一、告警处理:ControllerManager告警解决方案 
### --- 告警处理方案:配置以下2点,即可解决

~~~     第一点:把监听地址更改为0.0.0.0
~~~     第二点:把servicemonitor对应的service给创建上
二、打开ControllerManager的监听地址为0.0.0.0 
### --- 打开ControllerManager的配置文件

[root@k8s-master01 ~]# vim /usr/lib/systemd/system/kube-controller-manager.service
      --v=2 \
      --logtostderr=true \
      --address=0.0.0.0 \       // 更改监听地址为0.0.0.0
### --- 重启ControllerManager

[root@k8s-master01 ~]# systemctl daemon-reload
[root@k8s-master01 ~]# systemctl restart kube-controller-manager.service
### --- 查看监听地址是否为0.0.0.0 

~~~     # 注:0.0.0.0:安全说明
~~~     主节点一般都是放在内网服务器的,不会放置在公网的
~~~     通信是需要证书的,双向证书认证的,开0.0.0.0是绝对安全的。
[root@k8s-master01 ~]# netstat -lntp |grep kube-control
tcp6       0      0 :::10252                :::*                    LISTEN      125501/kube-control 
tcp6       0      0 :::10257                :::*                    LISTEN      125501/kube-control
三、创建service:无select的service 
### --- 创建service:无select的service

~~~     第一步:先创建一个endpoint,endpoint指向宿主机的IP地址+10252这个地址,
~~~     第二步:再创建一个和endpoint名称一样的service,然后endpoint就会和这个service建立连接
~~~     然后Prometheus就可以通过这个具有这个labele:kube-controller-manager的service;连接到Prometheus,然后在Prometheus-UI配置即可
### --- 创建endpoint和service的yaml文件

[root@k8s-master01 prometheus]# vim controller-manager-monitor.endpoint.svc.yaml
apiVersion: v1
items:
- apiVersion: v1
  kind: Service
  metadata:
    labels:
      k8s-app: kube-controller-manager
    name: kube-controller-manage-monitor
    namespace: kube-system
  spec:
    ports:
    - name: http-metrics
      port: 10252
      protocol: TCP
      targetPort: 10252
    sessionAffinity: None
    type: ClusterIP
  status:
    loadBalancer: {}
- apiVersion: v1
  kind: Endpoints
  metadata:
    labels:
      k8s-app: kube-controller-manager
    name: kube-controller-manage-monitor
    namespace: kube-system
    resourceVersion: "10081388"
    selfLink: /api/v1/namespaces/kube-system/endpoints/kube-controller-manage-monitor
  subsets:
  - addresses:
    - ip: 192.168.1.11
    ports:
    - name: http-metrics
      port: 10252
      protocol: TCP
kind: List
metadata:
  resourceVersion: ""
  selfLink: ""
### --- 创建endpoint和service

[root@k8s-master01 prometheus]# kubectl create -f controller-manager-monitor.endpoint.svc.yaml 
service/kube-controller-manage-monitor created
endpoints/kube-controller-manage-monitor created
### --- 查看这个service是否创建成功

[root@k8s-master01 prometheus]# kubectl get svc -n kube-system -l k8s-app=kube-controller-manager
NAME                             TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)     AGE
kube-controller-manage-monitor   ClusterIP   10.110.53.35   <none>        10252/TCP   102s
四、验证这个service是否可以访问 
### --- 访问ControllerManager的10252端口是否可以正常访问

[root@k8s-master01 prometheus]# kubectl get svc -n kube-system -l k8s-app=kube-controller-manager
NAME                             TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)     AGE
kube-controller-manage-monitor   ClusterIP   10.110.53.35   <none>        10252/TCP   102s
~~~     # 访问本地地址+10252返回值

[root@k8s-master01 prometheus]# curl 192.168.1.11:10252
404 page not found
~~~     # 访问service地址+10252返回值
~~~     注:结果,它俩的返回值是一样的,说明是可以访问到ControllerManager的10252

[root@k8s-master01 prometheus]# curl 10.110.53.35:10252
404 page not found
五、查看ControllerManager在Prometheus下是否恢复正常,输出采集状态 
### --- 查看ControllerManager在Prometheus下是否恢复正常,输出采集状态

~~~     status——>Targets:显示也是1/1up:说明状态正常
# 网络 # linux # nginx # zookeeper # https
Logo
EazyDevelop社区

一站式 AI 云服务平台

更多推荐

cover

5分钟搞定!MySQL/PostgreSQL 到 Elasticsearch 的实时同步

avatar EazyDevelop社区
cover

两小时,我搭了一套销售提成计算系统

avatar EazyDevelop社区
cover

零代码时代:如何利用聚合API平台快速构建你的专属AI Agent

avatar EazyDevelop社区