Kubernetes专题系列-资源指标监控篇

Kubernetes专题系列-资源指标监控篇

本文分为两部分第一部分是metrics-server，第二部分是基于web管理的kubernetes的dashboard。

为了快速查看kubernetes集群的节点、Pod的内存和CPU相关资源指标，使用了，使用了最新版本metrics-server-v0.3.7和dashboard-amd64:v2.0.4。

metrics-server篇：

下载解压软件

[root@node1 ~]#wget -P k8s-monitor wget -c https://github.com/kubernetes-sigs/metrics-server/archive/v0.3.7.tar.gz && cd k8s-monitor && tar zxf v0.3.7.tar.gz

修改配置文件

只修改配置文件metrics-server-deployment.yaml中的image把“image: k8s.gcr.io/metrics-server/metrics-server:v0.3.7”设置为“image: registry.cn-beijing.aliyuncs.com/duqiu/metrics-server:v0.3.7”然后在containers的args启动参数处添加以下内容，跟“- --secure-port=4443”对齐即可- metrics-server- --metric-resolution=30s - --kubelet-insecure-tls - --kubelet-preferred-address-types=InternalIP,Hostname,InternalDNS,Ex- --kubelet-insecure-tls

部署

[root@192-168-0-114 ~]# cd metrics-server-0.3.7/deploy/1.8+[root@192-168-0-114 1.8+]# kubectl apply -f .clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader changedclusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator changedrolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader changedapiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io changedserviceaccount/metrics-server changeddeployment.apps/metrics-server changedservice/metrics-server changedclusterrole.rbac.authorization.k8s.io/system:metrics-server changedclusterrolebinding.rbac.authorization.k8s.io/system:metrics-server changed

等待30s-1min查看效果

[root@192-168-0-114 ~]# kubectl top nodeNAME CPU(cores) CPU% MEMORY(bytes) MEMORY% node1 536m 14% 2247Mi 70% node2 441m 11% 2162Mi 67% node3 380m 9% 1370Mi 39%[root@192-168-0-114 ~]# kubectl top po -n kube-systemNAME CPU(cores) MEMORY(bytes) calico-kube-controllers-7fbcd4c569-9bfwx 7m 20Mi calico-node-2cmrq 69m 68Mi calico-node-fh6wx 78m 71Mi calico-node-mlvth 73m 61Mi coredns-66655b745d-ldr4r 6m 13Mi coredns-66655b745d-t9z98 11m 13Mi dns-autoscaler-647cfd7f5b-sfg4w 1m 10Mi kube-apiserver-node1 93m 284Mi kube-apiserver-node2 75m 295Mi kube-controller-manager-node1 46m 58Mi kube-controller-manager-node2 5m 17Mi kube-proxy-98q69 7m 19Mi kube-proxy-bb97m 13m 19Mi kube-proxy-pgqld 1m 17Mi kube-scheduler-node1 11m 22Mi kube-scheduler-node2 7m 14Mi kubernetes-dashboard-5c8754b9f6-mv8km 1m 27Mi kubernetes-metrics-scraper-68464b88b5-5hrc5 1m 15Mi metrics-server-77c94d4964-ljpz4 4m 18Mi nginx-proxy-node3 1m 18Mi nodelocaldns-75nkt 3m 16Mi nodelocaldns-8gbv8 3m 14Mi nodelocaldns-bpp2d 3m 12Mi

kubernetes dashboard篇：

因为基于kubespray的部署，我们只需要更改dashboard文件即可，文件位置在：/etc/kubernetes/dashboard.yml,1.更改镜像拉取地址为：image: registry.cn-beijing.aliyuncs.com/duqiu/dashboard-amd64:v2.0.42.更改暴露方式为NodePort,添加端口为32567

---# ------------------- Dashboard Service ------------------- #kind: ServiceapiVersion: v1metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-systemspec: type: NodePort ports: - port: 443 targetPort: 8443 nodePort: 32567 selector: k8s-app: kubernetes-dashboard

3.增加SA配置来获取集群信息，在dashboard.yml最后添加以下信息

###By duqiu---apiVersion: v1kind: ServiceAccountmetadata: labels: k8s-app: dashboard-admin name: dashboard-admin namespace: kubernetes-dashboard---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata: name: dashboard-cluster-adminroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-adminsubjects: - kind: ServiceAccount name: dashboard-admin namespace: kubernetes-dashboard

4.创建依赖的namespace并应用文件

[root@node1 kubernetes]#kubectl create ns kubernetes-dashboard[root@node1 kubernetes]# kubectl apply -f dashboard.yml

5.查看pod运行状态和sa情况

[root@node1 kubernetes]# kubectl get po -n kube-system|grep dashkubernetes-dashboard-5c8754b9f6-mv8km         1/1     Running   0          17h[root@node1 kubernetes]# kubectl get sa -n kubernetes-dashboardNAME SECRETS AGEdashboard-admin   1         17hdefault           1         17h

6.进入dashboard web 界面：建议用火狐浏览器,如果使用的是Google浏览器，会出现如下情况，直接在页面敲thisisunsafe即可打开：

选择Token复制刚刚创建的Token信息到浏览器里：

[root@node1 kubernetes]# kubectl describe secret dashboard-admin-token-29htx -n kubernetes-dashboardName: dashboard-admin-token-29htxNamespace: kubernetes-dashboardLabels: Annotations: kubernetes.io/service-account.name: dashboard-admin kubernetes.io/service-account.uid: 0dasdfad-6f46-4a82-adf39-adsf34fae81cbType: kubernetes.io/service-account-tokenData====ca.crt: 1025 bytesnamespace: 20 bytestoken:      asdfGciOiJSUzIasdfCI6IkZUdkJINWpmaadsfasdfA1NmhJanp6NXhWYjd1TEJ2RU9CY1kifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tMjlodHgiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMGRjYzc2YWQtNmY0Ni00YTgyLWE0MzktNTQxMzRmYWU4MWNiIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmVybmV0ZXMtZGFzaGJvYXJkOmRhc2hib2FyZC1hZG1pbiJ9.VzWAWb43pyfmcTKTIzlAr4szf2Myt5O1LnPTVoXtdVAih9DJcEcfgwZGrPclFaKdpw_uUezgG98_u9tkUMBGf3e8c_QrP80QOt4r3r5U_O8FJ4osiN700CrfbJRCWeiSB7D0jHnakb9qI_5qwApkw_Ky7lVo9WKwxdP_gnoO0rQV9oxQpcN-d10tTVBIS1nUcOsQzA-5MIP32r0p7iZHCuv2_G9UuKaPvPvdbYDTRokr5aTpSgx_-hFbkFuFs_MBQwkrC6CP3r819hyU3CInunaI0_J_WYNskZ-pmT5Jg3db-n34jKVKf4RlALZIvkQO6RfFG0YrH1V2_-ComYsAUw

基于web的dashboard UI部署完成，我们可以在此页面进行yaml文件的修改应用等等操作，查看pod、node、cm、job等等资源信息。