HeapSter部署

pod资源需求，资源限制

Requests:需求，最低保障；

Limits: 限制，硬限制；

Limits >= request

CPU:

1颗虚拟CPU=1000 毫核心 millicores

0.5cpu=500m

内存:

E,P,T,G,M,K

Ei,Pi

资源需求计算:根据request来计算

资源定义

kubectl explain pods.spec.containers.resources

vim pod-demo.yaml

apiVersion: v1

kind: Pod

apiVersion: v1

kind: Pod

metadata:

  name: pod-demo

  namespace: default

  labels:

    app: myapp

    tier: frontend

spec:

  containers:

  - name: myapp

    image: ikubernetes/stress-ng

    command: ["/usr/bin/stress-ng","-m 1","-c 1","--metrics-brief"]  -m 启动一个进程 –c 1使用一颗cpu

    resources:

      requests: 最小资源需求

        cpu: "200m"  500millicores

        memory: "128Mi"

      limits: 限制使用最大资源

        cpu: "500m"

        memory: "200Mi"

kubectl apply -f pod-demo.yaml

kubectl exec -it pod-demo -- /bin/sh

QoS class:服务质量类别

Guranteed:  pod每个都设置了CPU，memory， 且 requests=limits  这个类别有最高优先级

Burstable：pod至少有一个容器设置了cpu或memory的requests,这个类别有中等优先级

BestEffort：没有任何容器设置了requests或limits;是最低优先级

当资源不够用时，BestEffort中的容器会被优先终止，以腾出资源确保另外两类pod正常运行

同类型的优先级，先关闭资源占用与资源最低需求比例较高的

查看pod资源使用 依赖heapster 指标数据采集工具  cAdvisor --> HeapSter     HeapSter--> InfluxDB   InflusDB-->Grafana

kubectl top pod pod-demo

pod资源监控指标:

1. k8s系统指标
2. 容器指标 容器级CPU，内存，存储等资源利用情况
3. 容器内运用指标 业务

k8s的几个重要插件:kube_dns  dashboard  heapster

heapster监控组件：HeapSter,InfluxDB,Grafana

配置InfluxDB

heapster依赖influxdb

https://github.com/kubernetes-retired/heapster/tree/master/deploy/kube-config  -->raw:下载网址

mkdir heapster &&  cd heapster/

wget https://raw.githubusercontent.com/kubernetes-retired/heapster/master/deploy/kube-config/influxdb/influxdb.yaml

vim influxdb.yaml

apiVersion: apps/v1

kind: Deployment

metadata:

  name: monitoring-influxdb

  namespace: kube-system

spec:

  replicas: 1

  selector:

    matchLabels:

      task: monitoring

      k8s-app: influxdb

  template:

    metadata:

      labels:

        task: monitoring

        k8s-app: influxdb

    spec:

      containers:

      - name: influxdb

        image: registry.cn-hangzhou.aliyuncs.com/google_containers/heapster-influxdb-amd64:v1.5.2  更换镜像地址

        volumeMounts:

        - mountPath: /data

          name: influxdb-storage

      volumes:

      - name: influxdb-storage

        emptyDir: {}

---

apiVersion: v1

kind: Service

metadata:

  labels:

    task: monitoring

    # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)

    # If you are NOT using this as an addon, you should comment out this line.

    kubernetes.io/cluster-service: 'true'

    kubernetes.io/name: monitoring-influxdb

  name: monitoring-influxdb

  namespace: kube-system

spec:

  ports:

  - port: 8086

    targetPort: 8086

  selector:

    k8s-app: influxdb

kubectl apply -f influxdb.yaml

kubectl get svc -n kube-system

kubectl get pods -n kube-system

部署HeapSter

先配置rbac  https://raw.githubusercontent.com/kubernetes-retired/heapster/master/deploy/kube-config/rbac/heapster-rbac.yaml

kubectl apply -f heapster-rbac.yaml

下载heapster配置清单

https://raw.githubusercontent.com/kubernetes-retired/heapster/master/deploy/kube-config/influxdb/heapster.yaml

vim heapster.yaml

apiVersion: v1

kind: ServiceAccount

metadata:

  name: heapster

  namespace: kube-system

---

apiVersion: apps/v1

kind: Deployment

metadata:

  name: heapster

  namespace: kube-system

spec:

  replicas: 1

  selector:

    matchLabels:

      task: monitoring

      k8s-app: heapster

  template:

    metadata:

      labels:

        task: monitoring

        k8s-app: heapster

    spec:

      serviceAccountName: heapster

      containers:

      - name: heapster

        image: registry.cn-hangzhou.aliyuncs.com/google_containers/heapster-amd64:v1.5.4   更换镜像地址

        imagePullPolicy: IfNotPresent

        command:

        - /heapster

        - --source=kubernetes:https://kubernetes.default

        - --sink=influxdb:http://monitoring-influxdb.kube-system.svc:8086

---

apiVersion: v1

kind: Service

metadata:

  labels:

    task: monitoring

    # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)

    # If you are NOT using this as an addon, you should comment out this line.

    kubernetes.io/cluster-service: 'true'

    kubernetes.io/name: Heapster

  name: heapster

  namespace: kube-system

spec:

  ports:

  - port: 80

    targetPort: 8082

  selector:

    k8s-app: heapster

kubectl apply -f heapster.yaml

kubectl get svc -n kube-system

kubectl get pods -n kube-system

配置Grafana

下载配置清单

wget https://raw.githubusercontent.com/kubernetes-retired/heapster/master/deploy/kube-config/influxdb/grafana.yaml

vim grafana.yaml

apiVersion: apps/v1

kind: Deployment

metadata:

  name: monitoring-grafana

  namespace: kube-system

spec:

  replicas: 1

  selector:

    matchLabels:

      task: monitoring

      k8s-app: grafana

  template:

    metadata:

      labels:

        task: monitoring

        k8s-app: grafana

    spec:

      containers:

      - name: grafana

        image: registry.cn-hangzhou.aliyuncs.com/google_containers/heapster-grafana-amd64:v5.0.4   更换镜像地址

        ports:

        - containerPort: 3000

          protocol: TCP

        volumeMounts:

        - mountPath: /etc/ssl/certs

          name: ca-certificates

          readOnly: true

        - mountPath: /var

          name: grafana-storage

        env:

        - name: INFLUXDB_HOST

          value: monitoring-influxdb

        - name: GF_SERVER_HTTP_PORT

          value: "3000"

          # The following env variables are required to make Grafana accessible via

          # the kubernetes api-server proxy. On production clusters, we recommend

          # removing these env variables, setup auth for grafana, and expose the grafana

          # service using a LoadBalancer or a public IP.

        - name: GF_AUTH_BASIC_ENABLED

          value: "false"

        - name: GF_AUTH_ANONYMOUS_ENABLED

          value: "true"

        - name: GF_AUTH_ANONYMOUS_ORG_ROLE

          value: Admin

        - name: GF_SERVER_ROOT_URL

          # If you're only using the API Server proxy, set this value instead:

          # value: /api/v1/namespaces/kube-system/services/monitoring-grafana/proxy

          value: /

      volumes:

      - name: ca-certificates

        hostPath:

          path: /etc/ssl/certs

      - name: grafana-storage

        emptyDir: {}

---

apiVersion: v1

kind: Service

metadata:

  labels:

    # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)

    # If you are NOT using this as an addon, you should comment out this line.

    kubernetes.io/cluster-service: 'true'

    kubernetes.io/name: monitoring-grafana

  name: monitoring-grafana

  namespace: kube-system

spec:

  # In a production setup, we recommend accessing Grafana through an external Loadbalancer

  # or through a public IP.

  # type: LoadBalancer

  # You could also use NodePort to expose the service at a randomly-generated port

  # type: NodePort

  ports:

  - port: 80

    targetPort: 3000

    nodePort: 31600

  selector:

    k8s-app: grafana

  type: NodePort

kubectl apply -f grafana.yaml

kubectl get pods -n kube-system

kubectl get svc -n kube-system

kubectl logs -n kube-system monitoring-grafana-6b5dd6459-24hsl