diff --git a/blade-auth/pom.xml b/blade-auth/pom.xml
index adaf92ee..91a48d0c 100644
--- a/blade-auth/pom.xml
+++ b/blade-auth/pom.xml
@@ -36,6 +36,10 @@
org.springblade
blade-core-cloud
+
+ org.springblade
+ blade-starter-metrics
+
org.springblade
blade-starter-redis
diff --git a/blade-gateway/pom.xml b/blade-gateway/pom.xml
index f227bb9b..e3bf9eef 100644
--- a/blade-gateway/pom.xml
+++ b/blade-gateway/pom.xml
@@ -40,6 +40,10 @@
+
+ org.springblade
+ blade-starter-metrics
+
org.springblade
blade-starter-jwt
diff --git a/blade-gateway/src/main/java/org/springblade/gateway/provider/AuthProvider.java b/blade-gateway/src/main/java/org/springblade/gateway/provider/AuthProvider.java
index 44485372..95c14ac0 100644
--- a/blade-gateway/src/main/java/org/springblade/gateway/provider/AuthProvider.java
+++ b/blade-gateway/src/main/java/org/springblade/gateway/provider/AuthProvider.java
@@ -44,7 +44,7 @@ public class AuthProvider {
DEFAULT_SKIP_URL.add("/oauth/revoke");
DEFAULT_SKIP_URL.add("/oauth/refresh");
DEFAULT_SKIP_URL.add("/token/**");
- DEFAULT_SKIP_URL.add("/actuator/health/**");
+ DEFAULT_SKIP_URL.add("/actuator/**");
DEFAULT_SKIP_URL.add("/v2/api-docs/**");
DEFAULT_SKIP_URL.add("/auth/**");
DEFAULT_SKIP_URL.add("/log/**");
diff --git a/blade-ops/blade-admin/pom.xml b/blade-ops/blade-admin/pom.xml
index e35dcb6f..1148dd41 100644
--- a/blade-ops/blade-admin/pom.xml
+++ b/blade-ops/blade-admin/pom.xml
@@ -40,6 +40,10 @@
+
+ org.springblade
+ blade-starter-prometheus
+
org.springframework.cloud
diff --git a/blade-ops/blade-admin/src/main/java/org/springblade/admin/config/SecurityConfiguration.java b/blade-ops/blade-admin/src/main/java/org/springblade/admin/config/SecurityConfiguration.java
index c2b995f8..6a42cb05 100644
--- a/blade-ops/blade-admin/src/main/java/org/springblade/admin/config/SecurityConfiguration.java
+++ b/blade-ops/blade-admin/src/main/java/org/springblade/admin/config/SecurityConfiguration.java
@@ -51,6 +51,9 @@ public class SecurityConfiguration {
contextPath + "/assets/**"
, contextPath + "/login"
, contextPath + "/actuator/**"
+ , contextPath + "/v1/agent/**"
+ , contextPath + "/v1/catalog/**"
+ , contextPath + "/v1/health/**"
).permitAll()
.anyExchange().authenticated().and()
.formLogin().loginPage(contextPath + "/login")
diff --git a/blade-ops/pom.xml b/blade-ops/pom.xml
index 688f4588..ae46f593 100644
--- a/blade-ops/pom.xml
+++ b/blade-ops/pom.xml
@@ -28,4 +28,11 @@
blade-xxljob-admin
+
+
+ org.springblade
+ blade-starter-metrics
+
+
+
diff --git a/blade-service/pom.xml b/blade-service/pom.xml
index 8d1f0b69..3a37bd35 100644
--- a/blade-service/pom.xml
+++ b/blade-service/pom.xml
@@ -28,6 +28,10 @@
org.springblade
blade-common
+
+ org.springblade
+ blade-starter-metrics
+
org.springblade
blade-starter-tenant
diff --git a/script/docker/app/deploy.sh b/script/docker/app/deploy.sh
index 7c220271..9d3b7d19 100644
--- a/script/docker/app/deploy.sh
+++ b/script/docker/app/deploy.sh
@@ -7,17 +7,33 @@ usage() {
#开启所需端口
port(){
+ #gateway
firewall-cmd --add-port=88/tcp --permanent
+ #web
firewall-cmd --add-port=8000/tcp --permanent
+ #nacos
firewall-cmd --add-port=8848/tcp --permanent
+ #sentinel
firewall-cmd --add-port=8858/tcp --permanent
+ #grafana
+ firewall-cmd --add-port=3000/tcp --permanent
+ #mysql
firewall-cmd --add-port=3306/tcp --permanent
+ #redis
firewall-cmd --add-port=3379/tcp --permanent
+ #admin
firewall-cmd --add-port=7002/tcp --permanent
+ #ureport
firewall-cmd --add-port=7003/tcp --permanent
+ #zipkin
firewall-cmd --add-port=9411/tcp --permanent
+ #prometheus
+ firewall-cmd --add-port=9090/tcp --permanent
+ #flowdesign
