Skip to content
This repository was archived by the owner on Apr 29, 2019. It is now read-only.

Commit f80d9b1

Browse files
committed
support the Kubernetes Metrics Server
1 parent 56ebbaa commit f80d9b1

12 files changed

+178
-0
lines changed

.swp

-12 KB
Binary file not shown.

README.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -146,6 +146,10 @@ Most aspects of your cluster setup can be customized with environment variables.
146146

147147
Defaults to `false`.
148148

149+
- **USE_METRICS_SERVER** defines whether to deploy or not the [Kubernetes Metrics Server](https://github.com/kubernetes-incubator/metrics-server)
150+
151+
Defaults to `false`.
152+
149153
- **AUTHORIZATION_MODE** setting this to `RBAC` enables RBAC for the kubernetes cluster.
150154

151155
Defaults to `AlwaysAllow`.

Vagrantfile

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -122,6 +122,7 @@ DNS_DOMAIN = ENV["DNS_DOMAIN"] || "cluster.local"
122122
SERIAL_LOGGING = (ENV["SERIAL_LOGGING"].to_s.downcase == "true")
123123
GUI = (ENV["GUI"].to_s.downcase == "true")
124124
USE_KUBE_UI = (ENV["USE_KUBE_UI"].to_s.downcase == "true") || false
125+
USE_METRICS_SERVER = (ENV["USE_METRICS_SERVER"].to_s.downcase == "true") || false
125126

126127
BOX_TIMEOUT_COUNT = (ENV["BOX_TIMEOUT_COUNT"] || 50).to_i
127128

@@ -362,6 +363,18 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
362363

363364
info "Kubernetes Dashboard will be available at http://#{MASTER_IP}:8080/ui/"
364365
end
366+
367+
if USE_METRICS_SERVER
368+
info "Configuring Kubernetes Metrics Server..."
369+
370+
if OS.windows?
371+
run_remote "/opt/bin/kubectl apply -f /home/core/metrics-server/"
372+
else
373+
system "kubectl apply -f plugins/metrics-server/"
374+
end
375+
376+
info "Kubernetes Metrics Server will be available at http://#{MASTER_IP}:8080/apis/metrics.k8s.io/"
377+
end
365378
end
366379

367380
# copy setup files to master vm if host is windows
@@ -377,6 +390,10 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
377390
kHost.vm.provision :file, :source => File.join(File.dirname(__FILE__), "plugins/dashboard/dashboard-rbac.yaml"), :destination => "/home/core/dashboard-rbac.yaml"
378391
kHost.vm.provision :file, :source => File.join(File.dirname(__FILE__), "plugins/dashboard/dashboard.yaml"), :destination => "/home/core/dashboard.yaml"
379392
end
393+
394+
if USE_METRICS_SERVER
395+
kHost.vm.provision :file, :source => File.join(File.dirname(__FILE__), "plugins/dashboard/metrics-server"), :destination => "/home/core/metrics-server"
396+
end
380397
end
381398

382399
# clean temp directory after master is destroyed

manifests/master-apiserver-rbac.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,13 @@ spec:
2424
- --tls-private-key-file=/etc/kubernetes/ssl/apiserver-key.pem
2525
- --client-ca-file=/etc/kubernetes/ssl/ca.pem
2626
- --service-account-key-file=/etc/kubernetes/ssl/apiserver-key.pem
27+
- --proxy-client-cert-file=/etc/kubernetes/ssl/apiserver.pem
28+
- --proxy-client-key-file=/etc/kubernetes/ssl/apiserver-key.pem
29+
- --requestheader-allowed-names=
30+
- --requestheader-client-ca-file=/etc/kubernetes/ssl/ca.pem
31+
- --requestheader-extra-headers-prefix=X-Remote-Extra-
32+
- --requestheader-group-headers=X-Remote-Group
33+
- --requestheader-username-headers=X-Remote-User
2734
- --runtime-config=extensions/v1beta1=true,networking.k8s.io/v1,batch/v2alpha1=true,admissionregistration.k8s.io/v1alpha1=true
2835
- --authorization-mode=RBAC
2936
ports:

manifests/master-apiserver.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,13 @@ spec:
2424
- --tls-private-key-file=/etc/kubernetes/ssl/apiserver-key.pem
2525
- --client-ca-file=/etc/kubernetes/ssl/ca.pem
2626
- --service-account-key-file=/etc/kubernetes/ssl/apiserver-key.pem
27+
- --proxy-client-cert-file=/etc/kubernetes/ssl/apiserver.pem
28+
- --proxy-client-key-file=/etc/kubernetes/ssl/apiserver-key.pem
29+
- --requestheader-allowed-names=
30+
- --requestheader-client-ca-file=/etc/kubernetes/ssl/ca.pem
31+
- --requestheader-extra-headers-prefix=X-Remote-Extra-
32+
- --requestheader-group-headers=X-Remote-Group
33+
- --requestheader-username-headers=X-Remote-User
2734
ports:
2835
- containerPort: 443
2936
hostPort: 443
Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
kind: ClusterRole
2+
apiVersion: rbac.authorization.k8s.io/v1
3+
metadata:
4+
name: system:aggregated-metrics-reader
5+
labels:
6+
rbac.authorization.k8s.io/aggregate-to-view: "true"
7+
rbac.authorization.k8s.io/aggregate-to-edit: "true"
8+
rbac.authorization.k8s.io/aggregate-to-admin: "true"
9+
rules:
10+
- apiGroups: ["metrics.k8s.io"]
11+
resources: ["pods"]
12+
verbs: ["get", "list", "watch"]
Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
---
2+
apiVersion: rbac.authorization.k8s.io/v1beta1
3+
kind: ClusterRoleBinding
4+
metadata:
5+
name: metrics-server:system:auth-delegator
6+
roleRef:
7+
apiGroup: rbac.authorization.k8s.io
8+
kind: ClusterRole
9+
name: system:auth-delegator
10+
subjects:
11+
- kind: ServiceAccount
12+
name: metrics-server
13+
namespace: kube-system
Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
---
2+
apiVersion: rbac.authorization.k8s.io/v1beta1
3+
kind: RoleBinding
4+
metadata:
5+
name: metrics-server-auth-reader
6+
namespace: kube-system
7+
roleRef:
8+
apiGroup: rbac.authorization.k8s.io
9+
kind: Role
10+
name: extension-apiserver-authentication-reader
11+
subjects:
12+
- kind: ServiceAccount
13+
name: metrics-server
14+
namespace: kube-system
Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
---
2+
apiVersion: apiregistration.k8s.io/v1beta1
3+
kind: APIService
4+
metadata:
5+
name: v1beta1.metrics.k8s.io
6+
spec:
7+
service:
8+
name: metrics-server
9+
namespace: kube-system
10+
group: metrics.k8s.io
11+
version: v1beta1
12+
insecureSkipTLSVerify: true
13+
groupPriorityMinimum: 100
14+
versionPriority: 100
Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
---
2+
apiVersion: v1
3+
kind: ServiceAccount
4+
metadata:
5+
name: metrics-server
6+
namespace: kube-system
7+
---
8+
apiVersion: extensions/v1beta1
9+
kind: Deployment
10+
metadata:
11+
name: metrics-server
12+
namespace: kube-system
13+
labels:
14+
k8s-app: metrics-server
15+
spec:
16+
selector:
17+
matchLabels:
18+
k8s-app: metrics-server
19+
template:
20+
metadata:
21+
name: metrics-server
22+
labels:
23+
k8s-app: metrics-server
24+
spec:
25+
serviceAccountName: metrics-server
26+
volumes:
27+
# mount in tmp so we can safely use from-scratch images and/or read-only containers
28+
- name: tmp-dir
29+
emptyDir: {}
30+
containers:
31+
- name: metrics-server
32+
image: k8s.gcr.io/metrics-server-amd64:v0.3.1
33+
imagePullPolicy: Always
34+
volumeMounts:
35+
- name: tmp-dir
36+
mountPath: /tmp
37+

0 commit comments

Comments
 (0)