kubernetes(k8s)安装metrics-server实现资源使用情况监控方式详解
1. Metrics Server 与 kubenetes版本
Metrics Server Metrics API group/version Supported Kubernetes version
0.6x metrics.k8s.io/v1beta1 *1.19+
0.5x metrics.k8s.io/v1beta1 *1.8+
0.4x metrics.k8s.io/v1beta1 *1.8+
0.3x metrics.k8s.io/v1beta1 1.8-1.21
2. Metrics Server 下载方式
github:https://github.com/kubernetes-sigs/metrics-server
3. k8s集群安装部署metrics
本次安装的是metrics0.5.0版本
下载地址:https://github.com/kubernetes-sigs/metrics-server/releases
docker镜像地址:docker pull cnskylee/metrics-server:v0.5.0
4. 创建components-v0.5.0.yaml文件,并将下面的脚本copy到文件中
- apiVersion: v1
- kind: ServiceAccount
- metadata:
- labels:
- k8s-APP: metrics-server
- name: metrics-server
- namespace: kube-system
- —
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRole
- metadata:
- labels:
- k8s-app: metrics-server
- rbac.authorization.k8s.io/aggregate-to-admin: “true”
- rbac.authorization.k8s.io/aggregate-to-edit: “true”
- rbac.authorization.k8s.io/aggregate-to-view: “true”
- name: system:aggregated-metrics-reader
- rules:
- – apiGroups:
- – metrics.k8s.io
- resources:
- – pods
- – nodes
- verbs:
- – get
- – list
- – watch
- —
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRole
- metadata:
- labels:
- k8s-app: metrics-server
- name: system:metrics-server
- rules:
- – apiGroups:
- – “”
- resources:
- – pods
- – nodes
- – nodes/stats
- – namespaces
- – configmaps
- verbs:
- – get
- – list
- – watch
- —
- apiVersion: rbac.authorization.k8s.io/v1
- kind: RoleBinding
- metadata:
- labels:
- k8s-app: metrics-server
- name: metrics-server-auth-reader
- namespace: kube-system
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: extension-apiserver-authentication-reader
- subjects:
- – kind: ServiceAccount
- name: metrics-server
- namespace: kube-system
- —
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- labels:
- k8s-app: metrics-server
- name: metrics-server:system:auth-delegator
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: system:auth-delegator
- subjects:
- – kind: ServiceAccount
- name: metrics-server
- namespace: kube-system
- —
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- labels:
- k8s-app: metrics-server
- name: system:metrics-server
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: system:metrics-server
- subjects:
- – kind: ServiceAccount
- name: metrics-server
- namespace: kube-system
- —
- apiVersion: v1
- kind: Service
- metadata:
- labels:
- k8s-app: metrics-server
- name: metrics-server
- namespace: kube-system
- spec:
- ports:
- – name: https
- port: 443
- protocol: TCP
- targetPort: https
- selector:
- k8s-app: metrics-server
- —
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- labels:
- k8s-app: metrics-server
- name: metrics-server
- namespace: kube-system
- spec:
- selector:
- matchLabels:
- k8s-app: metrics-server
- strategy:
- rollingUpdate:
- maxUnavailable: 0
- template:
- metadata:
- labels:
- k8s-app: metrics-server
- spec:
- containers:
- – args:
- – –cert-dir=/tmp
- – –secure-port=4443
- – –kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
- – –kubelet-use-node-status-port
- – –metric-resolution=15s
- – –kubelet-insecure-tls
- image: registry.cn-shenzhen.aliyuncs.com/zengfengjin/metrics-server:v0.5.0
- imagePullPolicy: IfNotPresent
- livenessProbe:
- failureThreshold: 3
- httpGet:
- path: /livez
- port: https
- scheme: HTTPS
- periodSeconds: 10
- name: metrics-server
- ports:
- – containerPort: 4443
- name: https
- protocol: TCP
- readinessProbe:
- failureThreshold: 3
- httpGet:
- path: /readyz
- port: https
- scheme: HTTPS
- initialDelaySeconds: 20
- periodSeconds: 10
- resources:
- requests:
- cpu: 100m
- memory: 200Mi
- securityContext:
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- runAsUser: 1000
- volumeMounts:
- – mountPath: /tmp
- name: tmp-dir
- nodeSelector:
- kubernetes.io/os: linux
- priorityClassName: system-cluster-critical
- serviceAccountName: metrics-server
- volumes:
- – emptyDir: {}
- name: tmp-dir
- —
- apiVersion: apiregistration.k8s.io/v1
- kind: APIService
- metadata:
- labels:
- k8s-app: metrics-server
- name: v1beta1.metrics.k8s.io
- spec:
- group: metrics.k8s.io
- groupPriorityMinimum: 100
- insecureSkipTLSVerify: true
- service:
- name: metrics-server
- namespace: kube-system
- version: v1beta1
- versionPriority: 100
复制代码 需要注意的是端口和镜像地址。
5. 执行部署
- kubectl apply -f ./components-v0.5.0.yaml
复制代码
4.查看metrics-server的pod运行状态
- kubectl get pods -n kube-system| egrep ‘NAME|metrics-server’
复制代码
5. 查看运行日志
- # kubectl logs metrics-server-56874cd58b-b2gj9 -n kube-system
- I0418 09:49:44.461828 1 serving.go:341] Generated self-signed cert (/tmp/apiserver.crt, /tmp/apiserver.key)
- I0418 09:49:45.252957 1 requestheader_controller.go:169] Starting RequestHeaderAuthRequestController
- I0418 09:49:45.252972 1 shared_informer.go:240] Waiting for caches to sync for RequestHeaderAuthRequestController
- I0418 09:49:45.252994 1 configmap_cafile_content.go:202] Starting client-ca::kube-system::extension-apiserver-authentication::client-ca-file
- I0418 09:49:45.253002 1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::client-ca-file
- I0418 09:49:45.253142 1 configmap_cafile_content.go:202] Starting client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
- I0418 09:49:45.253153 1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
- I0418 09:49:45.254091 1 secure_serving.go:197] Serving securely on [::]:4443
- I0418 09:49:45.254139 1 tlsconfig.go:240] Starting DynamicServingCertificateController
- I0418 09:49:45.254342 1 dynamic_serving_content.go:130] Starting serving-cert::/tmp/apiserver.crt::/tmp/apiserver.key
- I0418 09:49:45.353087 1 shared_informer.go:247] Caches are synced for RequestHeaderAuthRequestController
- I0418 09:49:45.353087 1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::client-ca-file
- I0418 09:49:45.354631 1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
复制代码
6.测试kubectl top命令的使用
- # kubectl top pods -n kube-system
- NAME CPU(cores) MEMORY(bytes)
- coredns-58cc8c89f4-jdfc7 4m 12Mi
- coredns-58cc8c89f4-z8t26 5m 13Mi
- etcd-k8s-master 9m 281Mi
- kube-apiserver-k8s-master 22m 296Mi
复制代码 查看节点资源:
- # kubectl top nodes
- NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
- k8s-master 96m 2% 9330Mi 59%
- k8s-node83 66m 1% 5829Mi 37%
- k8s-node85 116m 2% 8555Mi 54%
复制代码 查看默认空间pod资源:
- # kubectl top pods
- NAME CPU(cores) MEMORY(bytes)
- nginx-6867cdf567-rprv9 0m 1Mi
复制代码 到此这篇关于kubernetes(k8s)安装metrics-server实现资源使用情况监控的文章就介绍到这了,更多相关kubernetes安装metrics-server资源监控内容请搜索共生网络以前的文章或继续浏览下面的相关文章希望大家以后多多支持共生网络!
原创文章,作者:starterknow,如若转载,请注明出处:https://www.starterknow.com/108154.html