容器资源需求、需求资源限制及HeapSter

容器的资源需求,资源限制

  requests:需求,最低保障

  limits:限制,硬限制,最多使用量

  CPU:2核双线程可以虚拟为4颗cpu

    1颗逻辑cpu

    1=1000微核心,milllicores

  内存: E/P/T/G/M/K

      Ei/Pi/Ti/Gi...

Qos --- 服务质量:

  • Guranteed:每个容器同时设置了CPU和Memory的requests和limits属性,同时满足 cpu.requestes=cpu.limits 且memory.requestes=memory.limits;优先级最高
  • Burstable:至少有一个设置了CPU和Memory的requests属性;优先级为中级
  • BestEffort:没有任何一个容器设置了reques或limits属性,优先级最低; 
  • 当资源不够用时,BestEffort属性的容器会首先被终止以满足更高级别的容器运行
  • 同级别的容器会首先终止资源占用量比例大的;  limits1G,实际使用500M 与 limit512M,实际使用500M,第二个容器会被干掉

♦  kubectl top  xxxpod  获取资源使用量;依赖于资源指标搜集、存储工具

♦  cAdvisor    kubelet内建组件,专门用来收集当前节点上各pod上各容器和节点级系统指标,功能开启后运行在4191端口

♦  HeapSter    专门收集cAdvisor采集到的数据,可以创建一个pod运行heapster,数据存储到influxDB,使用grfana接入influxDB展示历史数据

HeapSter+InfluxDB+Grafana:

Warming:  heapster在1.12版本完全废弃了;从1.10版本开始将heapter替换为Metrics Server; 下面的安装方法是修改后的安装方案

下载 influxdb+headster+grafana配置文件
wget https://raw.githubusercontent.com/kubernetes-retired/heapster/master/deploy/kube-config/influxdb/grafana.yaml
wget https://raw.githubusercontent.com/kubernetes-retired/heapster/master/deploy/kube-config/influxdb/heapster.yaml
wget https://raw.githubusercontent.com/kubernetes-retired/heapster/master/deploy/kube-config/influxdb/influxdb.yaml
下载 headster rabc配置文件
wget https://raw.githubusercontent.com/kubernetes-retired/heapster/master/deploy/kube-config/rbac/heapster-rbac.yaml

