Skip to content

Instantly share code, notes, and snippets.

@superseb

superseb/metrics-server-rancher20.md

Last active April 23, 2020 20:38
Show Gist options
  • Star 5 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save superseb/90527bd079feac17f379964f50769e28 to your computer and use it in GitHub Desktop.
Save superseb/90527bd079feac17f379964f50769e28 to your computer and use it in GitHub Desktop.
Download ZIP
Enabling metrics-server on Rancher 2.0
Raw
metrics-server-rancher20.md

Enabling metrics-server on Rancher 2.0

IMPORTANT: metrics-server is included by default in custom clusters in Rancher v2.0.7 and higher, these steps are not needed when clusters are created using Rancher v2.0.7 or higher.

Create cluster via Edit as YAML in custom cluster

  kube_api: 
    pod_security_policy: false
    extra_args:
      requestheader-client-ca-file: "/etc/kubernetes/ssl/kube-ca.pem"
      requestheader-extra-headers-prefix: "X-Remote-Extra-"
      requestheader-group-headers: "X-Remote-Group"
      requestheader-username-headers: "X-Remote-User"
      proxy-client-cert-file: "/etc/kubernetes/ssl/kube-proxy.pem"
      proxy-client-key-file: "/etc/kubernetes/ssl/kube-proxy-key.pem"
  kubelet:
    extra_args:
      authentication-token-webhook: "true"

Create cluster via API

This will be properly fixed in rancher/rancher#13745, until then, you can enable it by re-using the kube-proxy certificate.

curl -s 'https://your_rancher_server/v3/cluster' -H 'content-type: application/json' -H "Authorization: Bearer your_bearer_token" --insecure --data-binary '{ "type": "cluster", "googleKubernetesEngineConfig": null, "name": "metrics", "rancherKubernetesEngineConfig": { "ignoreDockerVersion": true, "sshAgentAuth": false, "type": "rancherKubernetesEngineConfig", "kubernetesVersion": "v1.10.1-rancher1", "authentication": { "type": "authnConfig", "strategy": "x509" }, "network": { "type": "networkConfig", "plugin": "canal" }, "ingress": { "type": "ingressConfig", "provider": "nginx" }, "services": { "type": "rkeConfigServices", "kubeApi": { "podSecurityPolicy": false, "type": "kubeAPIService", "extraArgs": { "requestheader-client-ca-file": "/etc/kubernetes/ssl/kube-ca.pem", "requestheader-extra-headers-prefix": "X-Remote-Extra-", "requestheader-group-headers": "X-Remote-Group", "requestheader-username-headers": "X-Remote-User", "proxy-client-cert-file": "/etc/kubernetes/ssl/kube-proxy.pem", "proxy-client-key-file": "/etc/kubernetes/ssl/kube-proxy-key.pem" } }, "kubelet": { "type": "KubeletService", "extraArgs": { "authentication-token-webhook": "true" }  }, "etcd": { "type": "etcdService", "extraArgs": { "heartbeat-interval": 500, "election-timeout": 5000 } } } }, "id": "" }'

Add node to your cluster

  • Go to Edit Cluster and run execute the docker run command to add a node.

Deploy metrics server

# Clone repository
git clone -b rancher https://github.com/superseb/metrics-server
kubectl create -f metrics-server/deploy/1.8\+/
# Checklogs
kubectl logs -n kube-system -l k8s-app=metrics-server
...
I0604 18:14:55.768105       1 serve.go:85] Serving securely on 0.0.0.0:443

Check metrics

kubectl top nodes only works with kubectl 1.10 and higher (kubernetes/kubernetes#59438). So use kubectl 1.10 and run kubectl top nodes.

Or via kubectl raw

kubectl get --raw "/apis/metrics.k8s.io/v1beta1/nodes" | jq

Bonus: RKE

If you want to use RKE to deploy, you can add:

services:
  kube-api:
    image: rancher/hyperkube:v1.10.1-rancher2
    extra_args:
      requestheader-client-ca-file: /etc/kubernetes/ssl/kube-ca.pem
      requestheader-extra-headers-prefix: X-Remote-Extra-
      requestheader-group-headers: X-Remote-Group
      requestheader-username-headers: X-Remote-User
      proxy-client-cert-file: /etc/kubernetes/ssl/kube-proxy.pem
      proxy-client-key-file: /etc/kubernetes/ssl/kube-proxy-key.pem
  kubelet:
    image: rancher/hyperkube:v1.10.1-rancher2
    extra_args:
      authentication-token-webhook: true
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment