1 Metrics Server
Metrics Server 是一个集群范围内的资源指标聚合器,<font color="#9bbb59">它是 Kubernetes 监控体系中的重要组件之一,主要用于为 Kubernetes 的自动扩缩容(如 Horizontal Pod Autoscaler, HPA)和其他需要实时资源使用数据的控制器提供 CPU、内存等基础指标。</font>
1.1 一、Metrics Server 的作用
Metrics Server 的主要功能包括:
-
收集资源使用指标
它会定期从每个节点上的 Kubelet 的 Summary API 中获取 CPU、内存等资源的使用情况。 -
提供指标查询接口
通过 Kubernetes 的 API 机制(通常位于/apis/metrics.k8s.io),其他组件(如 HPA 控制器)可以查询这些指标数据。 -
支持自动扩缩容
HPA 控制器依赖 Metrics Server 提供的指标数据来决定是否需要扩缩容 Pod 副本数量。
⚠️ 注意:Metrics Server 不存储历史数据,它只是一个实时指标提供者。如果需要长期存储和更复杂的监控(如图表、告警),需要配合 Prometheus 等工具使用。
1.2 二、Metrics Server 的工作原理
- Metrics Server 作为一个 Pod 运行在 Kubernetes 集群中(通常部署在
kube-system命名空间)。 - 它通过调用每个节点上 Kubelet 的
/metrics/resource接口来获取资源使用数据。 - 将这些指标数据存储在内存中,并通过 Kubernetes 的 API Server 暴露给其他组件使用(如 HPA)。
- 其他控制器(如 HPA)通过调用 Kubernetes API 来获取这些指标,以做出扩缩容决策。
1.3 三、Metrics Server 的部署
wget http://192.168.14.253/Resources/Kubernetes/Add-ons/metrics-server/0.6.x/high-availability-1.21%2B.yaml
2.2 编辑配置文件
[root@master231 ~]# vim high-availability-1.21+.yaml
...
114 apiVersion: apps/v1
115 kind: Deployment
116 metadata:
...
144 - args:
145 - --kubelet-insecure-tls # 不要验证Kubelets提供的服务证书的CA。不配置则会报错x509。
...
... image: registry.aliyuncs.com/google_containers/metrics-server:v0.7.2
2.3 部署metrics-server组件
[root@master231 ~]# kubectl apply -f high-availability-1.21+.yaml
serviceaccount/metrics-server created
clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
clusterrole.rbac.authorization.k8s.io/system:metrics-server created
rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created
clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created
clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created
service/metrics-server created
deployment.apps/metrics-server created
poddisruptionbudget.policy/metrics-server created
apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created
[root@master231 ~]#
2.4 查看镜像是否部署成功
[root@master231 metrics-server]# kubectl get pods,svc -n kube-system -l k8s-app=metrics-server -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/metrics-server-57c6f647bb-727dz 1/1 Running 0 3m56s 10.100.203.130 worker232 <none> <none>
pod/metrics-server-57c6f647bb-bm6tb 1/1 Running 0 3m56s 10.100.140.120 worker233 <none> <none>
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service/metrics-server ClusterIP 10.200.10.142 <none> 443/TCP 3m56s k8s-app=metrics-server
[root@master231 metrics-server]#
1.4 四、验证 Metrics Server 是否工作正常
你可以使用以下命令查看某个 Pod 的资源使用情况(需安装 kubectl top 命令,它依赖 Metrics Server):
kubectl top pod
或者查看节点的资源使用情况:
kubectl top node
如果这些命令能正常返回数据,说明 Metrics Server 工作正常。
1.5 五、与 Kubernetes 监控生态的关系
| 组件 | 作用 |
|---|---|
| Metrics Server | 提供实时资源指标(CPU/内存),用于 HPA 等控制器 |
| Kube-state-metrics | 提供集群中各种资源对象的状态指标(如 Pod 数量、Deployment 状态等) |
