1 ‐ Deployment - CPNV-ES-MON1/Prometheus GitHub Wiki
Version used: 2.51.2
- (More detailed) Install Prometheus & Grafana with Nginx RProxy
- Install Prometheus & Grafana (+ Link Grafana to Prometheus TSDB)
- Prometheus binaries files v2.51.2
- Prometheus Docs
- Prometheus components repositories
wget https://github.com/prometheus/prometheus/releases/download/v2.51.2/prometheus-2.51.2.linux-amd64.tar.gz
---
--2024-05-02 12:33:24-- https://github.com/prometheus/prometheus/releases/download/v2.51.2/prometheus-2.51.2.linux-amd64.tar.gz
Resolving github.com (github.com)... 140.82.121.4
Connecting to github.com (github.com)|140.82.121.4|:443... connected.
HTTP request sent, awaiting response... 302 Found
---
#Add a system user for Prometheus
sudo useradd -s /sbin/nologin --system -g prometheus prometheus
#Create the data directory and set permissions
sudo mkdir /var/lib/prometheus
chown -R prometheus:prometheus /var/lib/prometheus/
tar xzvf prometheus-2.51.2.linux-amd64.tar.gz
#Create necessary directories for Prometheus
for i in rules rules.d files_sd; do \
sudo mkdir -p /app/prometheus2.51.2/${i} && \
sudo chown -R prometheus:prometheus /app/prometheus2.51.2/${i} && \
sudo chmod -R 775 /app/prometheus2.51.2/${i} \
; done
#Move binaries and configuration files
cd prometheus*/
sudo mv prometheus promtool /usr/local/bin/
sudo mv consoles console_libraries prometheus.yml /app/prometheus2.51.2/
#Install Apache utilities and set up the password file
sudo apt install apache2-utils
htpasswd -nB prom
---
prom:$2y$05<...>8zq
nano /app/prometheus2.51.2/web.yml
# Add the user & password
---
basic_auth_users:
prom: $2y$05<...>8zq
sudo chown prometheus: /app/prometheus2.51.2/web.yml
Configuration to work without the reverse proxy, base configuration To work with the Nginx Reverse Proxy, see here
#Create a systemd service file for Prometheus
cat <<EOM | sudo tee -a "/etc/systemd/system/prometheus.service"
[Unit]
Description=Prometheus
Documentation=https://prometheus.io/docs/introduction/overview/
Wants=network-online.target
After=network-online.target
[Service]
Type=simple
User=prometheus
Group=prometheus
ExecReload=/bin/kill -HUP $MAINPID
ExecStart=/usr/local/bin/prometheus \
--config.file=/app/prometheus2.51.2/prometheus.yml \
--storage.tsdb.path=/var/lib/prometheus \
--web.console.templates=/app/prometheus2.51.2/consoles \
--web.console.libraries=/app/prometheus2.51.2/console_libraries \
--web.listen-address=0.0.0.0:9090 \
--web.config.file=/app/prometheus2.51.2/web.yml \
SyslogIdentifier=prometheus
Restart=always
[Install]
WantedBy=multi-user.target
EOM
sudo systemctl daemon-reload
#Enable the Prometheus service to start on boot
sudo systemctl enable prometheus
---
Created symlink /etc/systemd/system/multi-user.target.wants/prometheus.service → /etc/systemd/system/prometheus.service.***
sudo systemctl start prometheus
sudo systemctl status prometheus
● prometheus.service - Prometheus
Loaded: loaded (/etc/systemd/system/prometheus.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2024-05-14 09:58:24 UTC; 1h 36min ago
Docs: https://prometheus.io/docs/introduction/overview/
Main PID: 3534 (prometheus)
Tasks: 10 (limit: 4515)
Memory: 17.3M
CPU: 1.142s
CGroup: /system.slice/prometheus.service
Version used: 11.0.0
sudo apt install gnupg2 apt-transport-https software-properties-common wget
wget -q -O - https://packages.grafana.com/gpg.key > grafana.key
cat grafana.key
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGNBGTnhmkBDADUE+SzjRRyitIm1siGxiHlIlnn6KO4C4GfEuV+PNzqxvwYO+1r
...
