kubernetes之配置Metrics Server
Kubernetes 1.8 关于资源使用情况的 metrics,可以通过 Metrics API 获取到, Kubernetes 1.11 已经废弃 heapster。这里我们基于 Kubernetes 1.14.1 版本安装 Metrics Server。
首先,先说明下集群环境:
[root@node-01]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
node-01 Ready master 2d1h v1.14.1
node-02 Ready master 2d1h v1.14.1
node-03 Ready master 2d1h v1.14.1
node-04 Ready <none> 2d1h v1.14.1
node-05 Ready <none> 2d1h v1.14.1
node-06 Ready <none> 2d1h v1.14.1
当整个集群部署完成后,kubectl top 命令不会返回任何内容,因为 Heapster 和 metrics-server 都没有安装,但是自 Kubernetes 1.11版本后 heapster已经被废弃了,取而代之的是更丰富的 metrics-server。
配置 /etc/kubernetes/manifests/kube-controller-manager.yaml
--horizontal-pod-autoscaler-use-rest-clients=true
kubedam 创建的集群,修改配置文件后会自动加载。如果手动创建的集群,需要重启kube-controller-manager服务。
准备部署 Metrics Server 的 yaml文件
[root@node-01]# git clone https://github.com/kubernetes-incubator/metrics-server
下载完成后还需要对 metrics-server/deploy/1.8+/resource-reader.yaml文件进行修改,需要修改的内容如下:
[root@node-01 1.8+]# cat resource-reader.yaml
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: system:metrics-server
rules:
- apiGroups:
- ""
resources:
- pods
- nodes
- namespaces # 增加此行
- nodes/stats
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: system:metrics-server
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:metrics-server
subjects:
- kind: ServiceAccount
name: metrics-server
namespace: kube-system
修改 metrics-server/deploy/1.8+/metrics-server-deployment.yaml文件:
[root@node-01 1.8+]# cat metrics-server-deployment.yaml
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: metrics-server
namespace: kube-system
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: metrics-server
namespace: kube-system
labels:
k8s-app: metrics-server
spec:
selector:
matchLabels:
k8s-app: metrics-server
template:
metadata:
name: metrics-server
labels:
k8s-app: metrics-server
spec:
serviceAccountName: metrics-server
volumes:
# mount in tmp so we can safely use from-scratch images and/or read-only containers
- name: tmp-dir
emptyDir: {}
containers:
- name: metrics-server
image: k8s.gcr.io/metrics-server-amd64:v0.3.2
command:
- /metrics-server
- --kubelet-insecure-tls
- --kubelet-preferred-address-types=InternalIP # 如果不配置此项,会报错找不到node
imagePullPolicy: Always
volumeMounts:
- name: tmp-dir
mountPath: /tmp
上面如果报错是因为 node-01 和 node-02 是一个独立的 Kubernetes 演示环境,只是修改了这两个节点系统的 /etc/hosts文件,而并没有内网的 DNS 服务器,所以 metrics-server 中不认识 node-01 和 node-02 的名字。
修改完成就可以正式部署了:
[root@node-01 1.8+]# kubectl apply -f .
clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created
rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created
apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created
serviceaccount/metrics-server created
deployment.extensions/metrics-server created
service/metrics-server created
clusterrole.rbac.authorization.k8s.io/system:metrics-server created
clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created
Metrics Server 相关 pod 、service 默认部署在 kube-system的 NAMESPACE 下:
[root@node-01 1.8+]# kubectl get pods -n kube-system | grep metrics
metrics-server-5845cc8fd4-kkq6b 1/1 Running 0 18m [root@node-01 1.8+]# kubectl get svc -n kube-system | grep metrics
metrics-server ClusterIP 10.245.141.103 <none> 443/TCP 20m
部署完成后使用如下命令查看node相关指标,需要等30s左右的时间:
[root@node-01 1.8+]# kubectl get --raw "/apis/metrics.k8s.io/v1beta1/nodes"
{"kind":"NodeMetricsList","apiVersion":"metrics.k8s.io/v1beta1","metadata":{"selfLink":"/apis/metrics.k8s.io/v1beta1/nodes"},"items":[
{"metadata":{"name":"node-02","selfLink":"/apis/metrics.k8s.io/v1beta1/nodes/node-02","creationTimestamp":"2019-05-08T08:17:11Z"},"timestamp":"2019-05-08T08:17:01Z","window":"30s","usage":{"cpu":"221367011n","memory":"1914616Ki"}},
{"metadata":{"name":"node-03","selfLink":"/apis/metrics.k8s.io/v1beta1/nodes/node-03","creationTimestamp":"2019-05-08T08:17:11Z"},"timestamp":"2019-05-08T08:17:08Z","window":"30s","usage":{"cpu":"198021879n","memory":"1809160Ki"}},
{"metadata":{"name":"node-04","selfLink":"/apis/metrics.k8s.io/v1beta1/nodes/node-04","creationTimestamp":"2019-05-08T08:17:11Z"},"timestamp":"2019-05-08T08:17:03Z","window":"30s","usage":{"cpu":"55570780n","memory":"719012Ki"}},
