devbox
知新_RL
这个屌丝很懒,什么也没留下!
关注作者
热门标签
热门文章
当前位置:   article > 正文

【DockerCE】使用docker配置和运行HertzBeat_hertzbeat监控docker连接不上

作者:知新_RL | 2024-08-23 09:04:10

hertzbeat监控docker连接不上

HertzBeat是一款免Agent的监控平台,拥有强大自定义监控能力,可以对应用服务、中间件、数据库、操作系统、云原生等进行监控,配置监控告警阈值,以及告警通知(邮件、微信、钉钉、飞书)。关于这个软件的介绍,我这里就不做过多的介绍了,感兴趣的可以去官网(https://hertzbeat.com/docs)去详细了解下。

今天我主要和大家分享下,如何使用docker来配置和运行HertzBeat。

HertzBeat将监控历史数据存储在时序数据库里面,官方文档给出了两款兼容的时序数据库软件,分别是IoTDB和TDengine,这里我使用的是TDengine。

首先,我们将所需的docker镜像下载到虚拟机(Docker已经提前安装,版本为20.10.21,如何安装请参考我博客的DockerCE的文章分类)。

  1. # docker pull tancloud/hertzbeat
  2. Using default tag: latest
  3. latest: Pulling from tancloud/hertzbeat
  4. 751ef25978b2: Pull complete 
  5. 140e22108c7d: Pull complete 
  6. 993077aca88e: Pull complete 
  7. d1a940e1e4e8: Pull complete 
  8. 4f368e97aba5: Pull complete 
  9. 4f4fb700ef54: Pull complete 
  10. Digest: sha256:ed3d981673ee34e2d462ba0dda415f62aeec2380ccd0f45a8f1e481d05b2c735
  11. Status: Downloaded newer image for tancloud/hertzbeat:latest
  12. docker.io/tancloud/hertzbeat:latest
  13.  
  14. # docker pull  tdengine/tdengine:2.4.0.12
  15. 2.4.0.12: Pulling from tdengine/tdengine
  16. 2f94e549220a: Pull complete 
  17. 0c7809c5a70c: Pull complete 
  18. 354dceb62d94: Pull complete 
  19. ded68138e6c3: Pull complete 
  20. a049546d9313: Pull complete 
  21. c67be503641a: Pull complete 
  22. 1f27396f6efc: Pull complete 
  23. fe556ec02776: Pull complete 
  24. Digest: sha256:0209b13bc6bffaac98fb05df58a86b06d998877d786efcdf59e68299b538d8bd
  25. Status: Downloaded newer image for tdengine/tdengine:2.4.0.12
  26. docker.io/tdengine/tdengine:2.4.0.12

然后,我们通过下面的命令来运行TDengine数据库

  1. docker run -dti -p 6030-6049:6030-6049 -p 6030-6049:6030-6049/udp \
  2.     -v /data/taosdata:/var/lib/taos \
  3.     -e TZ=Asia/Shanghai \
  4.     --name tdengine tdengine/tdengine:2.4.0.12

数据库root用户的默认密码是taosdata,这里我将其修改为其他密码,通过docker exec进入容器内部执行下面的命令。

  1. # docker exec -it tdengine /bin/bash
  2. root@77a11dd2b845:~/TDengine-server-2.4.0.12# taos
  3. taos> show databases;
  4. taos> CREATE DATABASE hertzbeat KEEP 90 DAYS 10 BLOCKS 6 UPDATE 1; 
  5. Query OK, 0 of 0 row(s) in database (0.001995s)
  6. taos> alter user root pass 'YourPassword';
  7. Query OK, 0 of 0 row(s) in database (0.002024s)
  8. taos> quit
  9. root@77a11dd2b845:~/TDengine-server-2.4.0.12# exit
  10. exit

备注:

CREATE DATABASE hertzbeat KEEP 90 DAYS 10 BLOCKS 6 UPDATE 1

上面这条语句的意思是:创建一个名为 hertzbeat 的库,这个库的数据将保留90天(超过90天将被自动删除),每 10 天一个数据文件,内存块数为 6,允许更新数据

下面,我们修改HertzBeat的两个关键的配置文件,分别是application.yml和sureness.yml

  1. # application.yml
  2. # Licensed to the Apache Software Foundation (ASF) under one or more
  3. # contributor license agreements.  See the NOTICE file distributed with
  4. # this work for additional information regarding copyright ownership.
  5. # The ASF licenses this file to You under the Apache License, Version 2.0
  6. # (the "License"); you may not use this file except in compliance with
  7. # the License.  You may obtain a copy of the License at
  8. #
  9. #     http://www.apache.org/licenses/LICENSE-2.0
  10. #
  11. # Unless required by applicable law or agreed to in writing, software
  12. # distributed under the License is distributed on an "AS IS" BASIS,
  13. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14. # See the License for the specific language governing permissions and
  15. # limitations under the License.
  16. server:
  17.   port: 1157
  18. spring:
  19.   application:
  20.     name: ${HOSTNAME:@hertzbeat@}${PID}
  21.   profiles:
  22.     active: prod
  23.   mvc:
  24.     static-path-pattern: /**
  25.   jackson:
  26.     default-property-inclusion: ALWAYS
  27.   web:
  28.     resources:
  29.       static-locations:
  30.         - classpath:/dist/
  31.         - classpath:../dist/
  32.   # need to disable spring boot mongodb auto config, or default mongodb connection tried and failed..
  33.   autoconfigure:
  34.     exclude: org.springframework.boot.autoconfigure.mongo.MongoAutoConfiguration, org.springframework.boot.autoconfigure.data.mongo.MongoDataAutoConfiguration
  35.   thymeleaf:
  36.     prefix: classpath:/templates/
  37.     check-template-location: true
  38.     cache: true
  39.     suffix: .html
  40.     mode: HTML
  42. management:
  43.   endpoints:
  44.     web:
  45.       exposure:
  46.         include: '*'
  47.     enabled-by-default: off
  49. sureness:
  50.   auths:
  51.     - digest
  52.     - basic
  53.     - jwt
  54.   jwt:
  55.     secret: 'CyaFv0bwq2Eik0jdrKUtsA6bx3sDJeFV643R
  56.              LnfKefTjsIfJLBa2YkhEqEGtcHDTNe4CU6+9
  57.              8tVt4bisXQ13rbN0oxhUZR73M6EByXIO+SV5
  58.              dKhaX0csgOCTlCxq20yhmUea6H6JIpSE2Rwp'
  60. ---
  61. spring:
  62.   config:
  63.     activate:
  64.       on-profile: prod
  66.   datasource:
  67.     driver-class-name: org.h2.Driver
  68.     username: sa
  69.     password: 123456
  70.     url: jdbc:h2:./data/hertzbeat;MODE=MYSQL
  71.     hikari:
  72.       max-lifetime: 120000
  74.   jpa:
  75.     hibernate:
  76.       ddl-auto: update
  78.   # Not Require, Please config if you need email notify
  79.   # 非必填:不使用邮箱作为警告通知可以去掉spring.mail配置
  80.   mail:
  81.     # Attention: this is mail server address.
  82.     # 请注意此为邮件服务器地址:qq邮箱为 smtp.qq.com qq企业邮箱为 smtp.exmail.qq.com
  83.     host: smtp.exmail.qq.com
  84.     username: example@tancloud.cn
  85.     # Attention: this is not email account password, this requires an email authorization code
  86.     # 请注意此非邮箱账户密码 此需填写邮箱授权码
  87.     password: example
  88.     port: 465
  89.     default-encoding: UTF-8
  90.     properties:
  91.       mail:
  92.         smtp:
  93.           socketFactoryClass: javax.net.ssl.SSLSocketFactory
  94.           ssl:
  95.             enable: true
  96.         debug: false
  98. warehouse:
  99.   store:
  100.     td-engine:
  101.       enabled: true
  102.       driver-class-name: com.taosdata.jdbc.rs.RestfulDriver
  103.       url: jdbc:TAOS-RS://192.168.223.199:6041/hertzbeat
  104.       username: root
  105.       password: YourPassword
  106.     iot-db:
  107.       enabled: false
  108.       host: 127.0.0.1
  109.       rpc-port: 6667
  110.       username: root
  111.       password: root
  112.       # org.apache.iotdb.session.util.Version: V_O_12 || V_0_13
  113.       version: V_0_13
  114.       # if iotdb version >= 0.13 use default queryTimeoutInMs = -1; else use default queryTimeoutInMs = 0
  115.       query-timeout-in-ms: -1
  116.       # 数据存储时间:默认'7776000000'(90天,单位为毫秒,-1代表永不过期)
  117.       # data expire time, unit:ms, default '7776000000'(90 days, -1:never expire)
  118.       expire-time: '7776000000'
  119.     memory:
  120.       enabled: true
  121.       init-size: 1024
  122.     redis:
  123.       enabled: false
  124.       host: 127.0.0.1
  125.       port: 6379
  126.       password: 123456
  128. alerter:
  129.   # custom console url
  130.   console-url: https://console.tancloud.cn
  131.   # base of alert eval interval time, unit:ms. The next time is 2 times the previous time.
  132.   alert-eval-interval-base: 600000
  133.   # max of alert eval interval time, unit:ms
  134.   max-alert-eval-interval: 86400000
  135.   # system alert(available alert, reachable alert...) trigger times
  136.   system-alert-trigger-times: 1

