2019年10月

Grafana参数配置文件详解

grafana_screenshot1.png
grafana安装后目录的说明:

#主配置文件
/etc/grafana/grafana.ini
#数据文件
/var/lib/grafana
#home目录
/usr/share/grafana
#日志目录
/var/log/grafana
#插件目录
/var/lib/grafana/plugins
#自定义一些精细化配置的文件夹
/etc/grafana/provisioning

grafana的默认配置文件在/etc/grafana,目录下文件结构如下:

├── config.monitoring
├── grafana.ini
├── ldap.toml
└── provisioning
    ├── dashboards
    │   ├── Ceph\ -\ Cluster-1544005047598.json
    │   ├── dashboard.yml
    │   └── Node\ Exporter\ Full-1544005083113.json
    └── datasources
        └── datasource.yml

grafana.ini配置文件说明:

app_mode:应用名称,默认是production

[path]
data:一个grafana用来存储sqlite3、临时文件、回话的地址路径
logs:grafana存储logs的路径

[server]
http_addr:监听的ip地址,,默认是0.0.0.0
http_port:监听的端口,默认是3000
protocol:http或者https,,默认是http
domain:这个设置是root_url的一部分,当你通过浏览器访问grafana时的公开的domian名称,默认是localhost
enforce_domain:如果主机的header不匹配domian,则跳转到一个正确的domain上,默认是false
root_url:这是一个web上访问grafana的全路径url,默认是%(protocol)s://%(domain)s:%(http_port)s/
router_logging:是否记录web请求日志,默认是false
cert_file:如果使用https则需要设置
cert_key:如果使用https则需要设置

[database]
grafana默认需要使用数据库存储用户和dashboard信息,默认使用sqlite3来存储,你也可以换成其他数据库
type:可以是mysql、postgres、sqlite3,默认是sqlite3
path:只是sqlite3需要,定义sqlite3的存储路径
host:只是mysql、postgres需要,默认是127.0.0.1:3306
name:grafana的数据库名称,默认是grafana
user:连接数据库的用户
password:数据库用户的密码
ssl_mode:只是postgres使用


[security]
admin_user:grafana默认的admin用户,默认是admin
admin_password:grafana admin的默认密码,默认是admin
login_remember_days:多少天内保持登录状态
secret_key:保持登录状态的签名
disable_gravatar:


[users]
allow_sign_up:是否允许普通用户登录,如果设置为false,则禁止用户登录,默认是true,则admin可以创建用户,并登录grafana
allow_org_create:如果设置为false,则禁止用户创建新组织,默认是true
auto_assign_org:当设置为true的时候,会自动的把新增用户增加到id为1的组织中,当设置为false的时候,新建用户的时候会新增一个组织
auto_assign_org_role:新建用户附加的规则,默认是Viewer,还可以是Admin、Editor


[auth.anonymous]
enabled:设置为true,则开启允许匿名访问,默认是false
org_name:为匿名用户设置组织名称
org_role:为匿名用户设置的访问规则,默认是Viewer


[auth.github]
针对github项目的,很明显
enabled = false
allow_sign_up = false
client_id = some_id
client_secret = some_secret
scopes = user:email
auth_url = https://github.com/login/oauth/authorize
token_url = https://github.com/login/oauth/access_token
api_url = https://api.github.com/user
team_ids =
allowed_domains =
allowed_organizations =


[auth.google]
针对google app的
enabled = false
allow_sign_up = false
client_id = some_client_id
client_secret = some_client_secret
scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email
auth_url = https://accounts.google.com/o/oauth2/auth
token_url = https://accounts.google.com/o/oauth2/token
api_url = https://www.googleapis.com/oauth2/v1/userinfo
allowed_domains =


[auth.basic]
enabled:当设置为true,则http api开启基本认证


[auth.ldap]
enabled:设置为true则开启LDAP认证,默认是false
config_file:如果开启LDAP,指定LDAP的配置文件/etc/grafana/ldap.toml


[auth.proxy]
允许你在一个HTTP反向代理上进行认证设置
enabled:默认是false
header_name:默认是X-WEBAUTH-USER
header_property:默认是个名称username
auto_sign_up:默认是true。开启自动注册,如果用户在grafana DB中不存在

[analytics]
reporting_enabled:如果设置为true,则会发送匿名使用分析到stats.grafana.org,主要用于跟踪允许实例、版本、dashboard、错误统计。默认是true
google_analytics_ua_id:使用GA进行分析,填写你的GA ID即可


[dashboards.json]
如果你有一个系统自动产生json格式的dashboard,则可以开启这个特性试试
enabled:默认是false
path:一个全路径用来包含你的json dashboard,默认是/var/lib/grafana/dashboards


[session]
provider:默认是file,值还可以是memory、mysql、postgres
provider_config:这个值的配置由provider的设置来确定,如果provider是file,则是data/xxxx路径类型,如果provider是mysql,则是user:password@tcp(127.0.0.1:3306)/database_name,如果provider是postgres,则是user=a password=b host=localhost port=5432 dbname=c sslmode=disable
cookie_name:grafana的cookie名称
cookie_secure:如果设置为true,则grafana依赖https,默认是false
session_life_time:session过期时间,默认是86400秒,24小时


