metrics-server v0.3.7部署

准备 相关yaml

# 项目地址： https://github.com/kubernetes-sigs/metrics-server
# rbac 准备
vim rbac.yaml
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: system:aggregated-metrics-reader
  labels:
    rbac.authorization.k8s.io/aggregate-to-view: "true"
    rbac.authorization.k8s.io/aggregate-to-edit: "true"
    rbac.authorization.k8s.io/aggregate-to-admin: "true"
rules:
- apiGroups: ["metrics.k8s.io"]
  resources: ["pods", "nodes"]
  verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: metrics-server:system:auth-delegator
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:auth-delegator
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: system:metrics-server
rules:
- apiGroups:
  - ""
  resources:
  - pods
  - nodes
  - nodes/stats
  - namespaces
  - configmaps
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: system:metrics-server
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:metrics-server
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: metrics-server-auth-reader
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
# metrics apiservice 
vim metrics-apiservice.yaml
---
apiVersion: apiregistration.k8s.io/v1beta1
kind: APIService
metadata:
  name: v1beta1.metrics.k8s.io
spec:
  service:
    name: metrics-server
    namespace: kube-system
  group: metrics.k8s.io
  version: v1beta1
  insecureSkipTLSVerify: true
  groupPriorityMinimum: 100
  versionPriority: 100
# pdb 准备
vim metrics-server-pdb.yaml
---
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
  name: metrics-server
  namespace: kube-system
  labels:
    k8s-app: metrics-server
spec:
  minAvailable: 100%
  selector:
    matchLabels:
      k8s-app: metrics-server
# metrics-server service 创建就
vim metrics-server-service.yaml
---
apiVersion: v1
kind: Service
metadata:
  name: metrics-server
  namespace: kube-system
  labels:
    kubernetes.io/name: "Metrics-server"
    kubernetes.io/cluster-service: "true"
spec:
  selector:
    k8s-app: metrics-server
  ports:
  - port: 443
    protocol: TCP
    targetPort: main-port
#  metrics-server deployment 创建
vim metrics-server-deployment.yaml
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: metrics-server
  namespace: kube-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: metrics-server
  namespace: kube-system
  labels:
    k8s-app: metrics-server
spec:
  selector:
    matchLabels:
      k8s-app: metrics-server
  template:
    metadata:
      name: metrics-server
      labels:
        k8s-app: metrics-server
    spec:
      serviceAccountName: metrics-server
      tolerations:
        - effect: NoSchedule
          key: node.kubernetes.io/unschedulable
          operator: Exists
        - key: NoSchedule
          operator: Exists
          effect: NoSchedule
      volumes:
      # mount in tmp so we can safely use from-scratch images and/or read-only containers
      - name: tmp-dir
        emptyDir: {}
      containers:
      - name: metrics-server
        image: juestnow/metrics-server:v0.3.7
        imagePullPolicy: Always
        command:
        - /metrics-server
        - --cert-dir=/tmp
        - --kubelet-preferred-address-types=InternalIP,Hostname,InternalDNS,ExternalDNS,ExternalIP
        - --secure-port=4443
        - --kubelet-insecure-tls
        ports:
        - name: main-port
          containerPort: 4443
          protocol: TCP
        readinessProbe:
          httpGet:
            path: /healthz
            port: main-port
            scheme: HTTPS
        securityContext:
          readOnlyRootFilesystem: true
          runAsNonRoot: true
          runAsUser: 1000
        volumeMounts:
        - name: tmp-dir
          mountPath: /tmp
      nodeSelector:
        kubernetes.io/os: linux

部署 metrics-server

kubectl apply -f .

查看 metrics-server 部署是否正常

root@Qist:/mnt/c/Users/Administrator# kubectl get pod -n kube-system  | grep metrics-server
metrics-server-7c479cf79c-cktgw            1/1     Running   0          56m
# 等待5-10分钟在执行kubectl top
root@Qist:/mnt/c/Users/Administrator# kubectl top nodes
NAME           CPU(cores)   CPU%   MEMORY(bytes)   MEMORY%
k8s-master-1   236m         9%     2524Mi          43%
k8s-master-2   267m         10%    2305Mi          39%
k8s-master-3   545m         21%    2316Mi          40%
k8s-node-1     263m         10%    1632Mi          28%
k8s-node-2     264m         10%    543Mi           9%
root@Qist:/mnt/c/Users/Administrator# kubectl top pod  -A
NAMESPACE        NAME                                       CPU(cores)   MEMORY(bytes)
clusterstorage   nfs-client-provisioner-5cff65c8f-qz99r     6m           8Mi
default          myip-75c9c47c7f-cg4dl                      0m           6Mi
ingress-system   jaeger-69cc8c46d7-fj56c                    1m           157Mi
ingress-system   traefik-7jzjj                              6m           22Mi
ingress-system   traefik-ntgx7                              3m           20Mi
ingress-system   traefik-nvbrg                              8m           22Mi
ingress-system   traefik-pflqh                              2m           24Mi
ingress-system   traefik-zvbkn                              6m           19Mi
kube-system      calico-kube-controllers-6fcbbfb6fb-grx64   2m           10Mi
kube-system      calico-node-djxr2                          45m          77Mi
kube-system      calico-node-fllx7                          25m          40Mi
kube-system      calico-node-pkzhz                          27m          45Mi
kube-system      calico-node-q5dh9                          41m          36Mi
kube-system      calico-node-twpbn                          57m          35Mi
kube-system      coredns-68c964545b-flw76                   7m           13Mi
kube-system      coredns-68c964545b-gpmxs                   3m           11Mi
kube-system      k8s-ha-master-k8s-master-1                 1m           9Mi
kube-system      k8s-ha-master-k8s-master-2                 1m           9Mi
kube-system      k8s-ha-master-k8s-master-3                 1m           9Mi
kube-system      k8s-ha-master-k8s-node-1                   1m           9Mi
kube-system      k8s-ha-master-k8s-node-2                   1m           9Mi
kube-system      metrics-server-7c479cf79c-cktgw            3m           17Mi
# 可以看到 metrics-server 已经部署成功