From a1c0e99a1729c704a633dcc557dc46466b828e11 Mon Sep 17 00:00:00 2001 From: Andrew LeCody Date: Tue, 18 May 2021 09:48:59 -0600 Subject: [PATCH] docs: add guide for deploying metrics-server Resolves talos-systems#3166 Signed-off-by: Andrew LeCody --- .../v0.10/Guides/deploy-metrics-server.md | 43 +++++++++++++++++++ .../v0.11/Guides/deploy-metrics-server.md | 43 +++++++++++++++++++ 2 files changed, 86 insertions(+) create mode 100644 website/content/docs/v0.10/Guides/deploy-metrics-server.md create mode 100644 website/content/docs/v0.11/Guides/deploy-metrics-server.md diff --git a/website/content/docs/v0.10/Guides/deploy-metrics-server.md b/website/content/docs/v0.10/Guides/deploy-metrics-server.md new file mode 100644 index 0000000000..0385ba279b --- /dev/null +++ b/website/content/docs/v0.10/Guides/deploy-metrics-server.md @@ -0,0 +1,43 @@ +--- +title: "Deploying Metrics Server" +description: "In this guide you will learn how to set up metrics-server." +--- + +Metrics Server enables use of the [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) and [Vertical Pod Autoscaler](https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler). +It does this by gathering metrics data from the kubelets in a cluster. +By default, the certificates in use by the kubelets will not be recognized by metrics-server. +This can be solved by either configuring metrics-server to do no validation of the TLS certificates, or by modifying the kubelet configuration to rotate its certificates and use ones that will be recognized by metrics-server. + +## Node Configuration + +To enable kubelet certificate rotation, all nodes should have the following Machine Config snippet: + +```yaml +machine: + kubelet: + extraArgs: + rotate-server-certificates: true +``` + +## Install During Bootstrap + +We will want to ensure that new certificates for the kubelets are approved automatically. +This can easily be done with the [Kubelet Serving Certificate Approver](https://github.com/alex1989hu/kubelet-serving-cert-approver), which will automatically approve the Certificate Signing Requests generated by the kubelets. + +We can have Kubelet Serving Certificate Approver and metrics-server installed on the cluster automatically during bootstrap by adding the following snippet to the Cluster Config of the node that will be handling the bootstrap process: + +```yaml +cluster: + extraManifests: + - https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/main/deploy/standalone-install.yaml + - https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml +``` + +## Install After Bootstrap + +If you choose not to use `extraManifests` to install Kubelet Serving Certificate Approver and metrics-server during bootstrap, you can install them once the cluster is online using `kubectl`: + +```shell +kubectl apply -f https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/main/deploy/standalone-install.yaml +kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml +``` diff --git a/website/content/docs/v0.11/Guides/deploy-metrics-server.md b/website/content/docs/v0.11/Guides/deploy-metrics-server.md new file mode 100644 index 0000000000..0385ba279b --- /dev/null +++ b/website/content/docs/v0.11/Guides/deploy-metrics-server.md @@ -0,0 +1,43 @@ +--- +title: "Deploying Metrics Server" +description: "In this guide you will learn how to set up metrics-server." +--- + +Metrics Server enables use of the [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) and [Vertical Pod Autoscaler](https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler). +It does this by gathering metrics data from the kubelets in a cluster. +By default, the certificates in use by the kubelets will not be recognized by metrics-server. +This can be solved by either configuring metrics-server to do no validation of the TLS certificates, or by modifying the kubelet configuration to rotate its certificates and use ones that will be recognized by metrics-server. + +## Node Configuration + +To enable kubelet certificate rotation, all nodes should have the following Machine Config snippet: + +```yaml +machine: + kubelet: + extraArgs: + rotate-server-certificates: true +``` + +## Install During Bootstrap + +We will want to ensure that new certificates for the kubelets are approved automatically. +This can easily be done with the [Kubelet Serving Certificate Approver](https://github.com/alex1989hu/kubelet-serving-cert-approver), which will automatically approve the Certificate Signing Requests generated by the kubelets. + +We can have Kubelet Serving Certificate Approver and metrics-server installed on the cluster automatically during bootstrap by adding the following snippet to the Cluster Config of the node that will be handling the bootstrap process: + +```yaml +cluster: + extraManifests: + - https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/main/deploy/standalone-install.yaml + - https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml +``` + +## Install After Bootstrap + +If you choose not to use `extraManifests` to install Kubelet Serving Certificate Approver and metrics-server during bootstrap, you can install them once the cluster is online using `kubectl`: + +```shell +kubectl apply -f https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/main/deploy/standalone-install.yaml +kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml +```