首页 运维部署

本文档由 内网文摘 发布,转载请注明出处

prometheus_blackbox(五、黑盒监测 )

参考:基于blackbox_exporter实现对URL状态、IP可用性、端口状态、TLS证书的过期时间监控
Blackbox_exporter黑盒监测

一、blackbox_exporter介绍

blackbox_exporter 是 Prometheus 官方提供的一个 exporter, 可以监控 HTTP、HTTPS、DNS、TCP 、ICMP 等目标实例, 从而实现对被监控节点进行监控和数据采集。
HTTP/HTPPS: URL/API 可用性检测
TCP: 端口监听检测
ICMP: 主机存活检测
DNS: 域名解析

二、安装部署blackbox_exporter

https://github.com/prometheus/blackbox_exporter/releases/

  1. cd /opt
  2. wget https://github.com/prometheus/blackbox_exporter/releases/download/v0.22.0/blackbox_exporter-0.22.0.linux-amd64.tar.gz
  4. tar -zxvf blackbox_exporter-0.22.0.linux-amd64.tar.gz
  5. mv blackbox_exporter-0.22.0.linux-amd64 blackbox_exporter
  1. vim /etc/systemd/system/blackbox-exporter.service
  3. [Unit]
  4. Description=Prometheus Blackbox Exporter
  5. After=network.target
  7. [Service]
  8. Type=simple
  9. User=root
  10. Group=root
  12. ExecStart=/opt/blackbox_exporter/blackbox_exporter \
  13. --config.file=/opt/blackbox_exporter/blackbox.yml \
  14. --web.listen-address=:9115
  15. Restart=on-failure
  17. [Install]
  18. WantedBy=multi-user.target
  1. systemctl enable --now blackbox-exporter.service
  2. systemctl start blackbox-exporter.service
  3. systemctl status blackbox-exporter.service
  5. netstat -tnlp
  9. #放通防火墙
  10. firewall-cmd --zone=public --add-port=9115/tcp --permanent
  11. firewall-cmd --reload
  13. 验证是否安装成功
  14. cd /opt/blackbox_exporter/
  15. ./blackbox_exporter --version

查看 http://192.168.1.2:9115/

三、配置启用blackbox exporter

1.使用blackbox exporter 实现 URL 监控
配置Prometheus

  1. [root@monitoring prometheus]# vim prometheus.yml
  2. [root@monitoring prometheus]# grep http_status  -A10  prometheus.yml
  3.   - job_name: 'http_status'
  4.     metrics_path: /probe
  5.     params:
  6.       module: [http_2xx]
  7.     static_configs:
  8.       - targets: ['http://www.xiaomi.com', 'http://www.magedu.com']
  9.         labels:
  10.           instance: http_status
  11.           group: web
  12.     relabel_configs:
  13.       - source_labels: [__address__] # 将__address__(当前监控目标URL地址的标签)修改为__param_target,用于传递给blackbox_exporter
  14.         target_label: __param_target #标签key为__param_target、value为www.xiaomi.mkey为__param_target、value为www.magedu.com
  15.       - source_labels: [__param_target] #基于__param_target获取监控目标
  16.         target_label: url #将监控目标的值与 url 创建一个label
  17.       - target_label: __address__ #新添加一个目标__address__,指向blackbox_exporter服务器地址,用于将监控请求发送给指定的blackbox_exporter服务器
  18.         replacement: 192.168.1.2:9115 #指定blackbox_exporter服务器地址

API Serevr节点发现

  1. #检查配置文件是否书写正确
  2. [root@monitoring prometheus]# ./promtool check config prometheus.yml
  3. Checking prometheus.yml
  4.  SUCCESS: prometheus.yml is valid prometheus config file syntax
  6. #重启prometheus
  7. [root@monitoring prometheus]# systemctl restart prometheus.service

2.使用blackbox exporter 实现 ICMP 监控
ICMP就是Ping使用的协议,可以探测IP是否在线:

  1. [root@monitoring prometheus]# vim prometheus.yml
  2. [root@monitoring prometheus]# ./promtool check config prometheus.yml
  3. Checking prometheus.yml
  4.  SUCCESS: prometheus.yml is valid prometheus config file syntax
  5. [root@monitoring prometheus]# grep ping_status  -A10  prometheus.yml
  6.   - job_name: 'ping_status'
  7.     metrics_path: /probe
  8.     params:
  9.      module: [icmp]
  10.     static_configs:
  11.     - targets: ['172.16.88.254',"223.6.6.6"]
  12.       labels:
  13.         instance: 'ping_status'
  14.         group: 'icmp'
  15.     relabel_configs:
  16.       - source_labels: [__address__]
  17.         target_label: __param_target
  18.       - source_labels: [__param_target]
  19.         target_label: ip
  20.       - target_label: __address__
  21.         replacement: 192.168.1.2:9115

API Serevr节点发现

  1. #检查配置文件是否书写正确
  2. [root@monitoring prometheus]# ./promtool check config prometheus.yml
  3. Checking prometheus.yml
  4.  SUCCESS: prometheus.yml is valid prometheus config file syntax
  6. #重启prometheus
  7. [root@monitoring prometheus]# systemctl restart prometheus.service

3.使用blackbox exporter 实现 端口监控

  1. [root@monitoring prometheus]# vim prometheus.yml
  2. [root@monitoring prometheus]# ./promtool check config prometheus.yml
  3. Checking prometheus.yml
  4.  SUCCESS: prometheus.yml is valid prometheus config file syntax
  6. [root@monitoring prometheus]# grep port_status  -A10  prometheus.yml
  7.   - job_name: 'port_status'
  8.     metrics_path: /probe
  9.     params:
  10.      module: [tcp_connect]
  11.     static_configs:
  12.       - targets: ['192.168.1.2:51234', '192.168.1.2:9256','192.168.1.2:22']
  13.         labels:
  14.           instance: 'port_status'
  15.           group: 'port'
  16.     relabel_configs:
  17.       - source_labels: [__address__]
  18.         target_label: __param_target
  19.       - source_labels: [__param_target]
  20.         target_label: ip
  21.       - target_label: __address__
  22.         replacement: 192.168.1.2:9115

API Serevr节点发现

  1. #检查配置文件是否书写正确
  2. [root@monitoring prometheus]# ./promtool check config prometheus.yml
  3. Checking prometheus.yml
  4.  SUCCESS: prometheus.yml is valid prometheus config file syntax
  6. #重启prometheus
  7. [root@monitoring prometheus]# systemctl restart prometheus.service

访问Prometheus的 http://127.0.0.1:9090/targets 查看加入的监控信息。

四、grafana中加入blackbox_exporter监控数据

此模板为9965号模板,数据源选择Prometheus 模板下载地址 https://grafana.com/grafana/dashboards/9965

此模板需要安装饼状图插件 下载地址 https://grafana.com/grafana/plugins/grafana-piechart-panel
安装插件,重启grafana生效。

  1. grafana-cli plugins install grafana-piechart-panel
  2. service grafana-server restart

访问grafana http://127.0.0.1:3000,查看数据。

prometheus 告警规则

  1. #以下为Blackbox-exporer通用告警模板,可根据label自行调整
  2. blackbox.rules: |
  3.     groups:
  4.     - name: blackbox.rules
  5.       rules:
  6.       - alert: blackbox_network_stats
  7.         expr: probe_success == 0
  8.         for: 1m
  9.         labels:
  10.           team: ops
  11.           severity: critical
  12.         annotations:
  13.           description: "接口/主机/路径/端口:{{ $labels.instance }} 无法连通"
local 2023年5月10日 11:32 收藏文档