#(1)概述

Metrics API 只可以查询当前的度量数据,并不保存历史数据
Metrics server定时从Kubelet的Summary API(类似/ap1/v1/nodes/nodename/stats/summary)采集指标信息,这些聚合过的数据将存储在内存中,且以metric-api的形式暴露出去
参考文档: https://blog.csdn.net/u011230692/article/details/86441271

#(2)创建聚合层证书

1)创建ca配置文件

cat > aggregator-ca-config.json <

2)创建ca证书签名请求

cat > aggregator-ca-csr.json<

3)生成ca证书和私钥

cfssl gencert -initca aggregator-ca-csr.json | cfssljson -bare aggregator-ca

4)创建aggregator证书请求文件

cat >aggregator-csr.json<

5)生成aggregator证书和私钥文件

 cfssl gencert -ca=aggregator-ca.pem -ca-key=aggregator-ca-key.pem -config=aggregator-ca-config.json -profile=aggregator aggregator-csr.json | cfssljson -bare aggregator

6)分发到master节点

scp aggregator*pem master01:/opt/kubernetes/ssl/
scp aggregator*pem master02:/opt/kubernetes/ssl/

#(3)开启聚合层api
1)修改master的kube-apiserver的启动脚本文件:

#vi /usr/lib/systemd/system/kube-apiserver.service , 
 注意:master没有安装kube-proxy 需要加上 --enable-aggregator-routing=true
--requestheader-allowed-names的值和CN的名字一样
--requestheader-client-ca-file=/opt/kubernetes/ssl/aggregator-ca.pem  \ 
--requestheader-allowed-names="aggregator" \
--requestheader-extra-headers-prefix="X-Remote-Extra-" \  
--requestheader-group-headers=X-Remote-Group   \
--requestheader-username-headers=X-Remote-User \
--proxy-client-cert-file=/opt/kubernetes/ssl/aggregator.pem \  
--proxy-client-key-file=/opt/kubernetes/ssl/aggregator-key.pem \ 
--runtime-config=api/all=true  \
--enable-aggregator-routing=true 

2)修改master的kube-controller-manager.service

#vi  /usr/lib/systemd/system/kube-controller-manager.service
 --horizontal-pod-autoscaler-use-rest-clients=true

3)重启服务

systemctl daemon-reload 
systemctl restart kube-apiserver 
systemctl restart kube-controller-manager
systemctl status kube-apiserver 
systemctl status kube-controller-manager

4)把修改过的服务启动文件发送给master02;

cd /usr/lib/systemd/system/
scp kube* master02:/usr/lib/systemd/system/

5)在master02上一样要重启服务

systemctl daemon-reload 
systemctl restart kube-apiserver 
systemctl restart kube-controller-manager
systemctl status kube-apiserver 
systemctl status kube-controller-manager

#(4)安装metric server
1)克隆

git clone https://gitee.com/love-docker/k8s.git

2)发布

cd k8s/v1.11/metric-server/
kubectl apply -f .

3)验证

要注意, master的/var/log/messages日志不能出现相关metric server的错误日志

一分钟后,度量服务器开始报告节点和 Pod 的 CPU 和内存使用情况。 查看 nodes 指标:
yum install jq -y
kubectl get --raw "/apis/metrics.k8s.io/v1beta1/nodes" | jq .

查看 pods 指标: