kubeadm部署metrics-server
需求:生产环境是kubeadm部署的v1.22.2版本的k8s,统计资源时发现这套环境没有部署metrics-server这个服务,今天来部署一下
1、在github社区找到这个项目并下载
root@jumpserver-cmcc:~# wget https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml#github下载下来的yaml里面的镜像地址是谷歌的,需要替换成阿里的,这里我用的是我自己的阿里云镜像仓库地址
root@jumpserver-cmcc:~# sed -i s#registry.k8s.io/metrics-server/metrics-server:v0.7.1#registry.cn-hangzhou.aliyuncs.com/qinge/metrics-server:v0.6.0#g components.yaml
root@jumpserver-cmcc:~# cat components.yaml |grep imageimage: registry.cn-hangzhou.aliyuncs.com/qinge/metrics-server:v0.6.0imagePullPolicy: IfNotPresent
2、部署服务
root@jumpserver-cmcc:~# kubectl apply -f components.yaml
root@master01:~# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-56d97d6bc-5vfwf 1/1 Running 23 (25m ago) 12d
calico-node-5rtg9 1/1 Running 15 (25m ago) 12d
calico-node-c6bkp 1/1 Running 19 (25m ago) 12d
calico-node-fprwx 1/1 Running 11 (25m ago) 12d
calico-node-qqpkl 1/1 Running 18 (3h9m ago) 12d
calico-typha-c6d6b4cf7-vbtnn 1/1 Running 19 (3h9m ago) 12d
coredns-7b5944fdcf-rgq5p 1/1 Running 13 (25m ago) 12d
coredns-7b5944fdcf-ztkdc 1/1 Running 13 (25m ago) 12d
etcd-master01 1/1 Running 21 (3h9m ago) 12d
kube-apiserver-master01 1/1 Running 21 (3h9m ago) 12d
kube-controller-manager-master01 1/1 Running 21 (3h9m ago) 12d
kube-proxy-67x4b 1/1 Running 19 (3h9m ago) 12d
kube-proxy-bn4wj 1/1 Running 15 (25m ago) 12d
kube-proxy-slxx7 1/1 Running 15 (25m ago) 12d
kube-proxy-t2r58 1/1 Running 11 (25m ago) 12d
kube-scheduler-master01 1/1 Running 21 (3h9m ago) 12d
kube-state-metrics-5c45cbb87d-wbczr 0/1 Running 8 (25s ago) 4m2s
3、pod中的服务一直起不来
3.1查看pod起不来的原因
root@jumpserver-cmcc:~# kubectl logs -f metrics-server-b798ffd7f-7pjx9 -n kube-system
报错如下:很明显是证书有问题
3.2解决方案
apiVersion: apps/v1
kind: Deployment
metadata:labels:k8s-app: metrics-servername: metrics-servernamespace: kube-system
spec:selector:matchLabels:k8s-app: metrics-serverstrategy:rollingUpdate:maxUnavailable: 0template:metadata:labels:k8s-app: metrics-serverspec:containers:- args:- --cert-dir=/tmp- --secure-port=10250 #将端口改成10250- --kubelet-insecure-tls #添加这行,跳过证书的认证- --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname- --kubelet-use-node-status-port- --metric-resolution=15s#在重新部署一下,服务起来了root@jumpserver-cmcc:~# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
cilium-6fp4z 1/1 Running 0 350d
cilium-cjtp5 1/1 Running 0 350d
cilium-fkmhk 1/1 Running 0 350d
cilium-g7fvc 1/1 Running 0 350d
cilium-lztjd 1/1 Running 0 137d
cilium-operator-69c994665d-rhbvg 1/1 Running 1 (350d ago) 350d
cilium-t4thg 1/1 Running 0 350d
cilium-tvfq4 1/1 Running 0 137d
coredns-7bdbbf6bf5-qcm5g 1/1 Running 0 350d
coredns-7bdbbf6bf5-v2khw 1/1 Running 0 350d
etcd-kcs01master01 1/1 Running 2 350d
etcd-kcs01master02 1/1 Running 0 350d
etcd-kcs01master03 1/1 Running 0 350d
kube-apiserver-kcs01master01 1/1 Running 2 350d
kube-apiserver-kcs01master02 1/1 Running 0 350d
kube-apiserver-kcs01master03 1/1 Running 1 (350d ago) 350d
kube-controller-manager-kcs01master01 1/1 Running 3 (350d ago) 350d
kube-controller-manager-kcs01master02 1/1 Running 0 350d
kube-controller-manager-kcs01master03 1/1 Running 0 350d
kube-proxy-5hbqp 1/1 Running 0 350d
kube-proxy-dqg2l 1/1 Running 0 137d
kube-proxy-pqmnf 1/1 Running 0 350d
kube-proxy-sg8rr 1/1 Running 0 350d
kube-proxy-vghd7 1/1 Running 0 137d
kube-proxy-w46pw 1/1 Running 0 350d
kube-proxy-w977k 1/1 Running 0 350d
kube-scheduler-kcs01master01 1/1 Running 3 (350d ago) 350d
kube-scheduler-kcs01master02 1/1 Running 0 350d
kube-scheduler-kcs01master03 1/1 Running 0 350d
metrics-server-b798ffd7f-7pjx9 1/1 Running 0 21m#如果是二进制部署的在kube-apiserver的启动文件添加这参数--kubelet-insecure-tls
# vim /etc/systemd/system/kube-apiserver.service
[Service]
Environment="KUBE_API_ARGS=--kubelet-insecure-tls"
