Prometheus及Exporter安装

安装Prometheus

首先从官方Repo下载最新版本。然后按照下列步骤安装Prometheus：

useradd --no-create-home --shell /bin/false prometheus
mkdir /etc/prometheus
mkdir /var/lib/prometheus
chown prometheus:prometheus /etc/prometheus
chown prometheus:prometheus /var/lib/prometheus
tar zxvf prometheus-2.20.1.linux-amd64.tar.gz
mv prometheus-2.20.1.linux-amd64/prometheus /usr/bin/  # 当然使用cp复制也行，目录也可以变
mv prometheus-2.20.1.linux-amd64/promtool /usr/bin/
chown prometheus:prometheus /usr/bin/prometheus
chown prometheus:prometheus /usr/bin/promtool
cp -r prometheus-2.20.1.linux-amd64/consoles/ /etc/prometheus/
cp -r prometheus-2.20.1.linux-amd64/console_libraries/ /etc/prometheus/
chown -R prometheus:prometheus /etc/prometheus/consoles
chown -R prometheus:prometheus /etc/prometheus/console_libraries
cp prometheus-2.20.1.linux-amd64/prometheus.yml /etc/prometheus/
chown prometheus:prometheus /etc/prometheus/prometheus.yml
vi /etc/prometheus/prometheus.yml  # 编辑配置文件

由于使用Prometheus的目的是通过SNMP Exporter监控网络设备，因此这里配置主要针对snmp_exporter、blackbox_exporter。

# my global config
global:
  scrape_interval:     10s # Set the scrape interval to every 15 seconds. Default is 
rule_files:
  # - "first_rules.yml"
  # - "second_rules.yml"
# A scrape configuration containing exactly one endpoint to scrape:
# Here it's Prometheus itself.
scrape_configs:
  # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
  - job_name: 'prometheus'
    # metrics_path defaults to '/metrics'
    scrape_interval: 5s
    static_configs:
    - targets: ['localhost:9090']
  - job_name: 'node_exporter_centos'
    scrape_interval: 5s
    static_configs:
      - targets: ['10.X.X.X:9100']  # 填写node_exporter的主机IP
  - job_name: 'blackbox'
    metrics_path: /probe
    params:
      module: [icmp]
    static_configs:
      - targets: ['10.X.X.X', '10.X.X.X']  # 填写ICMP监控目的IP
    relabel_configs:
      - source_labels: [__address__]
        target_label: __param_target
      - source_labels: [__param_target]
        target_label: instance
      - target_label: __address__
        replacement: 10.X.X.X:9115  # The blackbox exporter's real hostname:port.
  - job_name: 'snmp'
    scrape_interval: 30s
    static_configs:
      - targets: ['10.X.X.X', '10.X.X.X']
    metrics_path: /snmp
    params:
      module: [h3c_switch]
    relabel_configs:
      - source_labels: [__address__]
        target_label: __param_target
      - source_labels: [__param_target]
        target_label: instance
      - target_label: __address__
        replacement: 10.X.X.X:9116  # The SNMP exporter's real hostname:port.

使用vim /etc/systemd/system/prometheus.service编辑系统服务：

[Unit]
Description=Prometheus
Wants=network-online.target
After=network-online.target
[Service]
User=prometheus
Group=prometheus
Type=simple
ExecStart=/usr/bin/prometheus \
--config.file /etc/prometheus/prometheus.yml \
--storage.tsdb.path /var/lib/prometheus/ \
--storage.tsdb.retention.time=2y \
--web.console.templates=/etc/prometheus/consoles \
--web.console.libraries=/etc/prometheus/console_libraries
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
[Install]
WantedBy=multi-user.target

编辑保存后，加载服务：

systemctl daemon-reload
systemctl start prometheus
systemctl status prometheus
systemctl enable prometheus
firewall-cmd --zone=public --add-port=9090/tcp --permanent --set-description="prometheus"
firewall-cmd --reload

至此Prometheus安装完成。可以通过http://10.X.X.X:9090/targets查看每个Exporter的取值情况。

安装Node Exporter

直接贴步骤，依然可以从官方下载。

tar zxvf node_exporter-1.1.2.linux-amd64.tar.gz
mv node_exporter-1.1.2.linux-amd64/node_exporter /usr/local/bin/
useradd -rs /bin/false nodeusr
chown nodeusr:nodeusr /usr/local/bin/node_exporter

使用vi /etc/systemd/system/node_exporter.service编辑系统服务：

[Unit]
Description=Node Exporter
After=network.target
[Service]
User=nodeusr
Group=nodeusr
Type=simple
ExecStart=/usr/local/bin/node_exporter
Restart=on-failure
[Install]
WantedBy=multi-user.target

