概述

已经有了cadvisor、heapster、metric-server,几乎容器运行的所有指标都能拿到,但是下面这种情况却无能为力:

  • 我调度了多少个replicas?现在可用的有几个?
  • 多少个Pod是running/stopped/terminated状态?
  • Pod重启了多少次?
  • 我有多少job在运行中

而这些则是kube-state-metrics提供的内容,它基于client-go开发,轮询Kubernetes API,并将Kubernetes的结构化信息转换为metrics。

功能

kube-state-metrics提供的指标,按照阶段分为三种类别:

  • 1.实验性质的:k8s api中alpha阶段的或者spec的字段。

  • 2.稳定版本的:k8s中不向后兼容的主要版本的更新

  • 3.被废弃的:已经不在维护的。

指标类别包括:

  • CronJob Metrics
  • DaemonSet Metrics
  • Deployment Metrics
  • Job Metrics
  • LimitRange Metrics
  • Node Metrics
  • PersistentVolume Metrics
  • PersistentVolumeClaim Metrics
  • Pod Metrics
  • Pod Disruption Budget Metrics
  • ReplicaSet Metrics
  • ReplicationController Metrics
  • ResourceQuota Metrics
  • Service Metrics
  • StatefulSet Metrics
  • Namespace Metrics
  • Horizontal Pod Autoscaler Metrics
  • Endpoint Metrics
  • Secret Metrics
  • ConfigMap Metrics

以pod为例:

  • kube_pod_info
  • kube_pod_owner
  • kube_pod_status_phase
  • kube_pod_status_ready
  • kube_pod_status_scheduled
  • kube_pod_container_status_waiting
  • kube_pod_container_status_terminated_reason
  • ...
---
apiVersion: rbac.authorization.k8s.io/v1
# kubernetes versions before 1.8.0 should use rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
  namespace: kube-system
  name: kube-state-metrics-resizer
rules:
- apiGroups: [""]
  resources:
  - pods
  verbs: ["get"]
- apiGroups: ["apps"]
  resources:
  - deployments
  resourceNames: ["kube-state-metrics"]
  verbs: ["get", "update"]
- apiGroups: ["extensions"]
  resources:
  - deployments
  resourceNames: ["kube-state-metrics"]
  verbs: ["get", "update"]
---
apiVersion: rbac.authorization.k8s.io/v1
# kubernetes versions before 1.8.0 should use rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
  name: kube-state-metrics
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: kube-state-metrics-resizer
subjects:
- kind: ServiceAccount
  name: kube-state-metrics
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
# kubernetes versions before 1.8.0 should use rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
  name: kube-state-metrics
rules:
- apiGroups: [""]
  resources:
  - configmaps
  - secrets
  - nodes
  - pods
  - services
  - resourcequotas
  - replicationcontrollers
  - limitranges
  - persistentvolumeclaims
  - persistentvolumes
  - namespaces
  - endpoints
  verbs: ["list", "watch"]
- apiGroups: ["extensions"]
  resources:
  - daemonsets
  - deployments
  - replicasets
  - ingresses
  verbs: ["list", "watch"]
- apiGroups: ["apps"]
  resources:
  - daemonsets
  - deployments
  - replicasets
  - statefulsets
  verbs: ["list", "watch"]
- apiGroups: ["batch"]
  resources:
  - cronjobs
  - jobs
  verbs: ["list", "watch"]
- apiGroups: ["autoscaling"]
  resources:
  - horizontalpodautoscalers
  verbs: ["list", "watch"]
- apiGroups: ["policy"]
  resources:
  - poddisruptionbudgets
  verbs: ["list", "watch"]
- apiGroups: ["certificates.k8s.io"]
  resources:
  - certificatesigningrequests
  verbs: ["list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
# kubernetes versions before 1.8.0 should use rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: kube-state-metrics
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: kube-state-metrics
subjects:
- kind: ServiceAccount
  name: kube-state-metrics
  namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: kube-state-metrics
  namespace: kube-system
---
apiVersion: v1
kind: Service
metadata:
  name: kube-state-metrics
  namespace: kube-system
  labels:
    k8s-app: kube-state-metrics
  annotations:
    prometheus.io/scrape: 'true'
spec:
  ports:
  - name: http-metrics
    port: 8080
    targetPort: http-metrics
    protocol: TCP
  - name: telemetry
    port: 8081
    targetPort: telemetry
    protocol: TCP
  selector:
    k8s-app: kube-state-metrics
---
apiVersion: apps/v1
# Kubernetes version 1.8.x should use apps/v1beta2
# Kubernetes versions before 1.8.0 should use apps/v1beta1 or extensions/v1beta1
kind: Deployment
metadata:
  name: kube-state-metrics
  namespace: kube-system
spec:
  selector:
    matchLabels:
      k8s-app: kube-state-metrics
  replicas: 1
  template:
    metadata:
      labels:
        k8s-app: kube-state-metrics
    spec:
      serviceAccountName: kube-state-metrics
      containers:
      - name: kube-state-metrics
        image: harbor.xxx.cn/3rd_part/kube-state-metrics:v1.6.0
        ports:
        - name: http-metrics
          containerPort: 8080
        - name: telemetry
          containerPort: 8081
        readinessProbe:
          httpGet:
            path: /healthz
            port: 8080
          initialDelaySeconds: 5
          timeoutSeconds: 5
      - name: addon-resizer
        image: harbor.xxx.cn/3rd_part/addon-resizer:1.8.4
        resources:
          limits:
            cpu: 150m
            memory: 50Mi
          requests:
            cpu: 150m
            memory: 50Mi
        env:
          - name: MY_POD_NAME
            valueFrom:
              fieldRef:
                fieldPath: metadata.name
          - name: MY_POD_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
        command:
          - /pod_nanny
          - --container=kube-state-metrics
          - --cpu=100m
          - --extra-cpu=1m
          - --memory=100Mi
          - --extra-memory=2Mi
          - --threshold=5
          - --deployment=kube-state-metrics