firewall-cmd --add-port=9999/tcp --permanent
+ #swagger
firewall-cmd --add-port=18000/tcp --permanent
+ #firewalld
service firewalld restart
}
@@ -36,6 +52,14 @@ mount(){
mkdir -p /docker/nacos/init.d
cp nacos/init.d/custom.properties /docker/nacos/init.d/custom.properties
fi
+ if test ! -f "/docker/prometheus/prometheus.yml" ;then
+ mkdir -p /docker/prometheus
+ cp prometheus/config/prometheus.yml /docker/prometheus/prometheus.yml
+ fi
+ if test ! -f "/docker/grafana/grafana.ini" ;then
+ mkdir -p /docker/grafana
+ cp prometheus/config/grafana.ini /docker/grafana/grafana.ini
+ fi
}
#启动基础模块
@@ -53,6 +77,11 @@ modules(){
docker-compose up -d blade-gateway1 blade-gateway2 blade-auth1 blade-auth2 blade-swagger blade-report blade-user blade-desk blade-system blade-log blade-flow blade-flow-design blade-resource
}
+#启动普罗米修斯模块
+prometheus(){
+ docker-compose up -d prometheus node-exporter mysqld-exporter cadvisor grafana
+}
+
#关闭所有模块
stop(){
docker-compose stop
diff --git a/script/docker/app/docker-compose.yml b/script/docker/app/docker-compose.yml
index ea262d20..7c9ba4e9 100644
--- a/script/docker/app/docker-compose.yml
+++ b/script/docker/app/docker-compose.yml
@@ -1,5 +1,10 @@
version: '3'
services:
+
+ ####################################################################################################
+ ###=================================== 以下为中间件模块 =========================================###
+ ####################################################################################################
+
nacos:
image: nacos/nacos-server:1.3.2
hostname: "nacos-standalone"
@@ -84,6 +89,10 @@ services:
networks:
- blade_net
+ ####################################################################################################
+ ###================================= 以下为BladeX服务模块 =======================================###
+ ####################################################################################################
+
blade-admin:
image: "${REGISTER}/blade/blade-admin:${TAG}"
environment:
@@ -93,7 +102,8 @@ services:
privileged: true
restart: always
networks:
- - blade_net
+ blade_net:
+ ipv4_address: 172.30.0.72
blade-swagger:
image: "${REGISTER}/blade/blade-swagger:${TAG}"
@@ -232,6 +242,97 @@ services:
networks:
- blade_net
+ ####################################################################################################
+ ###=============================== 以下为Prometheus监控模块 =====================================###
+ ####################################################################################################
+
+ prometheus:
+ image: prom/prometheus:v2.24.1
+ hostname: "prometheus"
+ environment:
+ - TZ=Asia/Shanghai
+ ports:
+ - 9090:9090
+ volumes:
+ - /docker/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml
+ command: "--config.file=/etc/prometheus/prometheus.yml --web.enable-lifecycle"
+ privileged: true
+ restart: always
+ networks:
+ blade_net:
+ ipv4_address: 172.30.0.90
+
+ node-exporter:
+ image: prom/node-exporter:v1.0.1
+ hostname: "node-exporter"
+ environment:
+ - TZ=Asia/Shanghai
+ ports:
+ - 9190:9100
+ privileged: true
+ restart: always
+ networks:
+ blade_net:
+ ipv4_address: 172.30.0.91
+
+ mysqld-exporter:
+ image: prom/mysqld-exporter:v0.12.1
+ hostname: "mysqld-exporter"
+ environment:
+ - TZ=Asia/Shanghai
+ # 需要先在mysql服务执行如下语句
+ # =====================================================================================
+ # === CREATE USER 'exporter'@'mysql服务ip' IDENTIFIED BY '密码'; ===
+ # === GRANT PROCESS, REPLICATION CLIENT, SELECT ON *.* TO 'exporter'@'mysql服务ip'; ===
+ # === flush privileges; ===
+ # =====================================================================================
