Kubernetes 部署 Metrics Server 获取集群指标数据
系统环境:
- Kubernetes 版本:1.19.4
- Metrics Server 版本:v4.0.1
示例部署文件地址:
一、Metrics Server 简介
介绍 Metrics Server 前首先介绍下 Heapster,该工具是用于 Kubernetes 集群监控和性能分析工具,可以收集节点上的指标数据,例如,节点的 CPU、Memory、Network 和 Disk 的 Metric 数据。不过在 Kubernetes V1.11 版本后将被逐渐废弃。而 Metrics Server 正是 Heapster 的代替者。
Metrics Server 是 Kubernetes 集群核心监控数据的聚合器,可以通过 Metrics API 的形式获取 Metrics 数据,不过仅仅是获取指标的最新值,不对旧值进行存储,且不负责将指标转发到第三方目标。Metrics Server 还可以与 Kubectl 工具结合使用,提供 kubectl top 命令来展示集群中的指标数据,接下来我们开始部署 Metrics Server。
二、部署应用权限 RBAC 资源
Kubernetes 部署 Metrics Server 前需要先提前部署 RBAC 相关配置,这样 Metrics Server 才能有足够的权限获取系统组件的信息。
创建 Metrics RBAC 文件
metrics-rbac.yaml
## ServiceAccountapiVersion: v1kind: ServiceAccountmetadata: labels: k8s-app: metrics-server name: metrics-server namespace: kube-system---## ClusterRole aggregated-metrics-readerapiVersion: rbac.authorization.k8s.io/v1kind: ClusterRolemetadata: name: system:aggregated-metrics-reader labels: k8s-app: metrics-server rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true"rules:- apiGroups: ["metrics.k8s.io"] resources: ["pods","nodes"] verbs: ["get","list","watch"]---## ClusterRole metrics-serverapiVersion: rbac.authorization.k8s.io/v1kind: ClusterRolemetadata: name: system:metrics-server labels: k8s-app: metrics-serverrules:- apiGroups: [""] resources: ["pods","nodes","nodes/stats","namespaces","configmaps"] verbs: ["get","list","watch"]---## ClusterRoleBinding auth-delegatorapiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata: name: metrics-server:system:auth-delegator labels: k8s-app: metrics-serverroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: system:auth-delegatorsubjects:- kind: ServiceAccount name: metrics-server namespace: kube-system---## RoleBinding metrics-server-auth-readerapiVersion: rbac.authorization.k8s.io/v1kind: RoleBindingmetadata: name: metrics-server-auth-reader namespace: kube-system labels: k8s-app: metrics-serverroleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: extension-apiserver-authentication-readersubjects:- kind: ServiceAccount name: metrics-server namespace: kube-system---## ClusterRoleBinding system:metrics-serverapiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata: name: system:metrics-server labels: k8s-app: metrics-serverroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: system:metrics-serversubjects:- kind: ServiceAccount name: metrics-server namespace: kube-system通过 Kubectl 工具部署 Metrics RBAC
- -n:指定部署应用的 Namespace 命名空间
$ kubectl apply -f metrics-rbac.yaml -n kube-system三、部署 APIService 资源
设置扩展 API Service 工作于聚合层,允许使用其 API 扩展 Kubernetes apiserver,而这些 API 并不是核心 Kubernetes API 的一部分。这里部署 APIservice 资源,来提供 Kubernetes Metrics 指标 API 数据。
创建 Metrics APIService 文件
metrics-api-service.yaml
## APIServiceapiVersion: apiregistration.k8s.io/v1kind: APIServicemetadata: labels: k8s-app: metrics-server name: v1beta1.metrics.k8s.iospec: group: metrics.k8s.io service: name: metrics-server namespace: kube-system version: v1beta1 groupPriorityMinimum: 100 insecureSkipTLSVerify: true versionPriority: 100通过 Kubectl 工具部署 Metrics APIService
- -n:指定部署应用的 Namespace 命名空间
$ kubectl apply -f metrics-api-service.yaml -n kube-system四、部署 Metrics Server 应用
