From c5aead020b659b72dd022b919a95ed9d5174a507 Mon Sep 17 00:00:00 2001 From: Antonio Ojea Date: Thu, 15 Jul 2021 13:51:28 +0200 Subject: [PATCH] cluster: fix CI metrics-server deployment use deployment based on upstream manifest - add liveness and readiness probes - use kubelet port secure port https://github.com/kubernetes-sigs/metrics-server/blob/release-0.4/manifests/base/deployment.yaml#L32-L38 --- .../metrics-server-deployment.yaml | 20 +++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/cluster/addons/metrics-server/metrics-server-deployment.yaml b/cluster/addons/metrics-server/metrics-server-deployment.yaml index aba5368a067..d7f44e080d5 100644 --- a/cluster/addons/metrics-server/metrics-server-deployment.yaml +++ b/cluster/addons/metrics-server/metrics-server-deployment.yaml @@ -54,10 +54,8 @@ spec: command: - /metrics-server - --metric-resolution=30s - # These are needed for GKE, which doesn't support secure communication yet. - # Remove these lines for non-GKE clusters, and when GKE supports token-based auth. - - --kubelet-port=10255 - - --deprecated-kubelet-completely-insecure=true + - --kubelet-use-node-status-port + - --kubelet-insecure-tls - --kubelet-preferred-address-types=InternalIP,Hostname,InternalDNS,ExternalDNS,ExternalIP - --cert-dir=/tmp - --secure-port=443 @@ -65,6 +63,20 @@ spec: - containerPort: 443 name: https protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: https + scheme: HTTPS + periodSeconds: 10 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /livez + port: https + scheme: HTTPS + periodSeconds: 10 + failureThreshold: 3 volumeMounts: - mountPath: /tmp name: tmp-dir