网上学习资料一大堆,但如果学到的知识不成体系,遇到问题时只是浅尝辄止,不再深入研究,那么很难做到真正的技术提升。
一个人可以走的很快,但一群人才能走的更远!不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!
* [blackbox.yml文件](#blackboxyml_20)
* [配置快速启动文件](#_77)
- [2、安装-使用docker](#2docker_103)
+ [1.3 Prometheus配置](#13_Prometheus_182)
+ - [1、http监控](#1http_184)
- [2、ping探测-ip](#2pingip_253)
- [3、https probe-DNS解析](#3https_probeDNS_296)
- [4、metrics配置](#4metrics_328)
- [5、TCP监控-探测端口](#5TCP_344)
1 Blackbox Exporter安装配置
参考:
https://github.com/prometheus/blackbox_exporter
1.1 Blackbox Exporter简介
blackbox_exporter 是 Prometheus 拿来对 http/https、tcp、icmp、dns、进行的黑盒监控工具,也就是从服务、主机等外部进行探测,来查看服务、主机等是否可用。
Blackbox Exporter 默认端口是 9115,
1.2 安装
1、安装-使用源码包安装
下载安装
这里使用源码包安装
cd /usr/local/src
wget https://github.com/prometheus/blackbox_exporter/releases/download/v0.24.0/blackbox_exporter-0.24.0.linux-amd64.tar.gz
tar -zxf blackbox_exporter-0.24.0.linux-amd64.tar.gz
mv blackbox_exporter-0.24.0.linux-amd64 /usr/local/blackbox_exporter
blackbox.yml文件
vim /usr/local/blackbox_exporter/blackbox.yml
modules:
http_2xx:
prober: http
http_post_2xx:
prober: http
http:
method: POST
tcp_connect:
prober: tcp
pop3s_banner:
prober: tcp
tcp:
query_response:
- expect: "^+OK"
tls: true
tls_config:
insecure_skip_verify: false
grpc:
prober: grpc
grpc:
tls: true
preferred_ip_protocol: "ip4"
grpc_plain:
prober: grpc
grpc:
tls: false
service: "service1"
ssh_banner:
prober: tcp
tcp:
query_response:
- expect: "^SSH-2.0-"
- send: "SSH-2.0-blackbox-ssh-check"
irc_banner:
prober: tcp
tcp:
query_response:
- send: "NICK prober"
- send: "USER prober prober prober :prober"
- expect: "PING :([^ ]+)"
send: "PONG ${1}"
- expect: "^:[^ ]+ 001"
icmp:
prober: icmp
icmp_ttl5:
prober: icmp
timeout: 5s
icmp:
preferred_ip_protocol: ip4
ttl: 5
配置快速启动文件
cat >> /usr/lib/systemd/system/blackbox_exporter.service <<EOF
[Unit]
Description=blackbox\_exporter
After=network.target
[Service]
User=root
Type=simple
ExecStart=/usr/local/blackbox\_exporter/blackbox\_exporter --config.file=/usr/local/blackbox\_exporter/blackbox.yml
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl restart blackbox_exporter
systemctl enable blackbox_exporter
systemctl status blackbox_exporter
测试:192.168.92.100:9115/probe?target=baidu.com&module=http_2xx
2、安装-使用docker
mkdir /usr/local/blackbox/ && cd /usr/local/blackbox/
vim /usr/local/blackbox/blackbox.yml
# 官方默认的配置文件
modules:
http_2xx:
prober: http
http_post_2xx:
prober: http
http:
method: POST
tcp_connect:
prober: tcp
pop3s_banner:
prober: tcp
tcp:
query_response:
- expect: "^+OK"
tls: true
tls_config:
insecure_skip_verify: false
grpc:
prober: grpc
grpc:
tls: true
preferred_ip_protocol: "ip4"
grpc_plain:
prober: grpc
grpc:
tls: false
service: "service1"
ssh_banner:
prober: tcp
tcp:
query_response:
- expect: "^SSH-2.0-"
- send: "SSH-2.0-blackbox-ssh-check"
irc_banner:
prober: tcp
tcp:
query_response:
- send: "NICK prober"
- send: "USER prober prober prober :prober"
- expect: "PING :([^ ]+)"
send: "PONG ${1}"
- expect: "^:[^ ]+ 001"
