本文详细介绍了BlackboxExporter的安装过程,包括源码包和Docker方式,以及如何配置不同的探测模块(如HTTP、HTTPS、TCP、DNS等),并展示了如何将其与Prometheus集成,以实现对服务和主机的黑盒监控。
目录
1 Blackbox Exporter安装配置
参考:
https://github.com/prometheus/blackbox_exporter
1.1 Blackbox Exporter简介
blackbox_exporter 是 Prometheus 拿来对 http/https、tcp、icmp、dns、进行的黑盒监控工具,也就是从服务、主机等外部进行探测,来查看服务、主机等是否可用。
Blackbox Exporter 默认端口是 9115,
1.2 安装
1、安装-使用源码包安装
下载安装
这里使用源码包安装
cd /usr/local/src
wget https://github.com/prometheus/blackbox_exporter/releases/download/v0.24.0/blackbox_exporter-0.24.0.linux-amd64.tar.gz
tar -zxf blackbox_exporter-0.24.0.linux-amd64.tar.gz
mv blackbox_exporter-0.24.0.linux-amd64 /usr/local/blackbox_exporter
blackbox.yml文件
vim /usr/local/blackbox_exporter/blackbox.yml
modules:
http_2xx:
prober: http
http_post_2xx:
prober: http
http:
method: POST
tcp_connect:
prober: tcp
pop3s_banner:
prober: tcp
tcp:
query_response:
- expect: "^+OK"
tls: true
tls_config:
insecure_skip_verify: false
grpc:
prober: grpc
grpc:
tls: true
preferred_ip_protocol: "ip4"
grpc_plain:
prober: grpc
grpc:
tls: false
service: "service1"
ssh_banner:
prober: tcp
tcp:
query_response:
- expect: "^SSH-2.0-"
- send: "SSH-2.0-blackbox-ssh-check"
irc_banner:
prober: tcp
tcp:
query_response:
- send: "NICK prober"
- send: "USER prober prober prober :prober"
- expect: "PING :([^ ]+)"
send: "PONG ${1}"
- expect: "^:[^ ]+ 001"
icmp:
prober: icmp
icmp_ttl5:
prober: icmp
timeout: 5s
icmp:
preferred_ip_protocol: ip4
ttl: 5
配置快速启动文件
cat >> /usr/lib/systemd/system/blackbox_exporter.service <<EOF
[Unit]
Description=blackbox_exporter
After=network.target
[Service]
User=root
Type=simple
ExecStart=/usr/local/blackbox_exporter/blackbox_exporter --config.file=/usr/local/blackbox_exporter/blackbox.yml
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl restart blackbox_exporter
systemctl enable blackbox_exporter
systemctl status blackbox_exporter
测试:192.168.92.100:9115/probe?target=baidu.com&module=http_2xx
2、安装-使用docker
mkdir /usr/local/blackbox/ && cd /usr/local/blackbox/
vim /usr/local/blackbox/blackbox.yml
# 官方默认的配置文件
modules:
http_2xx:
prober: http
http_post_2xx:
prober: http
http:
method: POST
tcp_connect:
prober: tcp
pop3s_banner:
prober: tcp
tcp:
query_response:
- expect: "^+OK"
tls: true
tls_config:
insecure_skip_verify: false
grpc:
prober: grpc
grpc:
tls: true
preferred_ip_protocol: "ip4"
grpc_plain:
prober: grpc
grpc:
tls: false
service: "service1"
ssh_banner:
prober: tcp
tcp:
query_response:
- expect: "^SSH-2.0-"
- send: "SSH-2.0-blackbox-ssh-check"
irc_banner:
prober: tcp
tcp:
query_response:
- send: "NICK prober"
- send: "USER prober prober prober :prober"
- expect: "PING :([^ ]+)"
send: "PONG ${1}"
- expect: "^:[^ ]+ 001"
icmp:
prober: icmp
icmp_ttl5:
prober: icmp
timeout: 5s
icmp:
preferred_ip_protocol: ip4
ttl: 5
docker run -itd --rm -p 9115:9115 -v /usr/local/blackbox:/config --name blackbox_exporter quay.io/prometheus/blackbox-exporter:latest
# 其中参数解释
--rm:容器停止后容器自动删除
-p:端口映射
-v:卷挂载
--config.file:加载的配置文件
--name:容器名称
quay.io/prometheus/blackbox-exporter:latest:镜像名字
## 查看
docker ps
#######
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
38575d5abbdc quay.io/prometheus/blackbox-exporter:latest "/bin/blackbox_expor…" 6 minutes ago Up 6 minutes 0.0.0.0:9115->9115/tcp, :::9115->9115/tcp blackbox_exporter
网页查看
1.3 Prometheus配置
blackbox exporter支持多种探测设置,比如ping ip/域名等,或者telnet端口是否通,支持http和https,以下是各种情景下是否配置。
1、http监控
HTTP就是通过GET或者POST的方式来检测应用是否正常。
这种场景多用于监控网页是否正常,如:公司官网是否不能正常打开,或者打开过慢这样的情况
cd /usr/local/prometheus
mkdir sd_file/blackbox
cat sd_file/blackbox/probe_http.yml
- targets:
- http://192.168.92.101:8081/ # Target to probe with http.
