概述
Metrics API 只可以查询当前的度量数据,并不保存历史数据
Metrics server定时从Kubelet的Summary API(类似/ap1/v1/nodes/nodename/stats/summary)采集指标信息,这些聚合过的数据将存储在内存中,且以metric-api的形式暴露出去
参考文档: https://blog.csdn.net/u011230692/article/details/86441271
创建聚合层证书
创建ca配置文件
cat > aggregator-ca-config.json <<EOF
{
"signing": {
"default": {
"expiry": "876000h"
},
"profiles": {
"aggregator": {
"usages": [
"signing",
"key encipherment",
"server auth",
"client auth"
],
"expiry": "876000h"
}
}
}
}
EOF
创建ca证书签名请求
cat > aggregator-ca-csr.json<<EOF
{
"CN": "aggregator",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"ST": "Hangzhou",
"L": "Hangzhou",
"O": "k8s",
"OU": "System"
}
],
"ca": {
"expiry": "876000h"
}
}
EOF
生成ca证书和私钥
cfssl gencert -initca aggregator-ca-csr.json | cfssljson -bare aggregator-ca
创建aggregator证书请求文件
cat >aggregator-csr.json<<EOF
{
"CN": "aggregator",
"hosts": [],
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"ST": "Hangzhou",
"L": "Hangzhou",
"O": "k8s",
"OU": "System"
}
]
}
EOF
生成aggregator证书和私钥文件
cfssl gencert -ca=aggregator-ca.pem -ca-key=aggregator-ca-key.pem -config=aggregator-ca-config.json -profile=aggregator aggregator-csr.json | cfssljson -bare aggregator
分发到master节点
scp aggregator*pem master01:/opt/kubernetes/ssl/
scp aggregator*pem master02:/opt/kubernetes/ssl/
开启聚合层api
修改master的kube-apiserver的启动脚本文件:
注意:master没有安装kube-proxy组件 需要加上 --enable-aggregator-routing=true
#vim /usr/lib/systemd/system/kube-apiserver.service ,
--requestheader-allowed-names="aggregator" --requestheader-client-ca-file=/opt/kubernetes/ssl/aggregator-ca.pem --requestheader-extra-headers-prefix="X-Remote-Extra-" --requestheader-group-headers=X-Remote-Group --requestheader-username-headers=X-Remote-User --proxy-client-cert-file=/opt/kubernetes/ssl/aggregator.pem --proxy-client-key-file=/opt/kubernetes/ssl/aggregator-key.pem --runtime-config=api/all=true --enable-aggregator-routing=true
修改master的kube-controller-manager.service
#vi /usr/lib/systemd/system/kube-controller-manager.service
--horizontal-pod-autoscaler-use-rest-clients=true
重启服务
systemctl daemon-reload
systemctl restart kube-apiserver
systemctl restart kube-controller-manager
systemctl status kube-apiserver
systemctl status kube-controller-manager
把修改过的服务启动文件发送给master02;
cd /usr/lib/systemd/system/
scp kube* master02:/usr/lib/systemd/system/
在master02上一样要重启服务
systemctl daemon-reload
systemctl restart kube-apiserver
systemctl restart kube-controller-manager
systemctl status kube-apiserver
systemctl status kube-controller-manager
安装metric server
下载资源配置清单文件
链接:https://pan.baidu.com/s/1sLYa9216q_khpDgfuw2MYQ
提取码:nmnv
发布
kubectl apply -f .
验证
要注意, master的/var/log/messages日志不能出现相关metric server的错误日志
一分钟后,度量服务器开始报告节点和 Pod 的 CPU 和内存使用情况。
yum install jq -y
kubectl get --raw "/apis/metrics.k8s.io/v1beta1/nodes" | jq .
查看 nodes 指标:
查看pods指标