kubernetes1.13.1部署metrics-server0.3.1

參考文檔

https://kubernetes.io/docs/tasks/debug-application-cluster/core-metrics-pipeline/#metrics-server
https://github.com/kubernetes-incubator/metrics-server/tree/master/deploy/1.8%2B
https://www.cnblogs.com/cuishuai/p/9857120.html
https://juejin.im/post/5b6592ace51d4515b01c11ed

文檔目錄

簡(jiǎn)介

Metrics Server
heapster 已經(jīng)被廢棄了,后續(xù)版本中會(huì)使用 metrics-server代替
Metrics Server is a cluster-wide aggregator of resource usage data. Starting from Kubernetes 1.8 it’s deployed by default in clusters created by kube-up.sh script as a Deployment object. If you use a different Kubernetes setup mechanism you can deploy it using the provided deployment yamls. It’s supported in Kubernetes 1.7+ (see details below).
Metric server collects metrics from the Summary API, exposed by Kubelet on each node.
Metrics Server registered in the main API server through Kubernetes aggregator, which was introduced in Kubernetes 1.7.
Learn more about the metrics server in the design doc.

官網(wǎng)部署方法

git clone https://github.com/kubernetes-incubator/metrics-server
cd metrics-server
kubectl create -f deploy/1.8+/
kubectl -n kube-system get pods -l k8s-app=metrics-server

實(shí)際部署步驟

下載部署文件

[root@elasticsearch01 metrics-server]# ls 
aggregated-metrics-reader.yaml  auth-reader.yaml         metrics-server-deployment.yaml  resource-reader.yaml
auth-delegator.yaml             metrics-apiservice.yaml  metrics-server-service.yaml

構(gòu)建images
可以在github上編寫Dockerfile,再通過(guò)阿里云構(gòu)建,構(gòu)建后地址為registry.cn-beijing.aliyuncs.com/minminmsn/metrics-server:v0.3.1
Dockerfile文件地址:https://github.com/minminmsn/k8s1.13/blob/master/metrics-server/Dockerfile

修改deployment鏡像地址
k8s.gcr.io/metrics-server:v0.3.1改成registry.cn-beijing.aliyuncs.com/minminmsn/metrics-server:v0.3.1
[root@elasticsearch01 metrics-server]# vim metrics-server-deployment.yaml

部署metrices-server

[root@elasticsearch01 metrics-server]# kubectl create -f /k8s/yaml/metrics-server/
clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created
rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created
apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created
serviceaccount/metrics-server created
deployment.extensions/metrics-server created
service/metrics-server created
clusterrole.rbac.authorization.k8s.io/system:metrics-server created
clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created

報(bào)錯(cuò)

I0109 05:55:43.708300       1 serving.go:273] Generated self-signed cert (apiserver.local.config/certificates/apiserver.crt, apiserver.local.config/certificates/apiserver.key)
Error: cluster doesn't provide requestheader-client-ca-file

排查

https://github.com/kubernetes-incubator/metrics-server/issues/22
https://github.com/kubernetes-incubator/bootkube/issues/994
https://github.com/pires/kubernetes-vagrant-coreos-cluster/pull/319
https://blog.csdn.net/liukuan73/article/details/81352637
https://kubernetes.io/docs/tasks/access-kubernetes-api/configure-aggregation-layer/

解決方法
開啟聚合層,Enable apiserver flags,修改kube-apiserver配置,重啟服務(wù)

[root@elasticsearch01 cfg]# tail /k8s/kubernetes/cfg/kube-apiserver
--etcd-cafile=/k8s/etcd/ssl/ca.pem \
--etcd-certfile=/k8s/etcd/ssl/server.pem \
--etcd-keyfile=/k8s/etcd/ssl/server-key.pem \
--requestheader-client-ca-file=/k8s/kubernetes/ssl/ca.pem \
--requestheader-allowed-names=aggregator \
--requestheader-extra-headers-prefix=X-Remote-Extra- \
--requestheader-group-headers=X-Remote-Group \
--requestheader-username-headers=X-Remote-User \
--proxy-client-cert-file=/k8s/kubernetes/ssl/kube-proxy.pem \
--proxy-client-key-file=/k8s/kubernetes/ssl/kube-proxy-key.pem"

[root@elasticsearch01 cfg]# systemctl restart kube-apiserver.service 
[root@elasticsearch01 cfg]# systemctl status kube-apiserver.service 
● kube-apiserver.service - Kubernetes API Server
   Loaded: loaded (/usr/lib/systemd/system/kube-apiserver.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2019-01-09 14:56:59 CST; 8s ago
     Docs: https://github.com/kubernetes/kubernetes
 Main PID: 7465 (kube-apiserver)
   CGroup: /system.slice/kube-apiserver.service
           └─7465 /k8s/kubernetes/bin/kube-apiserver --logtostderr=true --v=4 --etcd-servers=https://10.2.8.44:2379,https://10.2.8...

創(chuàng)建metrics-ingress便于外部訪問(wèn)

[root@elasticsearch01 ~]# cat /k8s/yaml/metrics-server/metrics-server-ingress.yaml 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: metrics-ingress
  namespace: kube-system
  annotations:
    nginx.ingress.kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/secure-backends: "true"
    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
spec:
  tls:
  - hosts:
    - metrics.minminmsn.com
    secretName: ingress-secret
  rules:
    - host: metrics.minminmsn.com
      http:
        paths:
        - path: /
          backend:
            serviceName: metrics-server
            servicePort: 443
[root@elasticsearch01 metrics-server]# kubectl create -f metrics-server-ingress.yaml 
ingress.extensions/metrics-ingress created

驗(yàn)證效果

https://metrics.minminmsn.com:47215/metrics

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

  • 01. 這幾日的清晨總是很早醒來(lái),過(guò)去幾天經(jīng)歷的事情仿佛夢(mèng)境一般,讓我恍惚。 曾經(jīng)那個(gè)綠茶婊就住在我隔壁,我親歷了...
    畫家生凌君閱讀 1,078評(píng)論 5 11
  • 青春是段跌跌撞撞的旅行,擁有著后知后覺(jué)的美麗。 熾烈的陽(yáng)光下,空氣在蒸騰。只有在樹蔭下才能放慢步子。...
    重場(chǎng)戲閱讀 381評(píng)論 0 0
  • 蓍shi,四聲
    白兔小閱讀 330評(píng)論 0 0
  • php的copy on write,指的是變量發(fā)生改變時(shí)內(nèi)存的分離機(jī)制,“寫”不能簡(jiǎn)單的理解為賦值,而是必須滿足變...
    羽霖z閱讀 471評(píng)論 0 0

友情鏈接更多精彩內(nèi)容