以下是官方文档没有,配置文件中有的
[smtp]
enabled = false
host = localhost:25
user =
password =
cert_file =
key_file =
skip_verify = false
from_address = admin@grafana.localhost

[emails]
welcome_email_on_sign_up = false
templates_pattern = emails/*.html


[log]
mode:可以是console、file,默认是console、file,也可以设置多个,用逗号隔开
buffer_len:channel的buffer长度,默认是10000
level:可以是"Trace", "Debug", "Info", "Warn", "Error", "Critical",默认是info

[log.console]
level:设置级别

[log.file]
level:设置级别
log_rotate:是否开启自动轮转
max_lines:单个日志文件的最大行数,默认是1000000
max_lines_shift:单个日志文件的最大大小,默认是28,表示256MB
daily_rotate:每天是否进行日志轮转,默认是true
max_days:日志过期时间,默认是7,7天后删除

via:https://www.li-rui.top/2018/12/12/monitor/grafana%E4%BD%BF%E7%94%A8/
http://www.51niux.com/?id=237

[warn] 1539#0: 65535 worker_connections exceed open file resource limit: 1024报错解决

Cenos7.x系统中已经设置了ulimit最大值为65535,reload nginx的时候发现error.log里面有一行报错:

2019/10/28 16:09:27 [notice] 32473#0: signal process started
2019/10/28 16:09:27 [notice] 1539#0: using the "epoll" event method
2019/10/28 16:09:27 [warn] 1539#0: 65535 worker_connections exceed open file resource limit: 1024
2019/10/28 16:09:27 [notice] 1539#0: start worker processes
2019/10/28 16:09:27 [notice] 1539#0: start worker process 32474
2019/10/28 16:09:27 [notice] 1539#0: start worker process 32475

解决方法如下:
在nginx.conf中增加:

worker_rlimit_nofile 65535; 

nginx-ulimit.png
worker_rlimit_nofile参数说明:

worker_rlimit_nofile 一个nginx进程打开的最多文件描述符数目  
理论值应该是系统最多打开文件数(系统的值ulimit -n)与nginx进程数相除,但是nginx分配请求并不均匀,所以建议与ulimit -n的值保持一致。

最后reload nginx,报错消失问题解决;

Zabbix Web场景监控小记

页面或接口直接请问失败或打不开监控项表达式:主机端口宕掉时会会触发·

{sso-git-zull-c:web.test.fail[Zuul网关接口_134].last()}<>0   #对应Failed step of scenario "Zuul网关接口_134"

页面或接口请求状态非200表达式:

{sso-git-zull-c:web.test.rspcode[Zuul网关接口_134,zuul网关_134].last()}<>200  #对应Response code for step "zuul网关_134" of scenario "Zuul网关接口_134"

页面或接口请求缓慢表达式:

{sso-git-zull-c:web.test.time[Zuul网关接口_134,zuul网关_134,resp].last()}>10 #对应Response time for step "zuul网关_134" of scenario "Zuul网关接口_134".

/var/log/message大量systemd: Started Session 1120 of user root日志解决

rsyslog.png
查看/var/log/message日志发现大量systemd: Started Session 4850 of user root.
log如下:

Oct 17 13:40:01 monitor-test systemd: Started Session 4850 of user root.
Oct 17 13:50:01 monitor-test systemd: Started Session 4851 of user root.
Oct 17 14:00:01 monitor-test systemd: Started Session 4852 of user root.
Oct 17 14:00:01 monitor-test systemd: Started Session 4853 of user root.
Oct 17 14:01:01 monitor-test systemd: Started Session 4854 of user root.
Oct 17 14:10:01 monitor-test systemd: Started Session 4855 of user root.
Oct 17 14:20:01 monitor-test systemd: Started Session 4856 of user root.
Oct 17 14:30:01 monitor-test systemd: Started Session 4857 of user root.
Oct 17 14:30:01 monitor-test systemd: Started Session 4858 of user root.
Oct 17 14:40:01 monitor-test systemd: Started Session 4859 of user root.
Oct 17 14:50:01 monitor-test systemd: Started Session 4860 of user root.
Oct 17 15:00:01 monitor-test systemd: Started Session 4861 of user root.
Oct 17 15:00:01 monitor-test systemd: Started Session 4862 of user root.
Oct 17 15:01:01 monitor-test systemd: Started Session 4863 of user root.
Oct 17 15:10:01 monitor-test systemd: Started Session 4864 of user root.
Oct 17 15:20:01 monitor-test systemd: Started Session 4865 of user root.
Oct 17 15:30:01 monitor-test systemd: Started Session 4866 of user root.
Oct 17 15:30:01 monitor-test systemd: Started Session 4867 of user root.
Oct 17 15:40:01 monitor-test systemd: Started Session 4868 of user root.
Oct 17 15:50:01 monitor-test systemd: Started Session 4869 of user root.
Oct 17 16:00:01 monitor-test systemd: Started Session 4870 of user root.
Oct 17 16:00:01 monitor-test systemd: Started Session 4871 of user root.
Oct 17 16:01:01 monitor-test systemd: Started Session 4872 of user root.
Oct 17 16:10:01 monitor-test systemd: Started Session 4873 of user root.
Oct 17 16:20:01 monitor-test systemd: Started Session 4874 of user root.
Oct 17 16:30:01 monitor-test systemd: Started Session 4876 of user root.
Oct 17 16:30:01 monitor-test systemd: Started Session 4875 of user root.
Oct 17 16:40:01 monitor-test systemd: Started Session 4877 of user root.

