以下是 Prometheus 自动发现 Redis 实例的完整 YAML 文件示例,适用于生产环境。该配置包括:
- Redis 部署:运行 Redis 实例。
- Redis Exporter:用于暴露 Redis 指标。
- Prometheus 自动发现:通过 Kubernetes 服务发现自动抓取 Redis 实例。
1. Redis 部署文件 (redis-deployment.yaml)
apiVersion: apps/v1
kind: Deployment
metadata:
name: redis
labels:
app: redis
spec:
replicas: 3
selector:
matchLabels:
app: redis
template:
metadata:
labels:
app: redis
annotations:
prometheus.io/scrape: "true" # 允许 Prometheus 抓取
prometheus.io/port: "9121" # Redis Exporter 暴露的端口
spec:
containers:
- name: redis
image: harbor.fq.com/public/redis:7.4.1 # 使用官方 Redis 镜像
ports:
- containerPort: 6379 # Redis 默认端口
- name: redis-exporter
image: harbor.fq.com/prometheus/redis-exporter:1.67.0 # Redis Exporter 镜像
ports:
- containerPort: 9121 # Redis Exporter 默认端口
env:
- name: REDIS_ADDR
value: "redis://localhost:6379" # Redis 连接地址
---
apiVersion: v1
kind: Service
metadata:
name: redis-service
labels:
app: redis
annotations:
prometheus.io/scrape: "true" # 允许 Prometheus 抓取
prometheus.io/port: "9121" # Redis Exporter 暴露的端口
spec:
selector:
app: redis
ports:
- protocol: TCP
name: redis
port: 6379
targetPort: 6379
- protocol: TCP
name: redis-exporter
port: 9121
targetPort: 9121
type: ClusterIP2. Prometheus 自动发现配置 (prometheus.yml)
Prometheus 自动发现 Redis 实例并指定监控 Redis Exporter 端口(9121)的完整配置。该配置确保 Prometheus 能够自动发现 Redis 实例,并抓取 Redis Exporter 暴露的指标
scrape_configs:
- job_name: 'redis'
kubernetes_sd_configs:
- role: endpoints # 从 Kubernetes Endpoints 发现服务
relabel_configs:
# 只抓取带有 `prometheus.io/scrape: "true"` 注解的服务
- source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape]
action: keep
regex: true
# 替换目标地址为服务的 IP 和指定端口(9121)
- source_labels: [__meta_kubernetes_endpoint_address_target_kind, __meta_kubernetes_endpoint_address_target_name]
action: keep
regex: Pod;(.*redis.*) # 仅抓取名称包含 "redis" 的 Pod
- source_labels: [__meta_kubernetes_pod_ip]
action: replace
target_label: __address__
replacement: $1:9121 # 指定 Redis Exporter 的端口为 9121
# 添加 Kubernetes 服务的 app 标签
- source_labels: [__meta_kubernetes_service_label_app]
action: replace
target_label: app
# 添加 Kubernetes 命名空间标签
- source_labels: [__meta_kubernetes_namespace]
action: replace
target_label: namespace
# 添加 Kubernetes 服务名称标签
- source_labels: [__meta_kubernetes_service_name]
action: replace
target_label: service
# 添加 Kubernetes Pod 名称标签
- source_labels: [__meta_kubernetes_pod_name]
action: replace
target_label: pod
# 添加 Kubernetes 节点名称标签
- source_labels: [__meta_kubernetes_pod_node_name]
action: replace
target_label: node
# 添加实例标签(用于区分不同的 Redis 实例)
- source_labels: [__meta_kubernetes_pod_ip]
action: replace
target_label: instance配置说明
自动发现:
使用
kubernetes_sd_configs从 Kubernetes 的 Endpoints 自动发现服务。通过
__meta_kubernetes_service_annotation_prometheus_io_scrape注解,确保只抓取明确标记为需要监控的服务。
指定端口:
通过
replacement: $1:9121将目标地址替换为 Redis Exporter 的端口9121。使用
__meta_kubernetes_pod_ip获取 Redis Pod 的 IP 地址,并拼接端口9121。
标签优化:
添加 Kubernetes 元数据标签(如
app、namespace、service、pod等),便于后续查询和告警。使用
instance标签区分不同的 Redis 实例。
3. 部署步骤
将
redis-deployment.yaml保存到 Kubernetes 集群。部署 Redis 和 Redis Exporter:
kubectl apply -f redis-deployment.yaml更新 Prometheus 配置文件(
prometheus.yml),添加 Redis 的自动发现配置。重启 Prometheus 以加载新配置。
4. 验证
- 访问 Prometheus Web UI(
http://<prometheus-server>:9090),查看 Targets 页面,确认 Redis 目标已被发现。 - 查询 Prometheus 中的 Redis 指标(如
redis_up或redis_commands_processed_total)。
5. 生产环境建议
- 高可用性:部署多个 Redis 实例,并使用 Redis Sentinel 或 Redis Cluster 实现高可用。
- 监控告警:设置 Redis 关键指标的告警规则(如内存使用率、连接数等)。
- 资源限制:为 Redis 和 Redis Exporter 设置资源限制(CPU 和内存)。
- 日志管理:收集 Redis 和 Redis Exporter 的日志,便于排查问题。
6. 示例告警规则 (redis-alerts.yml)
6.1创建alert-rules-configmap文件
cat prometheus-alert-rules-redis-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: prometheus-alert-rules-redis
namespace: monitoring
labels:
app: prometheus
role: alert-rules
data:
redis.rules: |-
groups:
- name: redis_alerts
rules:
- alert: RedisDown
expr: redis_up == 0
for: 1m
labels:
severity: critical
annotations:
summary: "Redis is down"
description: "Redis instance {{ $labels.instance }} is down."
