docs: add guide for deploying metrics-server

Resolves talos-systems#3166

Signed-off-by: Andrew LeCody <andrew@beyondweb.net>

website/content/docs/v0.10/Guides/deploy-metrics-server.md

@@ -0,0 +1,43 @@
+---
+title: "Deploying Metrics Server"
+description: "In this guide you will learn how to set up metrics-server."
+---
+
+Metrics Server enables use of the [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) and [Vertical Pod Autoscaler](https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler).
+It does this by gathering metrics data from the kubelets in a cluster.
+By default, the certificates in use by the kubelets will not be recognized by metrics-server.
+This can be solved by either configuring metrics-server to do no validation of the TLS certificates, or by modifying the kubelet configuration to rotate its certificates and use ones that will be recognized by metrics-server.
+
+## Node Configuration
+
+To enable kubelet certificate rotation, all nodes should have the following Machine Config snippet:
+
+```yaml
+machine:
+  kubelet:
+    extraArgs:
+      rotate-server-certificates: true
+```
+
+## Install During Bootstrap
+
+We will want to ensure that new certificates for the kubelets are approved automatically.
+This can easily be done with the [Kubelet Serving Certificate Approver](https://github.com/alex1989hu/kubelet-serving-cert-approver), which will automatically approve the Certificate Signing Requests generated by the kubelets.
+
+We can have Kubelet Serving Certificate Approver and metrics-server installed on the cluster automatically during bootstrap by adding the following snippet to the Cluster Config of the node that will be handling the bootstrap process:
+
+```yaml
+cluster:
+  extraManifests:
+    - https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/main/deploy/standalone-install.yaml
+    - https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
+```
+
+## Install After Bootstrap
+
+If you choose not to use `extraManifests` to install Kubelet Serving Certificate Approver and metrics-server during bootstrap, you can install them once the cluster is online using `kubectl`:
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/main/deploy/standalone-install.yaml
+kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
+```

website/content/docs/v0.11/Guides/deploy-metrics-server.md

@@ -0,0 +1,43 @@
+---
+title: "Deploying Metrics Server"
+description: "In this guide you will learn how to set up metrics-server."
+---
+
+Metrics Server enables use of the [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) and [Vertical Pod Autoscaler](https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler).
+It does this by gathering metrics data from the kubelets in a cluster.
+By default, the certificates in use by the kubelets will not be recognized by metrics-server.
+This can be solved by either configuring metrics-server to do no validation of the TLS certificates, or by modifying the kubelet configuration to rotate its certificates and use ones that will be recognized by metrics-server.
+
+## Node Configuration
+
+To enable kubelet certificate rotation, all nodes should have the following Machine Config snippet:
+
+```yaml
+machine:
+  kubelet:
+    extraArgs:
+      rotate-server-certificates: true
+```
+
+## Install During Bootstrap
+
+We will want to ensure that new certificates for the kubelets are approved automatically.
+This can easily be done with the [Kubelet Serving Certificate Approver](https://github.com/alex1989hu/kubelet-serving-cert-approver), which will automatically approve the Certificate Signing Requests generated by the kubelets.
+
+We can have Kubelet Serving Certificate Approver and metrics-server installed on the cluster automatically during bootstrap by adding the following snippet to the Cluster Config of the node that will be handling the bootstrap process:
+
+```yaml
+cluster:
+  extraManifests:
+    - https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/main/deploy/standalone-install.yaml
+    - https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
+```
+
+## Install After Bootstrap
+
+If you choose not to use `extraManifests` to install Kubelet Serving Certificate Approver and metrics-server during bootstrap, you can install them once the cluster is online using `kubectl`:
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/main/deploy/standalone-install.yaml
+kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
+```