redhat官方回复这是正常的,每个用户登录后都能看到,如果要过滤并禁止掉该消息,用如下方法:

echo 'if $programname == "systemd" and ($msg contains "Starting Session" or $msg contains "Started Session" or $msg contains "Created slice" or $msg contains "Starting user-" or $msg contains "Starting User Slice of" or $msg contains "Removed session" or $msg contains "Removed slice User Slice of" or $msg contains "Stopping User Slice of") then stop' >/etc/rsyslog.d/ignore-systemd-session-slice.conf

最后重启rsyslog服务即可:

systemctl restart rsyslog

redhat官方说明:https://access.redhat.com/solutions/1564823

ERROR 1786 (HY000): Statement violates GTID consistency: CREATE TABLE ... SELECT.问题解决

ogp-mysql57-gtid-replication-b.png
MySQL使用Create table select的时候报错如下:

root@monitor-db 19:35:25 [test]>create table a3 select * from a2 ;
ERROR 1786 (HY000): Statement violates GTID consistency: CREATE TABLE ... SELECT.

问题分析:
MySQL开启gtid以后就不能使用了,MySQL只允许能够保障事务安全,并且能够被日志记录的SQL语句被执行,像create table … select 和 create temporarytable语句,以及同时更新事务表和非事务表的SQL语句或事务都不允许执行

root@monitor-db 19:35:12 [test]>show global variables like '%gtid_mode%';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| gtid_mode     | ON    |
+---------------+-------+
1 row in set (0.00 sec)

如业务需要,可以在线关闭掉gtid,执行如下SQL关闭gtid:

set global gtid_mode='ON_PERMISSIVE';

set global gtid_mode='OFF_PERMISSIVE';

SET @@GLOBAL.ENFORCE_GTID_CONSISTENCY = OFF;

set global gtid_mode='OFF';

show global variables like '%gtid_mode%';

查询执行结果:

root@monitor-db 19:21:31 [test]>show global variables like '%gtid_mode%';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| gtid_mode     | OFF   |
+---------------+-------+
1 row in set (0.00 sec)

再次创建:

root@monitor-db 19:32:46 [test]>desc a2;
+-----------------+------------------+------+-----+---------+-------+
| Field           | Type             | Null | Key | Default | Extra |
+-----------------+------------------+------+-----+---------+-------+
| id              | int(10) unsigned | NO   |     | 0       |       |
| title           | varchar(100)     | NO   |     | NULL    |       |
| author          | varchar(40)      | NO   |     | NULL    |       |
| submission_date | date             | YES  |     | NULL    |       |
+-----------------+------------------+------+-----+---------+-------+
4 rows in set (0.00 sec)

root@monitor-db 19:32:51 [test]>create table a3 select * from a2 ;
Query OK, 0 rows affected (0.01 sec)
Records: 0  Duplicates: 0  Warnings: 0

root@monitor-db 19:32:57 [test]>desc a3;
+-----------------+------------------+------+-----+---------+-------+
| Field           | Type             | Null | Key | Default | Extra |
+-----------------+------------------+------+-----+---------+-------+
| id              | int(10) unsigned | NO   |     | 0       |       |
| title           | varchar(100)     | NO   |     | NULL    |       |
| author          | varchar(40)      | NO   |     | NULL    |       |
| submission_date | date             | YES  |     | NULL    |       |
+-----------------+------------------+------+-----+---------+-------+
4 rows in set (0.01 sec)

已经OK;
在线打开GTID:

root@monitor-db 19:41:31 [test]>set global gtid_mode='OFF_PERMISSIVE';
Query OK, 0 rows affected (0.00 sec)

root@monitor-db 19:44:14 [test]>
root@monitor-db 19:44:14 [test]>set global gtid_mode='ON_PERMISSIVE';
Query OK, 0 rows affected (0.00 sec)

root@monitor-db 19:44:14 [test]>
root@monitor-db 19:44:14 [test]>SET @@GLOBAL.ENFORCE_GTID_CONSISTENCY = ON;
Query OK, 0 rows affected (0.00 sec)

root@monitor-db 19:44:14 [test]>
root@monitor-db 19:44:14 [test]>set global gtid_mode='ON';
Query OK, 0 rows affected (0.01 sec)

root@monitor-db 19:44:14 [test]>
root@monitor-db 19:44:14 [test]>show global variables like '%gtid_mode%';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| gtid_mode     | ON    |
+---------------+-------+
1 row in set (0.00 sec)

打开ok,MySQL5.7开启/关闭GTID,不用重启服务很方便;

最新

分类

归档

评论

其它