- alert: HighRedisMemoryUsage
expr: redis_memory_used_bytes / redis_memory_max_bytes > 0.8
for: 5m
labels:
severity: warning
annotations:
summary: "High memory usage on Redis"
description: "Redis memory usage is above 80% on {{ $labels.instance }}."
- alert: HighRedisConnections
expr: redis_connected_clients > 1000
for: 5m
labels:
severity: warning
annotations:
summary: "High number of Redis connections"
description: "Redis instance {{ $labels.instance }} has more than 1000 connections."注释版
# ========================
# Kubernetes ConfigMap 配置
# ========================
apiVersion: v1 # 必需字段,指定 Kubernetes API 版本
kind: ConfigMap # 资源类型为配置映射
metadata:
name: prometheus-alert-rules-redis # 资源名称(需符合DNS命名规范)
namespace: monitoring # 必须与Prometheus部署的命名空间一致
labels: # 标签用于资源筛选
app: prometheus # 标识属于Prometheus组件
role: alert-rules # 标识用途为告警规则
# ========================
# 告警规则数据部分(核心配置)
# ========================
data:
# 注意:文件名后缀必须是 .rules 或 .yaml 才能被Prometheus自动加载
redis.rules: |- # 关键符号说明:
# "|" 保留换行符,"-" 表示删除文件末尾的换行符
# 缩进必须使用2个空格(不能使用Tab)
# Prometheus告警规则语法开始
groups: # 告警规则组定义(至少需要1个组)
- name: redis_alerts # 组名称(显示在告警信息中)
rules: # 规则列表开始
# ---- 规则1:Redis实例宕机检测 ----
- alert: RedisDown # 告警名称(需唯一)
expr: redis_up == 0 # PromQL表达式:
# - redis_up 是指标名称
# - ==0 表示实例不可用
for: 1m # 持续时长(防止瞬时抖动)
labels: # 标签(可用于告警路由)
severity: critical # 严重级别(通常分 critical/warning/info)
annotations: # 告警详情模板
summary: "Redis服务宕机 (实例: {{ $labels.instance }})"
description: |-
Redis实例 {{ $labels.instance }} 已持续宕机1分钟
所属集群: {{ $labels.cluster }}
当前状态值: {{ $value }}
# ---- 规则2:内存使用率告警 ----
- alert: HighRedisMemoryUsage
expr: > # 多行表达式写法
redis_memory_used_bytes /
redis_memory_max_bytes > 0.8 # 内存使用率超过80%
for: 5m # 持续5分钟触发(适合资源类告警)
labels:
severity: warning
component: database # 自定义标签(可用于筛选)
annotations:
description: |-
内存使用率 {{ printf "%.2f" (mul $value 100) }}%
实例: {{ $labels.instance }}
建议: 1. 检查是否有大Key 2. 考虑扩容
# ---- 规则3:连接数告警 ----
- alert: HighRedisConnections
expr: redis_connected_clients > 1000
for: 5m
labels:
severity: warning
annotations:
description: |-
当前连接数: {{ $value }}
最大允许连接数: {{ query "redis_config_maxclients{instance='{{ $labels.instance }}'}" | first | value }}
# 使用query函数动态获取redis的maxclients配置值6.2修改prometheus-deployment.yaml文件,添加volumeMounts,t volumes
volumeMounts:
- name: prometheus-config
mountPath: /etc/prometheus # 配置文件挂载点
- name: prometheus-storage
mountPath: /prometheus # TSDB 数据存储路径
- name: prometheus-alert-rules-redis
mountPath: /etc/prometheus/rules/redis
volumes:
- name: prometheus-config
configMap:
name: prometheus-config # 从 ConfigMap 挂载 Prometheus 配置
- name: prometheus-storage
emptyDir: {} # 测试环境可使用空目录
- name: prometheus-alert-rules-redis
configMap:
name: prometheus-alert-rules-redis完整实例
apiVersion: apps/v1
kind: Deployment
metadata:
name: prometheus
namespace: monitoring # 指定命名空间
labels:
app: prometheus
spec:
replicas: 1 # 生产环境通常建议 1 个实例,使用远程存储提高可用性
selector:
matchLabels:
app: prometheus
template:
metadata:
labels:
app: prometheus
spec:
serviceAccountName: prometheus # 关联 ServiceAccount,便于 RBAC 访问
containers:
- name: prometheus
image: harbor.fq.com/prometheus/prometheus:v3.1.0 # 使用私有仓库镜像
args:
- --config.file=/etc/prometheus/prometheus.yml # 指定 Prometheus 配置文件
- --storage.tsdb.path=/prometheus # 存储 TSDB 数据的位置
- --web.console.templates=/etc/prometheus/consoles
- --web.console.libraries=/etc/prometheus/console_libraries
