当前位置: 首页 > article >正文

k8s集群部署metrics-server

article 2024/11/29 16:57:00

1、Metrics Server介绍

Metrics Server 是集群级别的资源利用率数据的聚合器。从 Kubelets收集资源指标,并通过 Metrics API 在 Kubernetes apiserver 中公开它们,以供 Horizontal Pod Autoscaler 和Vertical Pod Autoscaler 使用。

Metrics API 也可以通过访问 kubectl top,从而更容易调试自动缩放管道。

Metrics Server基于内存存储,重启后数据将全部丢失,而且它仅能留存最近收集到的指标数据。

二、安装Metrics Server

1、下载配置文件

$ wget https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml

2、修改components.yaml配置文件

$ cat components.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    k8s-app: metrics-server
    rbac.authorization.k8s.io/aggregate-to-admin: "true"
    rbac.authorization.k8s.io/aggregate-to-edit: "true"
    rbac.authorization.k8s.io/aggregate-to-view: "true"
  name: system:aggregated-metrics-reader
rules:
- apiGroups:
  - metrics.k8s.io
  resources:
  - pods
  - nodes
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    k8s-app: metrics-server
  name: system:metrics-server
rules:
- apiGroups:
  - ""
  resources:
  - nodes/metrics
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - pods
  - nodes
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server-auth-reader
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server:system:auth-delegator
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:auth-delegator
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: system:metrics-server
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:metrics-server
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: v1
kind: Service
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
spec:
  ports:
  - name: https
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    k8s-app: metrics-server
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
spec:
  selector:
    matchLabels:
      k8s-app: metrics-server
  strategy:
    rollingUpdate:
      maxUnavailable: 0
  template:
    metadata:
      labels:
        k8s-app: metrics-server
    spec:
      containers:
      - args:
        - --cert-dir=/tmp
        - --secure-port=10250
        - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
        - --kubelet-use-node-status-port
        - --metric-resolution=15s
        - --kubelet-insecure-tls
        #image: registry.k8s.io/metrics-server/metrics-server:v0.7.2
        image: registry.aliyuncs.com/google_containers/metrics-server:v0.7.2
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /livez
            port: https
            scheme: HTTPS
          periodSeconds: 10
        name: metrics-server
        ports:
        - containerPort: 10250
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /readyz
            port: https
            scheme: HTTPS
          initialDelaySeconds: 20
          periodSeconds: 10
        resources:
          requests:
            cpu: 100m
            memory: 200Mi
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            drop:
            - ALL
          readOnlyRootFilesystem: true
          runAsNonRoot: true
          runAsUser: 1000
          seccompProfile:
            type: RuntimeDefault
        volumeMounts:
        - mountPath: /tmp
          name: tmp-dir
      nodeSelector:
        kubernetes.io/os: linux
      priorityClassName: system-cluster-critical
      serviceAccountName: metrics-server
      volumes:
      - emptyDir: {}
        name: tmp-dir
---
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
  labels:
    k8s-app: metrics-server
  name: v1beta1.metrics.k8s.io
spec:
  group: metrics.k8s.io
  groupPriorityMinimum: 100
  insecureSkipTLSVerify: true
  service:
    name: metrics-server
    namespace: kube-system
  version: v1beta1
  versionPriority: 100

 修改镜像并新增--kubelet-insecure-tls参数:

3、安装

$ kubectl apply -f components.yaml 
serviceaccount/metrics-server created
clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
clusterrole.rbac.authorization.k8s.io/system:metrics-server created
rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created
clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created
clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created
service/metrics-server created
deployment.apps/metrics-server created
apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created

4、查看

$ kubectl get pod -A
NAMESPACE     NAME                                       READY   STATUS    RESTARTS       AGE
kube-system   calico-kube-controllers-658d97c59c-qjdrt   1/1     Running   12 (56m ago)   6h48m
kube-system   calico-node-5msx4                          1/1     Running   0              6h48m
kube-system   calico-node-5q749                          1/1     Running   2 (54m ago)    6h48m
kube-system   calico-node-z9gtq                          1/1     Running   0              6h48m
kube-system   coredns-66f779496c-2v6l9                   1/1     Running   1              7h18m
kube-system   coredns-66f779496c-kj6db                   1/1     Running   3 (81m ago)    7h18m
kube-system   etcd-k8s-master                            1/1     Running   7              7h18m
kube-system   kube-apiserver-k8s-master                  1/1     Running   6              7h18m
kube-system   kube-controller-manager-k8s-master         1/1     Running   6 (54m ago)    7h18m
kube-system   kube-proxy-77vqw                           1/1     Running   0              7h18m
kube-system   kube-proxy-cmnxt                           1/1     Running   0              7h16m
kube-system   kube-proxy-ksrmj                           1/1     Running   0              7h17m
kube-system   kube-scheduler-k8s-master                  1/1     Running   6 (55m ago)    7h18m
kube-system   metrics-server-794bb5d868-ghk49            1/1     Running   0              61s

可见已在Kube-system名称空间中成功运行

5、测试

$ kubectl top node
NAME         CPU(cores)   CPU%   MEMORY(bytes)   MEMORY%   
k8s-master   199m         9%     1520Mi          41%       
k8s-node1    77m          3%     914Mi           53%       
k8s-node2    87m          4%     911Mi           52%
$ kubectl top pod -A
NAMESPACE     NAME                                       CPU(cores)   MEMORY(bytes)   
kube-system   calico-kube-controllers-658d97c59c-qjdrt   1m           11Mi            
kube-system   calico-node-5msx4                          45m          105Mi           
kube-system   calico-node-5q749                          44m          69Mi            
kube-system   calico-node-z9gtq                          42m          128Mi           
kube-system   coredns-66f779496c-2v6l9                   2m           13Mi            
kube-system   coredns-66f779496c-kj6db                   2m           11Mi            
kube-system   etcd-k8s-master                            25m          86Mi            
kube-system   kube-apiserver-k8s-master                  76m          288Mi           
kube-system   kube-controller-manager-k8s-master         23m          50Mi            
kube-system   kube-proxy-77vqw                           1m           18Mi            
kube-system   kube-proxy-cmnxt                           1m           31Mi            
kube-system   kube-proxy-ksrmj                           1m           36Mi            
kube-system   kube-scheduler-k8s-master                  3m           22Mi            
kube-system   metrics-server-794bb5d868-ghk49            4m           15Mi

http://www.kler.cn/a/414443.html

相关文章:

  • R Excel 文件操作指南
  • 有关物流无人机与快递配送的协同研究
  • 【动手学电机驱动】STM32-FOC(8)MCSDK Profiler 电机参数辨识
  • Docker的save和export命令的区别,load和import的区别 笔记241124
  • Soul App创始人张璐团队亮相GITEX GLOBAL 2024,展示多模态AI的交互创新
  • 【Linux】Linux 内存管理机制
  • 浅谈网络 | 应用层之HTTP协议
  • 微知-git如何添加空目录的几种方式?(.gitkeep, githook, gitconfig)
  • 1.1 STM32_GPIO_基本知识
  • 【释放算力潜能】基于华为鲲鹏920 + 昇腾310B的VPX架构主板
  • 数学建模中的10大经典模型及其实际应用:从入门到精通!(一)线性规划模型
  • 【FPGA】UART串口通信
  • 深度学习视频编解码开源项目介绍【持续更新】
  • 新版Android Studio 一些配置细节
  • Algorithms and Data Structures in C++ by Mohammed Yasir Eramangadan
  • linux安全管理-防火墙配置
  • UNity将脚本中的文本提示显示在编辑器中
  • #渗透测试#红蓝攻防#HW#漏洞挖掘#漏洞复现01-笑脸漏洞(vsftpd)
  • 启动SpringBoot
  • Docker网络模式:桥接(Bridge)模式与主机模式(Host)实操对比(一)
  • docker网络配置
  • git打标签的作用?
  • ELK(Elasticsearch + logstash + kibana + Filebeat + Kafka + Zookeeper)日志分析系统
  • 【05】Selenium+Python 两种文件上传方式(AutoIt)
  • 计算机网络八股整理(二)
  • http账号密码认证Http Basic Auth