| Prometheus | 更全面的监控系统,可采集各类指标并支持告警、历史数据存储、可视化(如 Grafana) |
| kubectl top | 基于 Metrics Server 的命令行工具,用于查看节点和 Pod 的资源使用情况 |
Metrics Server 是轻量级的指标聚合器,适合用于自动扩缩容;而 Prometheus 更适合用于生产环境的全面监控和告警。
1.6 六、常见限制与注意事项
-
不支持历史数据查询
Metrics Server 只保留最近的数据,无法用于历史数据分析或趋势图表。 -
依赖 Kubelet 的 metrics 接口
如果 Kubelet 的 metrics 接口不可用(如配置错误或安全策略限制),Metrics Server 将无法工作。 -
需要 RBAC 权限
Metrics Server 需要有权限访问 Kubelet 的 API,因此必须正确配置 RBAC。 -
不支持所有资源类型的指标
默认只支持 CPU 和内存,如果需要其他指标(如磁盘、网络等),需要配合其他组件(如 kube-state-metrics 或 Prometheus)。
1.7 七、总结
Metrics Server 是 Kubernetes 中一个轻量级、关键的组件,为自动扩缩容和其他需要实时资源指标的功能提供数据支持。它是 HPA 的“眼睛”,虽然功能相对简单,但在 Kubernetes 的监控体系中扮演着不可或缺的角色。对于更复杂的监控需求,可以结合 Prometheus、Grafana 等工具进行扩展。
2 coreDNS
[[k8s之services#3 附加组件coreDNS !!!!!]]
3 dashboard
- 部署dashboard极速入门
是一款图形化管理K8S集群的解决方案。
参考链接:
https://github.com/kubernetes/dashboard/releases?page=9
1.下载资源清单
[root@master231 dashboard]# wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.1/aio/deploy/recommended.yaml
SVIP:
[root@master231 ~]# wget http://192.168.14.253/Resources/Kubernetes/Add-ons/dashboard/01-dashboard.yaml
2.导入镜像
[root@worker232 ~]# wget http://192.168.14.253/Resources/Kubernetes/Add-ons/dashboard/oldboyedu-dashboard-v2.5.1.tar.gz
[root@worker232 ~]# docker load -i oldboyedu-dashboard-v2.5.1.tar.gz
[root@worker232 ~]# docker tag harbor.oldboyedu.com/oldboyedu-add-ons/dashboard:v2.5.1 harbor250.oldboyedu.com/oldboyedu-add-ons/dashboard:v2.5.1
[root@worker232 ~]#
[root@worker232 ~]# docker push harbor250.oldboyedu.com/oldboyedu-add-ons/dashboard:v2.5.1
[root@worker232 ~]# wget http://192.168.14.253/Resources/Kubernetes/Add-ons/dashboard/oldboyedu-metrics-scraper-v1.0.7.tar.gz
[root@worker232 ~]# docker load -i oldboyedu-metrics-scraper-v1.0.7.tar.gz
[root@worker232 ~]# docker tag harbor.oldboyedu.com/oldboyedu-add-ons/metrics-scraper:v1.0.7 harbor250.oldboyedu.com/oldboyedu-add-ons/metrics-scraper:v1.0.7
[root@worker232 ~]#
[root@worker232 ~]# docker push harbor250.oldboyedu.com/oldboyedu-add-ons/metrics-scraper:v1.0.7
3.修改资源清单
[root@master231 ~]# vim 01-dashboard.yaml
- 1.将8443的svc的类型改为LoadBalancer;
- 2.修改2个镜像的名称即可;
4.部署服务
[root@master231 dashboard]# kubectl apply -f 01-dashboard.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
[root@master231 dashboard]#
5.查看资源
[root@master231 dashboard]# kubectl get pods,svc -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
pod/dashboard-metrics-scraper-9d986c98c-x8gzf 1/1 Running 0 23s
pod/kubernetes-dashboard-5ccf77bb87-sd7z7 1/1 Running 0 23s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/dashboard-metrics-scraper ClusterIP 10.200.253.69 <none> 8000/TCP 23s
service/kubernetes-dashboard LoadBalancer 10.200.75.249 10.0.0.153 443:8443/TCP 23s
[root@master231 dashboard]#
6.访问Dashboard
https://10.0.0.153/#/login
输入神秘代码: "thisisunsafe".
