Alertmanager 是一个用于处理和管理 Prometheus 警报的开源工具。它负责接收来自 Prometheus 服务器的警报,进行去重、分组、静默、抑制等操作,并通过电子邮件、PagerDuty、Slack 等多种渠道发送通知。
主要功能
-
去重:合并相同或相似的警报,避免重复通知。
-
分组:将相关警报合并为一个通知,减少信息过载。
-
静默:临时屏蔽特定警报,避免干扰。
-
抑制:在特定条件下阻止某些警报的发送。
-
路由:根据标签将警报分发到不同的接收者或渠道。
-
通知:支持通过多种方式发送警报通知。
核心概念
-
Alert:由 Prometheus 生成的警报,包含标签、注解和状态。
-
Receiver:警报的接收者,如电子邮件或 Slack 频道。
-
Route:定义警报如何路由到接收者。
-
Silence:临时屏蔽特定警报的机制。
下载安装包:
地址:https://prometheus.io/download/#alertmanager
将安装包alertmanager-0.24.0.linux-amd64.tar.gz上传服务器
tar zxf alertmanager-0.24.0.linux-amd64.tar.gz -C /usr/local/
mv /usr/local/alertmanager-0.24.0.linux-amd64/ /usr/local/alertmanager
接下来再安装一个插件prometheus-webhook-dingtalk
由于 Alertmanager 没有内置钉钉的支持,因此需要通过 Webhook 的方式将告警信息发送到钉钉。prometheus-webhook-dingtalk 就是这样一个工具,它充当了 Alertmanager 和钉钉之间的桥梁:
-
Alertmanager 将告警信息通过 Webhook 发送到
prometheus-webhook-dingtalk。 -
prometheus-webhook-dingtalk将告警信息格式化为钉钉支持的格式(如 Markdown),并通过钉钉的 Webhook API 推送到指定的群聊。
下载安装包:
地址:https://github.com/timonwong/prometheus-webhook-dingtalk/releases/
上传到服务器进行解压安装
tar zxvf prometheus-webhook-dingtalk-2.1.0.linux-amd64.tar.gz -C /usr/local/
mv /usr/local/prometheus-webhook-dingtalk-2.1.0.linux-amd64/ /usr/local/prometheus-webhook-dingtalk
创建钉钉机器人:
【电脑端钉钉 】-【群聊】-【群设置】-【智能群助手】-【添加更多】-【添加机器人】-【自定义】-【添加】,编辑机器人名称和选择添加的群组,勾选加签,将生成的秘钥复制出来。
修改prometheus-webhook-dingtalk配置,将以上信息填到文件中:
新建/usr/local/prometheus-webhook-dingtalk/config.yml,添加以下配置
targets:
ding_webhook:
# 钉钉webhook地址,根据自己的来填
url: https://oapXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
# 创建机器人时获取到的加签秘钥,根据自己的来填
secret: SECXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
启动prometheus-webhook-dingtalk服务
nohup /usr/local/prometheus-webhook-dingtalk/prometheus-webhook-dingtalk --config.file=/usr/local/prome theus-webhook-dingtalk/config.yml &查看插件提供的webhook地址:这个记好待会有用
编辑alertmanager.yml配置文件,添加路由和接受者配置,注意url填写钉钉插件提供的webhook地址,就是上图圈起来那个,根据自己的情况来,而不是钉钉直接提供的那个webhook。
vim /usr/local/alertmanager/alertmanager.ymlroute:
#接收人
receiver: 'webhook'
#同组内告警等待时间。也就是告警产生后等待5s,如果有同组告警一起发出
group_wait: 5s
#两个组告警的间隔时间
group_interval: 10s
#重复告警的间隔时间,减少相同钉钉告警的发送频率
repeat_interval: 30s
#采用哪个标签来作为分组依据
group_by: [alertname]
routes:
- receiver: webhook
#配置告警消息接受者信息,常用的有 邮箱、wechat、webhook 等消息通知方式
receivers:
- name: 'webhook'
webhook_configs:
#钉钉插件提供的webhook地址
- url: http://localhost:8060/dingtalk/ding_webhook/send
#警报被解决之后是否通知
send_resolved: true
接下来编辑prometheus配置文件:
增加和修改prometheus.yml的alertmanager部分,让alertmanger能与Prometheus通信。
# my global config
global:
scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
# scrape_timeout is set to the global default (10s).
# Alertmanager configuration
alerting:
alertmanagers:
- static_configs:
- targets:
##修改成alertmanager服务器的ip和端口
- 192.168.158.183:9093
# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
# 指定告警规则的配置路径
rule_files:
- "/usr/local/prometheus/rules/*.yml"
# - "first_rules.yml"
# - "second_rules.yml"
# A scrape configuration containing exactly one endpoint to scrape:
# Here it's Prometheus itself.
scrape_configs:
# The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
- job_name: "prometheus"
# metrics_path defaults to '/metrics'
# scheme defaults to 'http'.
static_configs:
- targets: ["192.168.158.183:9090"]
- job_name: 'linux'
file_sd_configs:
- files:
- /usr/local/prometheus/node_exporter_targets.json
#接收alertmanager的数据
- job_name: 'alertmanager'
static_configs:
- targets: ['192.168.158.183:9093']
在/usr/local/prometheus/路径建立rules文件夹
在rules文件夹中创建node_rules.yml用来配置主机节点的告警
[root@prometheus prometheus]# cat rules/node_rules.yml
groups:
- name: node_alerts
rules:
# 规则 1: CPU 使用率过高
- alert: HighCPUUsage
expr: 100 - (avg by (instance) (irate(node_cpu_seconds_total{mode="idle"}[5m])) * 100) > 80
for: 5m
labels:
severity: critical
annotations:
summary: "High CPU usage on {{ $labels.instance }}"
description: "CPU usage is above 80% for more than 5 minutes on {{ $labels.instance }}."
# 规则 2: 内存使用率过高
- alert: HighMemoryUsage
expr: (node_memory_MemTotal_bytes - node_memory_MemAvailable_bytes) / node_memory_MemTotal_bytes * 100 > 80
for: 5m
labels:
severity: critical
annotations:
summary: "High memory usage on {{ $labels.instance }}"
description: "Memory usage is above 80% for more than 5 minutes on {{ $labels.instance }}."
# 规则 3: 磁盘使用率过高
- alert: HighDiskUsage
expr: 100 - (node_filesystem_avail_bytes{mountpoint="/"} / node_filesystem_size_bytes{mountpoint="/"} * 100) > 80
for: 5m
labels:
severity: warning
annotations:
summary: "High disk usage on {{ $labels.instance }}"
description: "Disk usage is above 80% for more than 5 minutes on {{ $labels.instance }}."
# 规则 4: 节点宕机
- alert: InstanceDown
expr: up == 0
for: 1m
labels:
severity: critical
annotations:
summary: "Instance {{ $labels.instance }} down"
description: "{{ $labels.instance }} has been down for more than 1 minute."
在/usr/local/prometheus/node_exporter_targets.json文件中添加测试节点
重启prometheus
ps -ef |grep prometheus |grep -v grep |awk '{print $2}' |xargs kill -9
nohup /usr/local/prometheus/prometheus --config.file=/usr/local/prometheus/prometheus.yml &启动Alertmanager
nohup /usr/local/alertmanager/alertmanager --config.file /usr/local/alertmanager/alertmanager.yml &启动钉钉插件prometheus-webhook-dingtalk
nohup /usr/local/prometheus-webhook-dingtalk/prometheus-webhook-dingtalk --config.file=/usr/local/prometheus-webhook-dingtalk/config.yml &查看grafana、alertmanager、prometheus端口都已经启动
接下来关闭刚才添加的测试机器
等了一会查看钉钉出现了告警
接下来优化告警消息:
1、使用中文发送告警信息
修改prometheus-webhook-dingtalk/config.yml文件添加以下字段
targets:
ding_webhook:
url: https://oapXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
secret: SEC6c2bf6d8XXXXXXXXXXXXXXXXXXXXXXX
message:
title: 'Prometheus - {{ if eq .Status "resolved" }}恢复通知{{ else }}告警通知{{ end }}'
text: |
- **告警名称**: {{ .CommonLabels.alertname }}
- **当前状态**: {{ .Status }}
{{ if eq .Status "resolved" }}
- **描述**: 实例 {{ .CommonLabels.instance }} 已恢复正常。
- **可能影响的服务**: 没有影响的服务
{{ else }}
- **描述**: {{ .CommonAnnotations.description }}
- **可能影响的服务**: {{ .CommonAnnotations.impact }}
{{ end }}
2、告知故障的影响范围
修改/usr/local/prometheus/rules/node_rules.yml配置文件,添加以下信息
.............
# 规则 4: 节点宕机
- alert: InstanceDown
expr: up == 0
for: 1m
labels:
severity: critical
annotations:
summary: "实例 {{ $labels.instance }} 已宕机"
description: "实例 {{ $labels.instance }} 已宕机。"
impact: |
{{- if eq $labels.instance "192.168.158.182:9900" }}
K8S中pod调度,导致服务无法正常使用。
{{- else if eq $labels.instance "192.168.158.183:9900" }}
无法访问监控系统。
{{- else }}
可能影响的服务:未知。
{{- end }}
重启/prometheus-webhook-dingtalk服务:
ps -ef |grep prometheus-we |grep -v grep |awk -F " " '{print $2}' |xargs kill -9
#为了区分nohup的启动日志,建议进入各自的目录执行
cd /usr/local/prometheus-webhook-dingtalk/
nohup /usr/local/prometheus-webhook-dingtalk/prometheus-webhook-dingtalk --config.file=/usr/local/prometheus-webhook-dingtalk/config.yml &重启prometheus服务:
ps -ef |grep prometheus |grep -v grep |awk '{print $2}' |xargs kill -9
cd /usr/local/prometheus
nohup /usr/local/prometheus/prometheus --config.file=/usr/local/prometheus/prometheus.yml &查看端口都已经启动
查看钉钉最新消息已经修改为中文提示和告知影响范围
启动故障机器再次查看消息
后续继续更新监控其他服务
