구축1 : metrics-server 설정

root@ip-172-31-4-27:~# kubectl create -f https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.3.7/components.yaml
clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created
rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created
Warning: apiregistration.k8s.io/v1beta1 APIService is deprecated in v1.19+, unavailable in v1.22+; use apiregistration.k8s.io/v1 APIService
apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created
serviceaccount/metrics-server created
deployment.apps/metrics-server created
service/metrics-server created
clusterrole.rbac.authorization.k8s.io/system:metrics-server created
clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created

pod가 정상적으로 올라왔는지 확인
root@ip-172-31-4-27:~# kubectl -n kube-system get pods | grep metrics
metrics-server-68b849498d-7t5wj          1/1     Running   0          37s

 

deployment 수정

#kubectl -n kube-system edit deployment metrics-server

spec:
   containers:
   - args:
     - --cert-dir=/tmp
     - --secure-port=4443
     - --kubelet-insecure-tls      #@2 lines 추가         
     - --kubelet-preferred-address-types=InternalIP   #@2 lines 추가
     image: k8s.gcr.io/metrics-server-amd64:v0.3.6
     imagePullPolicy: IfNotPresent
     name: metrics-server

 

해당 metrics-server 로그를 확인한다. 에러가 없는지 확인한다.

root@ip-172-31-4-27:~# kubectl -n kube-system logs metrics-server-75f98fdbd5-g99j7 
I1204 05:15:45.506075       1 serving.go:312] Generated self-signed cert (/tmp/apiserver.crt, /tmp/apiserver.key)
I1204 05:15:45.792267       1 secure_serving.go:116] Serving securely on [::]:4443

root@ip-172-31-4-27:~# kubectl top pods --all-namespaces
NAMESPACE              NAME                                         CPU(cores)   MEMORY(bytes)   
calico-system          calico-kube-controllers-5c6f449c6f-w2pwg     1m           12Mi            
calico-system          calico-node-9zjx2                            16m          88Mi            
calico-system          calico-node-nrj94                            17m          91Mi            
calico-system          calico-typha-564cccbfc5-r7pww                1m           16Mi            
calico-system          calico-typha-564cccbfc5-znjsc                1m           17Mi            
default                idolized-mule-mariadb-master-0               2m           81Mi            
default                idolized-mule-mariadb-slave-0                2m           81Mi            
kube-system            coredns-f9fd979d6-5t4g6                      2m           8Mi             
kube-system            coredns-f9fd979d6-r9p5f                      2m           8Mi             
kube-system            etcd-ip-172-31-4-27                          16m          84Mi            
kube-system            kube-apiserver-ip-172-31-4-27                51m          407Mi           
kube-system            kube-controller-manager-ip-172-31-4-27       11m          47Mi            
kube-system            kube-proxy-28mlr                             5m           18Mi            
kube-system            kube-proxy-tn6qw                             3m           18Mi            
kube-system            kube-scheduler-ip-172-31-4-27                4m           15Mi            
kube-system            metrics-server-75f98fdbd5-g99j7              2m           10Mi            
kube-system            tiller-deploy-7b56c8dfb7-tcp8l               1m           7Mi             
kubernetes-dashboard   dashboard-metrics-scraper-7b59f7d4df-nsqn6   1m           4Mi             
kubernetes-dashboard   kubernetes-dashboard-74d688b6bc-sjprt        1m           6Mi             
tigera-operator        tigera-operator-6998c47f45-pzsc7             2m           18Mi  


root@ip-172-31-4-27:~# kubectl top nodes
NAME               CPU(cores)   CPU%   MEMORY(bytes)   MEMORY%   
ip-172-31-13-180   102m         5%     706Mi           18%       
ip-172-31-4-27     205m         10%    1357Mi          35%   

 

구축2 : Configure the Dashboard 구축

root@ip-172-31-4-27:~# kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

#@ svc 확인한다
root@ip-172-31-4-27:~# kubectl get svc --all-namespaces | grep dash
kubernetes-dashboard   dashboard-metrics-scraper     ClusterIP   10.100.63.100   <none>        8000/TCP                 24s
kubernetes-dashboard   kubernetes-dashboard          ClusterIP   10.96.178.195   <none>        443/TCP 

#kubectl -n kubernetes-dashboard edit svc kubernetes-dashboard

selector:
type: NodePort #으로 변경 내부에서 확인하려면 NodePort로 바꿔줘야 한다.
status:

#@ dashboard의 NodePort로 접속테스트를 한다.
root@ip-172-31-4-27:~# kubectl  get svc -n kubernetes-dashboard 
NAME                        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.100.63.100   <none>        8000/TCP        67s
kubernetes-dashboard        NodePort    10.96.178.195   <none>        443:30011/TCP   67s


root@ip-172-31-4-27:~# kubectl create clusterrolebinding kubernetes-dashboard-admin --clusterrole=cluster-admin --serviceaccount=kubernetes-dashboard:kubernetes-dashboard
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-admin created

토큰 기반 Dashboard 접속을 위해

root@ip-172-31-4-27:~# kubectl -n kubernetes-dashboard describe secrets kubernetes-dashboard-token-m99f2 
Name:         kubernetes-dashboard-token-m99f2
Namespace:    kubernetes-dashboard
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: kubernetes-dashboard
kubernetes.io/service-account.uid: 9b3e254d-b87a-40ab-bfed-7e217d15504d

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1066 bytes
namespace:  20 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6ImxoZEdBYnhGY2I2Y2k5N2RYcHBSOThYODNMb1E0ZkpORS1IU2h5Vy0xUU0ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1tOTlmMiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjliM2UyNTRkLWI4N2EtNDBhYi1iZmVkLTdlMjE3ZDE1NTA0ZCIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.cLYvbRTf3uidfPi84BOA8Iw62y27g6I7D8rj8L4wPmbXWNru2ja2Jy6AS81rcPWcn6Yc6hZgk-R1IG4fEGZVhPyedPyeYkG4BOhreVpSo_mY9_3FOxL2OhsvVW_hmDtUFACx1mMRQY-ciHj-ZEFeZsq03BnqIZDjb7pAq0LnJuBONTzr6o9HoOqHlP9egH2JO5pm64NIE__jqxNGr77B3GAwq_f45iMV007nEZ-LWvrb-wLbNO91jBVnk5qGC1Uu_7wR0KdArExpYuWhRIWMqCp2VM3e3hDJnDi8foKf7O4oQuyIMPFix_XQuK1s2GD6b7mHMVSkOqS7HJ5FzPFgBg

 

https://15.165.170.115:30011로 접속하면 가능하다.

'클라우드 컴퓨팅 & NoSQL > k8s' 카테고리의 다른 글

HPA 설정  (0) 2020.12.06
AutoScaling  (0) 2020.12.06
Monitoring  (0) 2020.12.06
statefulset 시나리오  (0) 2020.12.06
statefulset  (0) 2020.12.06

+ Recent posts