3.6.4.2. 监控 DevWorkspace Operator
您可以配置示例监控堆栈来处理 DevWorkspace Operator 公开的指标。
3.6.4.2.1. 使用 Prometheus 收集 DevWorkspace Operator 指标
要使用 Prometheus 来收集、存储和查询 DevWorkspace Operator 的指标:
先决条件
-
devworkspace-controller-metrics服务在端口8443中公开指标。 -
devworkspace-webhookserver服务在端口9443上公开指标。默认情况下,服务在端口9443上公开指标。 -
Prometheus 2.26.0 或更高版本正在运行。Prometheus 控制台在端口
9090上运行,带有对应的。参阅 Prometheus 的第一个步骤。服务和路由
流程
创建一个
ClusterRoleBinding,将与 Prometheus 关联的ServiceAccount绑定到 devworkspace-controller-metrics-readerClusterRole。注意如果没有
ClusterRoleBinding,您无法访问 DevWorkspace 指标,因为访问受基于角色的访问控制(RBAC)保护。例 3.31. ClusterRole
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: devworkspace-controller-metrics-reader rules: - nonResourceURLs: - /metrics verbs: - get
例 3.32. ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: devworkspace-controller-metrics-binding subjects: - kind: ServiceAccount name: <ServiceAccount_name_associated_with_the_Prometheus_Pod> namespace: <Prometheus_namespace> roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: devworkspace-controller-metrics-reader将 Prometheus 配置为从
devworkspace-controller-metricsService 公开的端口8443提取指标,并从devworkspace-webhookserver服务公开的端口9443中提取指标。例 3.33. Prometheus 配置
apiVersion: v1 kind: ConfigMap metadata: name: prometheus-config data: prometheus.yml: |- global: scrape_interval: 5s 1 evaluation_interval: 5s 2 scrape_configs: 3 - job_name: 'DevWorkspace' scheme: https authorization: type: Bearer credentials_file: '/var/run/secrets/kubernetes.io/serviceaccount/token' tls_config: insecure_skip_verify: true static_configs: - targets: ['devworkspace-controller-metrics:8443'] 4 - job_name: 'DevWorkspace webhooks' scheme: https authorization: type: Bearer credentials_file: '/var/run/secrets/kubernetes.io/serviceaccount/token' tls_config: insecure_skip_verify: true static_configs: - targets: ['devworkspace-webhookserver:9443'] 5
验证步骤
使用 Prometheus 控制台查看和查询指标:
-
查看
http:// <prometheus_url> /metrics 中的指标。 从
http:// <prometheus_url>/graph 查询指标。如需更多信息,请参阅 使用表达式浏览器。
-
查看
-
通过查看
http:// <prometheus-url> /targets 上的目标端点,验证所有目标是否已启动。