feat: upgrade metrics server to v0.5.2 (#8338)

Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
This commit is contained in:
cyril-corbon 2022-01-07 17:18:33 +01:00 committed by GitHub
parent 6abae713f7
commit cd601c77c7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 9 additions and 89 deletions

View file

@ -14,10 +14,10 @@ registry_enabled: false
# Metrics Server deployment # Metrics Server deployment
metrics_server_enabled: false metrics_server_enabled: false
# metrics_server_resizer: false # metrics_server_container_port: 4443
# metrics_server_kubelet_insecure_tls: true # metrics_server_kubelet_insecure_tls: true
# metrics_server_metric_resolution: 15s # metrics_server_metric_resolution: 15s
# metrics_server_kubelet_preferred_address_types: "InternalIP" # metrics_server_kubelet_preferred_address_types: "InternalIP,ExternalIP,Hostname"
# Rancher Local Path Provisioner # Rancher Local Path Provisioner
local_path_provisioner_enabled: false local_path_provisioner_enabled: false

View file

@ -572,7 +572,7 @@ dnsautoscaler_image_tag: "{{ dnsautoscaler_version }}"
registry_image_repo: "{{ docker_image_repo }}/library/registry" registry_image_repo: "{{ docker_image_repo }}/library/registry"
registry_image_tag: "2.7.1" registry_image_tag: "2.7.1"
metrics_server_version: "v0.5.0" metrics_server_version: "v0.5.2"
metrics_server_image_repo: "{{ kube_image_repo }}/metrics-server/metrics-server" metrics_server_image_repo: "{{ kube_image_repo }}/metrics-server/metrics-server"
metrics_server_image_tag: "{{ metrics_server_version }}" metrics_server_image_tag: "{{ metrics_server_version }}"
local_volume_provisioner_image_repo: "{{ kube_image_repo }}/sig-storage/local-volume-provisioner" local_volume_provisioner_image_repo: "{{ kube_image_repo }}/sig-storage/local-volume-provisioner"

View file

@ -1,18 +1,9 @@
--- ---
# metrics_server_resizer only effective in arch amd64 metrics_server_container_port: 4443
metrics_server_resizer: false
metrics_server_kubelet_insecure_tls: true metrics_server_kubelet_insecure_tls: true
metrics_server_kubelet_preferred_address_types: "InternalIP" metrics_server_kubelet_preferred_address_types: "InternalIP,ExternalIP,Hostname"
metrics_server_metric_resolution: 15s metrics_server_metric_resolution: 15s
metrics_server_cpu: 190m
metrics_server_memory: 180Mi
metrics_server_memory_per_node: 2Mi
metrics_server_min_cluster_size: 10
metrics_server_limits_cpu: 100m metrics_server_limits_cpu: 100m
metrics_server_limits_memory: 200Mi metrics_server_limits_memory: 200Mi
metrics_server_requests_cpu: 100m metrics_server_requests_cpu: 100m
metrics_server_requests_memory: 200Mi metrics_server_requests_memory: 200Mi
addon_resizer_limits_cpu: 40m
addon_resizer_limits_memory: 25Mi
addon_resizer_requests_cpu: 40m
addon_resizer_requests_memory: 25Mi

View file

@ -4,12 +4,6 @@
set_fact: set_fact:
masters_are_not_tainted: "{{ groups['kube_node'] | intersect(groups['kube_control_plane']) == groups['kube_control_plane'] }}" masters_are_not_tainted: "{{ groups['kube_node'] | intersect(groups['kube_control_plane']) == groups['kube_control_plane'] }}"
- name: check host_architecture is amd64 for metrics_server_resizer
assert:
that: host_architecture == "amd64"
msg: "metrics_server_resizer is not available on other architectures than amd64"
when: metrics_server_resizer
- name: Metrics Server | Delete addon dir - name: Metrics Server | Delete addon dir
file: file:
path: "{{ kube_config_dir }}/addons/metrics_server" path: "{{ kube_config_dir }}/addons/metrics_server"
@ -34,7 +28,6 @@
metrics_server_templates: metrics_server_templates:
- { name: auth-delegator, file: auth-delegator.yaml, type: clusterrolebinding } - { name: auth-delegator, file: auth-delegator.yaml, type: clusterrolebinding }
- { name: auth-reader, file: auth-reader.yaml, type: rolebinding } - { name: auth-reader, file: auth-reader.yaml, type: rolebinding }
- { name: metrics-server-cm, file: metrics-server-cm.yaml, type: cm }
- { name: metrics-server-sa, file: metrics-server-sa.yaml, type: sa } - { name: metrics-server-sa, file: metrics-server-sa.yaml, type: sa }
- { name: metrics-server-deployment, file: metrics-server-deployment.yaml, type: deploy } - { name: metrics-server-deployment, file: metrics-server-deployment.yaml, type: deploy }
- { name: metrics-server-service, file: metrics-server-service.yaml, type: service } - { name: metrics-server-service, file: metrics-server-service.yaml, type: service }

