Happywzy

两种都可以不用在 hosts 中添加域名解析即可完成测试.

方法1

curl -H "Host: whoami.local.com" http://192.168.1.32:31532/whoami

方法2

curl --resolve whoami.local.com:31532:192.168.1.32 whoami.local.com:31532/whoami

Prometheus 定义了 4 中不同的指标类型 (metric type)：Counter（计数器）、Gauge（仪表盘）、Histogram（直方图）、Summary（摘要）.

Counter

• Counter 用于累计值，例如 记录 请求次数、任务完成数、错误发生次数
• 一直增加，不会减少
• 重启进程后，会被重置

# http响应总数
http_response_total{method="GET",endpoint="/api/tracks"} 100

Gauge

• Gauge 常规数值，例如 温度变化、内存使用变化
• 可增可减的仪表盘
• 重启进程后，会被重置

# 如cpu、内存使用量
memory_usage_bytes{host="master-01"} 80
cpu_usage{host="master-01"} 60

Histogram

• 对记录的内容进行分组，提供 count 和 sum 全部值
• 直接反应了在不同区间内样本的个数

# 如：prometheus_tsdb_compaction_chunk_range_bucket 指标
# HELP prometheus_tsdb_compaction_chunk_range Final time range of chunks on their first compaction
# TYPE prometheus_tsdb_compaction_chunk_range histogram
prometheus_tsdb_compaction_chunk_range_bucket{le="100"} 0
prometheus_tsdb_compaction_chunk_range_bucket{le="400"} 0
prometheus_tsdb_compaction_chunk_range_bucket{le="1600"} 0
prometheus_tsdb_compaction_chunk_range_bucket{le="6400"} 0
prometheus_tsdb_compaction_chunk_range_bucket{le="25600"} 0
prometheus_tsdb_compaction_chunk_range_bucket{le="102400"} 0
prometheus_tsdb_compaction_chunk_range_bucket{le="409600"} 0
prometheus_tsdb_compaction_chunk_range_bucket{le="1.6384e+06"} 260
prometheus_tsdb_compaction_chunk_range_bucket{le="6.5536e+06"} 780
prometheus_tsdb_compaction_chunk_range_bucket{le="2.62144e+07"} 780
prometheus_tsdb_compaction_chunk_range_bucket{le="+Inf"} 780
prometheus_tsdb_compaction_chunk_range_sum 1.1540798e+09
prometheus_tsdb_compaction_chunk_range_count 780

Summary

• 提供 count 和 sum 全部值
• 提供一个 quantiles 的功能，可以按%比划分跟踪的结果
• 例如：quantile 取值 0.95，表示取采样值里面的 95% 数据

# HELP prometheus_tsdb_wal_fsync_duration_seconds Duration of WAL fsync.
# TYPE prometheus_tsdb_wal_fsync_duration_seconds summary
prometheus_tsdb_wal_fsync_duration_seconds{quantile="0.5"} 0.012352463
prometheus_tsdb_wal_fsync_duration_seconds{quantile="0.9"} 0.014458005
prometheus_tsdb_wal_fsync_duration_seconds{quantile="0.99"} 0.017316173
prometheus_tsdb_wal_fsync_duration_seconds_sum 2.888716127000002
prometheus_tsdb_wal_fsync_duration_seconds_count 216

从上面的样本中可以得知当前 Prometheus Server 进行 wal_fsync 操作的总次数为 216 次，耗时 2.888716127000002s。其中中位数（quantile=0.5）的耗时为 0.012352463，9 分位数（quantile=0.9）的耗时为 0.014458005s。

DATE_SUB() 函数

DATE_SUB(date,INTERVAL expr type)

示例

select * from xxx_table where create_time > DATE_SUB(NOW(),INTERVAL 1 HOUR);

注册登录/购买VIP

nginx 配置

默认情况下 nginx 已经安装了 ngx_http_auth_basic_module 模块.

server {
    #监听端口号
    listen       8081;
    auth_basic "config Auth";
    #用户密码文件地址
    auth_basic_user_file    /etc/nginx/passwd.db;
    location / {
    　　 #代理地址
        proxy_pass http://192.168.31.1:8080/;
        proxy_redirect default;
    }
}

auth_basic_user_file 和 auth_basic 也可以放到 server -> location 内.

其中 auth_basic_user_file 可以使用 htpasswd 在linux生成.

htpasswd 使用

# 安装
yum -y install httpd-tools
# 生成
htpasswd -bc /etc/nginx/passwd.db admin Mima@123

grafana

grafana 支持集成 ldap ，grafana 镜像默认在 /etc/grafana/ 目录下有个 ldap.toml 文件用于配置 ldap .

grafana.ini

首先需要在 grafana.ini 主配置中开启 ldap

[auth.ldap]
enabled = true
config_file = /etc/grafana/ldap.toml
allow_sign_up = true	
# LDAP backround sync (Enterprise only)
# At 1 am every day
sync_cron = "0 0 1 * * *"
active_sync_enabled = true

更改配置后重启生效.

ldap.toml

# To troubleshoot and get more log info enable ldap debug logging in grafana.ini
# [log]
# filters = ldap:debug

[[servers]]
# Ldap server host (specify multiple hosts space separated)
host = "172.168.0.2"
# Default port is 389 or 636 if use_ssl = true
port = 389
# Set to true if ldap server supports TLS
use_ssl = false
# Set to true if connect ldap server with STARTTLS pattern (create connection in insecure, then upgrade to secure connection with TLS)
start_tls = false
# set to true if you want to skip ssl cert validation
ssl_skip_verify = false
# set to the path to your root CA certificate or leave unset to use system defaults
# root_ca_cert = "/path/to/certificate.crt"
# Authentication against LDAP servers requiring client certificates
# client_cert = "/path/to/client.crt"
# client_key = "/path/to/client.key"

# Search user bind dn
bind_dn = "cn=admin,dc=xxxx,dc=xxxxx"
# Search user bind password
# If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
bind_password = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxx'

# User search filter, for example "(cn=%s)" or "(sAMAccountName=%s)" or "(uid=%s)"
search_filter = "(cn=%s)"

# An array of base dns to search through
search_base_dns = ["ou=xxxx,dc=xxxxx,dc=xxxxx"]

## For Posix or LDAP setups that does not support member_of attribute you can define the below settings
## Please check grafana LDAP docs for examples
# group_search_filter = "(&(objectClass=posixGroup)(memberUid=%s))"
# group_search_base_dns = ["ou=groups,dc=grafana,dc=org"]
# group_search_filter_user_attribute = "uid"

# Specify names of the ldap attributes your ldap uses
[servers.attributes]
name = "displayName"
# surname = "sn"
username = "cn"
member_of = "memberOf"
email =  "email"

# Map ldap groups to grafana org roles
# [[servers.group_mappings]]
# group_dn = "*"
# org_role = "Admin"
# To make user an instance admin  (Grafana Admin) uncomment line below
# grafana_admin = true
# The Grafana organization database id, optional, if left out the default org (id 1) will be used
# org_id = 1

# [[servers.group_mappings]]
# group_dn = "ou=xxxxx,dc=xxxxxx,dc=xxxxxx"
# org_role = "Editor"

# [[servers.group_mappings]]
# If you want to match all (or no ldap groups) then you can use wildcard
# group_dn = "*"
# org_role = "Viewer"