备注:

上面的配置文件,仅修改了warehouse块的td-engine配置(紫色部分)

td-engine:

enabled: true

driver-class-name: com.taosdata.jdbc.rs.RestfulDriver

url: jdbc:TAOS-RS://192.168.223.199:6041/hertzbeat

username: root

password: YourPassword

  1. # hertzbeat用户和用户权限配置-sureness.yml
  2. # Licensed to the Apache Software Foundation (ASF) under one or more
  3. # contributor license agreements.  See the NOTICE file distributed with
  4. # this work for additional information regarding copyright ownership.
  5. # The ASF licenses this file to You under the Apache License, Version 2.0
  6. # (the "License"); you may not use this file except in compliance with
  7. # the License.  You may obtain a copy of the License at
  8. #
  9. #     http://www.apache.org/licenses/LICENSE-2.0
  10. #
  11. # Unless required by applicable law or agreed to in writing, software
  12. # distributed under the License is distributed on an "AS IS" BASIS,
  13. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14. # See the License for the specific language governing permissions and
  15. # limitations under the License.
  16.  
  17. ## -- sureness.yml文本数据源 -- ##
  18.  
  19. # 加载到匹配字典的资源,也就是需要被保护的,设置了所支持角色访问的资源
  20. # 没有配置的资源也默认被认证保护,但不鉴权
  21. # eg: /api/v1/source1===get===[admin] 表示 /api/v2/host===post 这条资源支持 admin 这一种角色访问
  22. # eg: /api/v1/source2===get===[] 表示 /api/v1/source2===get 这条资源不支持任何角色访问
  23. resourceRole:
  24.   - /api/account/auth/refresh===post===[admin,user,guest]
  25.   - /api/apps/**===get===[admin,user,guest]
  26.   - /api/monitor/**===get===[admin,user,guest]
  27.   - /api/monitor/**===post===[admin,user]
  28.   - /api/monitor/**===put===[admin,user]
  29.   - /api/monitor/**===delete==[admin]
  30.   - /api/monitors/**===get===[admin,user,guest]
  31.   - /api/monitors/**===post===[admin,user]
  32.   - /api/monitors/**===put===[admin,user]
  33.   - /api/monitors/**===delete===[admin]
  34.   - /api/alert/**===get===[admin,user,guest]
  35.   - /api/alert/**===post===[admin,user]
  36.   - /api/alert/**===put===[admin,user]
  37.   - /api/alert/**===delete===[admin]
  38.   - /api/alerts/**===get===[admin,user,guest]
  39.   - /api/alerts/**===post===[admin,user]
  40.   - /api/alerts/**===put===[admin,user]
  41.   - /api/alerts/**===delete===[admin]
  42.   - /api/notice/**===get===[admin,user,guest]
  43.   - /api/notice/**===post===[admin,user]
  44.   - /api/notice/**===put===[admin,user]
  45.   - /api/notice/**===delete===[admin]
  46.   - /api/tag/**===get===[admin,user,guest]
  47.   - /api/tag/**===post===[admin,user]
  48.   - /api/tag/**===put===[admin,user]
  49.   - /api/tag/**===delete===[admin]
  50.   - /api/summary/**===get===[admin,user,guest]
  51.   - /api/summary/**===post===[admin,user]
  52.   - /api/summary/**===put===[admin,user]
  53.   - /api/summary/**===delete===[admin]
  55. # 需要被过滤保护的资源,不认证鉴权直接访问
  56. # /api/v1/source3===get 表示 /api/v1/source3===get 可以被任何人访问 无需登录认证鉴权
  57. excludedResource:
  58.   - /api/account/auth/**===*
  59.   - /api/i18n/**===get
  60.   - /api/apps/hierarchy===get
  61.   - /actuator/**===get
  62.   # web ui 前端静态资源
  63.   - /===get
  64.   - /dashboard/**===get
  65.   - /monitors/**===get
  66.   - /alert/**===get
  67.   - /account/**===get
  68.   - /setting/**===get
  69.   - /passport/**===get
  70.   - /**/*.html===get
  71.   - /**/*.js===get
  72.   - /**/*.css===get
  73.   - /**/*.ico===get
  74.   - /**/*.ttf===get
  75.   - /**/*.png===get
  76.   - /**/*.gif===get
  77.   - /**/*.jpg===get
  78.   - /**/*.svg===get
  79.   - /**/*.json===get
  80.   # swagger ui 资源
  81.   - /swagger-resources/**===get
  82.   - /v2/api-docs===get
  83.   - /v3/api-docs===get
  84.   # h2 database
  85.   - /h2-console/**===*
  87. # 用户账户信息
  88. # 下面有 admin tom lili 三个账户
  89. # eg: admin 拥有[admin,user]角色,密码为hertzbeat
  90. # eg: tom 拥有[user],密码为hertzbeat
  91. # eg: lili 拥有[guest],明文密码为lili, 加盐密码为1A676730B0C7F54654B0E09184448289
  92. account:
  93.   - appId: admin
  94.     credential: hertzbeat
  95.     role: [admin,user]
  96.   - appId: tom
  97.     credential: hertzbeat
  98.     role: [user]
  99.   - appId: guest
  100.     credential: hertzbeat
  101.     role: [guest]
  102.   - appId: lili
  103.     # 注意 Digest认证不支持加盐加密的密码账户
  104.     # 加盐加密的密码,通过 MD5(password+salt)计算
  105.     # 此账户的原始密码为 lili
  106.     credential: 1A676730B0C7F54654B0E09184448289
  107.     salt: 123
  108.     role: [guest]

