提示:文章写完后,目录可以自动生成,如何生成可参考右边的帮助文档

文章目录

前言一、安装步骤1.下载metric-server的chart2.改vaules.yaml模板3.使用helm安装metrics

二、遇到问题

前言

提示:这里可以添加本文要记录的大概内容:

metrics-server安装后,可以查看集群的node和pod的CPU和Memory占用情况,非常有用。

提示:以下是本篇文章正文内容,下面案例可供参考

一、安装步骤

1.下载metric-server的chart

官网地址:https://github.com/kubernetes-sigs/metrics-server/releases 找到一个版本的helm chart后下载到本地解压。

2.改vaules.yaml模板

找到values.yaml模板,打开后我们改如下三行: repository: registry.aliyuncs.com/google_containers/metrics-server repository: registry.aliyuncs.com/google_containers/autoscaling/addon-resizer args:

–kubelet-insecure-tls

三处的代码块如下:

第一处:

image:

repository: registry.aliyuncs.com/google_containers/metrics-server

# Overrides the image tag whose default is v{{ .Chart.AppVersion }}

第二处:

args:

- --kubelet-insecure-tls

第三处:

image:

repository: registry.aliyuncs.com/google_containers/autoscaling/addon-resizer

改这三处的目的是:

修改镜像下载池为阿里源,方便国内用户下载;增加一个args参数,忽略tls,否则会报错;

3.使用helm安装metrics

将原始的chart包传至k8s环境某目录 在该目录下重新vim一个values-metrics.yaml文件,将本地新改好的代码全部粘贴复制进这个新文件。然后在本目录下执行: helm install <下载的原始chart包> --values values-metrics.yaml -n kube-system

root@k8s-master:/home/perry# helm install metrics-server metrics-server-3.11.0.tgz --values metric-value.yaml -n kube-system

等待几分钟后,即可正常执行 kubectl top nodes kubectl top pods

二、遇到问题

我之前没有加“- --kubelet-insecure-tls” 参数,导致在执行kubectl top node的时候一直报错: root@k8s-master:~# kubectl top nodes error: Metrics API not available root@k8s-master:~# 查看pod logs: root@k8s-master:~# kubectl -n kube-system logs metrics-server-7c76c9655c-twhzr 报错: scraper.go:140] “Failed to scrape node” err=“Get “https://11.0.1.139:10250/metrics/resource”: x509: cannot validate certificate for 11.0.1.139 because it doesn’t contain any IP SANs” node=“k8s-node2”

root@k8s-master:~# kubectl -n kube-system logs metrics-server-7c76c9655c-twhzr

I0117 08:41:44.446733 1 serving.go:342] Generated self-signed cert (/tmp/apiserver.crt, /tmp/apiserver.key)

I0117 08:41:44.911378 1 secure_serving.go:267] Serving securely on [::]:4443

I0117 08:41:44.911537 1 requestheader_controller.go:169] Starting RequestHeaderAuthRequestController

I0117 08:41:44.911565 1 shared_informer.go:240] Waiting for caches to sync for RequestHeaderAuthRequestController

I0117 08:41:44.911796 1 dynamic_serving_content.go:131] "Starting controller" name="serving-cert::/tmp/apiserver.crt::/tmp/apiserver.key"

E0117 08:41:44.916116 1 scraper.go:140] "Failed to scrape node" err="Get \"https://11.0.1.138:10250/metrics/resource\": x509: cannot validate certificate for 11.0.1.138 because it doesn't contain any IP SANs" node="k8s-node1"

I0117 08:41:44.916282 1 tlsconfig.go:240] "Starting DynamicServingCertificateController"

W0117 08:41:44.916395 1 shared_informer.go:372] The sharedIndexInformer has started, run more than once is not allowed

I0117 08:41:44.916510 1 configmap_cafile_content.go:201] "Starting controller" name="client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"

I0117 08:41:44.916536 1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file

I0117 08:41:44.916571 1 configmap_cafile_content.go:201] "Starting controller" name="client-ca::kube-system::extension-apiserver-authentication::client-ca-file"

I0117 08:41:44.916592 1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::client-ca-file

E0117 08:41:44.932118 1 scraper.go:140] "Failed to scrape node" err="Get \"https://11.0.1.137:10250/metrics/resource\": x509: cannot validate certificate for 11.0.1.137 because it doesn't contain any IP SANs" node="k8s-master"

E0117 08:41:44.940757 1 scraper.go:140] "Failed to scrape node" err="Get \"https://11.0.1.139:10250/metrics/resource\": x509: cannot validate certificate for 11.0.1.139 because it doesn't contain any IP SANs" node="k8s-node2"

所以在创建的时候需要加上那个args参数“- --kubelet-insecure-tls” 创建完成后get pods -o yaml是如下形式:

root@k8s-master:/home/perry# kubectl -n kube-system get pods metrics-server-5f5fc55fd-znknr -o yaml

...

spec:

containers:

- args:

- --secure-port=10250

- --cert-dir=/tmp

- --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname

- --kubelet-use-node-status-port

- --metric-resolution=15s

- --kubelet-insecure-tls

image: registry.aliyuncs.com/google_containers/metrics-server:v0.6.4

Created by Perry Hao at 2024.01.17

文章来源

评论可见,请评论后查看内容,谢谢!!!评论后请刷新页面。