kubernetes Metrics-server 安装
一、Metrics-server安装:
由于使用自动扩容,得安装heapster或metrics-server(由于heapster停止更新故用metrics-server):
1、安装之前需要为kubernetes增加配置项:
1、为/etc/kubernetes/controller-manager增加启动项:
***
--horizontal-pod-autoscaler-use-rest-clients=true
***
systemctl restart kube-controller-manager
2、为/usr/lib/systemd/system/kube-apiserver.service增加启动项(也可以修改/etc/kubernetes/apiserver文件增加):
***
--requestheader-client-ca-file=/etc/kubernetes/ssl/ca.pem \
--requestheader-allowed-names= \
--requestheader-extra-headers-prefix=X-Remote-Extra- \
--requestheader-group-headers=X-Remote-Group \
--requestheader-username-headers=X-Remote-User \
--proxy-client-cert-file=/etc/kubernetes/ssl/kubelet-client.crt \
--proxy-client-key-file=/etc/kubernetes/ssl/kubelet-client.key \
--enable-aggregator-routing=true
***
systemctl daemon-reload
systemctl restart kube-apiserver
2、在kubenetes上安装Metrics-server:
1、创建:
kubectl create -f metrics-server.yml
2、删除:
kubectl delete ServiceAccount metrics-server -n kube-system
kubectl delete ClusterRoleBinding metrics-server:system:auth-delegator -n kube-system
kubectl delete RoleBinding metrics-server-auth-reader -n kube-system
kubectl delete ClusterRole system:metrics-server -n kube-system
kubectl delete ClusterRoleBinding system:metrics-server -n kube-system
kubectl delete APIService v1beta1.metrics.k8s.io -n kube-system
kubectl delete Service metrics-server -n kube-system
kubectl delete Deployment metrics-server -n kube-system
注:要修改metrics-server的镜
--- apiVersion: v1 kind: ServiceAccount metadata: name: metrics-server namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: metrics-server:system:auth-delegator roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: system:auth-delegator subjects: - kind: ServiceAccount name: metrics-server namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: metrics-server-auth-reader namespace: kube-system roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: extension-apiserver-authentication-reader subjects: - kind: ServiceAccount name: metrics-server namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: system:metrics-server rules: - apiGroups: - "" resources: - pods - nodes - nodes/stats - namespaces verbs: - get - list - watch - apiGroups: - "extensions" resources: - deployments verbs: - get - list - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: system:metrics-server roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: system:metrics-server subjects: - kind: ServiceAccount name: metrics-server namespace: kube-system --- apiVersion: apiregistration.k8s.io/v1beta1 kind: APIService metadata: name: v1beta1.metrics.k8s.io spec: service: name: metrics-server namespace: kube-system group: metrics.k8s.io version: v1beta1 insecureSkipTLSVerify: true groupPriorityMinimum: 100 versionPriority: 100 --- apiVersion: v1 kind: Service metadata: name: metrics-server namespace: kube-system labels: kubernetes.io/name: "Metrics-server" spec: selector: k8s-app: metrics-server ports: - port: 443 protocol: TCP targetPort: 443 --- apiVersion: apps/v1beta2 kind: Deployment metadata: name: metrics-server namespace: kube-system labels: k8s-app: metrics-server spec: selector: matchLabels: k8s-app: metrics-server template: metadata: name: metrics-server labels: k8s-app: metrics-server spec: serviceAccountName: metrics-server containers: - name: metrics-server # image: gcr.io/google_containers/metrics-server-amd64:v0.2.1 image: 144.202.127.156/google_containers/metrics-server-amd64:v0.2.1 imagePullPolicy: Always command: - /metrics-server - --source=kubernetes.summary_api:'' resources: requests: cpu: 20m memory: 200Mi limits: cpu: 100m memory: 500Mi
3、验证:
1、创建测试资源:
kubectl create -f nginx.yml
2、创建自动伸缩规则:
kubectl autoscale deployment nginx --cpu-percent=75 --min=2 --max=10
kubectl get hpa
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
bill-service Deployment/bill-service 0% / 80% 5 10 5 2h
注:TARGETS出现<unknown> / 80% 说明没有成功就得看metrics-server的日志和hpa的describe来查找原因了。
3、测试是否生效(使用脚本测):
python pressure-web.py
kubectl get hpa
apiVersion: v1 kind: Service metadata: name: nginx labels: app: nginx spec: ports: - port: 80 name: web selector: app: nginx --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: web spec: selector: matchLabels: app: nginx replicas: 3 template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx resources: limits: cpu: 100m memory: 100Mi requests: cpu: 50m memory: 50Mi ports: - containerPort: 80 name: web
import requests,time,threading url = "https://www.baidu.com" requests_timeout = 2 def get_response_time(url,count,ring): start_time = time.time() try: req_obj = requests.get(url,timeout=requests_timeout) except requests.exceptions.ReadTimeout as e: status = False else: status = True end_time = time.time() requests_time = end_time-start_time if status and (req_obj.status_code == requests.codes.ok) : requests_status = "OK" else: requests_status = "NO" print("第%s轮,第%s连接,请求用时(s):%s,返回状态:%s"%(ring,count,requests_time,requests_status)) if __name__ == "__main__": '''在规定超时时间内,11秒内处理不了100个请求,请求就会累积,一直拖垮''' ring = 1 while True: for count in range(100): t = threading.Thread(target=get_response_time,args=(url,count,ring)) time.sleep(0.01) t.start() time.sleep(10) ring += 1 print("第%s轮开始"%ring)
