Quickly deploy the open source monitoring platform HertzBeat in 10 minutes

Connect to HertzBeat, an open source monitoring platform

Preface

Monitoring platform introduction

The monitoring platform can be quickly deployed using docker, can periodically monitor the status of various APIs, databases, etc., and provide relatively complete visualization functions. The monitoring platform has integrated exception notifications through webhook, Qiwei Dingding Feishu notification robot, and email. These functions have fully met our daily service monitoring needs.

The purpose of this article is to allow developers to quickly deploy their own monitoring platform services locally, and then it is best to configure it once and not worry about it again.

text

Quick to use

Pull the image, create a local directory, and enter the working directory

docker pull tancloud/hertzbeat:v1.3.0
mkdir -p /home/service/hertzbeat/data /home/service/hertzbeat/logs
cd /home/service/hertzbeat

If you need to use email to send alerts, you need to replace the email server parameters in application.yml (optional, if you do not need email alerts, you do not need to modify the file content)
vim application.yml

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

server:
  port: 1157
spring:
  application:
    name: ${HOSTNAME:@hertzbeat@}${PID}
  profiles:
    active: prod
  mvc:
    static-path-pattern: /**
  jackson:
    default-property-inclusion: ALWAYS
  web:
    resources:
      static-locations:
        - classpath:/dist/
        - classpath:../dist/
  thymeleaf:
    prefix: classpath:/templates/
    check-template-location: true
    cache: true
    suffix: .html
    mode: HTML

management:
  health:
    mail:
      enabled: off
  endpoints:
    web:
      exposure:
        include:
          - 'metrics'
          - 'health'
          - 'env'
    enabled-by-default: on

sureness:
  auths:
    - digest
    - basic
    - jwt
  jwt:
    secret: 'CyaFv0bwq2Eik0jdrKUtsA6bx3sDJeFV643R
             LnfKefTjsIfJLBa2YkhEqEGtcHDTNe4CU6+9
             8tVt4bisXQ13rbN0oxhUZR73M6EByXIO+SV5
             dKhaX0csgOCTlCxq20yhmUea6H6JIpSE2Rwp'

---
spring:
  config:
    activate:
      on-profile: prod

  datasource:
    driver-class-name: org.h2.Driver
    username: sa
    password: 123456
    url: jdbc:h2:./data/hertzbeat;MODE=MYSQL
    hikari:
      max-lifetime: 120000

  jpa:
    hibernate:
      ddl-auto: update

  # Not Require, Please config if you need email notify
  # 非必填：不使用邮箱作为警告通知可以去掉spring.mail配置
  mail:
    # Attention: this is mail server address.
    # 请注意此为邮件服务器地址：qq邮箱为 smtp.qq.com qq企业邮箱为 smtp.exmail.qq.com
    host: smtp.qq.com
    username: [email protected]
    # Attention: this is not email account password, this requires an email authorization code
    # 请注意此非邮箱账户密码 此需填写邮箱授权码
    password: example
    port: 465
    default-encoding: UTF-8
    properties:
      mail:
        smtp:
          socketFactoryClass: javax.net.ssl.SSLSocketFactory
          ssl:
            enable: true
        debug: false

warehouse:
  store:
# store history metrics data, enable only one below
# 存储历史数据方式, 下方只能enabled启用一种方式
    jpa:
      enabled: true
      expire-time: 1h
    td-engine:
      enabled: false
      driver-class-name: com.taosdata.jdbc.rs.RestfulDriver
      url: jdbc:TAOS-RS://localhost:6041/hertzbeat
      username: root
      password: taosdata
    iot-db:
      enabled: false
      host: 127.0.0.1
      rpc-port: 6667
      username: root
      password: root
      # org.dromara.hertzbeat.warehouse.config.IotDbVersion: V_0_13 || V_1_0
      version: V_0_13
      query-timeout-in-ms: -1
      # 数据存储时间：默认'7776000000'（90天,单位为毫秒,-1代表永不过期）
      # data expire time, unit:ms, default '7776000000'(90 days, -1:never expire)
      expire-time: '7776000000'
# store real-time metrics data, enable only one below
# 存储实时数据方式, 下方只能enabled启用一种方式
    memory:
      enabled: true
      init-size: 1024
    redis:
      enabled: false
      host: 127.0.0.1
      port: 6379
      password: 123456

alerter:
  # custom console url
  console-url: https://console.tancloud.cn

Configure the mounted HertzBeat user configuration file and customize the user password (optional).
HertzBeat has three built-in user accounts by default, namely admin/hertzbeat tom/hertzbeat guest/hertzbeat.
Note: Although the default account is optional, it cannot be modified after startup. For passwords and user creation, it is recommended that you change the password. Generally, you only need to keep an administrator account!

vim sureness.yml

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

## -- sureness.yml文本数据源 -- ##

# 加载到匹配字典的资源,也就是需要被保护的,设置了所支持角色访问的资源
# 没有配置的资源也默认被认证保护,但不鉴权
# eg: /api/v1/source1===get===[admin] 表示 /api/v2/host===post 这条资源支持 admin 这一种角色访问
# eg: /api/v1/source2===get===[] 表示 /api/v1/source2===get 这条资源不支持任何角色访问
resourceRole:
  - /api/account/auth/refresh===post===[admin,user,guest]
  - /api/apps/**===get===[admin,user,guest]
  - /api/monitor/**===get===[admin,user,guest]
  - /api/monitor/**===post===[admin,user]
  - /api/monitor/**===put===[admin,user]
  - /api/monitor/**===delete==[admin]
  - /api/monitors/**===get===[admin,user,guest]
  - /api/monitors/**===post===[admin,user]
  - /api/monitors/**===put===[admin,user]
  - /api/monitors/**===delete===[admin]
  - /api/alert/**===get===[admin,user,guest]
  - /api/alert/**===post===[admin,user]
  - /api/alert/**===put===[admin,user]
  - /api/alert/**===delete===[admin]
  - /api/alerts/**===get===[admin,user,guest]
  - /api/alerts/**===post===[admin,user]
  - /api/alerts/**===put===[admin,user]
  - /api/alerts/**===delete===[admin]
  - /api/notice/**===get===[admin,user,guest]
  - /api/notice/**===post===[admin,user]
  - /api/notice/**===put===[admin,user]
  - /api/notice/**===delete===[admin]
  - /api/tag/**===get===[admin,user,guest]
  - /api/tag/**===post===[admin,user]
  - /api/tag/**===put===[admin,user]
  - /api/tag/**===delete===[admin]
  - /api/summary/**===get===[admin,user,guest]
  - /api/summary/**===post===[admin,user]
  - /api/summary/**===put===[admin,user]
  - /api/summary/**===delete===[admin]

# 需要被过滤保护的资源,不认证鉴权直接访问
# /api/v1/source3===get 表示 /api/v1/source3===get 可以被任何人访问 无需登录认证鉴权
excludedResource:
  - /api/account/auth/**===*
  - /api/i18n/**===get
  - /api/apps/hierarchy===get
  - /actuator/**===get
  # web ui 前端静态资源
  - /===get
  - /dashboard/**===get
  - /monitors/**===get
  - /alert/**===get
  - /account/**===get
  - /setting/**===get
  - /passport/**===get
  - /**/*.html===get
  - /**/*.js===get
  - /**/*.css===get
  - /**/*.ico===get
  - /**/*.ttf===get
  - /**/*.png===get
  - /**/*.gif===get
  - /**/*.jpg===get
  - /**/*.svg===get
  - /**/*.json===get
  # swagger ui 资源
  - /swagger-resources/**===get
  - /v2/api-docs===get
  - /v3/api-docs===get
  # h2 database
  - /h2-console/**===*

# 用户账户信息
# 下面有 admin tom lili 三个账户
# eg: admin 拥有[admin,user]角色,密码为hertzbeat
# eg: tom 拥有[user],密码为hertzbeat
# eg: lili 拥有[guest],明文密码为lili, 加盐密码为1A676730B0C7F54654B0E09184448289
account:
  - appId: admin
    credential: hertzbeat
    role: [admin,user]
  - appId: tom
    credential: hertzbeat
    role: [user]
  - appId: guest
    credential: hertzbeat
    role: [guest]
  - appId: lili
    # 注意 Digest认证不支持加盐加密的密码账户
    # 加盐加密的密码，通过 MD5(password+salt)计算
    # 此账户的原始密码为 lili
    credential: 1A676730B0C7F54654B0E09184448289
    salt: 123
    role: [guest]

Start docker
and wait a moment to access port 1157 to view the visual interface.

docker run -d -p 1157:1157 \
    -e LANG=zh_CN.UTF-8 \
    -e TZ=Asia/Shanghai \
    -v /home/service/hertzbeat/data:/opt/hertzbeat/data \
    -v /home/service/hertzbeat/logs:/opt/hertzbeat/logs \
    -v /home/service/hertzbeat/application.yml:/opt/hertzbeat/config/application.yml \
    -v /home/service/hertzbeat/sureness.yml:/opt/hertzbeat/config/sureness.yml \
    --restart=always \
    --name hertzbeat tancloud/hertzbeat:v1.3.0

postscript

The monitoring platform has integrated exception notifications through webhook, Qiwei Dingding Feishu notification robot, and email. These functions have fully met our daily service monitoring needs. The service is based on Spring Boot, and the actual measured memory usage is about 500M. The overall user experience is very good, and the deployment can be completed in 10 minutes. Welcome to communicate.