#(1)概述
Metrics API 只可以查询当前的度量数据,并不保存历史数据
Metrics server定时从Kubelet的Summary API(类似/ap1/v1/nodes/nodename/stats/summary)采集指标信息,这些聚合过的数据将存储在内存中,且以metric-api的形式暴露出去
参考文档: https://blog.csdn.net/u011230692/article/details/86441271
#(2)创建聚合层证书
1)创建ca配置文件
cat > aggregator-ca-config.json <
2)创建ca证书签名请求
cat > aggregator-ca-csr.json<
3)生成ca证书和私钥
cfssl gencert -initca aggregator-ca-csr.json | cfssljson -bare aggregator-ca
4)创建aggregator证书请求文件
cat >aggregator-csr.json<
5)生成aggregator证书和私钥文件
cfssl gencert -ca=aggregator-ca.pem -ca-key=aggregator-ca-key.pem -config=aggregator-ca-config.json -profile=aggregator aggregator-csr.json | cfssljson -bare aggregator
6)分发到master节点
scp aggregator*pem master01:/opt/kubernetes/ssl/
scp aggregator*pem master02:/opt/kubernetes/ssl/
#(3)开启聚合层api
1)修改master的kube-apiserver的启动脚本文件:
#vi /usr/lib/systemd/system/kube-apiserver.service ,
注意:master没有安装kube-proxy 需要加上 --enable-aggregator-routing=true
--requestheader-allowed-names的值和CN的名字一样
--requestheader-client-ca-file=/opt/kubernetes/ssl/aggregator-ca.pem \
--requestheader-allowed-names="aggregator" \
--requestheader-extra-headers-prefix="X-Remote-Extra-" \
--requestheader-group-headers=X-Remote-Group \
--requestheader-username-headers=X-Remote-User \
--proxy-client-cert-file=/opt/kubernetes/ssl/aggregator.pem \
--proxy-client-key-file=/opt/kubernetes/ssl/aggregator-key.pem \
--runtime-config=api/all=true \
--enable-aggregator-routing=true
2)修改master的kube-controller-manager.service
#vi /usr/lib/systemd/system/kube-controller-manager.service
--horizontal-pod-autoscaler-use-rest-clients=true
3)重启服务
systemctl daemon-reload
systemctl restart kube-apiserver
systemctl restart kube-controller-manager
systemctl status kube-apiserver
systemctl status kube-controller-manager
4)把修改过的服务启动文件发送给master02;
cd /usr/lib/systemd/system/
scp kube* master02:/usr/lib/systemd/system/
5)在master02上一样要重启服务
systemctl daemon-reload
systemctl restart kube-apiserver
systemctl restart kube-controller-manager
systemctl status kube-apiserver
systemctl status kube-controller-manager
#(4)安装metric server
1)克隆
git clone https://gitee.com/love-docker/k8s.git
2)发布
cd k8s/v1.11/metric-server/
kubectl apply -f .
3)验证
要注意, master的/var/log/messages日志不能出现相关metric server的错误日志
一分钟后,度量服务器开始报告节点和 Pod 的 CPU 和内存使用情况。 查看 nodes 指标:
yum install jq -y
kubectl get --raw "/apis/metrics.k8s.io/v1beta1/nodes" | jq .
查看 pods 指标: