k8s部署metric-server单机、集群版

发布时间:2023年12月28日

### 一、单机部署
#### 1.1、下载metric-server
```
https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
```
#### 1.2、替换镜像并修改参数
```
...
? ? spec:
? ? ? containers:
? ? ? - args:
? ? ? ? - --cert-dir=/tmp
? ? ? ? - --secure-port=4443
? ? ? ? - --kubelet-insecure-tls? ? ? ? # 1、不验证ca证书
? ? ? ? - --kubelet-preferred-address-types=InternalIP? ? ? ? # 2、使用InternalIP
? ? ? ? - --kubelet-use-node-status-port
? ? ? ? - --metric-resolution=15s
? ? ? ? image: guopengfee/metrics-server:v0.6.4? ? ? ? # 3、镜像地址
? ? ? ? imagePullPolicy: IfNotPresent
? ? ? ? livenessProbe:
...
```
#### 1.3 完整配置文件"components.yaml"
```
apiVersion: v1
kind: ServiceAccount
metadata:
? labels:
? ? k8s-app: metrics-server
? name: metrics-server
? namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
? labels:
? ? k8s-app: metrics-server
? ? rbac.authorization.k8s.io/aggregate-to-admin: "true"
? ? rbac.authorization.k8s.io/aggregate-to-edit: "true"
? ? rbac.authorization.k8s.io/aggregate-to-view: "true"
? name: system:aggregated-metrics-reader
rules:
- apiGroups:
? - metrics.k8s.io
? resources:
? - pods
? - nodes
? verbs:
? - get
? - list
? - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
? labels:
? ? k8s-app: metrics-server
? name: system:metrics-server
rules:
- apiGroups:
? - ""
? resources:
? - nodes/metrics
? verbs:
? - get
- apiGroups:
? - ""
? resources:
? - pods
? - nodes
? verbs:
? - get
? - list
? - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
? labels:
? ? k8s-app: metrics-server
? name: metrics-server-auth-reader
? namespace: kube-system
roleRef:
? apiGroup: rbac.authorization.k8s.io
? kind: Role
? name: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccount
? name: metrics-server
? namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
? labels:
? ? k8s-app: metrics-server
? name: metrics-server:system:auth-delegator
roleRef:
? apiGroup: rbac.authorization.k8s.io
? kind: ClusterRole
? name: system:auth-delegator
subjects:
- kind: ServiceAccount
? name: metrics-server
? namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
? labels:
? ? k8s-app: metrics-server
? name: system:metrics-server
roleRef:
? apiGroup: rbac.authorization.k8s.io
? kind: ClusterRole
? name: system:metrics-server
subjects:
- kind: ServiceAccount
? name: metrics-server
? namespace: kube-system
---
apiVersion: v1
kind: Service
metadata:
? labels:
? ? k8s-app: metrics-server
? name: metrics-server
? namespace: kube-system
spec:
? ports:
? - name: https
? ? port: 443
? ? protocol: TCP
? ? targetPort: https
? selector:
? ? k8s-app: metrics-server
---
apiVersion: apps/v1
kind: Deployment
metadata:
? labels:
? ? k8s-app: metrics-server
? name: metrics-server
? namespace: kube-system
spec:
? selector:
? ? matchLabels:
? ? ? k8s-app: metrics-server
? strategy:
? ? rollingUpdate:
? ? ? maxUnavailable: 0
? template:
? ? metadata:
? ? ? labels:
? ? ? ? k8s-app: metrics-server
? ? spec:
? ? ? containers:
? ? ? - args:
? ? ? ? - --cert-dir=/tmp
? ? ? ? - --secure-port=4443
? ? ? ? - --kubelet-insecure-tls
? ? ? ? - --kubelet-preferred-address-types=InternalIP
? ? ? ? - --kubelet-use-node-status-port
? ? ? ? - --metric-resolution=15s
? ? ? ? image: guopengfee/metrics-server:v0.6.4
? ? ? ? imagePullPolicy: IfNotPresent
? ? ? ? livenessProbe:
? ? ? ? ? failureThreshold: 3
? ? ? ? ? httpGet:
? ? ? ? ? ? path: /livez
? ? ? ? ? ? port: https
? ? ? ? ? ? scheme: HTTPS
? ? ? ? ? periodSeconds: 10
? ? ? ? name: metrics-server
? ? ? ? ports:
? ? ? ? - containerPort: 4443
? ? ? ? ? name: https
? ? ? ? ? protocol: TCP
? ? ? ? readinessProbe:
? ? ? ? ? failureThreshold: 3
? ? ? ? ? httpGet:
? ? ? ? ? ? path: /readyz
? ? ? ? ? ? port: https
? ? ? ? ? ? scheme: HTTPS
? ? ? ? ? initialDelaySeconds: 20
? ? ? ? ? periodSeconds: 10
? ? ? ? resources:
? ? ? ? ? requests:
? ? ? ? ? ? cpu: 100m
? ? ? ? ? ? memory: 200Mi
? ? ? ? securityContext:
? ? ? ? ? allowPrivilegeEscalation: false
? ? ? ? ? readOnlyRootFilesystem: true
? ? ? ? ? runAsNonRoot: true
? ? ? ? ? runAsUser: 1000
? ? ? ? volumeMounts:
? ? ? ? - mountPath: /tmp
? ? ? ? ? name: tmp-dir
? ? ? nodeSelector:
? ? ? ? kubernetes.io/os: linux
? ? ? priorityClassName: system-cluster-critical
? ? ? serviceAccountName: metrics-server
? ? ? volumes:
? ? ? - emptyDir: {}
? ? ? ? name: tmp-dir
---
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
? labels:
? ? k8s-app: metrics-server
? name: v1beta1.metrics.k8s.io
spec:
? group: metrics.k8s.io
? groupPriorityMinimum: 100
? insecureSkipTLSVerify: true
? service:
? ? name: metrics-server
? ? namespace: kube-system
? version: v1beta1
? versionPriority: 100
```

