以下是 Prometheus 自动发现 Redis 实例的完整 YAML 文件示例,适用于生产环境。该配置包括:
- Redis 部署:运行 Redis 实例。
- Redis Exporter:用于暴露 Redis 指标。
- Prometheus 自动发现:通过 Kubernetes 服务发现自动抓取 Redis 实例。
1. Redis 部署文件 (redis-deployment.yaml)
apiVersion: apps/v1
kind: Deployment
metadata:name: redislabels:app: redis
spec:replicas: 3selector:matchLabels:app: redistemplate:metadata:labels:app: redisannotations:prometheus.io/scrape: "true" # 允许 Prometheus 抓取prometheus.io/port: "9121" # Redis Exporter 暴露的端口spec:containers:- name: redisimage: harbor.fq.com/public/redis:7.4.1 # 使用官方 Redis 镜像ports:- containerPort: 6379 # Redis 默认端口- name: redis-exporterimage: harbor.fq.com/prometheus/redis-exporter:1.67.0 # Redis Exporter 镜像ports:- containerPort: 9121 # Redis Exporter 默认端口env:- name: REDIS_ADDRvalue: "redis://localhost:6379" # Redis 连接地址
---
apiVersion: v1
kind: Service
metadata:name: redis-servicelabels:app: redisannotations:prometheus.io/scrape: "true" # 允许 Prometheus 抓取prometheus.io/port: "9121" # Redis Exporter 暴露的端口
spec:selector:app: redisports:- protocol: TCPname: redisport: 6379targetPort: 6379- protocol: TCPname: redis-exporterport: 9121targetPort: 9121type: ClusterIP2. Prometheus 自动发现配置 (prometheus.yml)
Prometheus 自动发现 Redis 实例并指定监控 Redis Exporter 端口(9121)的完整配置。该配置确保 Prometheus 能够自动发现 Redis 实例,并抓取 Redis Exporter 暴露的指标
scrape_configs:- job_name: 'redis'kubernetes_sd_configs:- role: endpoints # 从 Kubernetes Endpoints 发现服务relabel_configs:# 只抓取带有 `prometheus.io/scrape: "true"` 注解的服务- source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape]action: keepregex: true# 替换目标地址为服务的 IP 和指定端口(9121)- source_labels: [__meta_kubernetes_endpoint_address_target_kind, __meta_kubernetes_endpoint_address_target_name]action: keepregex: Pod;(.*redis.*) # 仅抓取名称包含 "redis" 的 Pod- source_labels: [__meta_kubernetes_pod_ip]action: replacetarget_label: __address__replacement: $1:9121 # 指定 Redis Exporter 的端口为 9121# 添加 Kubernetes 服务的 app 标签- source_labels: [__meta_kubernetes_service_label_app]action: replacetarget_label: app# 添加 Kubernetes 命名空间标签- source_labels: [__meta_kubernetes_namespace]action: replacetarget_label: namespace# 添加 Kubernetes 服务名称标签- source_labels: [__meta_kubernetes_service_name]action: replacetarget_label: service# 添加 Kubernetes Pod 名称标签- source_labels: [__meta_kubernetes_pod_name]action: replacetarget_label: pod# 添加 Kubernetes 节点名称标签- source_labels: [__meta_kubernetes_pod_node_name]action: replacetarget_label: node# 添加实例标签(用于区分不同的 Redis 实例)- source_labels: [__meta_kubernetes_pod_ip]action: replacetarget_label: instance配置说明
-
自动发现:
-
使用
kubernetes_sd_configs从 Kubernetes 的 Endpoints 自动发现服务。 -
通过
__meta_kubernetes_service_annotation_prometheus_io_scrape注解,确保只抓取明确标记为需要监控的服务。
-
-
指定端口:
-
通过
replacement: $1:9121将目标地址替换为 Redis Exporter 的端口9121。 -
使用
__meta_kubernetes_pod_ip获取 Redis Pod 的 IP 地址,并拼接端口9121。
-
-
标签优化:
-
添加 Kubernetes 元数据标签(如
app、namespace、service、pod等),便于后续查询和告警。 -
使用
instance标签区分不同的 Redis 实例。
-
3. 部署步骤
-
将
redis-deployment.yaml保存到 Kubernetes 集群。 -
部署 Redis 和 Redis Exporter:
kubectl apply -f redis-deployment.yaml -
更新 Prometheus 配置文件(
prometheus.yml),添加 Redis 的自动发现配置。 -
重启 Prometheus 以加载新配置。
4. 验证
- 访问 Prometheus Web UI(
http://<prometheus-server>:9090),查看 Targets 页面,确认 Redis 目标已被发现。 - 查询 Prometheus 中的 Redis 指标(如
redis_up或redis_commands_processed_total)。
5. 生产环境建议
- 高可用性:部署多个 Redis 实例,并使用 Redis Sentinel 或 Redis Cluster 实现高可用。
- 监控告警:设置 Redis 关键指标的告警规则(如内存使用率、连接数等)。
- 资源限制:为 Redis 和 Redis Exporter 设置资源限制(CPU 和内存)。
