How to deploy Metrics Server to a Kubernetes cluster

Kubernetes Metrics Server is a cluster-wide aggregator for resource usage data. Its job is to collect metrics from the summary API, Kubelet On each node. Resource troubleshooting metrics such as container CPU and memory usage are very useful when troubleshooting weird resource utilization. All of these metrics are available in Kubernetes via the Metrics API.

The Metrics API has the amount of resources currently used by a given node or given Pod. Because it does not store metric values, Metrics Server is used for this purpose. A deployment yamls file is provided for installation in the Metrics Server project source code.

Download the project source code from Github:

                      
                        git clone https://github.com/kubernetes-sigs/metrics-server.git
                      
                    

Navigate to the project folder:

                      
                        cd metrics-server
                      
                    

Set flag

Metrics Server supports all standard Kubernetes API server flags as well as standard Kubernetes glog Record sign. The most commonly used are:

  • --logtostderr : Log to standard error instead of a file in the container. You usually want to enable this feature.
  • --v= : Set the log verbosity. Unless you encounter errors, it is usually best to run log levels 1 or 2. At log level 10, a large amount of diagnostic information will be reported, including the API request and response bodies, and Kubelet’s raw metrics.
  • --secure-port= : Set a secure port. If you are not running as the root user, you need to set this to something other than the default (port 443).
  • --tls-cert-file , --tls-private-key-file : Service certificate and key file. If not specified, a self-signed certificate will be generated. Use non-self-signed certificates in production.
  • --kubelet-certificate-authority : The path of the CA certificate used to verify Kubelet’s service certificate.

Other signs that change the behavior of Metrics Server are:

  • --metric-resolution= : Time interval for capturing indicators from Kubelets (default is 60s).
  • --kubelet-insecure-tls : Skip verifying Kubelet CA certificate.
  • --kubelet-port : The port used to connect to the Kubelet (the default is the default secure Kubelet port 10250).
  • --kubelet-preferred-address-types : Kubelet node address type should be considered when connecting to Kubelet.

Specify the order of node address types

I will modify the deployment manifest file to add the order in which different Kubelet node address types are considered when connecting to Kubelet.

                      
                        vim deploy/1.8+/metrics-server-deployment.yaml
                      
                    

amend as below:

                      ...............
containers:
      - name: metrics-server
        image: k8s.gcr.io/metrics-server-amd64:v0.3.6
        args:
          - --cert-dir=/tmp
          - --secure-port=4443
          - 
                      
                        --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
                      
                    

Disable insecure CA certificate verification

If you are using a self-signed certificate, you can use the –kubelet-insecure-tls flag to skip verification of the Kubelet CA certificate.

                      ...............
containers:
      - name: metrics-server
        image: k8s.gcr.io/metrics-server-amd64:v0.3.6
        args:
          - --cert-dir=/tmp
          - --secure-port=4443
          - 
                      
                        --kubelet-insecure-tls
                      
                      
          - 
                      
                        --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
                      
                    

Deploy Metrics Server to Kubernetes

After making the required customizations, deploy metrics-server in the Kubernetes cluster by running the following command from the top-level directory of the repository:

If you have multiple Kubernetes clusters, switch to the correct one: use kubectl and kubectx to easily manage multiple Kubernetes clusters.

Then run the command:

                      $
                      
                         kubectl apply -f deploy/1.8+/
                      
                      
clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created
rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created
apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created
serviceaccount/metrics-server created
deployment.apps/metrics-server created
service/metrics-server created
clusterrole.rbac.authorization.k8s.io/system:metrics-server created
clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created
                    

Check deployment, pod and service status:

                      
                        $ kubectl get deployments metrics-server -n kube-system
NAME             READY   UP-TO-DATE   AVAILABLE   AGE
metrics-server   1/1     1            1           72m

$ kubectl get pods  -A | grep  metrics-server 
kube-system   metrics-server-7bd949b8b6-mpmk9                             1/1     Running   0          33m

$ kubectl get svc metrics-server -n kube-system
NAME             TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)   AGE
metrics-server   ClusterIP   10.96.72.29   
                        
            
            
            
            
            
             
             
             
             
             
                                  443/TCP   74m
                        
            
            
            
            
            
                      
                    

Test Metric Server Installation

Used to show the resource usage of a node-CPU / Memory / Storage:

                      
                        $ kubectl top nodes
NAME                                  CPU(cores)   CPU%   MEMORY(bytes)   MEMORY%   
k8smaster01.computingforgeeks.com     196m         4%     1053Mi          14%       
k8sworker01.computingforgeeks.com     107m         2%     2080Mi          27%       
k8sworker02.computingforgeeks.com     107m         2%     2080Mi          27%       
k8sworker03.computingforgeeks.com     107m         2%     2080Mi          27%  
                      
                    

We can do the same for podcasts-show metrics for all podcasts in the default namespace

                      
                        $ kubectl top pods
NAMESPACE     NAME                                                        CPU(cores)   MEMORY(bytes)   
kube-system   calico-kube-controllers-5c45f5bd9f-dk8jp                    1m           11Mi            
kube-system   calico-node-4h67w                                           32m          27Mi            
kube-system   calico-node-99vkm                                           35m          27Mi            
kube-system   calico-node-qdqb8                                           21m          27Mi            
kube-system   calico-node-sd9r8                                           21m          43Mi            
kube-system   coredns-6955765f44-d4g99                                    2m           12Mi            
kube-system   coredns-6955765f44-hqc4q                                    2m           11Mi            
kube-system   kube-proxy-h87zf                                            1m           12Mi            
kube-system   kube-proxy-lcnvx                                            1m           14Mi            
kube-system   kube-proxy-x6tfx                                            1m           16Mi            
kube-system   kube-proxy-xplz4                                            1m           16Mi            
kube-system   metrics-server-7bd949b8b6-mpmk9                             1m           10Mi        
                      
                    

More command option checks:

                      
                        kubectl top pod --help
kubectl top node --help
                      
                    

Check out other Kubernetes guides:

How to manually pull out the container image used by Kubernetes kubeadm

Best books to learn Docker and Ansible automation

Create Kubernetes service / user account and restrict it to one namespace using RBAC

Related Posts