云其它

关注公众号 jb51net

关闭
首页 > 网站技巧 > 服务器 > 云和虚拟化 > 云其它 > kubernetes安装metrics-server资源监控

kubernetes(k8s)安装metrics-server实现资源使用情况监控方式详解

作者:程序猿(攻城狮)

这篇文章主要介绍了kubernetes(k8s)安装metrics-server实现资源使用情况监控,包括Metrics Server下载方式, k8s集群安装部署metrics的问题,本文给大家介绍的非常详细,需要的朋友可以参考下

1. Metrics Server 与 kubenetes版本

Metrics Server    Metrics API group/version    Supported Kubernetes version
0.6x    metrics.k8s.io/v1beta1    *1.19+
0.5x    metrics.k8s.io/v1beta1    *1.8+
0.4x    metrics.k8s.io/v1beta1    *1.8+
0.3x    metrics.k8s.io/v1beta1    1.8-1.21

2. Metrics Server 下载方式

github:https://github.com/kubernetes-sigs/metrics-server

3. k8s集群安装部署metrics

本次安装的是metrics0.5.0版本
下载地址:https://github.com/kubernetes-sigs/metrics-server/releases
docker镜像地址:docker pull cnskylee/metrics-server:v0.5.0

4. 创建components-v0.5.0.yaml文件,并将下面的脚本copy到文件中

apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    k8s-app: metrics-server
    rbac.authorization.k8s.io/aggregate-to-admin: "true"
    rbac.authorization.k8s.io/aggregate-to-edit: "true"
    rbac.authorization.k8s.io/aggregate-to-view: "true"
  name: system:aggregated-metrics-reader
rules:
- apiGroups:
  - metrics.k8s.io
  resources:
  - pods
  - nodes
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    k8s-app: metrics-server
  name: system:metrics-server
rules:
- apiGroups:
  - ""
  resources:
  - pods
  - nodes
  - nodes/stats
  - namespaces
  - configmaps
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server-auth-reader
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server:system:auth-delegator
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:auth-delegator
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: system:metrics-server
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:metrics-server
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: v1
kind: Service
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
spec:
  ports:
  - name: https
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    k8s-app: metrics-server
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
spec:
  selector:
    matchLabels:
      k8s-app: metrics-server
  strategy:
    rollingUpdate:
      maxUnavailable: 0
  template:
    metadata:
      labels:
        k8s-app: metrics-server
    spec:
      containers:
      - args:
        - --cert-dir=/tmp
        - --secure-port=4443
        - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
        - --kubelet-use-node-status-port
        - --metric-resolution=15s
        - --kubelet-insecure-tls
        image: registry.cn-shenzhen.aliyuncs.com/zengfengjin/metrics-server:v0.5.0
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /livez
            port: https
            scheme: HTTPS
          periodSeconds: 10
        name: metrics-server
        ports:
        - containerPort: 4443
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /readyz
            port: https
            scheme: HTTPS
          initialDelaySeconds: 20
          periodSeconds: 10
        resources:
          requests:
            cpu: 100m
            memory: 200Mi
        securityContext:
          readOnlyRootFilesystem: true
          runAsNonRoot: true
          runAsUser: 1000
        volumeMounts:
        - mountPath: /tmp
          name: tmp-dir
      nodeSelector:
        kubernetes.io/os: linux
      priorityClassName: system-cluster-critical
      serviceAccountName: metrics-server
      volumes:
      - emptyDir: {}
        name: tmp-dir
---
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
  labels:
    k8s-app: metrics-server
  name: v1beta1.metrics.k8s.io
spec:
  group: metrics.k8s.io
  groupPriorityMinimum: 100
  insecureSkipTLSVerify: true
  service:
    name: metrics-server
    namespace: kube-system
  version: v1beta1
  versionPriority: 100

需要注意的是端口和镜像地址。

5. 执行部署

kubectl apply -f ./components-v0.5.0.yaml

4.查看metrics-server的pod运行状态

kubectl get pods -n kube-system| egrep 'NAME|metrics-server'

5. 查看运行日志

# kubectl logs metrics-server-56874cd58b-b2gj9 -n kube-system                              
I0418 09:49:44.461828       1 serving.go:341] Generated self-signed cert (/tmp/apiserver.crt, /tmp/apiserver.key)
I0418 09:49:45.252957       1 requestheader_controller.go:169] Starting RequestHeaderAuthRequestController
I0418 09:49:45.252972       1 shared_informer.go:240] Waiting for caches to sync for RequestHeaderAuthRequestController
I0418 09:49:45.252994       1 configmap_cafile_content.go:202] Starting client-ca::kube-system::extension-apiserver-authentication::client-ca-file
I0418 09:49:45.253002       1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::client-ca-file
I0418 09:49:45.253142       1 configmap_cafile_content.go:202] Starting client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
I0418 09:49:45.253153       1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
I0418 09:49:45.254091       1 secure_serving.go:197] Serving securely on [::]:4443
I0418 09:49:45.254139       1 tlsconfig.go:240] Starting DynamicServingCertificateController
I0418 09:49:45.254342       1 dynamic_serving_content.go:130] Starting serving-cert::/tmp/apiserver.crt::/tmp/apiserver.key
I0418 09:49:45.353087       1 shared_informer.go:247] Caches are synced for RequestHeaderAuthRequestController 
I0418 09:49:45.353087       1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::client-ca-file 
I0418 09:49:45.354631       1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file 

6.测试kubectl top命令的使用

# kubectl top pods -n kube-system
NAME                                 CPU(cores)   MEMORY(bytes)   
coredns-58cc8c89f4-jdfc7             4m           12Mi            
coredns-58cc8c89f4-z8t26             5m           13Mi            
etcd-k8s-master                      9m           281Mi           
kube-apiserver-k8s-master            22m          296Mi

查看节点资源:

# kubectl top nodes
NAME         CPU(cores)   CPU%   MEMORY(bytes)   MEMORY%   
k8s-master   96m          2%     9330Mi          59%       
k8s-node83   66m          1%     5829Mi          37%       
k8s-node85   116m         2%     8555Mi          54%

查看默认空间pod资源:

# kubectl top pods
NAME                     CPU(cores)   MEMORY(bytes)   
nginx-6867cdf567-rprv9   0m           1Mi

到此这篇关于kubernetes(k8s)安装metrics-server实现资源使用情况监控的文章就介绍到这了,更多相关kubernetes安装metrics-server资源监控内容请搜索脚本之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持脚本之家!

您可能感兴趣的文章:
阅读全文