icmp:
prober: icmp
icmp_ttl5:
prober: icmp
timeout: 5s
icmp:
preferred_ip_protocol: ip4
ttl: 5
docker run -itd --rm -p 9115:9115 -v /usr/local/blackbox:/config --name blackbox_exporter quay.io/prometheus/blackbox-exporter:latest
# 其中参数解释
--rm:容器停止后容器自动删除
-p:端口映射
-v:卷挂载
--config.file:加载的配置文件
--name:容器名称
quay.io/prometheus/blackbox-exporter:latest:镜像名字
## 查看
docker ps
#######
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
38575d5abbdc quay.io/prometheus/blackbox-exporter:latest "/bin/blackbox\_expor…" 6 minutes ago Up 6 minutes 0.0.0.0:9115->9115/tcp, :::9115->9115/tcp blackbox_exporter
网页查看
1.3 Prometheus配置
blackbox exporter支持多种探测设置,比如ping ip/域名等,或者telnet端口是否通,支持http和https,以下是各种情景下是否配置。
1、http监控
HTTP就是通过GET或者POST的方式来检测应用是否正常。
这种场景多用于监控网页是否正常,如:公司官网是否不能正常打开,或者打开过慢这样的情况
cd /usr/local/prometheus
mkdir sd_file/blackbox
cat sd_file/blackbox/probe_http.yml
- targets:
- http://192.168.92.101:8081/ # Target to probe with http.
- https://www.bilibili.com/ # Target to probe with https.
- http://example.com:8080
labels:
web: probe_http
vim prometheus.yml
# 这个是 http 探测的结果
- job_name: 'probe\_http'
metrics_path: /probe
params:
module: [http_2xx] # Look for a HTTP 200 response.
file_sd_configs:
- refresh_interval: 10s
files:
- "/usr/local/prometheus/sd\_file/blackbox/\*.yml"
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: 192.168.92.100:9115 # The blackbox exporter's real hostname:port.
# 这个配置是 blackbox\_exporter/metrics 的数据
# collect blackbox exporter's operational metrics.
- job_name: 'blackbox\_exporter' # collect blackbox exporter's operational metrics.
static_configs:
- targets: ['192.168.92.101:9115']
# ============================== 上面是实际的配置
# ============================== 以下是官方提供的,可根据需要进行修改
scrape_configs:
- job_name: 'blackbox'
metrics_path: /probe
params:
module: [http_2xx] # Look for a HTTP 200 response.
static_configs:
- targets:
- http://192.168.92.101:8081/ # Target to probe with http.
- https://www.bilibili.com/ # Target to probe with https.
- http://example.com:8080 # Target to probe with http on port 8080.
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: 192.168.92.100:9115 # The blackbox exporter's real hostname:port.
- job_name: 'blackbox\_exporter' # collect blackbox exporter's operational metrics.
static_configs:
- targets: ['192.168.92.101:9115']
# 第一次配置需要重启服务,之后如果是在 custom\_ping 目录下新加文件则不需要重启
systemctl restart prometheus
2、ping探测-ip
这个就是类似于平常使用的 ping 命令,有需要一直 ping 的可以使用这个
vim prometheus.yml
- job_name: "custom\_ping"
metrics_path: /probe
params:
module:
- icmp
scrape_interval: 30s
scrape_timeout: 30s
file_sd_configs:
- files:
- /usr/local/prometheus/local_cluster/custom_ping/*.yml
refresh_interval: 5m
relabel_configs:
- source_labels:
- __address__
target_label: __param_target
**网上学习资料一大堆,但如果学到的知识不成体系,遇到问题时只是浅尝辄止,不再深入研究,那么很难做到真正的技术提升。**
**[需要这份系统化的资料的朋友,可以点击这里获取!](https://bbs.csdn.net/topics/618635766)**
**一个人可以走的很快,但一群人才能走的更远!不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!**