diff --git a/pkg/model/components/apiserver.go b/pkg/model/components/apiserver.go index f0af8a603e..243058e8e9 100644 --- a/pkg/model/components/apiserver.go +++ b/pkg/model/components/apiserver.go @@ -169,6 +169,14 @@ func (b *KubeAPIServerOptionsBuilder) BuildOptions(o interface{}) error { c.InsecurePort = fi.Int32(0) } + // If metrics-server is enabled, we want aggregator routing enabled so that requests are load balanced. + metricsServer := clusterSpec.MetricsServer + if metricsServer != nil && fi.BoolValue(metricsServer.Enabled) { + if c.EnableAggregatorRouting == nil { + c.EnableAggregatorRouting = fi.Bool(true) + } + } + return nil } diff --git a/upup/models/cloudup/resources/addons/metrics-server.addons.k8s.io/k8s-1.11.yaml.template b/upup/models/cloudup/resources/addons/metrics-server.addons.k8s.io/k8s-1.11.yaml.template index 0b895e5dc1..027f2274af 100644 --- a/upup/models/cloudup/resources/addons/metrics-server.addons.k8s.io/k8s-1.11.yaml.template +++ b/upup/models/cloudup/resources/addons/metrics-server.addons.k8s.io/k8s-1.11.yaml.template @@ -40,7 +40,7 @@ rules: resources: - pods - nodes - - nodes/stats + - nodes/metrics - namespaces - configmaps verbs: @@ -129,7 +129,7 @@ spec: spec: containers: - args: - - --secure-port=443 + - --secure-port=4443 - --kubelet-use-node-status-port - --metric-resolution=15s - --kubelet-preferred-address-types={{ if IsIPv6Only }}InternalIP{{ else }}Hostname{{ end }} @@ -142,7 +142,7 @@ spec: {{ if or (not UseKopsControllerForNodeBootstrap) (WithDefaultBool .MetricsServer.Insecure true) }} - --kubelet-insecure-tls {{ end }} - image: {{ or .MetricsServer.Image "k8s.gcr.io/metrics-server/metrics-server:v0.5.0" }} + image: {{ or .MetricsServer.Image "k8s.gcr.io/metrics-server/metrics-server:v0.6.0" }} imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -153,7 +153,7 @@ spec: periodSeconds: 10 name: metrics-server ports: - - containerPort: 443 + - containerPort: 4443 name: https protocol: TCP readinessProbe: diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/insecure-1.19/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/insecure-1.19/manifest.yaml index 1dc4dae5c0..f1c6acba8c 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/insecure-1.19/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/insecure-1.19/manifest.yaml @@ -47,7 +47,7 @@ spec: version: 9.99.0 - id: k8s-1.11 manifest: metrics-server.addons.k8s.io/k8s-1.11.yaml - manifestHash: 17909ec3ec7a451e80ab934d58b01d9d63f74f2a59e7f25627fe452872ceb2f4 + manifestHash: af721298e26e1d1311a8ccd7e047f70e9c9f695ed7bffa7ce94e19a1e82fe691 name: metrics-server.addons.k8s.io selector: k8s-app: metrics-server diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/insecure-1.19/metrics-server.addons.k8s.io-k8s-1.11.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/insecure-1.19/metrics-server.addons.k8s.io-k8s-1.11.yaml index ad29fb3f3b..1d25949586 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/insecure-1.19/metrics-server.addons.k8s.io-k8s-1.11.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/insecure-1.19/metrics-server.addons.k8s.io-k8s-1.11.yaml @@ -51,7 +51,7 @@ rules: resources: - pods - nodes - - nodes/stats + - nodes/metrics - namespaces - configmaps verbs: @@ -165,13 +165,13 @@ spec: spec: containers: - args: - - --secure-port=443 + - --secure-port=4443 - --kubelet-use-node-status-port - --metric-resolution=15s - --kubelet-preferred-address-types=Hostname - --cert-dir=/tmp - --kubelet-insecure-tls - image: k8s.gcr.io/metrics-server/metrics-server:v0.5.0 + image: k8s.gcr.io/metrics-server/metrics-server:v0.6.0 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -182,7 +182,7 @@ spec: periodSeconds: 10 name: metrics-server ports: - - containerPort: 443 + - containerPort: 4443 name: https protocol: TCP readinessProbe: diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/secure-1.19/manifest.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/secure-1.19/manifest.yaml index fe5cacf28b..6c3693cf6d 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/secure-1.19/manifest.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/secure-1.19/manifest.yaml @@ -47,7 +47,7 @@ spec: version: 9.99.0 - id: k8s-1.11 manifest: metrics-server.addons.k8s.io/k8s-1.11.yaml - manifestHash: ed07ce88fa4e68289ddeabe8dffbc1a5a959810fcd03c10ab7b5f4b0a487d629 + manifestHash: 93c0127182da9877f996b5328d2ed6d8a835f2867fd1d0972333cc66bbc4423f name: metrics-server.addons.k8s.io needsPKI: true selector: diff --git a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/secure-1.19/metrics-server.addons.k8s.io-k8s-1.11.yaml b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/secure-1.19/metrics-server.addons.k8s.io-k8s-1.11.yaml index b3ffd717c0..e970026670 100644 --- a/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/secure-1.19/metrics-server.addons.k8s.io-k8s-1.11.yaml +++ b/upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/metrics-server/secure-1.19/metrics-server.addons.k8s.io-k8s-1.11.yaml @@ -51,7 +51,7 @@ rules: resources: - pods - nodes - - nodes/stats + - nodes/metrics - namespaces - configmaps verbs: @@ -165,13 +165,13 @@ spec: spec: containers: - args: - - --secure-port=443 + - --secure-port=4443 - --kubelet-use-node-status-port - --metric-resolution=15s - --kubelet-preferred-address-types=Hostname - --tls-cert-file=/srv/tls.crt - --tls-private-key-file=/srv/tls.key - image: k8s.gcr.io/metrics-server/metrics-server:v0.5.0 + image: k8s.gcr.io/metrics-server/metrics-server:v0.6.0 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -182,7 +182,7 @@ spec: periodSeconds: 10 name: metrics-server ports: - - containerPort: 443 + - containerPort: 4443 name: https protocol: TCP readinessProbe: