前提条件

  • Kubernetes >= 1.25

  • Openssl >= 1.1.1

  • 部署MetricServer

官方地址:自动扩缩工作负载 | Kubernetes

官方Github:autoscaler/vertical-pod-autoscaler at vertical-pod-autoscaler-1.1.2 · kubernetes/autoscaler · GitHub

部署VPA(v1.1.2)

1
2
3
git clone https://github.com/kubernetes/autoscaler.git -b vertical-pod-autoscaler-1.1.2
cd autoscaler/vertical-pod-autoscaler/hack
./vpa-up.sh

已知问题

ERROR: Failed to create CA certificate for self-signing. If the error is "unknown option -addext", update your openssl version or deploy VPA from the vpa-release-0.8 branch.

原因:openssl 版本太低

解决方法:执行vpa-down.sh卸载后,升级openssl,重新安装

升级openssl(部署机升级即可)

查看当前版本

下载地址(最新稳定版3.3,支持到2026.4.9):openssl-3.3.1.tar.gz

备份

1
2
mv /usr/bin/openssl /usr/bin/openssl.bak
mv /usr/include/openssl /usr/include/openssl.bak

安装依赖

1
yum -y install perl-IPC-Cmd perl-ExtUtils-MakeMaker perl-Data-Dumper

编译

1
2
3
4
tar zxvf openssl-3.3.1.tar.gz
cd openssl-3.3.1/
./config shared --openssldir=/usr/local/openssl --prefix=/usr/local/openssl
make && make install

软连接

1
2
3
4
5
6
7
8
9
ln -s /usr/local/openssl/lib/libssl.so.3 /usr/lib/libssl.so.3
ln -s /usr/local/openssl/lib64/libssl.so.3 /usr/lib64/libssl.so.3
ln -s /usr/local/openssl/lib/libcrypto.so.3 /usr/lib/libcrypto.so.3
ln -s /usr/local/openssl/lib64/libcrypto.so.3 /usr/lib64/libcrypto.so.3

ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/include/openssl /usr/include/openssl
echo “/usr/local/openssl/lib” >> /etc/ld.so.conf
ldconfig -v

查看版本

测试VPA

创建Deployment

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
cat > apache.yaml << EOF
apiVersion: apps/v1
kind: Deployment
metadata:
  name: apache
spec:
  replicas: 3
  selector:
    matchLabels:
      run: apache
  template:
    metadata:
      labels:
        run: apache
    spec:
      containers:
      - name: apache
        image: registry.k8s.io/hpa-example
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: apache
  labels:
    run: apache
spec:
  ports:
  - port: 80
  selector:
    run: apache
EOF
1
kubectl apply -f apache.yaml

查看当前pod资源

1
kubectl describe pod <podname>

没有限制,所以没有Limits和Requests

创建VPA

1
2
3
4
5
6
7
8
9
10
11
12
13
14
cat > vpa-apache.yaml << EOF 
apiVersion: autoscaling.k8s.io/v1 
kind: VerticalPodAutoscaler 
metadata: 
  name: apache-deployment-basic-vpa   
namespace: default 
spec: 
  targetRef: 
    apiVersion: "apps/v1" 
    kind:       Deployment 
    name:       apache 
  updatePolicy: 
    updateMode: "Auto" 
EOF

1
kubectl apply -f vpa-apache.yaml
1
2
# 需要等待两分钟,才能返回结果
kubectl get vpa

pod会根据推荐资源配置,重新分配

1
kubectl describe vpa apache-deployment-basic-vpa

1
kubectl describe pod <podname>

vpa与重新创建的pod资源对应

增加负载

1
yum -y install httpd-tools
1
ab -c 100 -n 500000 http://10.20.13.140:29704/