Minio配置Prometheus监控
一、Minio配置
1、使用minio client(mc命令) 配置连接minio server
curl https://dl.min.io/client/mc/release/linux-amd64/mc -o /usr/local/bin/mc
chmod a+x /usr/local/bin/mc
# mc config host add [alias] [endpoint] [username] [password] 四个参数,依次为命名,服务端点,账号,密码
mc config host add myoss https://minio.test.com crazy crazy123.
# 查看本地配置的minio server
mc config host ls
2、利用mc命令生成Prometheus的minio配置
# mc admin prometheus generate myoss 参数解释,通过这段命令生成对应的prometheus配置
mc admin prometheus generate myoss
# 此段配置,后面要加到Prometheus的配置文件中
scrape_configs:
- job_name: minio-job
bearer_token: eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJwcm9tZXRoZXVzIiwic3ViIjoiY3Jhenl3ZW5nIiwiZXhwIjo0ODk2MDYyODA2fQ.kDes2yFpCTTPhi8g5rOXhyp52-9PXh_dDrKyDJ_Mms6J_smi232nySkigKueHu6bSvz8sPkmcNSx1Y2bUHqnEQ
metrics_path: /minio/v2/metrics/cluster
scheme: https
static_configs:
- targets: ['minio.test.com'] # 此处使用了域名,使用了nginx反代了minio的api接口,如没域名,直接填写minio api地址
3、验证minio metric接口是否正常
curl -H "Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJwcm9tZXRoZXVzIiwic3ViIjoiY3Jhenl3ZW5nIiwiZXhwIjo0ODk2MDM4Mjk0fQ.bMFmArjjx4wW34qswmMkAg1BDDbvAUMCXR4IGEMr8PRF4tuSYUHCdByyDYawYoC4zD9f4XRKd_tsM5KHWaTTzg" https://minio.test.com/minio/v2/metrics/cluster
二、Prometheus配置
1、配置Prometheus配置文件prometheus.yml
# vim /opt/prometheus/config/prometheus.yml
global:
scrape_interval: 15s # 默认抓取周期
external_labels:
monitor: 'codelab-monitor'
rule_files:
- "./rules/*.yml"
alerting:
alertmanagers:
- static_configs:
- targets:
- "alertmanager:9093"
scrape_configs:
- job_name: minio-job
bearer_token: eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJwcm9tZXRoZXVzIiwic3ViIjoiY3Jhenl3ZW5nIiwiZXhwIjo0ODk2MDM4Mjk0fQ.bMFmArjjx4wW34qswmMkAg1BDDbvAUMCXR4IGEMr8PRF4tuSYUHCdByyDYawYoC4zD9f4XRKd_tsM5KHWaTTzg
metrics_path: /minio/v2/metrics/cluster
scheme: https
static_configs:
- targets: ['minio.test.com']
2、Prometheus + Grafana 部署(docker-compose)
# mkdir config prometheus_data prometheus_data && chmod 777 config prometheus_data prometheus_data
# 创建映射目录,并授予权限
# vim docker-compose.yaml
version: "3.7"
services:
prometheus:
image: prom/prometheus:latest
container_name: "prometheus"
restart: always
ports:
- "9090:9090"
volumes:
- "./config:/etc/prometheus"
- "./prometheus_data:/prometheus"
- "/etc/timezone:/etc/timezone"
- "/etc/localtime:/etc/localtime:ro"
command:
- --config.file=/etc/prometheus/prometheus.yml
- --web.enable-lifecycle
- --web.external-url=/prometheus # 配置了Prometheus的子路径,目的为了用同一个域名反代grafana和prometheus
- --web.enable-admin-api
alertmanager:
image: prom/alertmanager:latest
container_name: altermanager
restart: always
ports:
- "9093:9093"
volumes:
- "./config:/etc/alertmanager"
- "/etc/timezone:/etc/timezone"
- "/etc/localtime:/etc/localtime:ro"
command:
- --config.file=/etc/alertmanager/alertmanager.yml
grafana:
image: grafana/grafana
container_name: "grafana"
ports:
- "3010:3000"
restart: always
volumes:
- "./c:/var/lib/grafana"
- "/etc/timezone:/etc/timezone"
- "/etc/localtime:/etc/localtime:ro"
# 启动prometheus
docker-compose up -d
3、配置nginx反代Prometheus的接口地址
# 配置grafana面板地址
upstream grafana {
server 127.0.0.1:3010;
}
# 配置prometheus面板地址
upstream prometheus {
server 127.0.0.1:9090;
}
server {
listen 443 ssl;
server_name status.test.com; #你的域名
ssl_certificate /etc/nginx/cert/test/status/fullchain.pem; #证书位置
ssl_certificate_key /etc/nginx/cert/test/status/privkey.key; #私钥位置
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
access_log /var/log/nginx/status-access.log main;
error_log /var/log/nginx/status-error.log;
#PROXY-START/
location / {
proxy_pass http://grafana;
client_max_body_size 100m;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
}
location /prometheus { # 此处与prometheus的启动配置有关, "--web.external-url=/prometheus"
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
# 此处使用了basic_auth加密了prometheus的访问
# 使用apache2-utils的htpasswd工具生成密码, htpasswd -c /etc/nginx/.htpasswd crazy
proxy_pass http://prometheus;
}
}
三、minio配置Prometheus接口
1、修改minio的启动环境配置
version: '3.8'
services:
minio:
image: quay.io/minio/minio
container_name: minio
restart: always
ports:
- "127.0.0.1:9000:9000"
- "127.0.0.1:9001:9001"
environment:
MINIO_ROOT_USER: "crazy"
MINIO_ROOT_PASSWORD: "crazy123."
MINIO_BROWSER_REDIRECT_URL: "https://minio.test.com/minio/ui"
#MINIO_PROMETHEUS_AUTH_TYPE: "public"
MINIO_PROMETHEUS_URL: "https://crazy:[email protected]/prometheus" # 新增prometheus配置
MINIO_PROMETHEUS_JOB_ID: "minio-job" # 新增prometheus配置的 Job ID
#MINIO_PROMETHEUS_AUTH_TOKEN:
volumes:
- ./minio-data:/data
command: server /data --console-address ":9001"
# 重新启动minio
docker-compose down
docker-compose up -d
2、minio console界面验证
