initial commit
This commit is contained in:
Chris Cowley
commit
ca6a4d45d1
113 changed files with 10501 additions and 0 deletions
23
content/blog/kubernetes-metrics-server-problem/index.md
Normal file
23
content/blog/kubernetes-metrics-server-problem/index.md
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
date: 2019-02-01
|
||||
title: Kubernetes Metrics Server Problem
|
||||
category: devops
|
||||
featured_image: /images/kubernetes.png
|
||||
---
|
||||
|
||||
A simple fix for something quite annoying. I set up HPA on some deployments and it did not work.
|
||||
|
||||
HPA uses the [metrics-server](https://github.com/helm/charts/tree/master/stable/metrics-server) to decide when to scale a deployment, but the logs for the metrics-server pod were saying:
|
||||
|
||||
```
|
||||
unable to fully collect metrics: unable to fully scrape metrics from source kubelet_summary:kube: unable to fetch metrics from Kubelet kube (kube): Get https://kube:10250/stats/summary/: x509: certificate signed by unknown authority
|
||||
```
|
||||
|
||||
I have seen this on Kubernetes 1.10 at work, and 1.12 and 1.13 in my lab, so it is an on-going problem. Basically it was missing the CA certificate. The correct fix is to add this certificate into the metrics-server pod. However, for now, I have not investigated where that is. My dirty fix is to install the metrics-server Helm chart with the following values file:
|
||||
|
||||
```
|
||||
args:
|
||||
- --kubelet-insecure-tls
|
||||
```
|
||||
|
||||
This is the equivalent of add `-k` to a `curl` command - it will ignore the CA problem. Given this is purely internal traffic I am not overly concerned. Proper fix in the comments would be welcome however.
|
||||
Loading…
Add table
Add a link
Reference in a new issue