K8s的水平自动扩容和缩容HPA
HPA全称是Horizontal Pod Autoscaler,翻译成中文是POD水平自动伸缩,HPA可以基于CPU利用率对replication controller、deployment和replicaset中的pod数量进行自动扩缩容(除了CPU利用率也可以基于其他应程序提供的度量指标custom metrics进行自动扩缩容)。pod自动缩放不适用于无法缩放的对象,比如DaemonSets。
HPA由Kubernetes API资源和控制器实现。资源决定了控制器的行为。控制器会周期性的获取目标资源指标(如,平均CPU利用率),并与目标值相比较后来调整Pod副本数量。
1.安装metrics进行监控集群,获取指标
root@k8s-master:/home/vagrant# cat metrics.yaml
apiVersion: v1
kind: ServiceAccount
metadata:labels:k8s-app: metrics-servername: metrics-servernamespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:labels:k8s-app: metrics-serverrbac.authorization.k8s.io/aggregate-to-admin: "true"rbac.authorization.k8s.io/aggregate-to-edit: "true"rbac.authorization.k8s.io/aggregate-to-view: "true"name: system:aggregated-metrics-reader
rules:
- apiGroups:- metrics.k8s.ioresources:- pods- nodesverbs:- get- list- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:labels:k8s-app: metrics-servername: system:metrics-server
rules:
- apiGroups:- ""resources:- nodes/metricsverbs:- get
- apiGroups:- ""resources:- pods- nodesverbs:- get- list- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:labels:k8s-app: metrics-servername: metrics-server-auth-readernamespace: kube-system
roleRef:apiGroup: rbac.authorization.k8s.iokind: Rolename: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccountname: metrics-servernamespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:labels:k8s-app: metrics-servername: metrics-server:system:auth-delegator
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: system:auth-delegator
subjects:
- kind: ServiceAccountname: metrics-servernamespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:labels:k8s-app: metrics-servername: system:metrics-server
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: system:metrics-server
subjects:
- kind: ServiceAccountname: metrics-servernamespace: kube-system
---
apiVersion: v1
kind: Service
metadata:labels:k8s-app: metrics-servername: metrics-servernamespace: kube-system
spec:ports:- name: httpsport: 443protocol: TCPtargetPort: httpsselector:k8s-app: metrics-server
---
apiVersion: apps/v1
kind: Deployment
metadata:labels:k8s-app: metrics-servername: metrics-servernamespace: kube-system
spec:selector:matchLabels:k8s-app: metrics-serverstrategy:rollingUpdate:maxUnavailable: 0template:metadata:labels:k8s-app: metrics-serverspec:containers:- args:- --cert-dir=/tmp- --secure-port=10250- --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname- --kubelet-use-node-status-port- --metric-resolution=15s- --kubelet-insecure-tlsimage: registry.k8s.io/metrics-server/metrics-server:v0.7.2imagePullPolicy: IfNotPresentlivenessProbe:failureThreshold: 3httpGet:path: /livezport: httpsscheme: HTTPSperiodSeconds: 10name: metrics-serverports:- containerPort: 10250name: httpsprotocol: TCPreadinessProbe:failureThreshold: 3httpGet:path: /readyzport: httpsscheme: HTTPSinitialDelaySeconds: 20periodSeconds: 10resources:requests:cpu: 100mmemory: 200MisecurityContext:allowPrivilegeEscalation: falsecapabilities:drop:- ALLreadOnlyRootFilesystem: truerunAsNonRoot: truerunAsUser: 1000seccompProfile:type: RuntimeDefaultvolumeMounts:- mountPath: /tmpname: tmp-dirnodeSelector:kubernetes.io/os: linuxpriorityClassName: system-cluster-criticalserviceAccountName: metrics-servervolumes:- emptyDir: {}name: tmp-dir
---
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:labels:k8s-app: metrics-servername: v1beta1.metrics.k8s.io
spec:group: metrics.k8s.iogroupPriorityMinimum: 100insecureSkipTLSVerify: trueservice:name: metrics-servernamespace: kube-systemversion: v1beta1versionPriority: 100