- 日志管理:收集 Redis 和 Redis Exporter 的日志,便于排查问题。
6. 示例告警规则 (redis-alerts.yml)
6.1创建alert-rules-configmap文件
cat prometheus-alert-rules-redis-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:name: prometheus-alert-rules-redisnamespace: monitoringlabels:app: prometheusrole: alert-rules
data:redis.rules: |-groups:- name: redis_alertsrules:- alert: RedisDownexpr: redis_up == 0for: 1mlabels:severity: criticalannotations:summary: "Redis is down"description: "Redis instance {{ $labels.instance }} is down."- alert: HighRedisMemoryUsageexpr: redis_memory_used_bytes / redis_memory_max_bytes > 0.8for: 5mlabels:severity: warningannotations:summary: "High memory usage on Redis"description: "Redis memory usage is above 80% on {{ $labels.instance }}."- alert: HighRedisConnectionsexpr: redis_connected_clients > 1000for: 5mlabels:severity: warningannotations:summary: "High number of Redis connections"description: "Redis instance {{ $labels.instance }} has more than 1000 connections."注释版
# ========================
# Kubernetes ConfigMap 配置
# ========================
apiVersion: v1 # 必需字段,指定 Kubernetes API 版本
kind: ConfigMap # 资源类型为配置映射
metadata:name: prometheus-alert-rules-redis # 资源名称(需符合DNS命名规范)namespace: monitoring # 必须与Prometheus部署的命名空间一致labels: # 标签用于资源筛选app: prometheus # 标识属于Prometheus组件role: alert-rules # 标识用途为告警规则# ========================
# 告警规则数据部分(核心配置)
# ========================
data:# 注意:文件名后缀必须是 .rules 或 .yaml 才能被Prometheus自动加载redis.rules: |- # 关键符号说明: # "|" 保留换行符,"-" 表示删除文件末尾的换行符# 缩进必须使用2个空格(不能使用Tab)# Prometheus告警规则语法开始groups: # 告警规则组定义(至少需要1个组)- name: redis_alerts # 组名称(显示在告警信息中)rules: # 规则列表开始# ---- 规则1:Redis实例宕机检测 ----- alert: RedisDown # 告警名称(需唯一)expr: redis_up == 0 # PromQL表达式:# - redis_up 是指标名称# - ==0 表示实例不可用for: 1m # 持续时长(防止瞬时抖动)labels: # 标签(可用于告警路由)severity: critical # 严重级别(通常分 critical/warning/info)annotations: # 告警详情模板summary: "Redis服务宕机 (实例: {{ $labels.instance }})"description: |- Redis实例 {{ $labels.instance }} 已持续宕机1分钟所属集群: {{ $labels.cluster }}当前状态值: {{ $value }}# ---- 规则2:内存使用率告警 ----- alert: HighRedisMemoryUsageexpr: > # 多行表达式写法redis_memory_used_bytes / redis_memory_max_bytes > 0.8 # 内存使用率超过80%for: 5m # 持续5分钟触发(适合资源类告警)labels:severity: warningcomponent: database # 自定义标签(可用于筛选)annotations:description: |-内存使用率 {{ printf "%.2f" (mul $value 100) }}% 实例: {{ $labels.instance }}建议: 1. 检查是否有大Key 2. 考虑扩容# ---- 规则3:连接数告警 ----- alert: HighRedisConnectionsexpr: redis_connected_clients > 1000for: 5mlabels:severity: warningannotations:description: |-当前连接数: {{ $value }}最大允许连接数: {{ query "redis_config_maxclients{instance='{{ $labels.instance }}'}" | first | value }}# 使用query函数动态获取redis的maxclients配置值6.2修改prometheus-deployment.yaml文件,添加volumeMounts,t volumes
volumeMounts:- name: prometheus-configmountPath: /etc/prometheus # 配置文件挂载点- name: prometheus-storagemountPath: /prometheus # TSDB 数据存储路径- name: prometheus-alert-rules-redismountPath: /etc/prometheus/rules/redisvolumes:- name: prometheus-configconfigMap:name: prometheus-config # 从 ConfigMap 挂载 Prometheus 配置- name: prometheus-storageemptyDir: {} # 测试环境可使用空目录- name: prometheus-alert-rules-redisconfigMap:name: prometheus-alert-rules-redis完整实例
apiVersion: apps/v1
kind: Deployment
metadata:name: prometheusnamespace: monitoring # 指定命名空间labels:app: prometheus
