kubernetes(k8s)安裝metrics-server實(shí)現(xiàn)資源使用情況監(jiān)控方式詳解

更新時(shí)間：2022年04月19日 10:44:20 作者：程序猿（攻城獅）

這篇文章主要介紹了kubernetes(k8s)安裝metrics-server實(shí)現(xiàn)資源使用情況監(jiān)控,包括Metrics?Server下載方式，?k8s集群安裝部署metrics的問題，本文給大家介紹的非常詳細(xì)，需要的朋友可以參考下

1. Metrics Server 與 kubenetes版本

Metrics Server   Metrics API group/version   Supported Kubernetes version
0.6x   metrics.k8s.io/v1beta1   *1.19+
0.5x   metrics.k8s.io/v1beta1   *1.8+
0.4x   metrics.k8s.io/v1beta1   *1.8+
0.3x   metrics.k8s.io/v1beta1   1.8-1.21

2. Metrics Server 下載方式

github：https://github.com/kubernetes-sigs/metrics-server

3. k8s集群安裝部署metrics

本次安裝的是metrics0.5.0版本
下載地址：https://github.com/kubernetes-sigs/metrics-server/releases
docker鏡像地址：docker pull cnskylee/metrics-server:v0.5.0

4. 創(chuàng)建components-v0.5.0.yaml文件，并將下面的腳本copy到文件中

apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    k8s-app: metrics-server
    rbac.authorization.k8s.io/aggregate-to-admin: "true"
    rbac.authorization.k8s.io/aggregate-to-edit: "true"
    rbac.authorization.k8s.io/aggregate-to-view: "true"
  name: system:aggregated-metrics-reader
rules:
- apiGroups:
  - metrics.k8s.io
  resources:
  - pods
  - nodes
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    k8s-app: metrics-server
  name: system:metrics-server
rules:
- apiGroups:
  - ""
  resources:
  - pods
  - nodes
  - nodes/stats
  - namespaces
  - configmaps
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server-auth-reader
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server:system:auth-delegator
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:auth-delegator
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: system:metrics-server
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:metrics-server
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: v1
kind: Service
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
spec:
  ports:
  - name: https
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    k8s-app: metrics-server
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
spec:
  selector:
    matchLabels:
      k8s-app: metrics-server
  strategy:
    rollingUpdate:
      maxUnavailable: 0
  template:
    metadata:
      labels:
        k8s-app: metrics-server
    spec:
      containers:
      - args:
        - --cert-dir=/tmp
        - --secure-port=4443
        - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
        - --kubelet-use-node-status-port
        - --metric-resolution=15s
        - --kubelet-insecure-tls
        image: registry.cn-shenzhen.aliyuncs.com/zengfengjin/metrics-server:v0.5.0
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /livez
            port: https
            scheme: HTTPS
          periodSeconds: 10
        name: metrics-server
        ports:
        - containerPort: 4443
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /readyz
            port: https
            scheme: HTTPS
          initialDelaySeconds: 20
          periodSeconds: 10
        resources:
          requests:
            cpu: 100m
            memory: 200Mi
        securityContext:
          readOnlyRootFilesystem: true
          runAsNonRoot: true
          runAsUser: 1000
        volumeMounts:
        - mountPath: /tmp
          name: tmp-dir
      nodeSelector:
        kubernetes.io/os: linux
      priorityClassName: system-cluster-critical
      serviceAccountName: metrics-server
      volumes:
      - emptyDir: {}
        name: tmp-dir
---
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
  labels:
    k8s-app: metrics-server
  name: v1beta1.metrics.k8s.io
spec:
  group: metrics.k8s.io
  groupPriorityMinimum: 100
  insecureSkipTLSVerify: true
  service:
    name: metrics-server
    namespace: kube-system
  version: v1beta1
  versionPriority: 100

需要注意的是端口和鏡像地址。

5. 執(zhí)行部署

kubectl apply -f ./components-v0.5.0.yaml

4.查看metrics-server的pod運(yùn)行狀態(tài)

kubectl get pods -n kube-system| egrep 'NAME|metrics-server'

5. 查看運(yùn)行日志

# kubectl logs metrics-server-56874cd58b-b2gj9 -n kube-system                              
I0418 09:49:44.461828       1 serving.go:341] Generated self-signed cert (/tmp/apiserver.crt, /tmp/apiserver.key)
I0418 09:49:45.252957       1 requestheader_controller.go:169] Starting RequestHeaderAuthRequestController
I0418 09:49:45.252972       1 shared_informer.go:240] Waiting for caches to sync for RequestHeaderAuthRequestController
I0418 09:49:45.252994       1 configmap_cafile_content.go:202] Starting client-ca::kube-system::extension-apiserver-authentication::client-ca-file
I0418 09:49:45.253002       1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::client-ca-file
I0418 09:49:45.253142       1 configmap_cafile_content.go:202] Starting client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
I0418 09:49:45.253153       1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
I0418 09:49:45.254091       1 secure_serving.go:197] Serving securely on [::]:4443
I0418 09:49:45.254139       1 tlsconfig.go:240] Starting DynamicServingCertificateController
I0418 09:49:45.254342       1 dynamic_serving_content.go:130] Starting serving-cert::/tmp/apiserver.crt::/tmp/apiserver.key
I0418 09:49:45.353087       1 shared_informer.go:247] Caches are synced for RequestHeaderAuthRequestController 
I0418 09:49:45.353087       1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::client-ca-file 
I0418 09:49:45.354631       1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file

6.測(cè)試kubectl top命令的使用

# kubectl top pods -n kube-system
NAME                                 CPU(cores)   MEMORY(bytes)   
coredns-58cc8c89f4-jdfc7             4m           12Mi            
coredns-58cc8c89f4-z8t26             5m           13Mi            
etcd-k8s-master                      9m           281Mi           
kube-apiserver-k8s-master            22m          296Mi

查看節(jié)點(diǎn)資源：

# kubectl top nodes
NAME         CPU(cores)   CPU%   MEMORY(bytes)   MEMORY%   
k8s-master   96m          2%     9330Mi          59%       
k8s-node83   66m          1%     5829Mi          37%       
k8s-node85   116m         2%     8555Mi          54%

查看默認(rèn)空間pod資源：

# kubectl top pods
NAME                     CPU(cores)   MEMORY(bytes)   
nginx-6867cdf567-rprv9   0m           1Mi

到此這篇關(guān)于kubernetes(k8s)安裝metrics-server實(shí)現(xiàn)資源使用情況監(jiān)控的文章就介紹到這了,更多相關(guān)kubernetes安裝metrics-server資源監(jiān)控內(nèi)容請(qǐng)搜索腳本之家以前的文章或繼續(xù)瀏覽下面的相關(guān)文章希望大家以后多多支持腳本之家！

您可能感興趣的文章: