HertzBeat
应用心跳检测工具,支持 SpringBoot 应用、操作系统、WebSocket、MySQL、Redis 等各种组件,支持告警和配置多种告警方式(企微、钉钉、飞书、邮件和短信)。dromara/hertzbeat
1、部署
1.1、HertzBeat+Mysql+VictoriaMetrics
将链接里的目录和文件拷贝,并启动即可。链接:dromara/hertzbeat
# 拉取镜像并启动
docker-compose up -d整体的目录结构
├─docker-compose.yaml
├─README.md
├─README_CN.md
├─ext-lib
| ├─.gitignore
| └README
├─dbdata
| ├─tsdbdata
| | └.gitignore
| ├─mysqldata
| | └.gitignore
├─conf
| ├─application.yml
| ├─sureness.yml
| ├─sql
| | └schema.sql
docker-compose 文件
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
version: "3.7"
networks:
hertzbeat:
driver: bridge
services:
mysql:
image: mysql:8
container_name: compose-mysql
hostname: mysql
restart: always
healthcheck:
test: ['CMD-SHELL', 'mysqladmin ping -h 127.0.0.1 --silent']
interval: 3s
retries: 5
start_period: 3m
ports:
- "3306"
environment:
TZ: Asia/Shanghai
MYSQL_ROOT_PASSWORD: 123456
volumes:
- ./dbdata/mysqldata:/var/lib/mysql/
- ./conf/sql:/docker-entrypoint-initdb.d/
networks:
- hertzbeat
victoria-metrics:
image: victoriametrics/victoria-metrics:v1.95.1
container_name: compose-victoria-metrics
hostname: victoria-metrics
restart: always
healthcheck:
test: ["CMD", "wget", "-q", "-O", "-", "http://victoria-metrics:8428/-/healthy"]
interval: 10s
retries: 5
timeout: 5s
start_period: 30s
environment:
TZ: Asia/Shanghai
ports:
- "8428"
volumes:
- ./dbdata/tsdbdata:/victoria-metrics-data
networks:
- hertzbeat
hertzbeat:
image: apache/hertzbeat
container_name: compose-hertzbeat
hostname: hertzbeat
restart: always
environment:
TZ: Asia/Shanghai
LANG: zh_CN.UTF-8
depends_on:
mysql:
condition: service_healthy
victoria-metrics:
condition: service_healthy
volumes:
- ./conf/application.yml:/opt/hertzbeat/config/application.yml
- ./conf/sureness.yml:/opt/hertzbeat/config/sureness.yml
- ./ext-lib:/opt/hertzbeat/ext-lib
- ./logs:/opt/hertzbeat/logs
ports:
- "1157:1157"
- "1158:1158"
networks:
- hertzbeatapplication.yml 文件
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
server:
port: 1157
spring:
application:
name: ${HOSTNAME:@hertzbeat@}${PID}
profiles:
active: prod
mvc:
static-path-pattern: /**
jackson:
default-property-inclusion: ALWAYS
web:
resources:
static-locations:
- classpath:/dist/
- classpath:../dist/
# need to disable spring boot mongodb auto config, or default mongodb connection tried and failed..
autoconfigure:
exclude: org.springframework.boot.autoconfigure.mongo.MongoAutoConfiguration, org.springframework.boot.autoconfigure.data.mongo.MongoDataAutoConfiguration
freemarker:
enabled: false
management:
health:
mail:
enabled: off
endpoints:
web:
exposure:
include:
- 'metrics'
- 'health'
enabled-by-default: on
sureness:
container: jakarta_servlet
auths:
- digest
- basic
- jwt
jwt:
secret: 'CyaFv0bwq2Eik0jdrKUtsA6bx3sDJeFV643R
LnfKefTjsIfJLBa2YkhEqEGtcHDTNe4CU6+9
8tVt4bisXQ13rbN0oxhUZR73M6EByXIO+SV5
dKhaX0csgOCTlCxq20yhmUea6H6JIpSE2Rwp'
---
spring:
config:
activate:
on-profile: prod
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
username: root
password: 123456
url: jdbc:mysql://mysql:3306/hertzbeat?useUnicode=true&characterEncoding=utf-8&allowPublicKeyRetrieval=true&useSSL=false
platform: mysql
hikari:
max-lifetime: 120000
jpa:
show-sql: false
database-platform: org.eclipse.persistence.platform.database.MySQLPlatform
database: mysql
properties:
eclipselink:
logging:
level: SEVERE
flyway:
enabled: true
clean-disabled: true
baseline-on-migrate: true
baseline-version: 1
locations:
- classpath:db/migration/{vendor}
# Not Require, Please config if you need email notify
# 非必填:不使用邮箱作为警告通知可以去掉spring.mail配置
mail:
# Attention: this is mail server address.
# 请注意此为邮件服务器地址:qq邮箱为 smtp.qq.com qq企业邮箱为 smtp.exmail.qq.com
host: smtp.qq.com
username: example@qq.com
# Attention: this is not email account password, this requires an email authorization code
# 请注意此非邮箱账户密码 此需填写邮箱授权码
password: xxqzvuqbnqvbbdac
port: 465
default-encoding: UTF-8
properties:
mail:
smtp:
socketFactoryClass: javax.net.ssl.SSLSocketFactory
ssl:
enable: true
warehouse:
store:
# store history metrics data, enable only one below
# 存储历史数据方式, 下方只能enabled启用一种方式
jpa:
enabled: false
expire-time: 1h
victoria-metrics:
enabled: true
url: http://victoria-metrics:8428
username: root
password: root
# store real-time metrics data, enable only one below
# 存储实时数据方式, 下方只能enabled启用一种方式
memory:
enabled: true
init-size: 16
redis:
enabled: false
host: 127.0.0.1
port: 6379
password: 123456
common:
queue:
# memory or kafka
type: memory
alerter:
# custom console url
console-url: https://console.tancloud.io
# we work
we-work-webhook-url: https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=
# ding ding talk
ding-talk-webhook-url: https://oapi.dingtalk.com/robot/send?access_token=
# fei shu fly book
fly-book-webhook-url: https://open.feishu.cn/open-apis/bot/v2/hook/
# telegram
telegram-webhook-url: https://api.telegram.org/bot%s/sendMessage
# discord
discord-webhook-url: https://discord.com/api/v9/channels/%s/messages
# server酱
server-chan-webhook-url: https://sctapi.ftqq.com/%s.send
# gotify
gotify-webhook-url: http://127.0.0.1/message?token=%s
scheduler:
server:
enabled: true
port: 1158sureness.yml 文件
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## -- sureness.yml account source -- ##
# config the resource restful api that need auth protection, base rbac
# rule: api===method===role
# eg: /api/v1/source1===get===[admin] means /api/v2/host===post support role[admin] access.
# eg: /api/v1/source2===get===[] means /api/v1/source2===get can not access by any role.
resourceRole:
- /api/account/auth/refresh===post===[admin,user,guest]
- /api/apps/**===get===[admin,user,guest]
- /api/monitor/**===get===[admin,user,guest]
- /api/monitor/**===post===[admin,user]
- /api/monitor/**===put===[admin,user]
- /api/monitor/**===delete==[admin]
- /api/monitors/**===get===[admin,user,guest]
- /api/monitors/**===post===[admin,user]
- /api/monitors/**===put===[admin,user]
- /api/monitors/**===delete===[admin]
- /api/alert/**===get===[admin,user,guest]
- /api/alert/**===post===[admin,user]
- /api/alert/**===put===[admin,user]
- /api/alert/**===delete===[admin]
- /api/alerts/**===get===[admin,user,guest]
- /api/alerts/**===post===[admin,user]
- /api/alerts/**===put===[admin,user]
- /api/alerts/**===delete===[admin]
- /api/notice/**===get===[admin,user,guest]
- /api/notice/**===post===[admin,user]
- /api/notice/**===put===[admin,user]
- /api/notice/**===delete===[admin]
- /api/tag/**===get===[admin,user,guest]
- /api/tag/**===post===[admin,user]
- /api/tag/**===put===[admin,user]
- /api/tag/**===delete===[admin]
- /api/summary/**===get===[admin,user,guest]
- /api/summary/**===post===[admin,user]
- /api/summary/**===put===[admin,user]
- /api/summary/**===delete===[admin]
- /api/collector/**===get===[admin,user,guest]
- /api/collector/**===post===[admin,user]
- /api/collector/**===put===[admin,user]
- /api/collector/**===delete===[admin]
- /api/status/page/**===get===[admin,user,guest]
- /api/status/page/**===post===[admin,user]
- /api/status/page/**===put===[admin,user]
- /api/status/page/**===delete===[admin]
# config the resource restful api that need bypass auth protection
# rule: api===method
# eg: /api/v1/source3===get means /api/v1/source3===get can be access by anyone, no need auth.
excludedResource:
- /api/alerts/report/**===*
- /api/account/auth/**===*
- /api/i18n/**===get
- /api/apps/hierarchy===get
- /api/push/**===*
- /api/status/page/public/**===*
# web ui resource
- /===get
- /dashboard/**===get
- /monitors/**===get
- /alert/**===get
- /account/**===get
- /setting/**===get
- /passport/**===get
- /status/**===get
- /**/*.html===get
- /**/*.js===get
- /**/*.css===get
- /**/*.ico===get
- /**/*.ttf===get
- /**/*.png===get
- /**/*.gif===get
- /**/*.jpg===get
- /**/*.svg===get
- /**/*.json===get
- /**/*.woff===get
- /**/*.eot===get
# swagger ui resource
- /swagger-resources/**===get
- /v2/api-docs===get
- /v3/api-docs===get
# h2 database
- /h2-console/**===*
# account info config
# eg: admin has role [admin,user], password is hertzbeat
# eg: tom has role [user], password is hertzbeat
# eg: lili has role [guest], plain password is lili, salt is 123, salted password is 1A676730B0C7F54654B0E09184448289
account:
- appId: admin
credential: hertzbeat
role: [admin]
- appId: tom
credential: hertzbeat
role: [user]
- appId: guest
credential: hertzbeat
role: [guest]
- appId: lili
# credential = MD5(password + salt)
# plain password: hertzbeat
# attention: digest authentication does not support salted encrypted password accounts
credential: 94C6B34E7A199A9F9D4E1F208093B489
salt: 123
role: [user]schema.sql 文件
-- Licensed to the Apache Software Foundation (ASF) under one
-- or more contributor license agreements. See the NOTICE file
-- distributed with this work for additional information
-- regarding copyright ownership. The ASF licenses this file
-- to you under the Apache License, Version 2.0 (the
-- "License"); you may not use this file except in compliance
-- with the License. You may obtain a copy of the License at
--
-- http://www.apache.org/licenses/LICENSE-2.0
--
-- Unless required by applicable law or agreed to in writing, software
-- distributed under the License is distributed on an "AS IS" BASIS,
-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-- See the License for the specific language governing permissions and
-- limitations under the License.
-- this file works for MySQL.
set names utf8mb4;
create database if not exists hertzbeat default charset utf8mb4 collate utf8mb4_general_ci;
commit;2、使用
开放 1157 端口,访问 localhost:1157 ,默认账号密码 admin/hertzbeat。