+ - DATA_SOURCE_NAME=exporter:密码@(mysql服务ip:mysql服务端口)/
+ ports:
+ - 9104:9104
+ privileged: true
+ restart: always
+ networks:
+ blade_net:
+ ipv4_address: 172.30.0.94
+
+ cadvisor:
+ image: google/cadvisor:v0.33.0
+ hostname: "cadvisor"
+ environment:
+ - TZ=Asia/Shanghai
+ ports:
+ - 18080:8080
+ volumes:
+ - /:/rootfs:ro
+ - /var/run:/var/run:rw
+ - /sys:/sys:ro
+ - /var/lib/docker/:/var/lib/docker:ro
+ - /dev/disk/:/dev/disk:ro
+ command: "--detach=true"
+ privileged: true
+ restart: always
+ networks:
+ blade_net:
+ ipv4_address: 172.30.0.180
+
+ grafana:
+ image: grafana/grafana:7.3.7
+ hostname: "grafana"
+ environment:
+ - TZ=Asia/Shanghai
+ - GF_SERVER_ROOT_URL=https://grafana.bladex.vip
+ - GF_SECURITY_ADMIN_PASSWORD=1qaz@WSX
+ ports:
+ - 3000:3000
+ volumes:
+ - /docker/grafana/grafana.ini:/etc/grafana/grafana.ini
+ - /docker/grafana:/var/lib/grafana
+ privileged: true
+ restart: always
+ networks:
+ blade_net:
+ ipv4_address: 172.30.0.30
+
networks:
blade_net:
driver: bridge
diff --git a/script/docker/app/prometheus/config/grafana.ini b/script/docker/app/prometheus/config/grafana.ini
new file mode 100644
index 00000000..b1e5ac0a
--- /dev/null
+++ b/script/docker/app/prometheus/config/grafana.ini
@@ -0,0 +1,849 @@
+##################### Grafana Configuration Example #####################
+#
+# Everything has defaults so you only need to uncomment things you want to
+# change
+
+# possible values : production, development
+;app_mode = production
+
+# instance name, defaults to HOSTNAME environment variable value or hostname if HOSTNAME var is empty
+;instance_name = ${HOSTNAME}
+
+#################################### Paths ####################################
+[paths]
+# Path to where grafana can store temp files, sessions, and the sqlite3 db (if that is used)
+;data = /var/lib/grafana
+
+# Temporary files in `data` directory older than given duration will be removed
+;temp_data_lifetime = 24h
+
+# Directory where grafana can store logs
+;logs = /var/log/grafana
+
+# Directory where grafana will automatically scan and look for plugins
+;plugins = /var/lib/grafana/plugins
+
+# folder that contains provisioning config files that grafana will apply on startup and while running.
+;provisioning = conf/provisioning
+
+#################################### Server ####################################
+[server]
+# Protocol (http, https, h2, socket)
+;protocol = http
+
+# The ip address to bind to, empty will bind to all interfaces
+;http_addr =
+
+# The http port to use
+;http_port = 3000
+
+# The public facing domain name used to access grafana from a browser
+;domain = localhost
+
+# Redirect to correct domain if host header does not match domain
+# Prevents DNS rebinding attacks
+;enforce_domain = false
+
+# The full public facing url you use in browser, used for redirects and emails
+# If you use reverse proxy and sub path specify full url (with sub path)
+;root_url = %(protocol)s://%(domain)s:%(http_port)s/
+
+# Serve Grafana from subpath specified in `root_url` setting. By default it is set to `false` for compatibility reasons.
+;serve_from_sub_path = false
+
+# Log web requests
+;router_logging = false
+
+# the path relative working path
+;static_root_path = public
+
+# enable gzip
+;enable_gzip = false
+
+# https certs & key file
+;cert_file =
+;cert_key =
+
+# Unix socket path
+;socket =
+
+#################################### Database ####################################
+[database]
+# You can configure the database connection by specifying type, host, name, user and password
+# as separate properties or as on string using the url properties.
+
+# Either "mysql", "postgres" or "sqlite3", it's your choice
+;type = sqlite3
+;host = 127.0.0.1:3306
+;name = grafana
+;user = root
+# If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
+;password =
+
+# Use either URL or the previous fields to configure the database
+# Example: mysql://user:secret@host:port/database
+;url =
+
+# For "postgres" only, either "disable", "require" or "verify-full"
+;ssl_mode = disable
+
+;ca_cert_path =
+;client_key_path =
+;client_cert_path =
+;server_cert_name =
+
+# For "sqlite3" only, path relative to data_path setting
+;path = grafana.db
+
+# Max idle conn setting default is 2
+;max_idle_conn = 2
+
+# Max conn setting default is 0 (mean not set)
+;max_open_conn =
+
+# Connection Max Lifetime default is 14400 (means 14400 seconds or 4 hours)
+;conn_max_lifetime = 14400
+
+# Set to true to log the sql calls and execution times.
+;log_queries =
+
+# For "sqlite3" only. cache mode setting used for connecting to the database. (private, shared)
+;cache_mode = private
+
+#################################### Cache server #############################
+[remote_cache]
+# Either "redis", "memcached" or "database" default is "database"
+;type = database
+
+# cache connectionstring options
+# database: will use Grafana primary database.
+# redis: config like redis server e.g. `addr=127.0.0.1:6379,pool_size=100,db=0,ssl=false`. Only addr is required. ssl may be 'true', 'false', or 'insecure'.
+# memcache: 127.0.0.1:11211
+;connstr =
+
+#################################### Data proxy ###########################
+[dataproxy]
+
+# This enables data proxy logging, default is false
+;logging = false
+
+# How long the data proxy waits before timing out, default is 30 seconds.
+# This setting also applies to core backend HTTP data sources where query requests use an HTTP client with timeout set.
+;timeout = 30
+
+# How many seconds the data proxy waits before sending a keepalive probe request.
+;keep_alive_seconds = 30
+
+# How many seconds the data proxy waits for a successful TLS Handshake before timing out.
+;tls_handshake_timeout_seconds = 10
+
+# How many seconds the data proxy will wait for a server's first response headers after
+# fully writing the request headers if the request has an "Expect: 100-continue"
+# header. A value of 0 will result in the body being sent immediately, without
+# waiting for the server to approve.
+;expect_continue_timeout_seconds = 1
+
+# The maximum number of idle connections that Grafana will keep alive.
+;max_idle_connections = 100
+
+# How many seconds the data proxy keeps an idle connection open before timing out.
+;idle_conn_timeout_seconds = 90
+
+# If enabled and user is not anonymous, data proxy will add X-Grafana-User header with username into the request, default is false.
+;send_user_header = false
+
+#################################### Analytics ####################################
+[analytics]
+# Server reporting, sends usage counters to stats.grafana.org every 24 hours.
+# No ip addresses are being tracked, only simple counters to track
+# running instances, dashboard and error counts. It is very helpful to us.
+# Change this option to false to disable reporting.
+;reporting_enabled = true
+
+# Set to false to disable all checks to https://grafana.net
+# for new versions (grafana itself and plugins), check is used
+# in some UI views to notify that grafana or plugin update exists
+# This option does not cause any auto updates, nor send any information
+# only a GET request to http://grafana.com to get latest versions
+;check_for_updates = true
+
+# Google Analytics universal tracking code, only enabled if you specify an id here
+;google_analytics_ua_id =
+
+# Google Tag Manager ID, only enabled if you specify an id here
+;google_tag_manager_id =
+
+#################################### Security ####################################
+[security]
+# disable creation of admin user on first start of grafana
+;disable_initial_admin_creation = false
+
+# default admin user, created on startup
+;admin_user = admin
+
+# default admin password, can be changed before first start of grafana, or in profile settings
+;admin_password = admin
+
+# used for signing
+;secret_key = SW2YcwTIb9zpOOhoPsMm
+
+# disable gravatar profile images
+;disable_gravatar = false
+
+# data source proxy whitelist (ip_or_domain:port separated by spaces)
+;data_source_proxy_whitelist =
+
+# disable protection against brute force login attempts
+;disable_brute_force_login_protection = false
+
+# set to true if you host Grafana behind HTTPS. default is false.
+;cookie_secure = false
+
+# set cookie SameSite attribute. defaults to `lax`. can be set to "lax", "strict", "none" and "disabled"
+;cookie_samesite = lax
+
+# set to true if you want to allow browsers to render Grafana in a ,