ports:
- containerPort: 9090 # Prometheus Web 界面端口
resources: # 限制 CPU 和内存,防止资源耗尽
requests:
cpu: "500m"
memory: "1Gi"
limits:
cpu: "1"
memory: "2Gi"
volumeMounts:
- name: prometheus-config
mountPath: /etc/prometheus # 配置文件挂载点
- name: prometheus-storage
mountPath: /prometheus # TSDB 数据存储路径
- name: prometheus-alert-rules
mountPath: /etc/prometheus/rules
- name: file-sd
mountPath: /apps/prometheus/file-sd.yaml
- name: prometheus-alert-rules-redis
mountPath: /etc/prometheus/rules/redis
volumes:
- name: prometheus-config
configMap:
name: prometheus-config # 从 ConfigMap 挂载 Prometheus 配置
- name: prometheus-storage
emptyDir: {} # 测试环境可使用空目录
- name: prometheus-alert-rules
configMap:
name: prometheus-alert-rules
- name: file-sd
hostPath:
path: /root/file-sd.yaml
type: File
- name: prometheus-alert-rules-redis
configMap:
name: prometheus-alert-rules-redis
---
apiVersion: v1
kind: Service
metadata:
name: prometheus
namespace: monitoring
labels:
app: prometheus
spec:
type: NodePort # 在生产环境中建议使用 LoadBalancer 或 Ingress
ports:
- port: 9090
targetPort: 9090
nodePort: 30090 # 通过 NodePort 访问 Web 界面
selector:
app: prometheus6.3修改prometheus-configmap.yaml文件,添加rule_files文件路径
rule_files:
- /etc/prometheus/rules/*.rules
- /etc/prometheus/rules/redis/*.rules完整实例
cat prometheus-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: prometheus-config
namespace: monitoring
data:
prometheus.yml: |
global:
scrape_interval: 15s
evaluation_interval: 15s
rule_files:
- /etc/prometheus/rules/*.rules
- /etc/prometheus/rules/redis/*.rules
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- job_name: 'kubernetes-nodes'
kubernetes_sd_configs:
- role: node
relabel_configs:
- source_labels: [__address__]
regex: '(.*):10250'
replacement: '${1}:9100'
target_label: __address__
- job_name: 'kubernetes-pods'
kubernetes_sd_configs:
- role: pod
relabel_configs:
- source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape]
action: keep
regex: true
- source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]
action: replace
target_label: __metrics_path__
regex: (.+)
- source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]
action: replace
regex: ([^:]+)(?::\d+)?;(\d+)
replacement: $1:$2
target_label: __address__
- job_name: 'kube-state-metrics'
kubernetes_sd_configs:
- role: endpoints
namespaces:
names:
- kube-system
- default
- monitoring
relabel_configs:
- source_labels: [__meta_kubernetes_service_label_app_kubernetes_io_name]
action: keep
regex: kube-state-metrics
- source_labels: [__meta_kubernetes_endpoint_port_name]
action: keep
regex: http-metrics
metrics_path: /metrics
scheme: http
- job_name: 'file_sd_node'
file_sd_configs:
- files:
- /apps/prometheus/file-sd.yaml
refresh_interval: 1m
- job_name: 'kubernetes-apiservers'
kubernetes_sd_configs:
- role: endpoints
namespaces:
names: ["default"]
scheme: https
tls_config:
insecure_skip_verify: true # 生产环境应配置CA证书
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
relabel_configs:
- source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
action: keep
regex: default;kubernetes;https
- job_name: 'kube-controller-manager'
kubernetes_sd_configs:
- role: endpoints
namespaces:
names: ["kube-system"]
scheme: https
tls_config:
insecure_skip_verify: true
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
relabel_configs:
- source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
