本次不讲理论,直接上干货,理论百度能找到一大堆,直接上我的步骤。
创建sql,创建mysql-exporter连接mysql需要的用户,授予相应权限。
CREATE USER 'mysqlexporter'@"%" IDENTIFIED BY 'mysqlexporter'; GRANT PROCESS, REPLICATION CLIENT, SELECT ON *.* TO 'mysqlexporter'@'%' IDENTIFIED BY 'mysqlexporter' WITH MAX_USER_CONNECTIONS 30; GRANT select on performance_schema.* to "mysqlexporter"@"%" IDENTIFIED BY 'mysqlexporter'; flush privileges;
cat mysql-exporter-service-account.yaml
apiVersion: v1 kind: ServiceAccount metadata: name: mysql-exporter
cat mysql-exporter-cluster-role.yaml
kind: ClusterRole metadata: name: mysql-exporter rules: - apiGroups: ["authentication.k8s.io"] resources: - tokenreviews verbs: ["create"] - apiGroups: ["authorization.k8s.io"] resources: - subjectacce***eviews verbs: ["create"]
cat mysql-exporter-cluster-role-binding.yaml
kind: ClusterRoleBinding metadata: name: mysql-exporter roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: mysql-exporter subjects: - kind: ServiceAccount name: mysql-exporter namespace: monitoring
cat mysql-exporter-service-account.yaml
apiVersion: v1 kind: ServiceAccount metadata: name: mysql-exporter
cat mysql-exporter-cluster-role-binding.yaml
apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: mysql-exporter roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: mysql-exporter subjects: - kind: ServiceAccount name: mysql-exporter namespace: monitoring [root@max01 mysql-exporter]# cat mysql-exporter-cluster-role.yaml apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: mysql-exporter rules: - apiGroups: ["authentication.k8s.io"] resources: - tokenreviews verbs: ["create"] - apiGroups: ["authorization.k8s.io"] resources: - subjectacce***eviews verbs: ["create"]
运行mysql-exporter容器,利用第一步创建的账户密码信息,通过DATA_SOURCE_NAME环境变量传入连接mysql实例的信息
cat mysql-exporter-deployment.yaml
apiVersion: apps/v1 kind: Deployment metadata: name: mysql-exporter namespace: monitoring spec: replicas: 3 selector: matchLabels: k8s-app: mysql-exporter template: metadata: labels: k8s-app: mysql-exporter name: mysql-exporter spec: containers: - image: prom/mysqld-exporter:latest imagePullPolicy: "IfNotPresent" env: - name: DATA_SOURCE_NAME value: "mysqlexporter:mysqlexporter@(192.168.10.135:3306)/mysql" args: - "--collect.info_schema.processlist" - "--collect.info_schema.innodb_metrics" - "--collect.info_schema.tablestats" - "--collect.info_schema.userstats" - "--collect.engine_innodb_status" - "--collect.slave_hosts" name: mysql-exporter ports: - containerPort: 9104 name: mysql-metrics
需要暴露mysql-exporter的9104端口。
cat mysql-exporter-service.yaml
apiVersion: v1 kind: Service metadata: labels: k8s-app: mysql-exporter name: mysql-exporter namespace: monitoring spec: type: NodePort ports: - name: mysql-metrics port: 9104 protocol: TCP targetPort: 9104 nodePort: 30104 selector: k8s-app: mysql-exporter
用kubectl get svc -n monitoring查看mysql-exporter的服务
cat prometheus-k8s-service-monitor-mysql-exporter.yaml
apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: mysql-exporter namespace: monitoring labels: k8s-app: mysql-exporter spec: jobLabel: k8s-app selector: matchLabels: k8s-app: mysql-exporter namespaceSelector: matchNames: - monitoring endpoints: - port: mysql-metrics scheme: http interval: 30s bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token tlsConfig: insecureSkipVerify: true
根据暴露的30104端口查看是否能获取数据,是否可以正常获取到mysql信息;其中mysql_up 为1表示正常采集到数据。
登录prometheus查看targets
登录grafana查看数据
至此,mysql监控完毕。
