diff --git a/cluster/addons/metrics-server/auth-delegator.yaml b/cluster/addons/metrics-server/auth-delegator.yaml new file mode 100644 index 0000000000..109f55f2e6 --- /dev/null +++ b/cluster/addons/metrics-server/auth-delegator.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: metrics-server:system:auth-delegator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:auth-delegator +subjects: +- kind: ServiceAccount + name: metrics-server + namespace: kube-system diff --git a/cluster/addons/metrics-server/auth-reader.yaml b/cluster/addons/metrics-server/auth-reader.yaml new file mode 100644 index 0000000000..9eff1294e0 --- /dev/null +++ b/cluster/addons/metrics-server/auth-reader.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: metrics-server-auth-reader + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: +- kind: ServiceAccount + name: metrics-server + namespace: kube-system diff --git a/cluster/addons/metrics-server/metrics-apiservice.yaml b/cluster/addons/metrics-server/metrics-apiservice.yaml new file mode 100644 index 0000000000..088045113b --- /dev/null +++ b/cluster/addons/metrics-server/metrics-apiservice.yaml @@ -0,0 +1,13 @@ +apiVersion: apiregistration.k8s.io/v1beta1 +kind: APIService +metadata: + name: v1alpha1.metrics +spec: + service: + name: metrics-server + namespace: kube-system + group: metrics + version: v1alpha1 + insecureSkipTLSVerify: true + groupPriorityMinimum: 100 + versionPriority: 100 diff --git a/cluster/addons/metrics-server/metrics-server-deployment.yaml b/cluster/addons/metrics-server/metrics-server-deployment.yaml new file mode 100644 index 0000000000..4e0d10f857 --- /dev/null +++ b/cluster/addons/metrics-server/metrics-server-deployment.yaml @@ -0,0 +1,42 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: metrics-server + namespace: kube-system +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: metrics-server + namespace: kube-system + labels: + k8s-app: metrics-server +spec: + selector: + matchLabels: + k8s-app: metrics-server + template: + metadata: + name: metrics-server + labels: + k8s-app: metrics-server + spec: + serviceAccountName: metrics-server + containers: + - name: metrics-server + image: gcr.io/google_containers/metrics-server-amd64:dev + imagePullPolicy: Always + # TODO(piosz): revisit resources + resources: + requests: + memory: 100Mi + command: + - /metrics-server + - --source=kubernetes.summary_api:'' + ports: + - containerPort: 443 + name: https + protocol: TCP + tolerations: + - key: "CriticalAddonsOnly" + operator: "Exists" diff --git a/cluster/addons/metrics-server/metrics-server-service.yaml b/cluster/addons/metrics-server/metrics-server-service.yaml new file mode 100644 index 0000000000..fa39073a84 --- /dev/null +++ b/cluster/addons/metrics-server/metrics-server-service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: metrics-server + namespace: kube-system + labels: + kubernetes.io/name: "Metrics-server" +spec: + selector: + k8s-app: metrics-server + ports: + - port: 443 + protocol: TCP + targetPort: https diff --git a/cluster/common.sh b/cluster/common.sh index 669e520483..0b2d7437d9 100755 --- a/cluster/common.sh +++ b/cluster/common.sh @@ -619,6 +619,7 @@ SERVICE_CLUSTER_IP_RANGE: $(yaml-quote ${SERVICE_CLUSTER_IP_RANGE}) KUBERNETES_MASTER_NAME: $(yaml-quote ${KUBERNETES_MASTER_NAME}) ALLOCATE_NODE_CIDRS: $(yaml-quote ${ALLOCATE_NODE_CIDRS:-false}) ENABLE_CLUSTER_MONITORING: $(yaml-quote ${ENABLE_CLUSTER_MONITORING:-none}) +ENABLE_METRICS_SERVER: $(yaml-quote ${ENABLE_METRICS_SERVER:-false}) DOCKER_REGISTRY_MIRROR_URL: $(yaml-quote ${DOCKER_REGISTRY_MIRROR_URL:-}) ENABLE_L7_LOADBALANCING: $(yaml-quote ${ENABLE_L7_LOADBALANCING:-none}) ENABLE_CLUSTER_LOGGING: $(yaml-quote ${ENABLE_CLUSTER_LOGGING:-false}) diff --git a/cluster/gce/config-default.sh b/cluster/gce/config-default.sh index f36066d076..f39b7b3023 100755 --- a/cluster/gce/config-default.sh +++ b/cluster/gce/config-default.sh @@ -123,6 +123,12 @@ ENABLE_L7_LOADBALANCING="${KUBE_ENABLE_L7_LOADBALANCING:-glbc}" # standalone - Heapster only. Metrics available via Heapster REST API. ENABLE_CLUSTER_MONITORING="${KUBE_ENABLE_CLUSTER_MONITORING:-influxdb}" +# Optional: Enable Metrics Server. Metrics Server should be enable everywhere, +# since it's a critical component, but in the first release we need a way to disable +# this in case of stability issues. +# TODO(piosz) remove this option once Metrics Server became a stable thing. +ENABLE_METRICS_SERVER="${KUBE_ENABLE_METRICS_SERVER:-true}" + # One special node out of NUM_NODES would be created of this type if specified. # Useful for scheduling heapster in large clusters with nodes of small size. HEAPSTER_MACHINE_TYPE="${HEAPSTER_MACHINE_TYPE:-}" diff --git a/cluster/gce/config-test.sh b/cluster/gce/config-test.sh index c8ef2496fb..ea86d3bfb8 100755 --- a/cluster/gce/config-test.sh +++ b/cluster/gce/config-test.sh @@ -134,6 +134,12 @@ ENABLE_L7_LOADBALANCING="${KUBE_ENABLE_L7_LOADBALANCING:-glbc}" # standalone - Heapster only. Metrics available via Heapster REST API. ENABLE_CLUSTER_MONITORING="${KUBE_ENABLE_CLUSTER_MONITORING:-influxdb}" +# Optional: Enable Metrics Server. Metrics Server should be enable everywhere, +# since it's a critical component, but in the first release we need a way to disable +# this in case of stability issues. +# TODO(piosz) remove this option once Metrics Server became a stable thing. +ENABLE_METRICS_SERVER="${KUBE_ENABLE_METRICS_SERVER:-true}" + # One special node out of NUM_NODES would be created of this type if specified. # Useful for scheduling heapster in large clusters with nodes of small size. HEAPSTER_MACHINE_TYPE="${HEAPSTER_MACHINE_TYPE:-}" diff --git a/cluster/gce/configure-vm.sh b/cluster/gce/configure-vm.sh index 0999eb11aa..2515e8849b 100755 --- a/cluster/gce/configure-vm.sh +++ b/cluster/gce/configure-vm.sh @@ -420,6 +420,7 @@ enable_node_problem_detector: '$(echo "$ENABLE_NODE_PROBLEM_DETECTOR" | sed -e " enable_l7_loadbalancing: '$(echo "$ENABLE_L7_LOADBALANCING" | sed -e "s/'/''/g")' enable_node_logging: '$(echo "$ENABLE_NODE_LOGGING" | sed -e "s/'/''/g")' enable_metadata_proxy: '$(echo "$ENABLE_METADATA_PROXY" | sed -e "s/'/''/g")' +enable_metrics_server: '$(echo "$ENABLE_METRICS_SERVER" | sed -e "s/'/''/g")' enable_rescheduler: '$(echo "$ENABLE_RESCHEDULER" | sed -e "s/'/''/g")' logging_destination: '$(echo "$LOGGING_DESTINATION" | sed -e "s/'/''/g")' elasticsearch_replicas: '$(echo "$ELASTICSEARCH_LOGGING_REPLICAS" | sed -e "s/'/''/g")' diff --git a/cluster/gce/container-linux/configure-helper.sh b/cluster/gce/container-linux/configure-helper.sh index f4779165f1..6a06615315 100755 --- a/cluster/gce/container-linux/configure-helper.sh +++ b/cluster/gce/container-linux/configure-helper.sh @@ -1312,6 +1312,9 @@ function start-kube-addons { sed -i -e "s@{{ *metrics_cpu_per_node *}}@${metrics_cpu_per_node}@g" "${controller_yaml}" update-prometheus-to-sd-parameters ${controller_yaml} fi + if [[ "${ENABLE_METRICS_SERVER:-}" == "true" ]]; then + setup-addon-manifests "addons" "metrics-server" + fi if [[ "${ENABLE_CLUSTER_DNS:-}" == "true" ]]; then setup-addon-manifests "addons" "dns" local -r dns_controller_file="${dst_dir}/dns/kubedns-controller.yaml" diff --git a/cluster/gce/gci/configure-helper.sh b/cluster/gce/gci/configure-helper.sh index 863a2d6bac..757e57ef03 100644 --- a/cluster/gce/gci/configure-helper.sh +++ b/cluster/gce/gci/configure-helper.sh @@ -1740,6 +1740,9 @@ function start-kube-addons { sed -i -e "s@{{ *metrics_cpu_per_node *}}@${metrics_cpu_per_node}@g" "${controller_yaml}" update-prometheus-to-sd-parameters ${controller_yaml} fi + if [[ "${ENABLE_METRICS_SERVER:-}" == "true" ]]; then + setup-addon-manifests "addons" "metrics-server" + fi if [[ "${ENABLE_CLUSTER_DNS:-}" == "true" ]]; then setup-addon-manifests "addons" "dns" local -r dns_controller_file="${dst_dir}/dns/kubedns-controller.yaml"