利用sentry收集用户行为异常日志,然后报警处理。原本是使用docker直接部署的,但是最近一直在做kubernetes迁移,而且也部署了ceph,所以对于有状态的服务kubernetes集群还是比较友好的。这里就不多说了,直接看一下sentry部署方法:
https://www.wulaoer.org/?p=2412
helm install sentry sentry/sentry --version 8.1.0 -n sentry
利用helm安装sentry很简单,一个命令就可以了,但是安装后需要配置,还有对于sentry的理解很重要,执行上面的命令后一定要看一下pod。
[root@www.wulaoer.org ~]# kubectl get pod -n sentry NAME READY STATUS RESTARTS AGE sentry-clickhouse-0 1/1 Running 0 6d20h sentry-clickhouse-1 1/1 Running 0 6d20h sentry-clickhouse-2 1/1 Running 0 6d20h sentry-clickhouse-replica-0 1/1 Running 0 6d20h sentry-clickhouse-replica-1 1/1 Running 0 6d20h sentry-clickhouse-replica-2 1/1 Running 0 6d20h sentry-clickhouse-tabix-5564dc468-2m6c4 1/1 Running 0 6d20h sentry-cron-799545bb5f-sj7dn 1/1 Running 5 6d20h sentry-ingest-consumer-859d5b79c-4w4sx 1/1 Running 81 6d20h sentry-kafka-0 1/1 Running 0 6d20h sentry-kafka-1 1/1 Running 0 6d20h sentry-kafka-2 1/1 Running 0 6d20h sentry-nginx-79b8cf6989-h9s27 1/1 Running 0 6d20h sentry-post-process-forward-78849fb9f-5cskg 1/1 Running 5 6d20h sentry-rabbitmq-0 1/1 Running 0 6d20h sentry-rabbitmq-1 1/1 Running 0 6d20h sentry-rabbitmq-2 1/1 Running 0 6d20h sentry-relay-5f49687fd5-rvz2b 1/1 Running 0 6d20h sentry-sentry-cleanup-1656864000-ffmtb 0/1 Completed 0 2d11h sentry-sentry-cleanup-1656950400-46rxz 0/1 Completed 0 35h sentry-sentry-cleanup-1657036800-znn27 0/1 Completed 0 11h sentry-sentry-postgresql-0 1/1 Running 0 6d20h sentry-sentry-redis-master-0 1/1 Running 0 6d20h sentry-sentry-redis-slave-0 1/1 Running 0 6d20h sentry-sentry-redis-slave-1 1/1 Running 0 6d20h sentry-sessions-consumer-5fdcc5f65c-hxlbs 1/1 Running 0 6d20h sentry-snuba-api-67456cbdb9-q64t9 1/1 Running 0 6d20h sentry-snuba-consumer-86768dc57b-ccrxl 1/1 Running 1 6d20h sentry-snuba-outcomes-consumer-5448d54749-t74x5 1/1 Running 0 6d20h sentry-snuba-replacer-54594c97f4-5ks44 1/1 Running 0 6d20h sentry-snuba-transactions-consumer-8448445777-swwsv 1/1 Running 1 6d20h sentry-web-8b6b7f9b6-dn8h9 1/1 Running 0 6d19h sentry-worker-5f7d4cccc9-45lvq 1/1 Running 0 6d19h sentry-worker-5f7d4cccc9-fxrdx 1/1 Running 0 6d19h sentry-worker-5f7d4cccc9-qzz99 1/1 Running 0 6d19h sentry-zookeeper-0 1/1 Running 0 6d20h
这里一定检查一下pod,因为有一些有状态的服务,需要挂载磁盘,所以如果启动不了,看一下磁盘挂载情况,阿里云的ack挂载磁盘最少20g,所以这里的redis是启动不了的,还有就是sentry-relay服务,如果没有这个服务就会出现邮箱发送验证失败。
配置邮箱
# kubectl edit configmaps -n sentry sentry-sentry
..............................
################
# Redis #
################
redis.clusters:
default:
hosts:
0:
host: "sentry-sentry-redis-master"
port: 6379
password: ""
mail.backend: 'smtp' # Use dummy if you want to disable email entirely
mail.host: 'smtp.mxhichina.com'
mail.port: 80
mail.username: 'ops@wulaoer.org'
mail.password: 'wulaoer'
mail.use-tls: true
# The email address to send on behalf of
mail.from: 'ops@wulaoer.org'
.........................................
安装过程中如果数据库不能初始化,可以手动初始化
kubectl exec -it -n sentry $(kubectl get pods -n sentry |grep sentry-web |awk '{print $1}') bash
sentry upgrade
手动创建一个新的管理员
kubectl exec -it -n sentry $(kubectl get pods -n sentry |grep sentry-web |awk '{print $1}') bash
sentry createuser
sentry不仅支持web前端,还支持桌面,app,后端等等。这里就不多叙述了,这里一定要注意启动后的pod一定要一样,如果不一样可以通过ingress,web到后端进行排查。
您可以选择一种方式赞助本站
支付宝扫一扫赞助
微信钱包扫描赞助
赏