- https://www.bilibili.com/ # Target to probe with https.
- http://example.com:8080
labels:
web: probe_http
vim prometheus.yml
# 这个是 http 探测的结果
- job_name: 'probe_http'
metrics_path: /probe
params:
module: [http_2xx] # Look for a HTTP 200 response.
file_sd_configs:
- refresh_interval: 10s
files:
- "/usr/local/prometheus/sd_file/blackbox/*.yml"
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: 192.168.92.100:9115 # The blackbox exporter's real hostname:port.
# 这个配置是 blackbox_exporter/metrics 的数据
# collect blackbox exporter's operational metrics.
- job_name: 'blackbox_exporter' # collect blackbox exporter's operational metrics.
static_configs:
- targets: ['192.168.92.101:9115']
# ============================== 上面是实际的配置
# ============================== 以下是官方提供的,可根据需要进行修改
scrape_configs:
- job_name: 'blackbox'
metrics_path: /probe
params:
module: [http_2xx] # Look for a HTTP 200 response.
static_configs:
- targets:
- http://192.168.92.101:8081/ # Target to probe with http.
- https://www.bilibili.com/ # Target to probe with https.
- http://example.com:8080 # Target to probe with http on port 8080.
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: 192.168.92.100:9115 # The blackbox exporter's real hostname:port.
- job_name: 'blackbox_exporter' # collect blackbox exporter's operational metrics.
static_configs:
- targets: ['192.168.92.101:9115']
# 第一次配置需要重启服务,之后如果是在 custom_ping 目录下新加文件则不需要重启
systemctl restart prometheus
2、ping探测-ip
这个就是类似于平常使用的 ping 命令,有需要一直 ping 的可以使用这个
vim prometheus.yml
- job_name: "custom_ping"
metrics_path: /probe
params:
module:
- icmp
scrape_interval: 30s
scrape_timeout: 30s
file_sd_configs:
- files:
- /usr/local/prometheus/local_cluster/custom_ping/*.yml
refresh_interval: 5m
relabel_configs:
- source_labels:
- __address__
target_label: __param_target
- source_labels:
- __param_target
target_label: instance
- target_label: __address__
replacement: 127.0.0.1:9115
# blackbox_exporter自己的监控端口
#
cat /usr/local/prometheus/local_cluster/custom_ping/list.yml
- targets:
- xx.xx.xxx.xx
- xx.xx.xxx.xx
labels:
app: custom_ping
# 第一次配置需要重启服务,之后如果是在 custom_ping 目录下新加文件则不需要重启
systemctl restart prometheus
查看:
probe_success:表示是否探测成功,这里要注意:0为失败,1为成功
3、https probe-DNS解析
vim prometheus.yml
scrape_configs:
- job_name: blackbox_all
metrics_path: /probe
params:
module: [ http_2xx ] # Look for a HTTP 200 response.
dns_sd_configs:
- names:
- www.bilibili.com
- prometheus.io
type: A
port: 443
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
replacement: https://$1/ # Make probe URL be like https://1.2.3.4:443/
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: 192.168.92.100:9115 # The blackbox exporter's real hostname:port.
- source_labels: [__meta_dns_name]
target_label: __param_hostname # Make domain name become 'Host' header for probe requests
- source_labels: [__meta_dns_name]
target_label: vhost # and store it in 'vhost' label
systemctl restart prometheus
4、metrics配置
这个主要是为了收集exporter的 /metrics 的数据
vim prometheus.yml
scrape_configs:
- job_name: "blackbox_exporter"
# metrics_path defaults to '/metrics'
# scheme defaults to 'http'.
static_configs:
- targets: ["192.168.92.100:9115"]
systemctl restart prometheus
systemctl status prometheus.service
5、TCP监控-探测端口
TCP监控主要是通过类似于Telnet的方式进行检测
vim prometheus.yml
- job_name: "check-middleware-tcp"
metrics_path: /probe
params:
module: [tcp_connect] # Look for a HTTP 200 response.
static_configs:
- targets:
- xx.xx.xx.xx:80
- xx.xx.xx.xx:3306
labels:
group: middleware-tcp
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: blackbox.monitoring:9115
总结
blackbox exporter 多用于在 服务、主机外部,对其进行IP、域名、端口等的探测,每种类型的配置都有差别,根据需要进行配置。
blackbox exporter 是一个开源的组件,其用法都可以在 GitHub中找到,地址为:https://github.com/prometheus/blackbox_exporter/tree/master
扫一扫
1955
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