备注:这里没有做什么修改,密码是默认的,为hertzbeat。

account:

- appId: admin

credential: hertzbeat

在/data目录下创建上面两个配置文件,然后使用下面的命令运行HertzBeat即可。

  1. docker run -dti -p 1157:1157 \
  2.     -e LANG=zh_CN.UTF-8 \
  3.     -e TZ=Asia/Shanghai \
  4.     -v /data/hertzbeat/data:/opt/hertzbeat/data \
  5.     -v /data/hertzbeat/logs:/opt/hertzbeat/logs \
  6.     -v /data/application.yml:/opt/hertzbeat/config/application.yml \
  7.     -v /data/sureness.yml:/opt/hertzbeat/config/sureness.yml \
  8.     --restart=always \
  9.     --name hertzbeat tancloud/hertzbeat:latest

运行成功后,我们可以使用docker ps查看tdengine数据库实例和HertzBeat实例的进程。

  1. # docker ps
  2. CONTAINER ID   IMAGE                        COMMAND                  CREATED       STATUS       PORTS                                                                                                                          NAMES
  3. 4bb57f02dedd   tancloud/hertzbeat:latest    "./bin/entrypoint.sh"    2 hours ago   Up 2 hours   0.0.0.0:1157->1157/tcp, :::1157->1157/tcp                                                                                      hertzbeat
  4. 77a11dd2b845   tdengine/tdengine:2.4.0.12   "/tini -- /usr/bin/e…"   4 hours ago   Up 4 hours   0.0.0.0:6030-6049->6030-6049/tcp, 0.0.0.0:6030-6049->6030-6049/udp, :::6030-6049->6030-6049/tcp, :::6030-6049->6030-6049/udp   tdengine

本地虚拟机的HertzBeat管理页面:http://192.168.223.199:1157/

在仪表盘,我们可以看见已经配置的监控的总览,看起来还是很不错的。

下面分享下相关监控的趋势图(必须安装和运行时序数据库):

1)服务器可用性监控

2)网页可用性监控

3)端口可用性监控

4)系统资源使用监控

5)中间件监控

备注:Tomcat中间件监控,跨服务器监控,要在catalina.sh里面配置开启JMX(IP地址不能是127.0.0.1或者localhost),同时还需要在tomcat-user.xml里面配置监控用户。

  1. CATALINA_OPTS="$CATALINA_OPTS -Dcom.sun.management.jmxremote -Djava.rmi.server.hostname=192.168.223.199 -Dcom.sun.management.jmxremote.port=9011 -Dcom.su
  2. n.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false"
  1.   <role rolename="manager"/>
  2.   <user username="monitor" password="YourPassword" roles="manager"/>

HertzBeat的配置信息如下:

监控告警测试:

模拟停掉Tomcat服务,然后再启动,就会出现下面的告警列表,看起来还是很清晰的。

在告警中心可以看见更加详细的告警信息记录:

总结,这款软件监控的对象还是很广的,监控配置也很简单。但是,监控数据的GUI展示和目前流行的Grafana相比,监控数据的展示界面显得还是相对简陋的,期待后期可以完善和提升。另外,软件的安全性也有待提升,因为明文密码配置在文件中,在生产环境中(尤其是大厂)肯定是不允许的。

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/知新_RL/article/detail/1020284
推荐阅读
相关标签

Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。

  

闽ICP备14008679号