网站建设招标 报告,海外网网址,网站建设项目需求说明书,易语言源码论坛使用Horizontal Pod Autoscaler (HPA)
实验目标#xff1a; 学习如何使用 HPA 实现自动扩展。
实验步骤#xff1a;
创建一个 Deployment#xff0c;并设置 CPU 或内存的资源请求。创建一个 HPA#xff0c;设置扩展策略。生成负载#xff0c;观察 HPA 如何自动扩展 Pod…使用Horizontal Pod Autoscaler (HPA)
实验目标 学习如何使用 HPA 实现自动扩展。
实验步骤
创建一个 Deployment并设置 CPU 或内存的资源请求。创建一个 HPA设置扩展策略。生成负载观察 HPA 如何自动扩展 Pod 数量。 今天继续我们k8s未做完的实验如何使用 HPA 实现自动扩展
创建
1、创建namespace
kubectl create namespace nginx-hpa2、创建deployment
# /kubeapi/data/project5/nginx-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:name: nginx-hpa
spec:replicas: 1selector:matchLabels:app: nginx-hpatemplate:metadata:labels:app: nginx-hpaspec:containers:- name: nginx-hpaimage: nginx:1.18ports:- containerPort: 80resources:requests:cpu: 10mlimits:cpu: 20m应用此Deployment
kubectl apply -f nginx-hpa.yaml顺带创建一下service
kubectl create service nodeport nginx-hpa --tcp80:80 -n nginx-hpa3、创建HPA
# /kubeapi/data/project5/nginx-hpa.yaml
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:name: nginx-hpanamespace: nginx-hpa
spec:scaleTargetRef:apiVersion: apps/v1kind: Deploymentname: nginxminReplicas: 1maxReplicas: 10metrics:- type: Resourceresource:name: cputarget:type: UtilizationaverageUtilization: 1应用此HPA
kubectl apply -f nginx-hpa.yaml4、生成负载以观察自动扩展效果
从上边的图片我们可以看到hpa实际并没有获取到资源的使用率 这里我们先安装一下 Metrics Server
curl -LO https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml编辑 components.yaml ,建议直接复制替换掉之前的文件内容。需要修改的地方我都有标注 需要替换的原因就是Metrics Server 遇到的主要问题是无法验证节点证书的 x509 错误因为节点的证书中不包含任何 IP SANsSubject Alternative Names。这是一个常见的问题尤其是在使用自签名证书的 Kubernetes 集群中。为了解决这个问题可以调整 Metrics Server 的配置使其忽略证书验证 apiVersion: v1
kind: ServiceAccount
metadata:labels:k8s-app: metrics-servername: metrics-servernamespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:labels:k8s-app: metrics-serverrbac.authorization.k8s.io/aggregate-to-admin: truerbac.authorization.k8s.io/aggregate-to-edit: truerbac.authorization.k8s.io/aggregate-to-view: truename: system:aggregated-metrics-reader
rules:
- apiGroups:- metrics.k8s.ioresources:- pods- nodesverbs:- get- list- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:labels:k8s-app: metrics-servername: system:metrics-server
rules:
- apiGroups:- resources:- nodes/metricsverbs:- get
- apiGroups:- resources:- pods- nodesverbs:- get- list- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:labels:k8s-app: metrics-servername: metrics-server-auth-readernamespace: kube-system
roleRef:apiGroup: rbac.authorization.k8s.iokind: Rolename: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccountname: metrics-servernamespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:labels:k8s-app: metrics-servername: metrics-server:system:auth-delegator
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: system:auth-delegator
subjects:
- kind: ServiceAccountname: metrics-servernamespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:labels:k8s-app: metrics-servername: system:metrics-server