7.基于token登录实战
7.1 创建sa
[root@master231 dashboard]# kubectl create serviceaccount cmy -o yaml --dry-run=client > 02-sa.yaml
[root@master231 dashboard]#
[root@master231 dashboard]# vim 02-sa.yaml
[root@master231 dashboard]#
[root@master231 dashboard]# cat 02-sa.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: cmy
[root@master231 dashboard]#
[root@master231 dashboard]# kubectl apply -f 02-sa.yaml
serviceaccount/cmy created
[root@master231 dashboard]#
[root@master231 dashboard]# kubectl get -f 02-sa.yaml
NAME SECRETS AGE
cmy 1 5s
[root@master231 dashboard]#
[root@master231 dashboard]# kubectl get sa cmy
NAME SECRETS AGE
cmy 1 13s
[root@master231 dashboard]#
7.2 将sa和内置集群角色绑定
[root@master231 dashboard]# kubectl create clusterrolebinding dashboard-cmy --clusterrole=cluster-admin --serviceaccount=default:cmy -o yaml --dry-run=client > 03-clusterrolebinding-sa.yaml
[root@master231 dashboard]#
[root@master231 dashboard]# vim 03-clusterrolebinding-sa.yaml
[root@master231 dashboard]#
[root@master231 dashboard]# cat 03-clusterrolebinding-sa.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: dashboard-cmy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: cmy
namespace: default
[root@master231 dashboard]#
[root@master231 dashboard]# kubectl apply -f 03-clusterrolebinding-sa.yaml
clusterrolebinding.rbac.authorization.k8s.io/dashboard-cmy created
[root@master231 dashboard]#
[root@master231 dashboard]# kubectl get clusterrolebindings dashboard-cmy
NAME ROLE AGE
dashboard-cmy ClusterRole/cluster-admin 11s
[root@master231 dashboard]#
[root@master231 dashboard]# kubectl get clusterrolebindings dashboard-cmy -o wide
NAME ROLE AGE USERS GROUPS SERVICEACCOUNTS
dashboard-cmy ClusterRole/cluster-admin 44s default/cmy
[root@master231 dashboard]#
7.3 浏览器使用token登录
[root@master231 dashboard]# kubectl get secrets `kubectl get sa cmy -o jsonpath='{.secrets[0].name}'` -o jsonpath='{.data.token}' |base64 -d ; echo
eyJhbGciOiJSUzI1NiIsImtpZCI6IlNCUF9mT01TOHVleGIxc1JvdzdzODhPMVg2YmExdm5weWpJZ3BLUDVNQWcifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImxpbnV4OTctdG9rZW4tcGZmeHgiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoibGludXg5NyIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImU4YmZkMTE0LWY5NzItNGQyZC1iYjI4LTY4NWFiZTMxMjE1OSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0OmxpbnV4OTcifQ.Y5UNPod7a5HyjJjia_a25lARq9aZT9sS50rH9I9-j8ldYNeoZybMC0vohPBCnEy_aVknNNzTn2WTCQaN0wKg6dIjQNCvodegmf_h8yU0u63KGB5XggkcJvSdA7OeehAViZ9c-u9vQF_WsT4PujSw73aqhbGbtazmvgCrxOTYNYE0ZyPwqibGvm7kqmSnDiE_0ajX2tNR3G-OSGUbZF-FeZeJdEJ8QJsOct63wTyBNnmlFEebuVr9QELMgtNrzIvZjIOdfb0VhV1mFLqqFQymtmRuGQDbIisgv_ci6EUjwl41A_myceuclbzcFKiO4pIk9VKQdjmj3BjpodNA1ArRUw
[root@master231 dashboard]#
- 使用Kubeconfig授权登录实战(彩蛋)
1.创建kubeconfig文件
cat > oldboyedu-generate-context-conf.sh <<'EOF'
#!/bin/bash
# auther: Jason Yin
# 获取secret的名称
SECRET_NAME=`kubectl get sa cmy -o jsonpath='{.secrets[0].name}'`
# 指定API SERVER的地址
API_SERVER=10.0.0.231:6443
# 指定kubeconfig配置文件的路径名称
KUBECONFIG_NAME=./oldboyedu-k8s-dashboard-admin.conf
