metrics-server状态是running,但是无法获取集群信息error: Metrics API not available
1、现象
安装Kuboard之前,使用kubectl top pods是可以得到集群的容器资源占用情况的。
但是安装了Kuboard之后,kubectl top pods指令一直无效。并且报错
2、按Kuboard的提示检查错误
2.1 重置metrics-server,无效
2.2 metrics-server状态是running,正常
2.3 检查ApiService
curl -ik https://10.102.193.60:443/apis/metrics.k8s.io/v1beta1
报错:"forbidden: User \"system:anonymous\" cannot get path \"/apis/metrics.k8s.io/v1beta1\"",
3、解决方案:准备认证信息
下面的内容可以保存为 auth-server.yaml。
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: categraf
rules:
- apiGroups: [""]
resources:
- nodes
- nodes/metrics
- nodes/stats
- nodes/proxy
- services
- endpoints
- pods
verbs: ["get", "list", "watch"]
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses
verbs: ["get", "list", "watch"]
- nonResourceURLs: ["/metrics", "/metrics/cadvisor"]
verbs: ["get"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: categraf
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: categraf
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: categraf
subjects:
- kind: ServiceAccount
name: categraf
namespace: kube-system
执行
kubectl apply -f auth-server.yaml
之后就正常了。
4、结果