Untuk memonitor penggunaan CPU dan memory di kubernetes, kita bisa menggunakan metric-server, yang harus di install terlebih dahulu, karena belum terinstall secara default.

Install Metric Server di Kubernetes

Install dengan kubectl

kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.4.1/components.yaml

cek status

$ kubectl get pods -n kube-system 
NAME                                      READY   STATUS             RESTARTS   AGE
calico-kube-controllers-cf9b995f6-lhl29   1/1     Running            0          82m
calico-node-bj5wg                         1/1     Running            0          81m
coredns-7674cdb774-rv5jn                  1/1     Running            0          82m
coredns-7674cdb774-rwshq                  1/1     Running            0          82m
csi-linode-controller-0                   4/4     Running            0          82m
csi-linode-node-twtdz                     2/2     Running            0          80m
kube-proxy-jct57                          1/1     Running            0          81m
metrics-server-59ff97d56-cc7kn            0/1     CrashLoopBackOff   5          4m24s

bila status metric-server-xxx CrashLoopBackOff atau restart terus menerus, cek status metric-server tersebut. Cek log metric server

kubectl logs -n kube-system deploy/metrics-server
# output
I1121 07:05:08.146261       1 secure_serving.go:197] Serving securely on [::]:4443
I1121 07:05:08.146488       1 requestheader_controller.go:169] Starting RequestHeaderAuthRequestController
I1121 07:05:08.146530       1 shared_informer.go:240] Waiting for caches to sync for RequestHeaderAuthRequestController
I1121 07:05:08.146561       1 dynamic_serving_content.go:130] Starting serving-cert::/tmp/apiserver.crt::/tmp/apiserver.key
I1121 07:05:08.146616       1 tlsconfig.go:240] Starting DynamicServingCertificateController
I1121 07:05:08.146694       1 configmap_cafile_content.go:202] Starting client-ca::kube-system::extension-apiserver-authentication::client-ca-file
I1121 07:05:08.146727       1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::client-ca-file
I1121 07:05:08.146774       1 configmap_cafile_content.go:202] Starting client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
I1121 07:05:08.146797       1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
E1121 07:05:08.151841       1 server.go:132] unable to fully scrape metrics: unable to fully scrape metrics from node lke13786-16949-5fb8a6429c4f: unable to fetch metrics from node lke13786-16949-5fb8a6429c4f: Get "https://192.168.139.170:10250/stats/summary?only_cpu_and_memory=true": x509: cannot validate certificate for 192.168.139.170 because it doesn't contain any IP SANs
I1121 07:05:08.246650       1 shared_informer.go:247] Caches are synced for RequestHeaderAuthRequestController 
I1121 07:05:08.246873       1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file 
I1121 07:05:08.246899       1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::client-ca-file 
I1121 07:05:37.582723       1 configmap_cafile_content.go:223] Shutting down client-ca::kube-system::extension-apiserver-authentication::client-ca-file
I1121 07:05:37.582740       1 configmap_cafile_content.go:223] Shutting down client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
I1121 07:05:37.582746       1 requestheader_controller.go:183] Shutting down RequestHeaderAuthRequestController
I1121 07:05:37.582898       1 tlsconfig.go:255] Shutting down DynamicServingCertificateController
I1121 07:05:37.582906       1 dynamic_serving_content.go:145] Shutting down serving-cert::/tmp/apiserver.crt::/tmp/apiserver.key
I1121 07:05:37.582927       1 secure_serving.go:241] Stopped listening on [::]:4443

dari log diatas kita bisa lihat bahwa service tersebut tidak bisa diakses karena ada error sewaktu mengakses API server, solusinya adalah di component.yaml tambahkan - --kubelet-insecure-tls dibagian arguments sehingga menjadi

  - args:
    - --cert-dir=/tmp
    - --secure-port=4443
    - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
    - --kubelet-use-node-status-port
    # - --enable-aggregator-routing=true
    - --kubelet-insecure-tls

aplikasikan perubahan

kubectl apply -f component.yaml

cek statusnya

kubectl get pods -n kube-system
# output
NAME                                      READY   STATUS    RESTARTS   AGE
calico-kube-controllers-cf9b995f6-lhl29   1/1     Running   0          106m
calico-node-bj5wg                         1/1     Running   0          105m
coredns-7674cdb774-rv5jn                  1/1     Running   0          106m
coredns-7674cdb774-rwshq                  1/1     Running   0          106m
csi-linode-controller-0                   4/4     Running   0          106m
csi-linode-node-twtdz                     2/2     Running   0          104m
kube-proxy-jct57                          1/1     Running   0          105m
metrics-server-897ffcfbf-br98x            1/1     Running   0          81s

service metrics tersebut sudah berjalan dengan normal.

Tulisan menarik lainnya

Leave a comment

Your email address will not be published. Required fields are marked *