spec:replicas: 1 # 生产环境通常建议 1 个实例,使用远程存储提高可用性selector:matchLabels:app: prometheustemplate:metadata:labels:app: prometheusspec:serviceAccountName: prometheus # 关联 ServiceAccount,便于 RBAC 访问containers:- name: prometheusimage: harbor.fq.com/prometheus/prometheus:v3.1.0 # 使用私有仓库镜像args:- --config.file=/etc/prometheus/prometheus.yml # 指定 Prometheus 配置文件- --storage.tsdb.path=/prometheus # 存储 TSDB 数据的位置- --web.console.templates=/etc/prometheus/consoles- --web.console.libraries=/etc/prometheus/console_librariesports:- containerPort: 9090 # Prometheus Web 界面端口resources: # 限制 CPU 和内存,防止资源耗尽requests:cpu: "500m"memory: "1Gi"limits:cpu: "1"memory: "2Gi"volumeMounts:- name: prometheus-configmountPath: /etc/prometheus # 配置文件挂载点- name: prometheus-storagemountPath: /prometheus # TSDB 数据存储路径- name: prometheus-alert-rulesmountPath: /etc/prometheus/rules- name: file-sdmountPath: /apps/prometheus/file-sd.yaml- name: prometheus-alert-rules-redismountPath: /etc/prometheus/rules/redisvolumes:- name: prometheus-configconfigMap:name: prometheus-config # 从 ConfigMap 挂载 Prometheus 配置- name: prometheus-storageemptyDir: {} # 测试环境可使用空目录- name: prometheus-alert-rulesconfigMap:name: prometheus-alert-rules- name: file-sdhostPath:path: /root/file-sd.yamltype: File- name: prometheus-alert-rules-redisconfigMap:name: prometheus-alert-rules-redis
---
apiVersion: v1
kind: Service
metadata:name: prometheusnamespace: monitoringlabels:app: prometheus
spec:type: NodePort # 在生产环境中建议使用 LoadBalancer 或 Ingressports:- port: 9090targetPort: 9090nodePort: 30090 # 通过 NodePort 访问 Web 界面selector:app: prometheus6.3修改prometheus-configmap.yaml文件,添加rule_files文件路径
rule_files:- /etc/prometheus/rules/*.rules- /etc/prometheus/rules/redis/*.rules完整实例
cat prometheus-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:name: prometheus-confignamespace: monitoring
data:prometheus.yml: |global:scrape_interval: 15sevaluation_interval: 15srule_files:- /etc/prometheus/rules/*.rules- /etc/prometheus/rules/redis/*.rulesscrape_configs:- job_name: 'prometheus'static_configs:- targets: ['localhost:9090']- job_name: 'kubernetes-nodes'kubernetes_sd_configs:- role: noderelabel_configs:- source_labels: [__address__]regex: '(.*):10250'replacement: '${1}:9100'target_label: __address__- job_name: 'kubernetes-pods'kubernetes_sd_configs:- role: podrelabel_configs:- source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape]action: keepregex: true- source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]action: replacetarget_label: __metrics_path__regex: (.+)- source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]action: replaceregex: ([^:]+)(?::\d+)?;(\d+)replacement: $1:$2target_label: __address__- job_name: 'kube-state-metrics'kubernetes_sd_configs:- role: endpointsnamespaces:names:- kube-system- default- monitoringrelabel_configs:- source_labels: [__meta_kubernetes_service_label_app_kubernetes_io_name]action: keepregex: kube-state-metrics- source_labels: [__meta_kubernetes_endpoint_port_name]action: keepregex: http-metricsmetrics_path: /metricsscheme: http- job_name: 'file_sd_node'file_sd_configs:- files:- /apps/prometheus/file-sd.yamlrefresh_interval: 1m- job_name: 'kubernetes-apiservers'kubernetes_sd_configs:- role: endpointsnamespaces:names: ["default"]scheme: httpstls_config:insecure_skip_verify: true # 生产环境应配置CA证书bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/tokenrelabel_configs:- source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]action: keepregex: default;kubernetes;https- job_name: 'kube-controller-manager'kubernetes_sd_configs:- role: endpointsnamespaces:names: ["kube-system"]scheme: httpstls_config:insecure_skip_verify: truebearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/tokenrelabel_configs:- source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]action: keepregex: kube-controller-manager;https-metrics- job_name: 'kube-scheduler'kubernetes_sd_configs:- role: endpointsnamespaces:names: ["kube-system"]scheme: httpstls_config:insecure_skip_verify: truebearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/tokenrelabel_configs:- source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]action: keepregex: kube-scheduler;https-metrics- job_name: 'etcd'static_configs:- targets: ['10.255.209.2:2379', '10.255.209.5:2379', '10.255.209.27:2379'] # 替换为实际etcd地址scheme: httpstls_config:insecure_skip_verify: true#cert_file: /etc/prometheus/secrets/etcd-client.crt#key_file: /etc/prometheus/secrets/etcd-client.key- job_name: 'kubelet'scheme: httpstls_config:insecure_skip_verify: truebearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/tokenkubernetes_sd_configs:- role: noderelabel_configs:- action: labelmapregex: __meta_kubernetes_node_label_(.+)- target_label: __address__replacement: kubernetes.default.svc:443- source_labels: [__meta_kubernetes_node_name]regex: (.+)target_label: __metrics_path__replacement: /api/v1/nodes/${1}/proxy/metrics- job_name: 'kube-proxy'kubernetes_sd_configs:- role: endpointsnamespaces:names: ["kube-system"]scheme: httprelabel_configs:- source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]action: keepregex: kube-proxy;metrics- job_name: 'kube-proxy1'kubernetes_sd_configs:- role: endpointsnamespaces:names: ["kube-system"]scheme: httprelabel_configs:- source_labels: [__meta_kubernetes_pod_name] # 直接匹配 Podaction: keepregex: kube-proxy-.*- source_labels: [__address__]action: replaceregex: ([^:]+)(?::\d+)?replacement: ${1}:10249 # 强制使用 10249 端口target_label: __address__- job_name: 'redis'kubernetes_sd_configs:- role: endpoints # 从 Kubernetes Endpoints 发现服务relabel_configs:# 只抓取带有 `prometheus.io/scrape: "true"` 注解的服务- source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape]action: keepregex: true# 替换目标地址为服务的 IP 和指定端口(9121)- source_labels: [__meta_kubernetes_endpoint_address_target_kind, __meta_kubernetes_endpoint_address_target_name]action: keepregex: Pod;(.*redis.*) # 仅抓取名称包含 "redis" 的 Pod- source_labels: [__meta_kubernetes_pod_ip]action: replacetarget_label: __address__replacement: $1:9121 # 指定 Redis Exporter 的端口为 9121# 添加 Kubernetes 服务的 app 标签- source_labels: [__meta_kubernetes_service_label_app]action: replacetarget_label: app# 添加 Kubernetes 命名空间标签- source_labels: [__meta_kubernetes_namespace]action: replacetarget_label: namespace# 添加 Kubernetes 服务名称标签- source_labels: [__meta_kubernetes_service_name]action: replacetarget_label: service# 添加 Kubernetes Pod 名称标签- source_labels: [__meta_kubernetes_pod_name]action: replacetarget_label: pod# 添加 Kubernetes 节点名称标签- source_labels: [__meta_kubernetes_pod_node_name]action: replacetarget_label: node# 添加实例标签(用于区分不同的 Redis 实例)- source_labels: [__meta_kubernetes_pod_ip]action: replacetarget_label: instance6.4 操作命令
kubectl create -f prometheus-alert-rules-redis-configmap.yamlkubectl replace -f prometheus-configmap.yamlkubectl replace -f prometheus-deployment.yamlkubectl -n monitoring exec -it prometheus-66967df89b-7gp5d -- ls /etc/prometheus/rules
k8s.rules node.rules redis6.5 操作界面查看alerts状态
7. 总结
- 该配置实现了 Redis 实例的自动发现和监控。
- 通过 Redis Exporter 暴露 Redis 指标,Prometheus 自动抓取并存储。
- 适用于生产环境,支持高可用和动态扩展。