View file

@ -1,12 +0,0 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: metrics-server-config
namespace: kube-system
labels:
addonmanager.kubernetes.io/mode: EnsureExists
data:
NannyConfiguration: |-
apiVersion: nannyconfig/v1alpha1
kind: NannyConfiguration

View file

@ -34,7 +34,7 @@ spec:
args: args:
- --logtostderr - --logtostderr
- --cert-dir=/tmp - --cert-dir=/tmp
- --secure-port=443 - --secure-port={{ metrics_server_container_port }}
{% if metrics_server_kubelet_preferred_address_types %} {% if metrics_server_kubelet_preferred_address_types %}
- --kubelet-preferred-address-types={{ metrics_server_kubelet_preferred_address_types }} - --kubelet-preferred-address-types={{ metrics_server_kubelet_preferred_address_types }}
{% endif %} {% endif %}
@ -44,7 +44,7 @@ spec:
{% endif %} {% endif %}
- --metric-resolution={{ metrics_server_metric_resolution }} - --metric-resolution={{ metrics_server_metric_resolution }}
ports: ports:
- containerPort: 443 - containerPort: {{ metrics_server_container_port }}
name: https name: https
protocol: TCP protocol: TCP
volumeMounts: volumeMounts:
@ -67,13 +67,11 @@ spec:
failureThreshold: 3 failureThreshold: 3
initialDelaySeconds: 40 initialDelaySeconds: 40
securityContext: securityContext:
capabilities:
drop: ["all"]
add: ["NET_BIND_SERVICE"]
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
runAsGroup: 10001 runAsGroup: 10001
runAsNonRoot: true runAsNonRoot: true
runAsUser: 10001 runAsUser: 10001
allowPrivilegeEscalation: false
resources: resources:
limits: limits:
cpu: {{ metrics_server_limits_cpu }} cpu: {{ metrics_server_limits_cpu }}
@ -81,49 +79,7 @@ spec:
requests: requests:
cpu: {{ metrics_server_requests_cpu }} cpu: {{ metrics_server_requests_cpu }}
memory: {{ metrics_server_requests_memory }} memory: {{ metrics_server_requests_memory }}
{% if metrics_server_resizer %}
- name: metrics-server-nanny
image: {{ addon_resizer_image_repo }}:{{ addon_resizer_image_tag }}
imagePullPolicy: {{ k8s_image_pull_policy }}
resources:
limits:
cpu: {{ addon_resizer_limits_cpu }}
memory: {{ addon_resizer_limits_memory }}
requests:
cpu: {{ addon_resizer_requests_cpu }}
memory: {{ addon_resizer_requests_memory }}
env:
- name: MY_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: MY_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- name: metrics-server-config-volume
mountPath: /etc/config
command:
- /pod_nanny
- --config-dir=/etc/config
- --cpu={{ metrics_server_cpu }}
- --extra-cpu=1m
- --memory={{ metrics_server_memory }}
- --extra-memory={{ metrics_server_memory_per_node }}
- --threshold=5
- --deployment=metrics-server
- --container=metrics-server
- --poll-period=300000
- --estimator=exponential
# Specifies the smallest cluster (defined in number of nodes)
# resources will be scaled to.
- --minClusterSize={{ metrics_server_min_cluster_size }}
{% endif %}
volumes: volumes:
- name: metrics-server-config-volume
configMap:
name: metrics-server-config
- name: tmp - name: tmp
emptyDir: {} emptyDir: {}
{% if not masters_are_not_tainted %} {% if not masters_are_not_tainted %}

View file

@ -7,6 +7,7 @@ metadata:
addonmanager.kubernetes.io/mode: Reconcile addonmanager.kubernetes.io/mode: Reconcile
app.kubernetes.io/name: "metrics-server" app.kubernetes.io/name: "metrics-server"
spec: spec:
type: ClusterIP
selector: selector:
app.kubernetes.io/name: metrics-server app.kubernetes.io/name: metrics-server
ports: ports:

View file

@ -17,12 +17,3 @@ rules:
- get - get
- list - list
- watch - watch
- apiGroups:
- "apps"
resources:
- deployments
verbs:
- get
- list
- update
- watch