k8s安装之kube-state-metrics.yaml的更多相关文章

  1. k8s安装之etcd备份还原yaml

    etcd备份还原方案,这种比较高级. 使用docker,自动化处理. 如果单节点备份,ETCD_ENDPOINTS一个即可. 如果多节点恢复,依次执行恢复脚本即可. apiVersion: batch ...

  2. k8s安装常用软件的yaml文件

    参考网址:https://www.bejson.com (网站文件部分有坑,需要擦亮眼睛) nginx k8s版本:v1.20 apiVersion: apps/v1 kind: Deployment ...

  3. k8s 安装ELK(6.7.0版本)和EFK

    一.Elasticsearch安装 helm安装的也行,而且helm安装的stable/elasticsearch可用性更高,但是使用资源更多. 1.安装elasticsearch(线上环境千万记得把 ...

  4. k8s 安装 istio 的坑

    本文针对于二进制部署的k8s安装istio1.67版本 没有设置admin.conf的小伙伴请参考 https://www.cnblogs.com/Tempted/p/13469772.html 1. ...

  5. docker k8s安装

    docker安装 删除依赖包 sudo yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docke ...

  6. k8s 安装文档

    k8s 安装文档 1.5 http://blog.csdn.net/bobpen/article/details/78958675

  7. k8s 安装并试用Istio service mesh

    本文根据官网的文档整理而成,步骤包括安装istio 0.5.1并创建一个bookinfo的微服务来测试istio的功能. 文中使用的yaml文件可以在kubernetes-handbook的manif ...

  8. k8s安装之prometheus.yaml

    这个系列的东东满多的.要另开系列说明. 这里为了内容连续完成,先贴一个吧,其它configmap,exporter就不展示. 为了保持统一,将prometheus也放到二级目录了. - '--web. ...

  9. k8s安装之dashboard.yaml

    这个我使用了nodeport方式导出来. 为了安装,最好在前面加个nginx作密码验证... 这个端口,可以通过防火墙禁掉. # Copyright 2017 The Kubernetes Autho ...

随机推荐

  1. 七、spring生命周期之初始化和销毁方法

    一.通过@Bean指定初始化和销毁方法 在以往的xml中,我们是这样配置的 <bean id="exampleInitBean" class="examples.E ...

  2. 1、Ant和分布式介绍

    { 1.Maven 简介 2.配置Maven运行环境 3.Maven项目 4.Ant和Maven项目的简单对比 5.Maven项目之间的关系 6.War类型项目的创建(tomcat插件和资源拷贝插件) ...

  3. 【LeetCode】最长回文子串【动态规划或中心扩展】

    给定一个字符串 s,找到 s 中最长的回文子串.你可以假设 s 的最大长度为 1000. 示例 1: 输入: "babad"输出: "bab"注意: " ...

  4. Fastjson爆出重大漏洞,攻击者可使整个业务瘫痪

    360网络安全响应中心 https://cert.360.cn/warning/detail?id=82a509e4543433625d6fe4361b5802c9 报告编号:B6-2019-0905 ...

  5. 【C++札记】友元

    C++封装的类增加了对类中数据成员的访问限制,从而保证了安全性.如想访问类中的私有成员需要通过类中提供的公共接口来访问,这样间接的访问方式,无疑使得程序的运行效率有所降低. 友元的提出可以使得类外的函 ...

  6. win7系统的CMD窗口切换目录--小计

    经常使用win7系统的CMD窗口,需要切换到工作目录,方法如下: 1. Win + R 2. 在命令行输入 cmd 出现如下: C:\Users\admin> 3. 在以上输入 D: (表示切换 ...

  7. 【LEETCODE】53、数组分类,简单级别,题目:989、674、1018、724、840、747

    真的感觉有点难... 这还是简单级别... 我也是醉了 package y2019.Algorithm.array; import java.math.BigDecimal; import java. ...

  8. centos7,jdk8,tomcat8镜像推送到腾讯云

    目录 centos7 jdk tomcat centos7 创建一个mycentos7的文件 vim mycentos7 FROM centos:7 MAINTAINER qyp_mail@sohu. ...

  9. jedis参数不当引发的问题总结

    jedis参数不当引发dubbo服务线程池耗尽异常 现象:一个dubbo服务偶发性的出现个别机器甚至整个集群大量报线程池耗尽的问题.一开始对问题的处理比较粗暴,直接增加了10倍的线程数.但是问题依然偶 ...

  10. [UOJ #140]【UER #4】被粉碎的数字

    题目大意:定义$f(x)$为数字$x$每一位数字的和,求$\sum\limits_{i=1}^R[f(x)=f(kx)]$.$R\leqslant10^{18},k\leqslant10^3$ 题解: ...