{"metadata":{"name":"node-05","selfLink":"/apis/metrics.k8s.io/v1beta1/nodes/node-05","creationTimestamp":"2019-05-08T08:17:11Z"},"timestamp":"2019-05-08T08:17:01Z","window":"30s","usage":{"cpu":"60116633n","memory":"851180Ki"}},
{"metadata":{"name":"node-06","selfLink":"/apis/metrics.k8s.io/v1beta1/nodes/node-06","creationTimestamp":"2019-05-08T08:17:11Z"},"timestamp":"2019-05-08T08:16:59Z","window":"30s","usage":{"cpu":"51157291n","memory":"677532Ki"}},
{"metadata":{"name":"node-01","selfLink":"/apis/metrics.k8s.io/v1beta1/nodes/node-01","creationTimestamp":"2019-05-08T08:17:11Z"},"timestamp":"2019-05-08T08:17:02Z","window":"30s","usage":{"cpu":"263183209n","memory":"2460972Ki"}}]}
Metrics API
Metrics Server 从 Kubernetes 集群中每个 Node 上 kubelet 的 API 收集 metrics 数据。通过 Metrics API 可以获取Kubernetes 资源的 Metrics 指标,Metrics API 挂载/apis/metrics.k8s.io/下。 可以使用kubectl top命令访问 Metrics API,例如:
[root@node-01 ~]# kubectl top pods
NAME CPU(cores) MEMORY(bytes)
my-nginx-6785b88976-7rrll 0m 1Mi
nginx-deployment-6d6fdc59f7-pfcfj 1m 1Mi
nginx-deployment-6d6fdc59f7-vcclz 1m 1Mi
[root@node-01 ~]# kubectl top nodes
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
node-01 276m 6% 2403Mi 31%
node-02 245m 6% 1868Mi 24%
node-03 206m 5% 1766Mi 22%
node-04 74m 1% 703Mi 9%
node-05 77m 1% 832Mi 10%
node-06 56m 1% 661Mi 8%
至此,Kubernetes 集群中的 Metrics Server 就配置完成了。但是在dashboard中看不到内存和CPU信息,而如果使用heapster则能看到。
所有yaml文件如下
# cat aggregated-metrics-reader.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: system:aggregated-metrics-reader
labels:
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rules:
- apiGroups: ["metrics.k8s.io"]
resources: ["pods"]
verbs: ["get", "list", "watch”] # cat auth-delegator.yaml
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: metrics-server:system:auth-delegator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:auth-delegator
subjects:
- kind: ServiceAccount
name: metrics-server
namespace: kube-system # cat auth-reader.yaml
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: metrics-server-auth-reader
namespace: kube-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccount
name: metrics-server
namespace: kube-system
————— # cat metrics-apiservice.yaml
---
apiVersion: apiregistration.k8s.io/v1beta1
kind: APIService
metadata:
name: v1beta1.metrics.k8s.io
spec:
service:
name: metrics-server
namespace: kube-system
group: metrics.k8s.io
version: v1beta1
insecureSkipTLSVerify: true
groupPriorityMinimum: 100
versionPriority: 100 # cat metrics-server-deployment.yaml
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: metrics-server
namespace: kube-system
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: metrics-server
namespace: kube-system
labels:
k8s-app: metrics-server
spec:
selector:
matchLabels:
k8s-app: metrics-server
template:
metadata:
name: metrics-server
labels:
k8s-app: metrics-server
spec:
serviceAccountName: metrics-server
volumes:
# mount in tmp so we can safely use from-scratch images and/or read-only containers
- name: tmp-dir
emptyDir: {}
containers:
- name: metrics-server
image: k8s.gcr.io/metrics-server-amd64:v0.3.2
command:
- /metrics-server
- --kubelet-insecure-tls
- --kubelet-preferred-address-types=InternalIP
imagePullPolicy: Always
volumeMounts:
- name: tmp-dir
mountPath: /tmp # cat metrics-server-service.yaml
---
apiVersion: v1
kind: Service
metadata:
name: metrics-server
namespace: kube-system
labels:
kubernetes.io/name: "Metrics-server"
kubernetes.io/cluster-service: "true"
spec:
selector:
k8s-app: metrics-server
ports:
- port: 443
protocol: TCP
targetPort: 443 # cat resource-reader.yaml
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: system:metrics-server
rules:
- apiGroups:
- ""
resources:
- pods
- nodes
- namespaces # 增加此行
- nodes/stats
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: system:metrics-server
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:metrics-server
subjects:
- kind: ServiceAccount
name: metrics-server
namespace: kube-system
kubernetes之配置Metrics Server的更多相关文章
- 启用k8s metrics server监控
1.创建aggregator证书 方法一:直接使用二进制源码包安装 $ wget https://pkg.cfssl.org/R1.2/cfssl_linux-amd64 $ chmod +x cfs ...