action: keep
regex: kube-controller-manager;https-metrics
- job_name: 'kube-scheduler'
kubernetes_sd_configs:
- role: endpoints
namespaces:
names: ["kube-system"]
scheme: https
tls_config:
insecure_skip_verify: true
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
relabel_configs:
- source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
action: keep
regex: kube-scheduler;https-metrics
- job_name: 'etcd'
static_configs:
- targets: ['10.255.209.2:2379', '10.255.209.5:2379', '10.255.209.27:2379'] # 替换为实际etcd地址
scheme: https
tls_config:
insecure_skip_verify: true
#cert_file: /etc/prometheus/secrets/etcd-client.crt
#key_file: /etc/prometheus/secrets/etcd-client.key
- job_name: 'kubelet'
scheme: https
tls_config:
insecure_skip_verify: true
bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
kubernetes_sd_configs:
- role: node
relabel_configs:
- action: labelmap
regex: __meta_kubernetes_node_label_(.+)
- target_label: __address__
replacement: kubernetes.default.svc:443
- source_labels: [__meta_kubernetes_node_name]
regex: (.+)
target_label: __metrics_path__
replacement: /api/v1/nodes/${1}/proxy/metrics
- job_name: 'kube-proxy'
kubernetes_sd_configs:
- role: endpoints
namespaces:
names: ["kube-system"]
scheme: http
relabel_configs:
- source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
action: keep
regex: kube-proxy;metrics
- job_name: 'kube-proxy1'
kubernetes_sd_configs:
- role: endpoints
namespaces:
names: ["kube-system"]
scheme: http
relabel_configs:
- source_labels: [__meta_kubernetes_pod_name] # 直接匹配 Pod
action: keep
regex: kube-proxy-.*
- source_labels: [__address__]
action: replace
regex: ([^:]+)(?::\d+)?
replacement: ${1}:10249 # 强制使用 10249 端口
target_label: __address__
- job_name: 'redis'
kubernetes_sd_configs:
- role: endpoints # 从 Kubernetes Endpoints 发现服务
relabel_configs:
# 只抓取带有 `prometheus.io/scrape: "true"` 注解的服务
- source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape]
action: keep
regex: true
# 替换目标地址为服务的 IP 和指定端口(9121)
- source_labels: [__meta_kubernetes_endpoint_address_target_kind, __meta_kubernetes_endpoint_address_target_name]
action: keep
regex: Pod;(.*redis.*) # 仅抓取名称包含 "redis" 的 Pod
- source_labels: [__meta_kubernetes_pod_ip]
action: replace
target_label: __address__
replacement: $1:9121 # 指定 Redis Exporter 的端口为 9121
# 添加 Kubernetes 服务的 app 标签
- source_labels: [__meta_kubernetes_service_label_app]
action: replace
target_label: app
# 添加 Kubernetes 命名空间标签
- source_labels: [__meta_kubernetes_namespace]
action: replace
target_label: namespace
# 添加 Kubernetes 服务名称标签
- source_labels: [__meta_kubernetes_service_name]
action: replace
target_label: service
# 添加 Kubernetes Pod 名称标签
- source_labels: [__meta_kubernetes_pod_name]
action: replace
target_label: pod
# 添加 Kubernetes 节点名称标签
- source_labels: [__meta_kubernetes_pod_node_name]
action: replace
target_label: node
# 添加实例标签(用于区分不同的 Redis 实例)
- source_labels: [__meta_kubernetes_pod_ip]
action: replace
target_label: instance6.4 操作命令
kubectl create -f prometheus-alert-rules-redis-configmap.yaml
kubectl replace -f prometheus-configmap.yaml
kubectl replace -f prometheus-deployment.yaml
kubectl -n monitoring exec -it prometheus-66967df89b-7gp5d -- ls /etc/prometheus/rules
k8s.rules node.rules redis6.5 操作界面查看alerts状态
7. 总结
- 该配置实现了 Redis 实例的自动发现和监控。
- 通过 Redis Exporter 暴露 Redis 指标,Prometheus 自动抓取并存储。
- 适用于生产环境,支持高可用和动态扩展。