ``` 创建用户并赋权 ```bash useradd prometheus -M -s /sbin/nologin chown prometheus:prometheus /usr/local/prometheus -R ``` 设置开机启动 ```bash systemctl enable prometheus ``` 启动服务 ```bash service prometheus start service prometheus status ``` 重载配置文件 ```bash service prometheus reload ``` </div> </div> </div> ### 增加防火墙规则 服务端默认使用 `9090` 端口,防火墙上需要放行这个端口(不建议运行公网直接访问) ```bash iptables -A INPUT -s 172.20.30.0/24 -p tcp --dport 9090 -j ACCEPT -m comment --comment "prometheus" iptables-save >/etc/iptables/rules.v4 ``` 最后修改:2024 年 07 月 30 日 © 允许规范转载 赞 如果觉得我的文章对你有用,请随意赞赏