修改yaml文件:
influxdb.yaml:
 1 apiVersion: apps/v1
 2 kind: Deployment
 3 metadata:
 4   name: monitoring-influxdb
 5   namespace: kube-system
 6 spec:
 7   replicas: 1
 8   selector:
 9     matchLabels:
10       task: monitoring
11       k8s-app: influxdb
12   template:
13     metadata:
14       labels:
15         task: monitoring
16         k8s-app: influxdb
17     spec:
18       containers:
19       - name: influxdb
20         image: k8s.gcr.io/heapster-influxdb-amd64:v1.5.2
21         volumeMounts:
22         - mountPath: /data
23           name: influxdb-storage
24       volumes:
25       - name: influxdb-storage
26         emptyDir: {}
27 ---
28 apiVersion: v1
29 kind: Service
30 metadata:
31   labels:
32     task: monitoring
33     # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)
34     # If you are NOT using this as an addon, you should comment out this line.
35     kubernetes.io/cluster-service: 'true'
36     kubernetes.io/name: monitoring-influxdb
37   name: monitoring-influxdb
38   namespace: kube-system
39 spec:
40   ports:
41   - port: 8086
42     targetPort: 8086
43   selector:
44     k8s-app: influxdb
View Code
heapter-rbac.yaml:
 1 kind: ClusterRoleBinding
 2 apiVersion: rbac.authorization.k8s.io/v1beta1
 3 metadata:
 4   name: heapster
 5 roleRef:
 6   apiGroup: rbac.authorization.k8s.io
 7   kind: ClusterRole
 8   name: system:heapster
 9 subjects:
10 - kind: ServiceAccount
11   name: heapster
12   namespace: kube-system
13 ---
14 kind: ClusterRoleBinding
15 apiVersion: rbac.authorization.k8s.io/v1beta1
16 metadata:
17   name: heapster-kubelet-api
18 roleRef:
19   apiGroup: rbac.authorization.k8s.io
20   kind: ClusterRole
21   name: system:kubelet-api-admin
22 subjects:
23 - kind: ServiceAccount
24   name: heapster
25   namespace: kube-system
View Code
heapter.yaml:
 1 apiVersion: v1
 2 kind: ServiceAccount
 3 metadata:
 4   name: heapster
 5   namespace: kube-system
 6 ---
 7 apiVersion: apps/v1
 8 kind: Deployment
 9 metadata:
10   name: heapster
11   namespace: kube-system
12 spec:
13   replicas: 1
14   selector:
15     matchLabels:
16       task: monitoring
17       k8s-app: heapster
18   template:
19     metadata:
20       labels:
21         task: monitoring
22         k8s-app: heapster
23     spec:
24       serviceAccountName: heapster
25       containers:
26       - name: heapster
27         image: k8s.gcr.io/heapster-amd64:v1.5.4
28         imagePullPolicy: IfNotPresent
29         command:
30         - /heapster
31         #- --source=kubernetes:https://kubernetes.default
32         #Because kubelet has https enabled, the following configuration requires an https port.modify to the next
33         - --source=kubernetes:https://kubernetes.default?kubeletHttps=true&kubeletPort=10250&insecure=true
34         - --sink=influxdb:http://monitoring-influxdb.kube-system.svc:8086
35 ---
36 apiVersion: v1
37 kind: Service
38 metadata:
39   labels:
40     task: monitoring
41     # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)
42     # If you are NOT using this as an addon, you should comment out this line.
43     kubernetes.io/cluster-service: 'true'
44     kubernetes.io/name: Heapster
45   name: heapster
46   namespace: kube-system
47 spec:
48   ports:
49   - port: 80
50     targetPort: 8082
51   selector:
52     k8s-app: heapster
View Code
grafana.yaml:
 1 apiVersion: apps/v1
 2 kind: Deployment
 3 metadata:
 4   name: monitoring-grafana
 5   namespace: kube-system
 6 spec:
 7   replicas: 1
 8   selector:
 9     matchLabels:
10       task: monitoring
11       k8s-app: grafana
12   template:
13     metadata:
14       labels:
15         task: monitoring
16         k8s-app: grafana
17     spec:
18       containers:
19       - name: grafana
20         image: k8s.gcr.io/heapster-grafana-amd64:v5.0.4
21         ports:
22         - containerPort: 3000
23           protocol: TCP
24         volumeMounts:
25         - mountPath: /etc/ssl/certs
26           name: ca-certificates
27           readOnly: true
28         - mountPath: /var
29           name: grafana-storage
30         env:
31         - name: INFLUXDB_HOST
32           value: monitoring-influxdb
33         - name: GF_SERVER_HTTP_PORT
34           value: "3000"
35           # The following env variables are required to make Grafana accessible via
36           # the kubernetes api-server proxy. On production clusters, we recommend
37           # removing these env variables, setup auth for grafana, and expose the grafana
38           # service using a LoadBalancer or a public IP.
39         - name: GF_AUTH_BASIC_ENABLED
40           value: "false"
41         - name: GF_AUTH_ANONYMOUS_ENABLED
42           value: "true"
43         - name: GF_AUTH_ANONYMOUS_ORG_ROLE
44           value: Admin
45         - name: GF_SERVER_ROOT_URL
46           # If you're only using the API Server proxy, set this value instead:
47           # value: /api/v1/namespaces/kube-system/services/monitoring-grafana/proxy
48           value: /
49       volumes:
50       - name: ca-certificates
51         hostPath:
52           path: /etc/ssl/certs
53       - name: grafana-storage
54         emptyDir: {}
55 ---
56 apiVersion: v1
57 kind: Service
58 metadata:
59   labels:
60     # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)
61     # If you are NOT using this as an addon, you should comment out this line.
62     kubernetes.io/cluster-service: 'true'
63     kubernetes.io/name: monitoring-grafana
64   name: monitoring-grafana
65   namespace: kube-system
66 spec:
67   # In a production setup, we recommend accessing Grafana through an external Loadbalancer
68   # or through a public IP.
69   # type: LoadBalancer
70   # You could also use NodePort to expose the service at a randomly-generated port
71   # type: NodePort
72   ports:
73   - port: 80
74     targetPort: 3000
75   type: NodePort   #public access
76   selector:
77     k8s-app: grafana
View Code

kubectl apply -f influxdb.yaml
kubectl apply -f heapster-rbac.yaml
kubectl apply -f heapster.yaml
kubectl apply -f grafana.yaml  #应用之前需要把service中添加type: NodePort 这样才被被外部访问
kubectl get svc -n kube-system

最后就可以使用svc暴露出来的端口访问grafana图形界面了: http:://nodeip:30288

 

部署HeapSter之后就可以使用kubectl top  参看node系统信息了:

 

♦ Grafana可以区官方dashboard区下载已经设计好的面板然后导入

 

posted @ 2019-08-08 16:43  阿拉米苏  阅读(531)  评论(0编辑  收藏  举报