9O/0qAIU+YW7ojbKv8fr+NB31TGhGYWASjYlN1NvPotRAK6339O0/Rqr9xGgy3AY
SR+ic2Y610IM7xccKuTVAW9UofKQwJZChqae9VVZ
=J9CI
-----END PGP PUBLIC KEY BLOCK-----
En résumé, cette commande prend la clé GPG du fichier grafana.key, la décode, l'ajoute au trousseau de clés de confiance du système pour permettre la vérification des paquets Grafana, et jette toute sortie non nécessaire. C'est souvent utilisé lors de l'installation de nouveaux dépôts de paquets pour s'assurer que les paquets téléchargés sont authentiques et sécurisés.
cat grafana.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/grafana.gpg >/dev/null
ll /etc/apt/trusted.gpg.d/grafana.gpg
-rw-r--r-- 1 root root 1758 May 14 07:20 /etc/apt/trusted.gpg.d/grafana.gpg
echo 'deb [signed-by=/etc/apt/trusted.gpg.d/grafana.gpg] https://packages.grafana.com/oss/deb stable main' | sudo tee /etc/apt/sources.list.d/grafana.list
sudo apt update
sudo apt install grafana -y
sudo systemctl daemon-reload
sudo systemctl start grafana-server.service
sudo systemctl enable grafana-server.service
sudo systemctl status grafana-server.service
---
● grafana-server.service - Grafana instance
Loaded: loaded (/lib/systemd/system/grafana-server.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2024-05-14 07:26:37 UTC; 3s ago
Docs: http://docs.grafana.org
Main PID: 2950 (grafana)
Tasks: 14 (limit: 4515)
Memory: 47.5M
CPU: 1.866s
CGroup: /system.slice/grafana-server.service
---
#Modify the Grafana configuration file to set 'http_addr' and 'http_port'
sudo awk 'BEGIN { FS = " = " } ; /^;http_addr/ { print "http_addr = localhost"; next } ; /^;http_port/ { print "http_port = 3000"; next } ; { print }' /etc/grafana/grafana.ini > graf.ini.new
sudo cp graf.ini.new /etc/grafana/grafana.ini
sudo cat /etc/grafana/grafana.ini | grep http_
---
http_addr = localhost
http_port = 3000
;root_url = %(protocol)s://%(domain)s:%(http_port)s/
sudo systemctl restart grafana-server.service
sudo systemctl status grafana-server.service
● grafana-server.service - Grafana instance
Loaded: loaded (/lib/systemd/system/grafana-server.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2024-05-14 13:48:34 UTC; 9min ago
Docs: http://docs.grafana.org
Main PID: 904 (grafana)
Tasks: 11 (limit: 4515)
Memory: 160.8M
CPU: 1.711s
CGroup: /system.slice/grafana-server.service
Version used: Nginx/1.24.0 (ubuntu) Context: The grafana web interface should be accessible by 8080 port.
sudo apt update
sudo apt install nginx -y
sudo wget https://raw.githubusercontent.com/CPNV-ES-MON1/Prometheus/main/nginx_rproxy_config -O /etc/nginx/sites-available/grafana
read -p "Enter the DNS name: " dns_name && sudo sed -i "s/server_name <DNS_NAME>/server_name $dns_name/" /etc/nginx/sites-available/grafana
Enable de vHost & disable default
sudo ln -s /etc/nginx/sites-available/grafana /etc/nginx/sites-enabled/
sudo rm /etc/nginx/sites-enabled/default
sudo systemctl restart nginx
If not done in 2 - Setup Prometheus Service and start it Adapt the configuration file to work with the reverse proxy (new route-prefix). Specify the new route-prefix and the external url (change with the DNS name in AWS). The route prefix have to match with the location in the nginx virtual host.
sudo nano /etc/systemd/system/prometheus.service
--web.external-url="http://<DNS NAME or IP/prometheus/"
--web.route-prefix="/prometheus/"
After adding the route-prefix, it is mandatory to update the connection in grafana by adding the correct prefix.
