👨🏻🎓博主介绍:大家好!我是李大白,一名运维容器运维工程师,热爱分享知识🌟
🌈擅长领域:云原生、数据库、自动化运维
🙏🏻如果本文章对小伙伴们有帮助的话,🍭关注+👍🏻点赞+🗣评论+📦收藏!
🤝如果在文章描述时如有错,恳请各位大佬指正,在此感谢!!!
🍂 落叶而知秋,博闻而强识!
📕 精品专栏:Harbor进阶实战(企业级)
目录
前言
1--版本支持
2-Harbor暴露了哪些指标
3-收集指标
4-Harbor暴露了哪些指标
5-配置Prometheus抓取Harbor指标
6-Grafana展示Harbor指标数据
前言
楼主前段时间一直在研究Prometheus怎么去监控Harbor镜像仓库的运行情况、项目数量、镜像数量等指标。刚开始是满怀热情,看官网,官网也是只有寥寥数语,第一次看还看不太懂,然后又翻了翻已经发黄的《Harbor权威指南》,700千字的书,却独独没有Prometheus监控harbor的记录😳😳😳😳😳
好吧!百度、百度、百度,终于在CSDN上找到一篇文章了,按照文章操作,到底还是我我人品不行,竟然没有搭起来。
古人云:山重水复疑无路,柳暗花明又一村。研究快一个星期后,正当我快要放弃的时候,夜半三点突然惊醒,脑子里突然多出了灵感。
1-版本支持
Harbor官方在Harbor v2.2开始提供对相关指标的采集和使用,即 Harbor v2.2 及更高版本中支持Prometheus监控Harbor。
Harbor 公开了用户和管理员(admin)实时监控 Harbor 实例运行情况所需的一些关键指标。可观察性是在生产环境中运行服务的关键特性,使用这些数据可以识别异常状态并做出明智的决策以在发生错误时修复问题。Harbor 使用Prometheus 数据模型公开指标, 因此可以使用 Prometheus 轻松开始抓取 Harbor 实例的指标。
2-配置Harbor采集指标
Harbor需要在配置文件中开启指标采集的组件(默认没开通)
1)环境说明:
- harbor版本:2.3.1
- harbor服务器地址:192.168.2.250
- Harbor安装方式:离线安装(https://blog.51cto.com/u_15331726/5173694)
2)停止Harbor服务
注意!生产环境注意,本操作会影响到业务!
- 进入到harbor安装目录
[root@Over harbor]# pwd
/app/harbor
[root@Over harbor]# ls
common data harbor.yml install.sh manifest.json muli.com.csr prepare
common.sh docker-compose.yml harbor.yml.tmpl LICENSE muli.com.crt muli.com.key repositories
- 停止harbor
[root@Over harbor]# docker-compose down
Stopping harbor-jobservice ... done
Stopping nginx ... done
Stopping harbor-exporter ... done
Stopping harbor-core ... done
Stopping trivy-adapter ... done
Stopping redis ... done
Stopping harbor-portal ... done
Stopping chartmuseum ... done
Stopping registryctl ... done
Stopping registry ... done
Stopping harbor-db ... done
Stopping harbor-log ... done
Removing harbor-jobservice ... done
Removing nginx ... done
Removing harbor-exporter ... done
Removing harbor-core ... done
Removing trivy-adapter ... done
Removing redis ... done
Removing harbor-portal ... done
Removing chartmuseum ... done
Removing registryctl ... done
Removing registry ... done
Removing harbor-db ... done
Removing harbor-log ... done
Removing network harbor_harbor
Removing network harbor_harbor-chartmuseum
3)修改harbor.yml配置文件
[root@Over harbor]# vim harbor.yml
189 proxy:
190 http_proxy:
191 https_proxy:
192 no_proxy:
193 components:
194 - core
195 - jobservice
196 - trivy
197
198 metric: # 启用metric组件收集指标
199 enabled: true # 将false修改为true,表示启用
200 port: 9090 # 采集指标的服务的端口,本处默认9090不修改
201 path: /metrics # 采集路径,不修改,
metric: # 启用metric组件收集指标
enabled: true # 将false修改为true,表示启用
port: 9090 # 采集指标的服务的端口,本处默认9090不修改
path: /metrics # 采集路径,不修改,以IP:端口/metrics来查看采集的指标
4)重新编译配置并启动服务
- 编译
[root@Over harbor]# ./prepare
prepare base dir is set to /app/harbor
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/registry/root.crt
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/db/env
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Clearing the configuration file: /config/trivy-adapter/env
Clearing the configuration file: /config/chartserver/env
Clearing the configuration file: /config/exporter/env
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /config/exporter/env
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
- 执行./install.sh安装
[root@Over harbor]# ./install.sh --with-trivy --with-chartmuseum
- 查看组件服务
[root@Over harbor]# docker-compose ps
Name Command State Ports
---------------------------------------------------------------------------------------------------------------------------------------
chartmuseum ./docker-entrypoint.sh Up (healthy)
harbor-core /harbor/entrypoint.sh Up (healthy)
harbor-db /docker-entrypoint.sh 96 13 Up (healthy)
harbor-exporter /harbor/entrypoint.sh Up
harbor-jobservice /harbor/entrypoint.sh Up (healthy)
harbor-log /bin/sh -c /usr/local/bin/ ... Up (healthy) 127.0.0.1:1514->10514/tcp
harbor-portal nginx -g daemon off; Up (healthy)
nginx nginx -g daemon off; Up (healthy) 0.0.0.0:80->8080/tcp, 0.0.0.0:443->8443/tcp, 0.0.0.0:9090->9090/tcp
redis redis-server /etc/redis.conf Up (healthy)
registry /home/harbor/entrypoint.sh Up (healthy)
registryctl /home/harbor/start.sh Up (healthy)
trivy-adapter /home/scanner/entrypoint.sh Up (healthy)
可以看到,服务中多了harbor-exporter这个组件,这个组件就是采集指标的服务。
安装成功!!!