# 获取用户的tocken
TOCKEN=`kubectl get secrets $SECRET_NAME -o jsonpath={.data.token} | base64 -d`
# 在kubeconfig配置文件中设置群集项
kubectl config set-cluster oldboyedu-k8s-dashboard-cluster --server=$API_SERVER --kubeconfig=$KUBECONFIG_NAME
# 在kubeconfig中设置用户项
kubectl config set-credentials oldboyedu-k8s-dashboard-user --token=$TOCKEN --kubeconfig=$KUBECONFIG_NAME
# 配置上下文,即绑定用户和集群的上下文关系,可以将多个集群和用户进行绑定哟~
kubectl config set-context oldboyedu-admin --cluster=oldboyedu-k8s-dashboard-cluster --user=oldboyedu-k8s-dashboard-user --kubeconfig=$KUBECONFIG_NAME
# 配置当前使用的上下文
kubectl config use-context oldboyedu-admin --kubeconfig=$KUBECONFIG_NAME
EOF
bash oldboyedu-generate-context-conf.sh
2.注销并基于kubeconfig文件登录
略,见视频。
4 kuboard
- kuboard快速入门实战
官网地址:
https://kuboard.cn/
参考链接:
https://kuboard.cn/install/v3/install-in-k8s.html
1.部署kuboard
[root@master231 kuboard]# wget https://addons.kuboard.cn/kuboard/kuboard-v3-swr.yaml
[root@master231 kuboard]# kubectl apply -f kuboard-v3-swr.yaml
namespace/kuboard created
configmap/kuboard-v3-config created
serviceaccount/kuboard-boostrap created
clusterrolebinding.rbac.authorization.k8s.io/kuboard-boostrap-crb created
daemonset.apps/kuboard-etcd created
deployment.apps/kuboard-v3 created
service/kuboard-v3 created
[root@master231 kuboard]#
[root@master231 kuboard]# kubectl get pods -n kuboard -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kuboard-agent-2-55b9bfbb7c-89nff 1/1 Running 2 (2m43s ago) 2m55s 10.100.0.56 master231 <none> <none>
kuboard-agent-6f4885bcd7-7xzz8 1/1 Running 2 (2m44s ago) 2m55s 10.100.0.55 master231 <none> <none>
kuboard-etcd-trt8q 1/1 Running 0 3m58s 10.0.0.231 master231 <none> <none>
kuboard-v3-685dc9c7b8-bhqfw 1/1 Running 0 3m58s 10.100.0.54 master231 <none> <none>
[root@master231 kuboard]#
镜像地址:
http://192.168.14.253/Resources/Kubernetes/Project/kuboard/kuboard-on-k8s/kuboard-v3-swr.yaml
2.访问 Kuboard
[root@master231 kuboard]# kubectl get svc -n kuboard
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kuboard-v3 NodePort 10.200.117.52 <none> 80:30080/TCP,10081:30081/TCP,10081:30081/UDP 4m36s
[root@master231 kuboard]#
在浏览器中打开链接 http://10.0.0.233:30080
输入初始用户名和密码,并登录
用户名: admin
密码: Kuboard123
- 基于docker的方式部署kuboard
参考链接:
https://kuboard.cn/install/v3/install-built-in.html
1.删除资源
[root@master231 kuboard]# kubectl delete -f kuboard-v3-swr.yaml
2.基于docker运行kuboard
[root@node-exporter43 ~]# docker run -d \
--restart=unless-stopped \
--name=kuboard \
-p 80:80/tcp \
-p 10081:10081/tcp \
-e KUBOARD_ENDPOINT="http://0.0.0.0:80" \
-e KUBOARD_AGENT_SERVER_TCP_PORT="10081" \
-v /root/kuboard-data:/data \
swr.cn-east-2.myhuaweicloud.com/kuboard/kuboard:v3
3.访问kuboard
http://10.0.0.43/
用户名: admin
密 码: Kuboard123
4.添加K8S集群
略,见视频。
其他相似产品:
- Rancher
- kubesphere
5 kube-state-metrics
是 Kubernetes 的一个附加组件,它监听 Kubernetes API Server,并生成关于集群资源(如 Deployment、Pod、Service 等)的状态指标,供 Prometheus 等监控系统采集 dashboard 15661
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/component: exporter
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: 2.4.1
