Kubernetes的弹性伸缩(HPA)

前言

在kubernetes中,我们使用pod对外提供服务。这时候,我们需要以下两种情形需要关注:

  • pod因为不明原因挂掉,导致服务不可用

  • Pod在高负荷的情况下,不能支撑我们的服务

如果我们人工监控pods,人工进行调整副本那么这个工作量无疑是巨大的,但kubernetes已经有了相应的机制来应对了。

那么今天就来介绍一下在k8s 1.6中的弹性伸缩的实施

k8s是kubernetes的官方简称
HPA全称Horizontal Pod Autoscaler

HPA的原理

Kubernetes有一个HPA(Horizontal Pod Autoscaler)的资源,可以实现基于CPU使用率的Pod自动伸缩的功能。HPA基于Master Node上的kube-controller-manager服务启动参数–horizontal-pod-autoscaler-sync-period定义的时长(默认为30秒),周期性的检测Pod的CPU使用率(需要事先安装heapster)。如果需要设置–horizontal-pod-autoscaler-sync-period可以在Master Node上的/etc/default/kube-controller-manager中修改。

graph TD

A[ms-a] --> B(RC/Deployment)
A1[ms-b] --> B(RC/Deployment)
A3[ms-c] --> B(RC/Deployment)
A4[其他服务] --> B(RC/Deployment)

B --- C(Horizontal Pod Autoscaler)

安装Heapster

K8S从1.8版本开始,CPU、内存等资源的metrics信息可以通过 Metrics API来获取,用户可以直接获取这些metrics信息(例如通过执行kubect top命令),HPA使用这些metics信息来实现动态伸缩,但是在之前我们使用Heapster来收集节点的相关数据

导入相关镜像

我们在实施的时候一般会创建/data目录,把所有的deployment放在此目录下,因此在k8s master创建kube-system目录

[root@master data]# mkdir kube-system
上传相镜像,并导入
# 导入heasper
[root@master kube-system]# docker load < heapster_3.tar 
38ac8d0f5bb3: Loading layer [==================================================>]  1.312MB/1.312MB
388f58c4d5b0: Loading layer [==================================================>]  99.87MB/99.87MB
c6772246bc46: Loading layer [==================================================>]  281.1kB/281.1kB
Loaded image: registry.cn-hangzhou.aliyuncs.com/lczean/heapster-amd64-v1.3.0-beta.1:v1.3.0-beta.1
# 导入influxdb数据库
[root@master kube-system]# docker load < influxdb13.tar 
7da815924651: Loading layer [==================================================>]  10.48MB/10.48MB
2d447b9e914f: Loading layer [==================================================>]   5.12kB/5.12kB
Loaded image: registry.cn-hangzhou.aliyuncs.com/golden/heapster-influxdb-amd64:latest

查看导入images

[root@master kube-system]# docker images |grep heapster
registry.cn-hangzhou.aliyuncs.com/lczean/heapster-amd64-v1.3.0-beta.1   v1.3.0-beta.1       6393b81e2220        17 months ago       101MB
registry.cn-hangzhou.aliyuncs.com/golden/heapster-influxdb-amd64        latest              d3fccbedd180        22 months ago       11.6MB

修改images tag以便我们可以导入到私有registry中

[root@master kube-system]# docker tag registry.cn-hangzhou.aliyuncs.com/lczean/heapster-amd64-v1.3.0-beta.1:v1.3.0-beta.1  registry.k8s.osc:5000/heapster:v1.3.0
[root@master kube-system]# docker tag registry.cn-hangzhou.aliyuncs.com/golden/heapster-influxdb-amd64 registry.k8s.osc:5000/heapster-influxdb
# 查看修改后的images
[root@master kube-system]# docker images |grep heapster
registry.cn-hangzhou.aliyuncs.com/lczean/heapster-amd64-v1.3.0-beta.1   v1.3.0-beta.1       6393b81e2220        17 months ago       101MB
registry.k8s.osc:5000/heapster                                          v1.3.0              6393b81e2220        17 months ago       101MB
registry.cn-hangzhou.aliyuncs.com/golden/heapster-influxdb-amd64        latest              d3fccbedd180        22 months ago       11.6MB
registry.k8s.osc:5000/heapster-influxdb                                 latest              d3fccbedd180        22 months ago       11.6MB
推送到私有仓库
[root@master kube-system]# docker push registry.k8s.osc:5000/heapster:v1.3.0
The push refers to repository [registry.k8s.osc:5000/heapster]
c6772246bc46: Pushed 
388f58c4d5b0: Pushed 
38ac8d0f5bb3: Pushed 
v1.3.0: digest: sha256:e23b30d2e131e042eec9b5fdc30af905b63e454d140dc335246e74a4e8b4c857 size: 949
[root@master kube-system]# docker push registry.k8s.osc:5000/heapster-influxdb 
The push refers to repository [registry.k8s.osc:5000/heapster-influxdb]
2d447b9e914f: Pushed 
7da815924651: Pushed 
38ac8d0f5bb3: Mounted from heapster 
latest: digest: sha256:d2ecd285eb6585d56e8853da7b9fd8f4a57de4a3006f6720173a3f3942c0e7c9 size: 945

influxdb时间序列库介绍

创建deployment


[root@master kube-system]# vim influxdb-deployment.yaml
[root@master kube-system]# vim influxdb-service.yaml
[root@master kube-system]# vim heapster-deployment.yaml
[root@master kube-system]# vim heapster-service.yaml   

分别看一下yaml:
influxdb-deployment.yaml
修改image

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: monitoring-influxdb
  namespace: kube-system
spec:
  replicas: 1
  template:
    metadata:
      labels:
        task: monitoring
        k8s-app: influxdb
    spec:
      volumes:
      - name: influxdb-storage
        emptyDir: {}
      containers:
      - name: influxdb
        image: registry.k8s.osc:5000/heapster-influxdb
        volumeMounts:
        - mountPath: /data
          name: influxdb-storage

influxdb-service.yaml

apiVersion: v1
kind: Service
metadata:
  labels:
    task: monitoring
    kubernetes.io/cluster-service: 'true'
    kubernetes.io/name: monitoring-influxdb
  name: monitoring-influxdb
  namespace: kube-system
spec:
  ports:
  - name: http
    port: 8083
    targetPort: 8083
  - name: api
    port: 8086
    targetPort: 8086
  selector:
    k8s-app: influxdb

创建deployment、service

[root@master kube-system]# kubectl create -f influxdb-deployment.yaml 
[root@master kube-system]# kubectl create -f influxdb-service.yaml 

安装这两个后查看influxdb坐在的pod ip

[root@master kube-system]# kubectl get pods  -n kube-system -o wide
NAME                                   READY     STATUS    RESTARTS   AGE       IP            NODE
monitoring-influxdb-3696415694-q9tds   1/1       Running   0          16m       172.99.39.6   172.16.187.158

测试安装正常,再安装flanneld的node访问以下链接,如果无报错说明安装成功

[root@node0 ~]# curl http://172.99.39.6:8086/ping

创建heapster-deployment.yaml
修改image、--source、--sink

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: heapster
  namespace: kube-system
spec:
  replicas: 1
  template:
    metadata:
      labels:
        task: monitoring
        k8s-app: heapster
        version: v6
    spec:
      containers:
      - name: heapster
        image: registry.k8s.osc:5000/heapster:v1.3.0
        imagePullPolicy: Always
        command:
        - /heapster
        - --source=kubernetes:http://172.16.187.162:8080
        - --sink=influxdb:http://172.99.39.6:8086

创建heapster-service.yaml

apiVersion: v1
kind: Service
metadata:
  labels:
    task: monitoring  
    kubernetes.io/cluster-service: 'true'
    kubernetes.io/name: Heapster
  name: heapster
  namespace: kube-system
spec:
  ports:
  - port: 80
    targetPort: 8082
  selector:
    k8s-app: heapster

创建heapster的deployment、service

[root@master kube-system]# kubectl create -f heapster-deployment.yaml 
deployment "heapster" created
[root@master kube-system]# kubectl create -f heapster-service.yaml 
service "heapster" created

全部安装后可以查看日志是否是正常启动的

[root@master kube-system]# kubectl get pods  -n kube-system -o wide   
NAME                                   READY     STATUS    RESTARTS   AGE       IP             NODE
heapster-1258036176-sjg7s              1/1       Running   0          1m        172.99.93.13   172.16.187.160
monitoring-influxdb-3696415694-q9tds   1/1       Running   0          26m       172.99.39.6    172.16.187.158


[root@master kube-system]# kubectl logs -f monitoring-influxdb-3696415694-q9tds  -n kube-system                         

 8888888           .d888 888                   8888888b.  888888b.
   888            d88P"  888                   888  "Y88b 888  "88b
   888            888    888                   888    888 888  .88P
   888   88888b.  888888 888 888  888 888  888 888    888 8888888K.
   888   888 "88b 888    888 888  888  Y8bd8P' 888    888 888  "Y88b
   888   888  888 888    888 888  888   X88K   888    888 888    888
   888   888  888 888    888 Y88b 888 .d8""8b. 888  .d88P 888   d88P
 8888888 888  888 888    888  "Y88888 888  888 8888888P"  8888888P"

