이전 글을 참조하여 prometheus를 설치하게 되면, 로컬호스트로 접근을 할 수는 있으나,
클라우드나 외부 컴퓨터에 켜놓고 접근하는 것은 해당 포트들을 전부 열어 놓는 설정부터 다 해야하기 떄문에 불편하다.
(https는 또 복잡한 내용이 추가되니 http로만 먼저 연결)
그래서 nginx 를 추가하여 http 요청이 들어오면 URL 에 따라서 요청을 나눠주는역할을 하게 할 것이다. (reverse proxy)
version: '3'
services:
proxy:
container_name: proxy
image: nginx:latest
ports:
- '80:80' # common web
# - '443:443' # https
networks:
- promnet
volumes:
- ./proxy/nginx.conf:/etc/nginx/nginx.conf:ro
- ./proxy/web.conf:/etc/nginx/web.conf:ro
# - ./proxy/server-https-common.conf:/etc/nginx/server-https-common.conf:ro
# - /etc/letsencrypt/live/사이트이름:/etc/ssl:ro
depends_on:
- prometheus
- grafana
- alertmanager
prometheus:
image: prom/prometheus
container_name: prometheus
hostname: prometheus
volumes:
- ./prometheus/config/:/etc/prometheus/
- ./prometheus/prometheus-volume:/prometheus
ports:
- 9090:9090
command:
- '--web.enable-lifecycle'
- '--config.file=/etc/prometheus/prometheus.yml'
restart: always
grafana:
image: grafana/grafana
container_name: grafana
hostname: grafana
depends_on:
- prometheus
ports:
- 3000:3000
networks:
- promnet
volumes:
- ./grafana/grafana-volume:/var/lib/grafana
- ./grafana/grafana-init.ini:/etc/grafana/grafana.ini
restart: always
alertmanager:
image: prom/alertmanager
container_name: alertmanager
hostname: alertmanager
user: root
ports:
- 9093:9093
volumes:
- ./alertmanager/config/:/etc/alertmanager/
restart: always
networks:
- promnet
command:
- '--config.file=/etc/alertmanager/alertmanager.yml'
- '--web.listen-address=0.0.0.0:9093'
- '--web.external-url=http://외부에서들어올주소/alertmanager/'
- '--web.route-prefix=/alertmanager/'
networks:
promnet:
driver: bridge
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
# 웹 설정하는 부분
include /etc/nginx/web.conf;
# 로그 파일에 대한 포맷을 설정해주는 부분
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
# https://www.lesstif.com/system-admin/nginx-http-413-client-intended-to-send-too-large-body-86311189.html
client_max_body_size 8M;
# gzip configuration
gzip on;
gzip_disable "msie6";
gzip_min_length 10240;
gzip_buffers 32 32k;
gzip_comp_level 9;
gzip_proxied any;
gzip_types text/plain application/javascript application/x-javascript text/javascript text/xml text/css;
gzip_vary on;
sendfile on;
keepalive_timeout 65;
}
upstream @prometheus {
server prometheus:9090;
}
upstream @alertmanager {
server alertmanager:9093;
}
upstream @grafana {
server grafana:3000;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
# listen [::]:80;
server_name 외부접근주소;
# include /etc/nginx/server-https-common.conf;
location /alertmanager/ {
gzip_types *;
proxy_pass http://@alertmanager/alertmanager;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
}
location /grafana {
proxy_pass http://@grafana/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_redirect off;
}
location /grafana/api/live {
proxy_pass http://@grafana/;
rewrite ^/grafana/(.*) /$1 break;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $http_host;
}
location / {
proxy_pass http://@prometheus/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Server $host;
proxy_redirect off;
}
}
domain = 외부접근주소
root_url = %(protocol)s://%(domain)s:%(http_port)s/grafana/
serve_from_sub_path = true
docker exec -it proxy bash
를 통해서 proxy container 로 들어가기curl prometheus:9090/metrics
로 prometheus 로 http 통신이 되는지 확인하기cat /etc/hosts
에서는 prometheus가 안나오지만, http://localhost/
: 프로메테우스http://localhost/alertmanager/
: alertmanagerhttp://localhost/grafana
: grafana