编辑保存后，加载服务：

systemctl daemon-reload
systemctl start node_exporter
systemctl status node_exporter
systemctl enable node_exporter
firewall-cmd --zone=public --add-port=9100/tcp --permanent --set-description="node_exporter"
firewall-cmd --reload

至此Node Exporter安装完成。可以在Prometheus的Target里查看状态。因为前面在安装Prometheus的时候已经配置了node的job，因此这里略过配置步骤。

安装Blackbox Exporter

直接贴步骤，依然可以从官方下载。

tar zxvf blackbox_exporter-0.18.0.linux-amd64.tar.gz
mv blackbox_exporter-0.18.0.linux-amd64/blackbox_exporter /usr/local/bin/
mkdir -p /etc/blackbox_exporter/
mv blackbox_exporter-0.18.0.linux-amd64/blackbox.yml /etc/blackbox_exporter/
useradd -rs /bin/false blackboxusr
chown blackboxusr:blackboxusr /usr/local/bin/blackbox_exporter

使用vi /etc/blackbox_exporter/blackbox.yml编辑Blackbox Exporter的配置：

modules:
  icmp:
    prober: icmp
    timeout: 1s
    icmp:
      preferred_ip_protocol: "ip4"
      # ip_protocol_fallback: true
      source_ip_address: 10.4.92.6
      # dont_fragment: false
      # payload_size: 0

编辑保存后，使用chown -R blackboxusr:blackboxusr /etc/blackbox_exporter/修改文件及文件夹归属。
使用vi /etc/systemd/system/blackbox_exporter.service编辑系统服务：

[Unit]
Description=Blackbox Exporter
After=network.target
[Service]
User=blackboxusr
Group=blackboxusr
Type=simple
ExecStart=/usr/local/bin/blackbox_exporter \
--config.file=/etc/blackbox_exporter/blackbox.yml
Restart=on-failure
[Install]
WantedBy=multi-user.target

编辑保存后，加载服务：

systemctl daemon-reload
systemctl start blackbox_exporter
systemctl status blackbox_exporter
systemctl enable blackbox_exporter
firewall-cmd --zone=public --add-port=9115/tcp --permanent --set-description="blackbox_exporter"
firewall-cmd --reload

至此Blackbox Exporter安装完成。可以在Prometheus的Target里查看状态。因为前面在安装Prometheus的时候已经配置了blackbox的job，因此这里略过配置步骤。

安装SNMP Exporter

直接贴步骤，依然可以从官方下载。

tar zxvf snmp_exporter-0.20.0.linux-amd64.tar.gz
mv snmp_exporter-0.20.0.linux-amd64/snmp_exporter /usr/local/bin/
mkdir -p /etc/snmp_exporter/
mv snmp_exporter-0.20.0.linux-amd64/snmp.yml /etc/snmp_exporter/
useradd -rs /bin/false snmpusr
chown snmpusr:snmpusr /usr/local/bin/snmp_exporter

使用vi /etc/snmp_exporter/snmp.yml编辑SNMP Exporter的配置。默认的snmp.yml涉及的MIB节点过多，官方文档也有自己编译的方式，这里直接复制：

