1.手动扩容机制
示例:对busybox-deployment手动扩缩容
apiVersion:apps/v1 kind: Deployment metadata: name: busybox-deployment spec: replicas: 3 template: metadata: labels: app: busybox spec: containers: - name: busybox image: busybox:latest # 此Pod已运行副本数量3个,使用kubectl scale命令扩容至5个 kubectl scale deploy busybox-deployment --replicas 5 注:如将replicas值设置小于当前副本数则系统会杀掉一些运行中的Pod已实现缩容
2.自动扩容机制(HPA)
Horizontal Pod Autoscaler(HPA)的控制器,用于实现基于CPU使用率进行自动Pod扩容的功能,HPA控制器基于Master的kube-controllere-manager服务启动参数--horizontal-pod-autoscaler-sync-period定义的探测周期(默认值为15s),周期性监测目标Pod的资源性能指标,并与HPA资源对象中的扩容条件进行对比,在满足条件时对Pod副本数量进行调整。
使用HPA功能需要在controller-manager启动文件中加入的参数:
- --horizontal-pod-autoscaler-tolerance=0.1,设置扩缩容忍度,默认值0.1(10%),表示基于算法得到的结果在0.9-1.1(-10%-10%),控制器都不会进行扩缩容
- --horizontal-pod-autoscaler-initial-readiness-delay=30s,设置首次探测Pod是否Ready的延时时间,默认值30min
- --horizontal-pod-autoscaler-cpuinitialization-period=10s,设置首次采集Pod的CPU使用率的延迟时间
- --horizontal-pod-autoscaler-downscale-stabilization=1m0s,这个配置可让系统更平滑的进行缩容操作,默认值5min
使用HorizontalPodAutoscaler配置自定义扩缩容的规则:
apiVersion: autoscaling/v2beta2 kind: HorizontalPodAutoscaler metadata: name: nginx spec: scaleTargetRef: # 定义目标对象,可以是deploy/RC/RS apiVersion: apps/v1 kind: Deployment name: nginx minReplicas: 1 # pod副本数量的最下值 maxReplicas: 10 # pod副本数量的最大值 metrics: # 目标指标值,系统在指标数据达到目标值时出发扩缩容操作 - type: Resource # 定义目标值 resources: name: cpu target: type: Utilization averageUtilization: 50
注:目标值类型可包括三项
- Resource:基于资源的指标,可设置CPU和内存,对于CPU使用率可在target参数中设置averageUtilization定义目标平均CPU使用率;对于内存使用率可在target参数中设置AverageValue定义目标平均内存使用率
- Pods:基于pod的指标,系统对全部Pod副本的指标进行计算平均值,数据来源于Pod对象本身,其target类型只能使用AverageValue
- Object:基于某种资源对象(如Ingress)的指标或应用系统的任意自定义指标,数据来源于其它资源对象或任意自定义指标,其target类型可以使用Value和AverageValue(根据Pod副本数计算平均值)进行设置
示例一:
apiVersion: autoscaling/v2beta2 kind: HorizontalPodAutoscaler metadata: name: nginx spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: nginx minReplicas: 1 maxReplicas: 10 metrics: - type: Object object: metrics: name: requests-per-second # 指标名称 describedObject: apiVersion: extensions/v1beta1 kind: Ingress # 来源于ingress main-route name: main-route target: type: Value value: 2k # 目标值为2000,即在ingress的每秒请求数达到2000时触发扩缩容操作
示例二:
apiVersion: autoscaling/v2beta2 kind: HorizontalPodAutoscaler metadata: name: nginx spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: nginx minReplicas: 1 maxReplicas: 10 metrics: - type: Object object: metrics: name: 'http_requests' # 指标名称 selector: 'verb=GET' # 资源对象具有的标签 target: type: AverageValue averageValue: 500 # 平均值到500触发扩缩容操作
示例三:系统针对每种类型的指标都计算Pod副本的目标数量,以最大值为准进行扩缩容操作
apiVersion: autoscaling/v2beta2 kind: HorizontalPodAutoscaler metadata: name: nginx spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: nginx minReplicas: 1 maxReplicas: 10 metrics: - type: Resource resources: name: cpu targetAverageUtilization: 50 - type: Pods pods: metrics: name: packets-per-second targetAverageUtilization: 1k - type: Object object: metrics: name: requests-per-second describedObject: apiVersion: extensions/v1beta1 kind: Ingress name: main-route target: kind: Value value: 1k
示例四:使用外部服务的性能指标对自己部署的K8s中的服务进行HPA
....... metrics: - type: External external: metrics: name: queue-message-ready selector: 'queue=worker_tasks' targetAverageUtilization: 30
基于外部服务的性能指标实现HPA需要预先部署自定义Metries Server,目前可以基于Prometheus、MS Azure、Datadog Cluster和Google Stackdriver等系统的Adapter实现
使用外部性能指标,在K8s master的API Server启动Aggregation层,需要在apierver启动文件中加入的参数:
- --requestheader-client-ca-file,指定客户端的CA证书
- --requestheader-allowed-names,允许访问的客户端common name列表,将其设置为空置时,表示任意客户端都可以访问
- --requestheader-extra-headers-prefix=X-Remote-Extra,请求头中需要检查的前缀名
- --requestheader-group-headers=X-Remote-Group,请求头中需要检查的组名
- --requestheader-username-headers=X-Remote-User,请求头中需要检查的用户名
- --proxy-client-cert-file,在请求期间验证Aggregator的客户端CA证书
- --proxy-client-key-file,在请求期间验证Aggreagator的客户端私钥
使用外部性能指标,在K8s master的API Server启动Aggregation层,需要在controller-manager启动文件中加入的参数:
--horizontal-pod-autoscaler-sync-period=10s,HPA控制器同步Pod副本数量的时间间隔,默认值15s
示例五、使用Prometheus作为外部性能指标收集器
# 部署Prometheus Operator apiVersion: apps/v1 kind: Deployment metadata: labels: k8s-app: prometheus-operator name: prometheus-operator spec: replicas: 1 selector: matchLabels: k8s-app: prometheus-operator template: metadata: labels: k8s-app: prometheus-operator spec: containers: - image: quay.io/coreos/prometheus-operator:v0.40.0 imagePullPolicy: IfNotPresent name: prometheus-operator ports: - containerPort: 8080 name: http resources: limits: cpu: 200M memory: 100Mi requests: cpu: 100m memory: 50Mi 这个prometheus-operatord会自动创建名为monitoring.coreos.com的CRD资源 # 通过Operator的配置部署Prometheus apiVersion: monitoring.coreos.com/v1 kind: Prometheus metadata: name: prometheus labels: app: promethus prometheus: prometheus spec: replicas: 2 baseImage: quay.io/prometheus/prometheus version: v2.10.0 serviceMonitorSelector: matchLabels: service-monitor: function resources: requests: memory: 300Mi --- apiVersion: v1 kind: Service metadata: name: prometheus labels: app: prometheus prometheus: prometheus spec: selector: prometheus: prometheus ports: - name: http port: 9090 # 确认prometheus operator和prometheus服务正常 kubectl get pods
d