3-收集指标
配置Harbor采集指标后,就可以通过:
crul http://192.168.2.250:9090/metrics
3.1 查看采集到的指标
[root@Over harbor]# curl 192.168.2.250:9090/metrics | tail -10
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 9740 0 9740 0 0 4407k 0 --:--:-- --:--:-- --:--:-- 9511k
# TYPE process_virtual_memory_max_bytes gauge
process_virtual_memory_max_bytes -1
# HELP promhttp_metric_handler_requests_in_flight Current number of scrapes being served.
# TYPE promhttp_metric_handler_requests_in_flight gauge
promhttp_metric_handler_requests_in_flight 1
# HELP promhttp_metric_handler_requests_total Total number of scrapes by HTTP status code.
# TYPE promhttp_metric_handler_requests_total counter
promhttp_metric_handler_requests_total{code="200"} 45
promhttp_metric_handler_requests_total{code="500"} 0
promhttp_metric_handler_requests_total{code="503"} 0
3.2 将指标导入到文件
非必须操作,该步骤是方便查阅相关的指标数据。
# curl 192.168.2.250:9090/metrics > metrics.txt
4-Harbor暴露了哪些指标(metrics)?
本部分未理论部分,可直接跳过
4.1 Harbor Exporter指标
exporter`组件指标与Harbor 实例配置相关,并从 Harbor 数据库中收集一些数据。
指标可在`<harbor_instance>:<metrics_port>/<metrics_path>`查看
- ① harbor_project_total
公共和私人项目总共数量。
# curl 192.168.2.250:9090/metrics | grep harbor_project_total
harbor_project_total{public="false"} 1 # 私有项目有1个
harbor_project_total{public="true"} 1 # 公共项目数量为1
- ② harbor_project_repo_total
项目中的存储库总数,
harbor_project_repo_total{project_name="library",public="true"} 0
harbor_project_repo_total{project_name="test-1",public="false"} 1
- ③ harbor_project_member_total
项目中的成员总数
harbor_project_member_total{project_name="library"}
1harbor_project_member_total{project_name="test-1"} 2
- ④ harbor_project_quota_usage_byte
一个项目的总使用的存储空间
harbor_project_quota_usage_byte{project_name="library"} 0
harbor_project_quota_usage_byte{project_name="test-1"} 3.0347083e+07
- ⑤ harbor_project_quota_byte
项目中设置的配额
harbor_project_quota_byte{project_name="library"} -1
harbor_project_quota_byte{project_name="test-1"} -1
-1 表示不限制
- ⑥ harbor_artifact_pulled
项目中拉取的图像数量
harbor_artifact_pulled{project_name="library"} 0
harbor_artifact_pulled{project_name="test-1"} 1
library项目镜像下载次数为0
test-1项目下镜像下载次数为1
grafana仪表板设计:折线图
- ⑦ harbor_project_artifact_total
项目中的工件类型总数,artifact_type , project_name,public ( true, false)
harbor_project_artifact_total{artifact_type="IMAGE",project_name="test-1",public="false"} 1
- ⑧ harbor_health
Harbor状态
harbor_health 1 #Harbor在启动中
- ⑨ harbor_system_info
Harbor实例的信息,auth_mode (db_auth, ldap_auth, uaa_auth, http_auth, oidc_auth),harbor_version,self_registration( true, false)
harbor_system_info{auth_mode="db_auth",harbor_version="v2.3.1-1058f330",self_registration="false"} 1
- ⑩ harbor_up
Harbor组件运行状态,组件 ( chartmuseum, core, database,
jobservice, portal, redis, registry, registryctl, trivy)
harbor_up{component="chartmuseum"} 1 # Chart插件状态
harbor_up{component="core"} 1
harbor_up{component="database"} 1
harbor_up{component="jobservice"} 1
harbor_up{component="portal"} 1
harbor_up{component="redis"} 1
harbor_up{component="registry"} 1
harbor_up{component="registryctl"} 1 # 镜像客户端运行状态