#### 1.4 部署"components.yaml"
```
kubectl apply -f components.yaml
```

#### 1.5 查看pod
```
[root@master01 metric_server]# kubectl get pod -n kube-system?
NAME ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? READY ? STATUS ? ?RESTARTS ? ? ? ?AGE
kube-flannel-ds-6mppc ? ? ? ? ? ? ?1/1 ? ? Running ? 1 (4h52m ago) ? 6h13m
...
metrics-server-5546477ddb-5f4b2 ? ?1/1 ? ? Running ? 0 ? ? ? ? ? ? ? 12m
```

### 二、集群版部署
#### 2.0、高可用集群版本需要修改kube-apiserver参数如下“ ? ?- --enable-aggregator-routing=true”
```
apiVersion: v1
kind: Pod
metadata:
? labels:
? ? component: kube-apiserver
? ? tier: control-plane
? name: kube-apiserver
? namespace: kube-system
spec:
? containers:
? - command:
? ? - kube-apiserver
...
? ? - --service-cluster-ip-range=10.233.0.0/18
? ? - --enable-aggregator-routing=true
...
```
#### 2.1、下载metric-server-cluster
```
wget https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/high-availability-1.21+.yaml
```
#### 2.2、替换镜像并修改参数
```
? ? spec:
? ? ? affinity:
? ? ? ? podAntiAffinity:
? ? ? ? ? requiredDuringSchedulingIgnoredDuringExecution:
? ? ? ? ? - labelSelector:
? ? ? ? ? ? ? matchLabels:
? ? ? ? ? ? ? ? k8s-app: metrics-server
? ? ? ? ? ? namespaces:
? ? ? ? ? ? - kube-system
? ? ? ? ? ? topologyKey: kubernetes.io/hostname
? ? ? containers:
? ? ? - args:
? ? ? ? - --cert-dir=/tmp
? ? ? ? - --secure-port=4443
? ? ? ? - --kubelet-insecure-tls
? ? ? ? - --kubelet-preferred-address-types=InternalIP
? ? ? ? - --kubelet-use-node-status-port
? ? ? ? - --metric-resolution=15s
? ? ? ? image: guopengfee/metrics-server:v0.6.4
? ? ? ? imagePullPolicy: IfNotPresent
? ? ? ? livenessProbe:
```
#### 2.3、完整配置文件"high-availability-1.21+.yamll"
```
[root@master01 metric_server]# cat high-availability-1.21+.yaml?
apiVersion: v1
kind: ServiceAccount
metadata:
? labels:
? ? k8s-app: metrics-server
? name: metrics-server
? namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
? labels:
? ? k8s-app: metrics-server
? ? rbac.authorization.k8s.io/aggregate-to-admin: "true"
? ? rbac.authorization.k8s.io/aggregate-to-edit: "true"
? ? rbac.authorization.k8s.io/aggregate-to-view: "true"
? name: system:aggregated-metrics-reader
rules:
- apiGroups:
? - metrics.k8s.io
? resources:
? - pods
? - nodes
? verbs:
? - get
? - list
? - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
? labels:
? ? k8s-app: metrics-server
? name: system:metrics-server
rules:
- apiGroups:
? - ""
? resources:
? - nodes/metrics
? verbs:
? - get
- apiGroups:
? - ""
? resources:
? - pods
? - nodes
? verbs:
? - get
? - list
? - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
? labels:
? ? k8s-app: metrics-server
? name: metrics-server-auth-reader
? namespace: kube-system
roleRef:
? apiGroup: rbac.authorization.k8s.io
? kind: Role
? name: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccount
? name: metrics-server
? namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
? labels:
? ? k8s-app: metrics-server
? name: metrics-server:system:auth-delegator
roleRef:
? apiGroup: rbac.authorization.k8s.io
? kind: ClusterRole
? name: system:auth-delegator
subjects:
- kind: ServiceAccount
? name: metrics-server
? namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
? labels:
? ? k8s-app: metrics-server
? name: system:metrics-server
roleRef:
? apiGroup: rbac.authorization.k8s.io
? kind: ClusterRole
? name: system:metrics-server
subjects:
- kind: ServiceAccount
? name: metrics-server
? namespace: kube-system
---
apiVersion: v1
kind: Service
metadata:
? labels:
