blackbox-exporter监测站点
# 1.问题描述
1.访问www.demo.com会跳转到 www.demo.com.cn
2.访问www.demo.com.cn会跳转到 www.demo.com
3.这样的话我用blackbox-exporter探测www.demo.com的证书有效期实际探测到的是www.demo.com.cn
4.探测www.demo.com.cn的证书有效期实际探测到的是www.demo.com
5.探测自身域名的可用性以及ssl证书的有效性
1
2
3
4
5
2
3
4
5
# 2.在blackbox-exporter中增加禁止重定向参数, 参考1 (opens new window) 参考2 (opens new window)
[root@prod-manage blackbox_exporter]# cat blackbox-conf.yaml
apiVersion: v1
data:
blackbox-conf.yaml: |-
modules:
http_2xx:
prober: http
http:
valid_status_codes: [200,204,301,302,303]
no_follow_redirects: true # 禁止重定向
preferred_ip_protocol: "ip4"
ip_protocol_fallback: false # 表示禁用协议回退机制。如果系统或工具无法使用默认的 IP 协议(例如,IPv6),则不会自动回退到其他协议(例如,IPv4)
tcp_connect:
prober: tcp
tcp:
preferred_ip_protocol: "ip4"
pop3s_banner:
prober: tcp
tcp:
preferred_ip_protocol: "ip4"
query_response:
- expect: "^+OK"
tls: true
tls_config:
insecure_skip_verify: false
ssh_banner:
prober: tcp
tcp:
preferred_ip_protocol: "ip4"
query_response:
- expect: "^SSH-2.0-"
irc_banner:
prober: tcp
tcp:
preferred_ip_protocol: "ip4"
query_response:
- send: "NICK prober"
- send: "USER prober prober prober :prober"
- expect: "PING :([^ ]+)"
send: "PONG ${1}"
- expect: "^:[^ ]+ 001"
icmp:
prober: icmp
kind: ConfigMap
metadata:
name: blackbox-conf
namespace: kube-mon
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
# 3.告警规则
- name: blackbox
rules:
- alert: ssl
expr: max(floor((probe_ssl_earliest_cert_expiry - time()) / 86400) < 35) by (host)
for: 12h
labels:
severity: critical
annotations:
summary: "SSL证书即将过期!(域名: {{ $labels.host }})"
description: "SSL证书在35天内即将过期!\n 剩余天数: {{ $value }}天"
- alert: 站点不可用
expr: max by(host, instance, namespace, job) ((probe_success == 0) and (probe_success{job!="mysqld"}))
for: 30s
labels:
severity: error
annotations:
summary: "站点服务:{{ $labels.name }}"
description: "站点状态异常: {{ $labels.instance }} "
- alert: 站点耗时过高
expr: probe_duration_seconds >= 0.5
for: 2m
labels:
severity: critical
annotations:
summary: "站点服务:{{ $labels.name }}"
description: "站点地址: {{ $labels.instance }}"
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
上次更新: 2025/04/25, 03:40:17