harbor_up{component="trivy"} 1 # Trivy扫描器运行状态
1为运行中,0为未运行
- ①① harbor_task_queue_size
队列中每种类型的任务总数,
harbor_task_queue_size{type="DEMO"} 0
harbor_task_queue_size{type="GARBAGE_COLLECTION"} 0
harbor_task_queue_size{type="IMAGE_GC"} 0
harbor_task_queue_size{type="IMAGE_REPLICATE"} 0
harbor_task_queue_size{type="IMAGE_SCAN"} 0
harbor_task_queue_size{type="IMAGE_SCAN_ALL"} 0
harbor_task_queue_size{type="P2P_PREHEAT"} 0
harbor_task_queue_size{type="REPLICATION"} 0
harbor_task_queue_size{type="RETENTION"} 0
harbor_task_queue_size{type="SCHEDULER"} 0
harbor_task_queue_size{type="SLACK"} 0
harbor_task_queue_size{type="WEBHOOK"} 0
- ①② harbor_task_queue_latency
多久前要处理的下一个作业按类型排入队列
- ①③ harbor_task_scheduled_total
计划任务数
harbor_task_scheduled_total 0
- ①④ harbor_task_concurrency
Total上每种类型的并发任务总数
harbor_task_concurrency{pool="d4053262b74f0a7b83bc6add",type="GARBAGE_COLLECTION"}
0
4.2 Harbor核心指标
以下是从 Harbor 核心 pod 中提取的指标,可在
<harbor_instance>:<metrics_port>/<metrics_path>?comp=core.
# curl http://192.168.2.250:9090/metrics?comp=core.
- harbor_core_http_inflight_requests
请求总数,操作(HarborAPI operationId中的值。一些遗留端点没有,因此标签值为)operationId``unknown
- harbor_core_http_request_duration_seconds
请求的持续时间,方法 ( GET, POST, HEAD, PATCH, PUT), 操作 ( HarborAPIoperationId中的 值。一些遗留端点没有, 所以标签值为), 分位数operationId``unknown.
- harbor_core_http_request_total
请求总数
方法(GET, POST, HEAD, PATCH, PUT),操作(Harbor
APIoperationId中的 值。一些遗留端点没有,因此标签值为)operationId``unknown
4.3 Registry Metrics(Registry组件指标)
注册表,以下是从 Docker 发行版中提取的指标,查看指标方式:
<harbor_instance>:<metrics_port>/<metrics_path>?comp=registry.
- registry_http_in_flight_requests
进行中的 HTTP 请求,处理程序
- registry_http_request_duration_seconds
HTTP 请求延迟(以秒为单位),处理程序、方法( ,,,, GET) POST,文件HEADPATCHPUT
- registry_http_request_size_bytes
HTTP 请求大小(以字节为单位)。
4.4 Harbor Jobservice 指标
以下是从 Harbor Jobservice 提取的指标,查看:
<harbor_instance>:<metrics_port>/<metrics_path>?comp=jobservice.
- harbor_jobservice_info
Jobservice的信息,
- harbor_jobservice_task_total
每个作业类型处理的任务数
- harbor_jobservice_task_process_time_seconds
任务处理时间的持续时间,即任务从开始执行到任务结束用了多少时间。
5-配置Prometheus抓取Harbor指标
在Prometheus配置文件以抓取在你配置的端口和路径上公开的 Harbor 指标。
scrape_configs:
- job_name: 'harbor-exporter' #从Harbor exporter组件中获取度量
scrape_interval: 20s
static_configs:
- targets: ['192.168.2.250:9090/metrics']
- job_name: 'harbor-core'
scrape_interval: 20s
params:
comp: ['core'] #从Harbor core组件中获取度量
static_configs:
- targets: ['192.168.2.250:9090/metrics']
- job_name: 'harbor-registry'
scrape_interval: 20s
params:
comp: ['registry'] #从Harbor registry组件中获取度量
static_configs:
- targets: ['192.168.2.250:9090/metrics']
- job_name: 'harbor-jobservice'
scrape_interval: 20s
params:
comp: ['jobservice'] # 从Harbor jobservice组件中获取度量
static_configs:
- targets: ['192.168.2.250:9090/metrics']
然后重新启动Prometheus服务。
到Prometheus界面查看指标:
6-Grafana展示Harbor数据
一旦您配置了 Prometheus 服务器以收集您的 Harbor 指标,您就可以使用 Grafana来可视化您的数据。Harbor 存储库中提供了一个 示例 Grafana 仪表板,可帮助您开始可视化 Harbor 指标。
Grafana导入harbor json模板:
https://grafana.com/grafana/dashboards/?search=harbor