root@k8s-master:/home/vagrant# kubectl apply -f metrics.yaml
root@k8s-master:/home/vagrant# kubectl get pods -n kube-system|grep metrics
metrics-server-587b667b55-tjhfp 1/1 Running 0 11m
2.创建测试Deployment
root@k8s-master:/home/vagrant# cat php-apache.yaml
kind: Deployment
apiVersion: apps/v1
metadata:name: php-apachelabels:app: apache
spec:replicas: 1selector: matchLabels:app: apachetemplate:metadata:name: apachelabels:app: apachespec:containers:- name: apacheimage: httpdimagePullPolicy: IfNotPresentports:- containerPort: 80name: httpdresources:limits:cpu: 800mrequests:cpu: 500m
---
kind: Service
apiVersion: v1
metadata:name: apache-servicelabels:app: apache
spec:selector:app: apacheports:- name: httptargetPort: 80port: 80root@k8s-master:/home/vagrant# kubectl apply -f php-apache.yaml
deployment.apps/php-apache created
root@k8s-master:/home/vagrant# kubectl get svc,deployment,pods
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/apache-service ClusterIP 10.105.192.165 <none> 80/TCP 2m
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 43d
service/redis-svc ClusterIP 10.109.12.172 <none> 6379/TCP 23hNAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/php-apache 1/1 1 1 24mNAME READY STATUS RESTARTS AGE
pod/php-apache-b7cb67d98-b6qx9 1/1 Running 0 24m3.创建HPA
root@k8s-master:/home/vagrant# vim hpa.yaml
kind: HorizontalPodAutoscaler
apiVersion: autoscaling/v2
metadata:name: php-apache
spec:scaleTargetRef:apiVersion: apps/v1kind: Deploymentname: php-apacheminReplicas: 1maxReplicas: 10metrics:- type: Resourceresource:name: cputarget: type: UtilizationaverageUtilization: 50
root@k8s-master:/home/vagrant# kubectl apply -f hpa.yaml
horizontalpodautoscaler.autoscaling/php-apache created
4.模拟php-apache Pod CPU使用率增加
建议多开几个终端进行,效果更加明显
root@k8s-master:/home/vagrant# kubectl run -i --tty load-generator --rm --image=busybox:1.28 --restart=Never -- /bin/sh -c "while true; do wget -q -O- http://10.105.192.165; done"
root@k8s-master:/home/vagrant# kubectl get pods|grep load
load-generator 1/1 Running 0 54s
root@k8s-master:/home/vagrant# kubectl get deployment,po,hpa
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/php-apache 2/2 2 2 33mNAME READY STATUS RESTARTS AGE
pod/load-generator 1/1 Running 0 105s
pod/load-generator2 1/1 Terminating 0 103s
pod/load-generator3 1/1 Running 0 24s
pod/php-apache-67fd659dcb-6z8tz 1/1 Running 0 23s
pod/php-apache-67fd659dcb-thb68 1/1 Running 0 114sNAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
horizontalpodautoscaler.autoscaling/php-apache Deployment/php-apache cpu: 80%/50% 1 10 2 18m
root@k8s-master:/home/vagrant# kubectl get deployment,po,hpa
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/php-apache 10/10 10 10 36mNAME READY STATUS RESTARTS AGE
pod/load-generator 1/1 Running 0 4m32s
pod/load-generator3 1/1 Running 0 3m11s
pod/load-generator4 1/1 Running 0 106s
pod/php-apache-67fd659dcb-2hdg5 1/1 Running 0 2m25s
pod/php-apache-67fd659dcb-52rcx 1/1 Running 0 2m40s
pod/php-apache-67fd659dcb-6z8tz 1/1 Running 0 3m10s
pod/php-apache-67fd659dcb-8wc7j 1/1 Running 0 2m25s
pod/php-apache-67fd659dcb-8zdf6 1/1 Running 0 2m40s
pod/php-apache-67fd659dcb-ckqkm 1/1 Running 0 2m9s
pod/php-apache-67fd659dcb-jncsb 1/1 Running 0 2m24s
pod/php-apache-67fd659dcb-pb89r 1/1 Running 0 2m25s
pod/php-apache-67fd659dcb-t66kv 1/1 Running 0 2m9s
pod/php-apache-67fd659dcb-thb68 1/1 Running 0 4m41sNAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
horizontalpodautoscaler.autoscaling/php-apache Deployment/php-apache cpu: 40%/50% 1 10 10 21m
发现自动增加了Pod,实现自动扩容