How to monitor K8s out-of-cluster services with Prometheus Operator?
This article was last updated on: July 24, 2024 am
preface
In previous series of articles:
- Prometheus Operator and one of kube-prometheus - Introduction - Dongfeng Weiming Technology Blog (e-whisper.com)
- Three Scenarios for Monitoring Kubernetes Cluster Certificate Expiration - Dongfeng Weiming Technology Blog (e-whisper.com)
Some advantages of Prometheus Operator over native Prometheus are introduced, which have been widely adopted by major vendors and popular open source cloud components. Recommended use.
But in practice, not all components may be in the K8S cluster, such as: LB, DB, global DNS, cloud services…
How can I monitor them with Prometheus Operator? Here are the following scenarios (not a solution, just a little trick)
Use Prometheus Operator to monitor K8s out-of-cluster service scenarios
As mentioned above, the K8s extra-cluster services here refer to some such as LB, DB, global DNS, cloud services… Static services.
For such services, there are the following monitoring schemes:
- Via Prometheus Operator CR -
prometheus
spec;- This scheme and other configurations of Prometheus have high coupling;
- Via external name
Service
+ServiceMonitor
- This scheme has a premise, that is: the monitored service is a domain name;
- Pass
Service
+Endpoint
+ServiceMonitor
- This scheme has strong adaptability and low coupling. Recommend. 👍️
- If it is the monitoring of the BlackboxProbe class, that is, monitor: various parameters of the Endpoint (HTTP/S, DNS, TCP, ICMP and grpc), including HTTP response time, DNS query latency, SSL certificate expiration information, TLS version, etc. It can be used directly
Probe
CR, above: How do I monitor URLs using Blackbox Exporter? - Dongfeng Weiming Technology Blog (e-whisper.com) It has already been mentioned, so I will not repeat it this time.
Option 1: prometheus
spec
In short, it’s directly in prometheus
Add a static configuration like this (static_configs) to the spec:
1 |
|
The specific configuration example is as follows:
1 |
|
Solution 2: External name Service
+ ServiceMonitor
Take advantage of Kubernetes Externalname Serivce, mapping services to DNS names instead of typical selection operators such as my-service or cassandra.
Configure the Externalname Service:
1 |
|
Configure a ServiceMonitor that points to the service:
1 |
|
Option 3: Service
+ Endpoint
+ ServiceMonitor
Pass Service
+ Endpoint
way, explicitly map external services as internal services.
Examples are as follows:
1 |
|
1 |
|
Similar to the second solution, create the corresponding ServiceMonitor:
1 |
|
Although this bypasses some, it can be guaranteed that when modifying the monitoring of component A, it will not affect the configuration of component B at all; In addition, it will not affect other monitoring of Prometheus.
More precise configuration;
finer granularity;
Lower coupling.
🎉🎉🎉
📚️ Reference documentation
- Scrape external service with FQDN · Issue #3204 · prometheus-operator/prometheus-operator (github.com)
- kubernetes - How to monitor external service in prometheus-operator - Stack Overflow
- Prometheus Operator — How to monitor an external service | by Ido Braunstain | DevOps College
- Monitor external services with the prometheus operator | jpweber blog
- prometheus operator scrape external target for HAProxy — xnum’s blog