h3c_switch:
  walk:
  - 1.3.6.1.2.1.2.2.1.2
  - 1.3.6.1.2.1.2.2.1.3
  - 1.3.6.1.2.1.31.1.1.1.1
  - 1.3.6.1.2.1.31.1.1.1.10
  - 1.3.6.1.2.1.31.1.1.1.18
  - 1.3.6.1.2.1.31.1.1.1.6
  get:
  - 1.3.6.1.2.1.1.3.0
  metrics:
  - name: sysUpTime
    oid: 1.3.6.1.2.1.1.3
    type: gauge
    help: The time (in hundredths of a second) since the network management portion
      of the system was last re-initialized. - 1.3.6.1.2.1.1.3
  - name: ifType
    oid: 1.3.6.1.2.1.2.2.1.3
    type: EnumAsInfo
    help: The type of interface - 1.3.6.1.2.1.2.2.1.3
    indexes:
    - labelname: ifIndex
      type: gauge
    lookups:
    - labels:
      - ifIndex
      labelname: ifAlias
      oid: 1.3.6.1.2.1.31.1.1.1.18
      type: DisplayString
    - labels:
      - ifIndex
      labelname: ifDescr
      oid: 1.3.6.1.2.1.2.2.1.2
      type: DisplayString
    - labels:
      - ifIndex
      labelname: ifName
      oid: 1.3.6.1.2.1.31.1.1.1.1
      type: DisplayString
    enum_values:
      1: other
      2: regular1822
      3: hdh1822
      4: ddnX25
      5: rfc877x25
      6: ethernetCsmacd
      7: iso88023Csmacd
      8: iso88024TokenBus
      9: iso88025TokenRing
      10: iso88026Man
      11: starLan
      12: proteon10Mbit
      13: proteon80Mbit
      14: hyperchannel
      15: fddi
      16: lapb
      17: sdlc
      18: ds1
      19: e1
      20: basicISDN
      21: primaryISDN
      22: propPointToPointSerial
      23: ppp
      24: softwareLoopback
      25: eon
      26: ethernet3Mbit
      27: nsip
      28: slip
      29: ultra
      30: ds3
      31: sip
      32: frameRelay
      33: rs232
      34: para
      35: arcnet
      36: arcnetPlus
      37: atm
      38: miox25
      39: sonet
      40: x25ple
      41: iso88022llc
      42: localTalk
      43: smdsDxi
      44: frameRelayService
      45: v35
      46: hssi
      47: hippi
      48: modem
      49: aal5
      50: sonetPath
      51: sonetVT
      52: smdsIcip
      53: propVirtual
      54: propMultiplexor
      55: ieee80212
      56: fibreChannel
      57: hippiInterface
      58: frameRelayInterconnect
      59: aflane8023
      60: aflane8025
      61: cctEmul
      62: fastEther
      63: isdn
      64: v11
      65: v36
      66: g703at64k
      67: g703at2mb
      68: qllc
      69: fastEtherFX
      70: channel
      71: ieee80211
      72: ibm370parChan
      73: escon
      74: dlsw
      75: isdns
      76: isdnu
      77: lapd
      78: ipSwitch
      79: rsrb
      80: atmLogical
      81: ds0
      82: ds0Bundle
      83: bsc
      84: async
      85: cnr
      86: iso88025Dtr
      87: eplrs
      88: arap
      89: propCnls
      90: hostPad
      91: termPad
      92: frameRelayMPI
      93: x213
      94: adsl
      95: radsl
      96: sdsl
      97: vdsl
      98: iso88025CRFPInt
      99: myrinet
      100: voiceEM
      101: voiceFXO
      102: voiceFXS
      103: voiceEncap
      104: voiceOverIp
      105: atmDxi
      106: atmFuni
      107: atmIma
      108: pppMultilinkBundle
      109: ipOverCdlc
      110: ipOverClaw
      111: stackToStack
      112: virtualIpAddress
      113: mpc
      114: ipOverAtm
      115: iso88025Fiber
      116: tdlc
      117: gigabitEthernet
      118: hdlc
      119: lapf
      120: v37
      121: x25mlp
      122: x25huntGroup
      123: transpHdlc
      124: interleave
      125: fast
      126: ip
      127: docsCableMaclayer
      128: docsCableDownstream
      129: docsCableUpstream
      130: a12MppSwitch
      131: tunnel
      132: coffee
      133: ces
      134: atmSubInterface
      135: l2vlan
      136: l3ipvlan
      137: l3ipxvlan
      138: digitalPowerline
      139: mediaMailOverIp
      140: dtm
      141: dcn
      142: ipForward
      143: msdsl
      144: ieee1394
      145: if-gsn
      146: dvbRccMacLayer
      147: dvbRccDownstream
      148: dvbRccUpstream
      149: atmVirtual
      150: mplsTunnel
      151: srp
      152: voiceOverAtm
      153: voiceOverFrameRelay
      154: idsl
      155: compositeLink
      156: ss7SigLink
      157: propWirelessP2P
      158: frForward
      159: rfc1483
      160: usb
      161: ieee8023adLag
      162: bgppolicyaccounting
      163: frf16MfrBundle
      164: h323Gatekeeper
      165: h323Proxy
      166: mpls
      167: mfSigLink
      168: hdsl2
      169: shdsl
      170: ds1FDL
      171: pos
      172: dvbAsiIn
      173: dvbAsiOut
      174: plc
      175: nfas
      176: tr008
      177: gr303RDT
      178: gr303IDT
      179: isup
      180: propDocsWirelessMaclayer
      181: propDocsWirelessDownstream
      182: propDocsWirelessUpstream
      183: hiperlan2
      184: propBWAp2Mp
      185: sonetOverheadChannel
      186: digitalWrapperOverheadChannel
      187: aal2
      188: radioMAC
      189: atmRadio
      190: imt
      191: mvl
      192: reachDSL
      193: frDlciEndPt
      194: atmVciEndPt
      195: opticalChannel
      196: opticalTransport
      197: propAtm
      198: voiceOverCable
      199: infiniband
      200: teLink
      201: q2931
      202: virtualTg
      203: sipTg
      204: sipSig
      205: docsCableUpstreamChannel
      206: econet
      207: pon155
      208: pon622
      209: bridge
      210: linegroup
      211: voiceEMFGD
      212: voiceFGDEANA
      213: voiceDID
      214: mpegTransport
      215: sixToFour
      216: gtp
      217: pdnEtherLoop1
      218: pdnEtherLoop2
      219: opticalChannelGroup
      220: homepna
      221: gfp
      222: ciscoISLvlan
      223: actelisMetaLOOP
      224: fcipLink
      225: rpr
      226: qam
      227: lmp
      228: cblVectaStar
      229: docsCableMCmtsDownstream
      230: adsl2
      231: macSecControlledIF
      232: macSecUncontrolledIF
      233: aviciOpticalEther
      234: atmbond
      235: voiceFGDOS
      236: mocaVersion1
      237: ieee80216WMAN
      238: adsl2plus
      239: dvbRcsMacLayer
      240: dvbTdm
      241: dvbRcsTdma
      242: x86Laps
      243: wwanPP
      244: wwanPP2
      245: voiceEBS
      246: ifPwType
      247: ilan
      248: pip
      249: aluELP
      250: gpon
      251: vdsl2
      252: capwapDot11Profile
      253: capwapDot11Bss
      254: capwapWtpVirtualRadio
      255: bits
      256: docsCableUpstreamRfPort
      257: cableDownstreamRfPort
      258: vmwareVirtualNic
      259: ieee802154
      260: otnOdu
      261: otnOtu
      262: ifVfiType
      263: g9981
      264: g9982
      265: g9983
      266: aluEpon
      267: aluEponOnu
      268: aluEponPhysicalUni
      269: aluEponLogicalLink
      270: aluGponOnu
      271: aluGponPhysicalUni
      272: vmwareNicTeam
  - name: ifHCOutOctets
    oid: 1.3.6.1.2.1.31.1.1.1.10
    type: counter
    help: The total number of octets transmitted out of the interface, including framing
      characters - 1.3.6.1.2.1.31.1.1.1.10
    indexes:
    - labelname: ifIndex
      type: gauge
    lookups:
    - labels:
      - ifIndex
      labelname: ifAlias
      oid: 1.3.6.1.2.1.31.1.1.1.18
      type: DisplayString
    - labels:
      - ifIndex
      labelname: ifDescr
      oid: 1.3.6.1.2.1.2.2.1.2
      type: DisplayString
    - labels:
      - ifIndex
      labelname: ifName
      oid: 1.3.6.1.2.1.31.1.1.1.1
      type: DisplayString
  - name: ifHCInOctets
    oid: 1.3.6.1.2.1.31.1.1.1.6
    type: counter
    help: The total number of octets received on the interface, including framing
      characters - 1.3.6.1.2.1.31.1.1.1.6
    indexes:
    - labelname: ifIndex
      type: gauge
    lookups:
    - labels:
      - ifIndex
      labelname: ifAlias
      oid: 1.3.6.1.2.1.31.1.1.1.18
      type: DisplayString
    - labels:
      - ifIndex
      labelname: ifDescr
      oid: 1.3.6.1.2.1.2.2.1.2
      type: DisplayString
    - labels:
      - ifIndex
      labelname: ifName
      oid: 1.3.6.1.2.1.31.1.1.1.1
      type: DisplayString
  version: 2
  auth:
    community: xxxxxx

编辑保存后，使用chown -R snmpusr:snmpusr /etc/snmp_exporter/修改文件及文件夹归属。
使用vi /etc/systemd/system/snmp_exporter.service编辑系统服务：

[Unit]
Description=Blackbox Exporter
After=network.target
[Service]
User=blackboxusr
Group=blackboxusr
Type=simple
ExecStart=/usr/local/bin/blackbox_exporter \
--config.file=/etc/blackbox_exporter/blackbox.yml
Restart=on-failure
[Install]
WantedBy=multi-user.target

编辑保存后，加载服务：

systemctl daemon-reload
systemctl start snmp_exporter
systemctl status snmp_exporter
systemctl enable snmp_exporter
firewall-cmd --zone=public --add-port=9116/tcp --permanent --set-description="snmp_exporter"
firewall-cmd --reload

至此SNMP Exporter安装完成。可以在Prometheus的Target里查看状态。因为前面在安装Prometheus的时候已经配置了snmp的job，因此这里略过配置步骤。

参考

• Promethes监控华为S5720交换机
• How to install and configure Prometheus on CentOS 7