The updated file can be downloaded here. WARNING: Any modification made on prometheus.service will be lost. It will rewrite the whole file. This file is a template, modification have to be made before reloading the daemon (sudo systemctl reload-daemon).
sudo wget https://raw.githubusercontent.com/CPNV-ES-MON1/Prometheus/main/prometheus.service.template -O /etc/systemd/system/prometheus.service
And then update the DNS name with the DNS name of your server (reverse proxy).
read -p "Enter the DNS name or IP: " dns_name && sudo sed -i "s|<DNS_NAME or IP>|$dns_name|" /etc/systemd/system/prometheus.service
Version used: 1.8.0 Exporter for machine metrics - Debian
sudo useradd --no-create-home --system --shell /bin/false node_exporter
wget https://github.com/prometheus/node_exporter/releases/download/v1.8.0/node_exporter-1.8.0.linux-amd64.tar.gz
tar xvfz node_exporter-1.8.0.linux-amd64.tar.gz
---
node_exporter-1.8.0.linux-amd64/
node_exporter-1.8.0.linux-amd64/NOTICE
node_exporter-1.8.0.linux-amd64/node_exporter
node_exporter-1.8.0.linux-amd64/LICENSE
sudo cp node_exporter-1.8.0.linux-amd64/node_exporter /usr/local/bin/
sudo chown node_exporter: /usr/local/bin/node_exporter
ls -l /usr/local/bin/
---
-rwxr-xr-x 1 node_exporter node_exporter 20494416 May 16 11:53 node_exporter*
cat <<EOM | sudo tee -a /etc/systemd/system/node_exporter.service
[Unit]
Description=Prometheus Node Exporter
Wants=network-online.target
After=network-online.target
[Service]
User=node_exporter
Group=node_exporter
Type=simple
ExecStart=/usr/local/bin/node_exporter
[Install]
WantedBy=multi-user.target
EOM
cat /etc/systemd/system/node_exporter.service && ls -l /etc/systemd/system/ | grep node_
---
[Unit]
Description=Prometheus Node Exporter
Wants=network-online.target
After=network-online.target
[Service]
User=node_exporter
Group=node_exporter
Type=simple
ExecStart=/usr/local/bin/node_exporter
[Install]
WantedBy=multi-user.target
**-rw-r--r-- 1 root root 239 May 16 11:58 node_exporter.service**
sudo systemctl daemon-reload
sudo systemctl start node_exporter
sudo systemctl status node_exporter
---
● node_exporter.service - Prometheus Node Exporter
Loaded: loaded (/etc/systemd/system/node_exporter.service; disabled; vendor preset: enabled)
Active: active (running) since Thu 2024-05-16 12:00:08 UTC; 20s ago
Main PID: 1511 (node_exporter)
Tasks: 8 (limit: 4515)
Memory: 2.8M
CPU: 7ms
CGroup: /system.slice/node_exporter.service
└─1511 /usr/local/bin/node_exporter
sudo systemctl enable node_exporter
Created symlink /etc/systemd/system/multi-user.target.wants/node_exporter.service → /etc/systemd/system/node_exporter.service.
curl localhost:9100/metrics
promhttp_metric_handler_errors_total{cause="gathering"} 0
# HELP promhttp_metric_handler_requests_in_flight Current number of scrapes being served.
# TYPE promhttp_metric_handler_requests_in_flight gauge
promhttp_metric_handler_requests_in_flight 1
# HELP promhttp_metric_handler_requests_total Total number of scrapes by HTTP status code.
# TYPE promhttp_metric_handler_requests_total counter
promhttp_metric_handler_requests_total{code="200"} 0
promhttp_metric_handler_requests_total{code="500"} 0
promhttp_metric_handler_requests_total{code="503"} 0
sudo nano /app/prometheus2.51.2/prometheus.yml
Add under "scrape_configs" section
- job_name: "<JOB_NAME>"
static_configs:
- targets: ["<CLIENT_IP>:9100"]
labels:
machinename: "<MACHINE_NAME>"
sudo systemctl restart prometheus.service
Version used: 0.25.1 Exporter for machine metrics - Windows Server 2022
On PowerShell, download the last version of windows_exporter
Invoke-WebRequest -Uri https://github.com/prometheus-community/windows_exporter/releases/download/v0.25.1/windows_exporter-0.25.1-amd64.msi -OutFile "windows_exporter.msi"
Install windows_exporter with desired collectors
Start-Process -FilePath .\windows_exporter.msi -ArgumentList 'ENABLE_COLLECTORS="cpu,cs,logical_disk,net,os,system,tcp,time,service,memory"' -Wait
sudo nano /app/prometheus2.51.2/prometheus.yml
Add under "scrape_configs" section
- job_name: "<JOB_NAME>"
static_configs:
- targets: ["<CLIENT_IP>:9182"]
labels:
machinename: "<MACHINE_NAME>"
sudo systemctl restart prometheus.service