? ? k8s-app: metrics-server
? name: metrics-server
? namespace: kube-system
spec:
? ports:
? - name: https
? ? port: 443
? ? protocol: TCP
? ? targetPort: https
? selector:
? ? k8s-app: metrics-server
---
apiVersion: apps/v1
kind: Deployment
metadata:
? labels:
? ? k8s-app: metrics-server
? name: metrics-server
? namespace: kube-system
spec:
? replicas: 2
? selector:
? ? matchLabels:
? ? ? k8s-app: metrics-server
? strategy:
? ? rollingUpdate:
? ? ? maxUnavailable: 1
? template:
? ? metadata:
? ? ? labels:
? ? ? ? k8s-app: metrics-server
? ? spec:
? ? ? affinity:
? ? ? ? podAntiAffinity:
? ? ? ? ? requiredDuringSchedulingIgnoredDuringExecution:
? ? ? ? ? - labelSelector:
? ? ? ? ? ? ? matchLabels:
? ? ? ? ? ? ? ? k8s-app: metrics-server
? ? ? ? ? ? namespaces:
? ? ? ? ? ? - kube-system
? ? ? ? ? ? topologyKey: kubernetes.io/hostname
? ? ? containers:
? ? ? - args:
? ? ? ? - --cert-dir=/tmp
? ? ? ? - --secure-port=4443
? ? ? ? - --kubelet-insecure-tls
? ? ? ? - --kubelet-preferred-address-types=InternalIP
? ? ? ? - --kubelet-use-node-status-port
? ? ? ? - --metric-resolution=15s
? ? ? ? image: guopengfee/metrics-server:v0.6.4????????
? ? ? ? imagePullPolicy: IfNotPresent
? ? ? ? livenessProbe:
? ? ? ? ? failureThreshold: 3
? ? ? ? ? httpGet:
? ? ? ? ? ? path: /livez
? ? ? ? ? ? port: https
? ? ? ? ? ? scheme: HTTPS
? ? ? ? ? periodSeconds: 10
? ? ? ? name: metrics-server
? ? ? ? ports:
? ? ? ? - containerPort: 4443
? ? ? ? ? name: https
? ? ? ? ? protocol: TCP
? ? ? ? readinessProbe:
? ? ? ? ? failureThreshold: 3
? ? ? ? ? httpGet:
? ? ? ? ? ? path: /readyz
? ? ? ? ? ? port: https
? ? ? ? ? ? scheme: HTTPS
? ? ? ? ? initialDelaySeconds: 20
? ? ? ? ? periodSeconds: 10
? ? ? ? resources:
? ? ? ? ? requests:
? ? ? ? ? ? cpu: 100m
? ? ? ? ? ? memory: 200Mi
? ? ? ? securityContext:
? ? ? ? ? allowPrivilegeEscalation: false
? ? ? ? ? readOnlyRootFilesystem: true
? ? ? ? ? runAsNonRoot: true
? ? ? ? ? runAsUser: 1000
? ? ? ? volumeMounts:
? ? ? ? - mountPath: /tmp
? ? ? ? ? name: tmp-dir
? ? ? nodeSelector:
? ? ? ? kubernetes.io/os: linux
? ? ? priorityClassName: system-cluster-critical
? ? ? serviceAccountName: metrics-server
? ? ? volumes:
? ? ? - emptyDir: {}
? ? ? ? name: tmp-dir
---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
? name: metrics-server
? namespace: kube-system
spec:
? minAvailable: 1
? selector:
? ? matchLabels:
? ? ? k8s-app: metrics-server
---
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
? labels:
? ? k8s-app: metrics-server
? name: v1beta1.metrics.k8s.io
spec:
? group: metrics.k8s.io
? groupPriorityMinimum: 100
? insecureSkipTLSVerify: true
? service:
? ? name: metrics-server
? ? namespace: kube-system
? version: v1beta1
? versionPriority: 100
```
#### 2.4、部署"high-availability-1.21+.yaml"
```
kubectl apply -f high-availability-1.21+.yaml
```
#### 2.5、查看pod
```
[root@master01 metric_server]# kubectl get pod -n kube-system?
NAME ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? READY ? STATUS ? ?RESTARTS ? ? ? AGE
coredns-757cd945b-572wz ? ? ? ? ? ?1/1 ? ? Running ? 1 (6h4m ago) ? 7h24m
coredns-757cd945b-gvd5g ? ? ? ? ? ?1/1 ? ? Running ? 1 (6h4m ago) ? 7h24m
kube-apiserver-master01 ? ? ? ? ? ?1/1 ? ? Running ? 0 ? ? ? ? ? ? ?10m
...
metrics-server-6dcfcfd57c-bzqn9 ? ?1/1 ? ? Running ? 0 ? ? ? ? ? ? ?6m15s
metrics-server-6dcfcfd57c-qf8vv ? ?1/1 ? ? Running ? 0 ? ? ? ? ? ? ?6m15s
...
```

文章来源:https://blog.csdn.net/martingpf/article/details/135274672
本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。