- 在容器服务kubernetes上配置https
当前容器服务Kubernetes集群支持多种应用访问的形式,最常见形式如SLB:Port,NodeIP:NodePort和域名访问等.但是Kubernetes集群默认不支持HTTPS访问,如果用户希望 ...
- kubeadm1.14.1 安装Metrics Server
Metrics API 介绍Metrics-Server之前,必须要提一下Metrics API的概念 Metrics API相比于之前的监控采集方式(hepaster)是一种新的思路,官方希望核心指 ...
- k8s搭建监控:安装metrics server和dashboard
安装metrics server 参考:https://github.com/kubernetes-sigs/metrics-server kubectl create -f component ...
- K8S原来如此简单(五)Metrics Server与HPA
什么是HPA https://kubernetes.io/zh/docs/tasks/run-application/horizontal-pod-autoscale/ 我们前面有通过kubectl ...
- Postgresql 简单配置 (ubuntu server 14.04.3)
安装和配置 ubuntu server 已经自动安装了progresql,故安装步骤就省略 初始postgresql没有密码,不能使用,需要先设置密码,命令(从网上随意找的)如下: sudo su p ...
- 配置SQL Server去使用 Windows的 Large-Page/Huge-Page allocations
配置SQL Server去使用 Windows的 Large-Page/Huge-Page allocations 目录表->页表->物理内存页 看这篇文章之前可以先看一下下面这篇文章 ...
- 配置sql server 2000以允许远程访问 及 连接中的四个最常见错误
地址:http://www.cnblogs.com/JoshuaDreaming/archive/2010/12/01/1893242.html 配置sql server 2000以允许远程访问适合故 ...
- 配置SQL Server 2008 R2 Reporting Services
记录如何在本地配置SQL Server 2008 R2 Reporting Services,笔者环境为Windows 7 64位 + SQL Server 2008 R2 一.准备工作 其实准备工作 ...
随机推荐
- 【LeetCode】463. Island Perimeter 解题报告(Python)
作者: 负雪明烛 id: fuxuemingzhu 个人博客: http://fuxuemingzhu.cn/ 目录 题目描述 题目大意 解题方法 减去相交部分 参考资料 日期 题目地址:https: ...
- 【LeetCode】144. Binary Tree Preorder Traversal 解题报告(Python&C++&Java)
作者: 负雪明烛 id: fuxuemingzhu 个人博客:http://fuxuemingzhu.cn/ 目录 题目描述 题目大意 解题方法 递归 迭代 日期 题目地址:https://leetc ...
- CODEFORCEs 621E. Wet Shark and Blocks
E. Wet Shark and Blocks time limit per test 2 seconds memory limit per test 256 megabytes input stan ...
- Codeforces1132A——Regular Bracket Sequence(水题)
Regular Bracket Sequence time limit per test:1 second memory limit per test:256 megabytes input:stan ...
- 「算法笔记」Splay
一.简介 Splay(伸展树)是平衡树中的一种.它通过不断将某个节点旋转到根节点的位置,使整棵树仍满足 BST 的性质,并且保持平衡而不至于退化为链. 频繁访问的节点会被移动到离根节点较近的位置,进而 ...
- 教你10分钟对接人大金仓EF Core 6.x
前言 目前.NET Core中据我了解到除了官方的EF Core外,还用的比较多的ORM框架(恕我孤陋寡闻哈,可能还有别的)有FreeSql.SqlSugar(排名不分先后).FreeSql和SqlS ...
- 使用 jQuery 选择器获取页面元素,然后利用 jQuery 对象的 css() 方法设置其 display 样式属性,从而实现显示和隐藏效果。
查看本章节 查看作业目录 需求说明: 使用 jQuery 选择器获取页面元素,然后利用 jQuery 对象的 css() 方法设置其 display 样式属性,从而实现显示和隐藏效果. 具体要求如下: ...
- 使用 windows bat 脚本命令 一键启动MySQL服务
@echo off rem Copyright (c) 2019 Moses and/or its affiliates. rem Get Administrator Rights >nul 2 ...
- 编写Java程序,跑道长 50m,模拟 3 名学生同时在跑道跑步的场景 3名同学相当于3个线程对象
查看本章节 查看作业目录 需求说明: 跑道长 50m,模拟 3 名学生同时在跑道跑步的场景 3名同学相当于3个线程对象 实现思路: 创建 Java 项目,在项目中创建StudentRunning类,该 ...
- SpringBoot读取外部配置文件的方法
SpringBoot读取外部配置文件的方法 Spring高级之注解@PropertySource详解(超详细) 1.@PropertySource(value = {"classpath:c ...