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: system:metrics-server
subjects:
- kind: ServiceAccountname: metrics-servernamespace: kube-system
---
apiVersion: v1
kind: Service
metadata:labels:k8s-app: metrics-servername: metrics-servernamespace: kube-system
spec:ports:- name: httpsport: 443protocol: TCPtargetPort: httpsselector:k8s-app: metrics-server
---
apiVersion: apps/v1
kind: Deployment
metadata:labels:k8s-app: metrics-servername: metrics-servernamespace: kube-system
spec:selector:matchLabels:k8s-app: metrics-serverstrategy:rollingUpdate:maxUnavailable: 0template:metadata:labels:k8s-app: metrics-serverspec:containers:- args:- --cert-dir/tmp- --secure-port10250- --kubelet-preferred-address-typesInternalIP,ExternalIP,Hostname- --kubelet-use-node-status-port- --metric-resolution15s- --kubelet-insecure-tls # 添加此行image: registry.k8s.io/metrics-server/metrics-server:v0.7.1imagePullPolicy: IfNotPresentlivenessProbe:failureThreshold: 3httpGet:path: /livezport: httpsscheme: HTTPSperiodSeconds: 10name: metrics-serverports:- containerPort: 10250name: httpsprotocol: TCPreadinessProbe:failureThreshold: 3httpGet:path: /readyzport: httpsscheme: HTTPSinitialDelaySeconds: 20periodSeconds: 10resources:requests:cpu: 100mmemory: 200MisecurityContext:allowPrivilegeEscalation: falsecapabilities:drop:- ALLreadOnlyRootFilesystem: truerunAsNonRoot: truerunAsUser: 1000seccompProfile:type: RuntimeDefaultvolumeMounts:- mountPath: /tmpname: tmp-dirnodeSelector:kubernetes.io/os: linuxpriorityClassName: system-cluster-criticalserviceAccountName: metrics-servervolumes:- emptyDir: {}name: tmp-dir
---
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:labels:k8s-app: metrics-servername: v1beta1.metrics.k8s.io
spec:group: metrics.k8s.iogroupPriorityMinimum: 100insecureSkipTLSVerify: true # 确保这一行存在service:name: metrics-servernamespace: kube-systemversion: v1beta1versionPriority: 100使用命令应用配置文件
kubectl apply -f components.yaml检查 Metrics Server 部署状态
kubectl get deployment metrics-server -n kube-system
kubectl get pods -n kube-system | grep metrics-server这里部署成功后等待一会我们在检查hpa的状态
kubectl get hpa -n nginx-hpa发现可以看到负载的数据了
使用 kubectl run 命令创建一个 Pod 来生成负载
kubectl run -i --tty load-generator --imagebusybox /bin/sh在 Pod 内运行以下命令生成 CPU 负载
while true; do wget -q -O- http://10.0.0.5:31047; done如果中途退出过容器就删掉重新生成
kubectl delete pod load-generator验证
在生成负载之后再次检查 HPA 和 nginx 部署的状态 检查hpa发现负载已经超过了我们限定的值
kubectl get hpa -n nginx-hpa检查nginx容器数量发现自动增加了9个副本。总数是我们配置文件中maxReplicas: 10规定的最多10个容器
kubectl get pods -n nginx-hpa关闭负载容器后当负载不在高出我们所规定的数值后观察pod数量 这里需要注意的是 如果负载下降后HPA 没有按预期缩减 Pod 数量有可能是配置问题或需要等待一段时间。HPA 的自动缩减行为需要满足一些条件并且通常有一个冷却时间窗口以避免频繁扩缩容导致的不稳定性。这个时间窗口默认是5分钟可以通过以下命令查看配置
kubectl get hpa nginx-hpa -o yaml -n nginx-hpa确保没有手动调整 Deployment 副本数HPA 的调整策略会被手动更改副本数所覆盖。
经过一段时间以后在观察pod的数量发现已经自动缩减到1个 通过以上步骤你应该能看到 HPA 根据 CPU 使用率自动扩展和缩减 Pod 的数量。最初部署时只有一个 Pod但在生成负载后你应该会看到 Pod 的数量增加。当负载减少时Pod 的数量会再次减少。
我是为了实验效果把HPA触发的值调整的很低生产中建议根据实际情况调整
