kubernetes 监控组件metrics-server安装

kubernetes 监控组件metrics-server安装

准备工作

1. 下载v0.3.6的git源码到本地

   wget -c https://github.com/kubernetes-sigs/metrics-server/archive/v0.3.6.zip
   

2. 解压到本地

   unzip v0.3.6.zip
   
   cd metrics-server-0.3.6/deploy/1.8+/
   

3. 修改镜像地址

   #vi metrics-server-deployment.yaml
   
   #修改后内容如下
   ---
   apiVersion: v1
   kind: ServiceAccount
   metadata:
     name: metrics-server
     namespace: kube-system
   ---
   apiVersion: apps/v1
   kind: Deployment
   metadata:
     name: metrics-server
     namespace: kube-system
     labels:
       k8s-app: metrics-server
   spec:
     selector:
       matchLabels:
         k8s-app: metrics-server
     template:
       metadata:
         name: metrics-server
         labels:
           k8s-app: metrics-server
       spec:
         serviceAccountName: metrics-server
         volumes:
         # mount in tmp so we can safely use from-scratch images and/or read-only containers
         - name: tmp-dir
           emptyDir: {}
         containers:
         - name: metrics-server
           image: k8s.gcr.io/metrics-server-amd64:v0.3.6
           imagePullPolicy: IfNotPresent
           command:
               - /metrics-server
               - --kubelet-preferred-address-types=InternalIP
               - --kubelet-insecure-tls
           volumeMounts:
           - name: tmp-dir
             mountPath: /tmp
   

metrics-server默认使用node的主机名，但是coredns里面没有物理机主机名的解析，部署的时候添加一个参数

	--kubelet-preferred-address-types=InternalIP,Hostname,InternalDNS,ExternalDNS,ExternalIP

这里直接通过InternalIP进行访问，忽略客户端证书。

	kubelet-insecure-tls

由于国内网络背墙的原因需要下载国内镜像 并更换tag,修改imagePullPolicy为IfNotPresent

	docker pull bluersw/metrics-server-amd64:v0.3.6
	docker tag bluersw/metrics-server-amd64:v0.3.6 k8s.gcr.io/metrics-server-amd64:v0.3.6

4. 开始安装

   cd metrics-server-0.3.6/deploy/1.8+/
   kubectl apply -f .
   

5. 安装过程中遇到的问题

   metrics容器处于running状态，但是使用kubectl top 命令提示不可达。打开日志提示：
   connection timeout

   打开一个busybox容器尝试ping主机

   kubectl run busybox --rm=true --image=busybox --restart=Never --tty -i
   ping 192.168.163.251
   

   发现在容器内部ping不通外部主机

   查看容器的网段

   kubect get pods -n kube-system -o wide	
   

   尝试在外部主机添加IP规则

   iptables -t nat -I POSTROUTING -s 10.212.0.0/16 -j MASQUERADE
   service iptables save
   

   再尝试ping主机

   PING 192.168.163.251 (192.168.163.251) 56(84) bytes of data.
   64 bytes from 192.168.163.251: icmp_seq=1 ttl=64 time=0.207 ms
   64 bytes from 192.168.163.251: icmp_seq=2 ttl=64 time=0.177 ms
   64 bytes from 192.168.163.251: icmp_seq=3 ttl=64 time=0.171 ms
   

   此时查看top

   kubectl top nodes
   NAME       CPU(cores)   CPU%   MEMORY(bytes)   MEMORY%   
   m163p251   296m         0%     136607Mi        53%       
   m163p252   444m         1%     108027Mi        41%