Alibaba Cloud Managed Service for Prometheus provides general-purpose Prometheus instances. You can create general-purpose Prometheus instances for the remote storage of self-managed Prometheus systems, or to monitor metric data about containers, cloud services, and hosts. You can use the remote write feature to store the monitoring data of Managed Service for Prometheus to remote databases. This topic describes how to create a general-purpose Prometheus instance. The instance allows you to use the remote write feature to connect Managed Service for Prometheus to self-managed Prometheus systems. The feature provides an efficient solution to store monitoring data.
Step 1: Grant the permissions to call the GetPrometheusApiToken operation to a RAM user
If you are using an Alibaba Cloud account, skip this step and proceed to Step 2: Create a RemoteWrite instance and obtain the read and write URLs.
If you want to call the GetPrometheusApiToken operation as a RAM user, you must use your Alibaba Cloud account to grant the required permissions to the RAM user.
This is because if you want to write data from a self-managed Prometheus system to Managed Service for Prometheus, you must call the GetPrometheusApiToken operation. To grant the permissions to a RAM user, perform the following operations:
Log on to the RAM console by using an Alibaba Cloud account or a RAM user that has administrative rights.
In the left-side navigation pane, choose
On the Policies page, click Create Policy.
On the Create Policy page, click the JSON tab.
Enter the following policy document and click Next: Edit Basic Information.
{ "Version": "1", "Statement": [ { "Action": [ "arms:GetPrometheusApiToken" ], "Resource": [ "*" ], "Effect": "Allow" } ] }For more information about the syntax and structure of RAM policies, see Policy structure and syntax.
Check and optimize the content of the custom policy.
Basic optimization
The system automatically optimizes the policy statement. The system performs the following operations during basic optimization:
Deletes unnecessary conditions.
Deletes unnecessary arrays.
(Optional) Advanced optimization
You can move the pointer over Optional: advanced optimize and click Perform. The system performs the following operations during the advanced optimization:
Splits resources or conditions that are incompatible with actions.
Narrows down resources.
Deduplicates or merges policy statements.
Click OK.
On the Users page, find the required RAM user and click Add Permissions in the Actions column.
In the Add Permissions panel, grant the permissions to the RAM user.
Select the authorization scope.
Alibaba Cloud Account: The authorization takes effect on the current Alibaba Cloud account.
Specific Resource Group: The authorization takes effect on a specific resource group.
NoteIf you select Specific Resource Group for Authorized Scope, make sure that the required cloud service supports resource groups. For more information, see Services that work with Resource Group. For more information about how to grant permissions on a resource group, see Use a resource group to manage an ECS instance.
Specify the principal.
The principal is the RAM user to which you want to grant permissions.
Select a policy.
In the Select Policy section of the Add Permissions panel, click Custom Policy. Then, search for the policy that you created in Step 5. Click the policy name to add the policy to the Selected section.
Click OK.
Click Complete.
Step 2: Create a RemoteWrite instance and obtain the read and write URLs
- Log on to the ARMS console.
- In the left-side navigation pane, choose .
- Click Create Prometheus Instance. On the page that appears, click Prometheus Instance for Remote Write.
Specify a name for the Prometheus instance. Then, click Create.
The created Prometheus instance is displayed on the Instance List page and General-purpose is displayed in the Instance Type column.
NoteIf the specified instance name already exists, an error message appears after you click Create. In this case, you must specify another name for the instance.
Copy and save the URLs that are generated in the Remote Read URL and Remote Write URL sections.
Step 3: Configure Prometheus
Install Prometheus. For more information, see Prometheus official documentation.
Open the Prometheus.yaml configuration file and append the following content to the file. Replace the
remote_writeandremote_readURLs with the URLs that you obtained in Step 2: Create a RemoteWrite instance and obtain the read and write URLs. Then, save the file.global: scrape_interval: 15s evaluation_interval: 15s scrape_configs: - job_name: 'prometheus' static_configs: - targets: ['localhost:9090'] remote_write: - url: "http://ts-xxxxxxxxxxxx.hitsdb.rds.aliyuncs.com:3242/api/prom_write" basic_auth: // The username and password must conform to the naming conventions of an AccessKey pair. The owner of the AccessKey pair must have the permissions to call the GetPrometheusApiToken operation. username: access-key-id password: access-key-secret remote_read: - url: "http://ts-xxxxxxxxxxxx.hitsdb.rds.aliyuncs.com:3242/api/prom_read" read_recent: trueNoteIf you want to use a self-managed Prometheus host to write data to Managed Service for Prometheus, you must call the GetPrometheusApiToken operation. By default, you can use an Alibaba Cloud account to call the GetPrometheusApiToken operation. If you want to call the GetPrometheusApiToken operation as a RAM user, you must use your Alibaba Cloud account to grant the required permissions to the RAM user. For more information, see Step 1: Grant the permissions to call the GetPrometheusApiToken operation to a RAM user.
Stop remote storage of Managed Service for Prometheus monitoring data
If you want to stop remote storage of Managed Service for Prometheus monitoring data, you can perform the following steps to uninstall the Prometheus agent:
- Log on to the ARMS console.
- In the left-side navigation pane, choose .
- On the Prometheus Service page, find the Prometheus instance that you want to uninstall and click Uninstall in the Actions column. In the message that appears, click OK. After you uninstall a Prometheus instance, it is no longer displayed on the Prometheus instance page.