[run] 2018/12/07 05:27:33 InfluxDB starting, version unknown, branch unknown, commit unknown
[run] 2018/12/07 05:27:33 Go version go1.7.4, GOMAXPROCS set to 16
[run] 2018/12/07 05:27:33 Using configuration at: /etc/config.toml
[store] 2018/12/07 05:27:33 Using data dir: /data/data
[subscriber] 2018/12/07 05:27:33 opened service
[monitor] 2018/12/07 05:27:33 Starting monitor system
[monitor] 2018/12/07 05:27:33 'build' registered for diagnostics monitoring
[monitor] 2018/12/07 05:27:33 'runtime' registered for diagnostics monitoring
[monitor] 2018/12/07 05:27:33 'network' registered for diagnostics monitoring
[monitor] 2018/12/07 05:27:33 'system' registered for diagnostics monitoring
[shard-precreation] 2018/12/07 05:27:33 Starting precreation service with check interval of 10m0s, advance period of 30m0s
[snapshot] 2018/12/07 05:27:33 Starting snapshot service
[continuous_querier] 2018/12/07 05:27:33 Starting continuous query service
[httpd] 2018/12/07 05:27:33 Starting HTTP service
[httpd] 2018/12/07 05:27:33 Authentication enabled: false

## heapster

[root@master kube-system]# kubectl logs -f heapster-1258036176-sjg7s  -n kube-system
I1207 05:53:00.275512       1 heapster.go:71] /heapster --source=kubernetes:http://172.16.187.162:8080 --sink=influxdb:http://172.99.39.6:8086
I1207 05:53:00.275568       1 heapster.go:72] Heapster version v1.3.0-beta.1
I1207 05:53:00.275794       1 configs.go:61] Using Kubernetes client with master "http://172.16.187.162:8080" and version v1
I1207 05:53:00.275816       1 configs.go:62] Using kubelet port 10255
I1207 05:53:00.283647       1 influxdb.go:252] created influxdb sink with options: host:172.99.39.6:8086 user:root db:k8s
I1207 05:53:00.283680       1 heapster.go:193] Starting with InfluxDB Sink
I1207 05:53:00.283687       1 heapster.go:193] Starting with Metric Sink
I1207 05:53:00.294214       1 heapster.go:105] Starting heapster on port 8082
I1207 05:54:05.082812       1 influxdb.go:215] Created database "k8s" on influxDB server at "172.99.39.6:8086"

最后查看heapster,由于收集数据需要时间,过一段时间后,查看节点的node的监控数据

[root@master ~]# kubectl top node
NAME             CPU(cores)   CPU%      MEMORY(bytes)   MEMORY%   
172.16.187.158   121m         0%        19721Mi         30%       
172.16.187.159   112m         0%        15805Mi         24%       
172.16.187.160   172m         1%        28090Mi         43%       

创建HPA

以上步骤都成功的时候,我们可以创建HorizontalPodAutoscaler来管理,下面就用ms-wechat来进行测试

apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
  name: ms-wechat  # 名称
  namespace: default #k8s命名空间
spec:
  maxReplicas: 10  # 最大副本数
  minReplicas: 3   # 最小副本数
  scaleTargetRef:   
    apiVersion: apps/v1beta1
    kind: Deployment  
    name: ms-wechat   # 监控名为ms-wechat的Deployment
  targetCPUUtilizationPercentage: 80  # cpu 阈值

查看hpa

[root@master ~]# kubectl get hpa 
NAME        REFERENCE              TARGETS           MINPODS   MAXPODS   REPLICAS   AGE
ms-wechat   Deployment/ms-wechat   <unknown> / 80%   3         10        3          10m

大家看到 targets为unknown有两种原因

  • 查看原始deployment的resource有没有设置cpu的限制如果没有:kubectl set resources deployment/ms-wechat --limits=cpu=2000m动态设置
  • 等一段时间再查看

查看结果

[root@master ~]# kubectl get hpa
NAME        REFERENCE              TARGETS     MINPODS   MAXPODS   REPLICAS   AGE
ms-wechat   Deployment/ms-wechat   47% / 80%   3         10        3          11m

可以进行压力测试,观察REPLICAS变化

©著作权归作者所有,转载或内容合作请联系作者
  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 212,332评论 6 493
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 90,508评论 3 385
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 157,812评论 0 348
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 56,607评论 1 284
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 65,728评论 6 386
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 49,919评论 1 290
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 39,071评论 3 410
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 37,802评论 0 268
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 44,256评论 1 303
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 36,576评论 2 327
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 38,712评论 1 341
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 34,389评论 4 332
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 40,032评论 3 316
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 30,798评论 0 21
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 32,026评论 1 266
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 46,473评论 2 360
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 43,606评论 2 350

推荐阅读更多精彩内容