创建 Metrics 部署文件
metrics-server-deploy.yaml
## ServiceapiVersion: v1kind: Servicemetadata: labels: k8s-app: metrics-server name: metrics-server namespace: kube-systemspec: ports: - name: https port: 443 protocol: TCP targetPort: https selector: k8s-app: metrics-server---## DeploymentapiVersion: apps/v1kind: Deploymentmetadata: name: metrics-server namespace: kube-system labels: k8s-app: metrics-serverspec: selector: matchLabels: k8s-app: metrics-server strategy: rollingUpdate: maxUnavailable: 0 template: metadata: name: metrics-server labels: k8s-app: metrics-server spec: hostNetwork: true serviceAccountName: metrics-server containers: - name: metrics-server image: bitnami/metrics-server:0.4.1 imagePullPolicy: IfNotPresent args: - --cert-dir=/tmp - --secure-port=4443 - --kubelet-insecure-tls - --kubelet-use-node-status-port - --kubelet-preferred-address-types=InternalDNS,InternalIP,ExternalDNS,ExternalIP,Hostname livenessProbe: failureThreshold: 3 httpGet: path: /livez port: https scheme: HTTPS periodSeconds: 10 readinessProbe: failureThreshold: 3 httpGet: path: /readyz port: https scheme: HTTPS periodSeconds: 10 ports: - name: https containerPort: 4443 protocol: TCP securityContext: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 resources: limits: memory: 1Gi cpu: 1000m requests: memory: 1Gi cpu: 1000m volumeMounts: - name: tmp-dir mountPath: /tmp - name: localtime readOnly: true mountPath: /etc/localtime volumes: - name: tmp-dir emptyDir: {} - name: localtime hostPath: type: File path: /etc/localtime nodeSelector: kubernetes.io/os: linux通过 Kubectl 工具部署 Metrics 应用
- -n:指定部署应用的 Namespace 命名空间
$ kubectl apply -f metrics-server-deploy.yaml -n kube-system五、进行测试
当部署完 Metrics Server 后,可以通过 kubectl 工具进行测试,默认支持下面命令:
- kubectl top pod: 获取 Pod 的 CPU、Memory 使用信息。
- kubectl top node: 获取 Node 的 CPU、Memory 使用信息。
输入上面命令进行测试,如下:
## 获取全部节点指标信息$ kubectl top nodeNAME CPU(cores) CPU% MEMORY(bytes) MEMORY%k8s-master 228m 5% 1204Mi 44%k8s-node-2-12 131m 1% 1843Mi 23%k8s-node-2-13 73m 0% 576Mi 7%
## 获取某个 Namespace Pod 的指标信息$ kubectl top pods -n kube-systemNAME CPU(cores) MEMORY(bytes)coredns-9d85f5447-c82w7 7m 22Micoredns-9d85f5447-kcmb4 7m 21Midashboard-metrics-scraper-65f454dff8-2pts8 1m 22Mietcd-k8s-master 22m 104Mikube-apiserver-k8s-master 58m 311Mikube-controller-manager-k8s-master 27m 46Mi
## 获取某个 Namespace 下某个 Pod 的指标信息$ kubectl top pods coredns-9d85f5447-c82w7 -n kube-systemNAME CPU(cores) MEMORY(bytes)coredns-9d85f5447-c82w7 7m 21Mi
## 获取全部 Namespace 下的 Pod 的指标信息$ kubectl top pods --all-namespacesNAMESPACE NAME CPU(cores) MEMORY(bytes)kube-system coredns-9d85f5447-c82w7 6m 22Mikube-system coredns-9d85f5447-kcmb4 6m 21Mikube-system dashboard-metrics-scraper-65f454dff8-2pts8 1m 22Mikube-system etcd-k8s-master 21m 106Mikube-system kube-apiserver-k8s-master 62m 311Mikube-system kube-controller-manager-k8s-master 26m 46Mikube-system kube-proxy-kpt7c 2m 36Mikube-system kube-proxy-zb2l5 1m 27Mikube-system kube-scheduler-k8s-master 5m 21Mikube-system kubernetes-dashboard-7bf47cd79c-nctx2 1m 55Mikube-system metrics-server-6d54447849-nnbfk 3m 20Mi---END---
如果本文对你有帮助,可以关注我的公众号 "小豆丁技术栈" 了解最新动态,顺便也请帮忙 Github 点颗星哦,感谢~