name: kube-state-metrics
rules:
- apiGroups:
- ""
resources:
- configmaps
- secrets
- nodes
- pods
- services
- resourcequotas
- replicationcontrollers
- limitranges
- persistentvolumeclaims
- persistentvolumes
- namespaces
- endpoints
verbs:
- list
- watch
- apiGroups:
- apps
resources:
- statefulsets
- daemonsets
- deployments
- replicasets
verbs:
- list
- watch
- apiGroups:
- batch
resources:
- cronjobs
- jobs
verbs:
- list
- watch
- apiGroups:
- autoscaling
resources:
- horizontalpodautoscalers
verbs:
- list
- watch
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- list
- watch
- apiGroups:
- certificates.k8s.io
resources:
- certificatesigningrequests
verbs:
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- storageclasses
- volumeattachments
verbs:
- list
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
- validatingwebhookconfigurations
verbs:
- list
- watch
- apiGroups:
- networking.k8s.io
resources:
- networkpolicies
- ingresses
verbs:
- list
- watch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/component: exporter
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: 2.4.1
name: kube-state-metrics
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kube-state-metrics
subjects:
- kind: ServiceAccount
name: kube-state-metrics
namespace: kube-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/component: exporter
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: 2.4.1
name: kube-state-metrics
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: kube-state-metrics
template:
metadata:
labels:
app.kubernetes.io/component: exporter
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: 2.4.1
spec:
automountServiceAccountToken: true
containers:
- image: harbor.cmy.cn/kube-state-metrics/kube-state-metrics:v2.4.2
livenessProbe:
httpGet:
path: /healthz
port: 8080
initialDelaySeconds: 5
timeoutSeconds: 5
name: kube-state-metrics
ports:
- containerPort: 8080
name: http-metrics
- containerPort: 8081
name: telemetry
readinessProbe:
httpGet:
path: /
port: 8081
initialDelaySeconds: 5
timeoutSeconds: 5
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsUser: 65534
nodeSelector:
kubernetes.io/os: linux
serviceAccountName: kube-state-metrics
---
apiVersion: v1
automountServiceAccountToken: false
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/component: exporter
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: 2.4.1
name: kube-state-metrics
namespace: kube-system
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: exporter
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/version: 2.4.1
name: kube-state-metrics
namespace: kube-system
spec:
type: LoadBalancer
ports:
- name: http-metrics
port: 8080
targetPort: http-metrics
- name: telemetry
port: 8081
targetPort: telemetry
selector:
app.kubernetes.io/name: kube-state-metrics
6 VPA
Vertical Pod Autoscaler(VPA) 是 Kubernetes 的一个自动扩缩容组件,它根据容器的实际资源使用情况,动态调整 Pod 的资源请求(requests)和限制(limits),而不是像 HPA(Horizontal Pod Autoscaler)那样通过增加或减少 Pod 的副本数来扩展应用。
一文带你掌握Kubernetes VPA(Pod纵向自动扩缩)-腾讯云开发者社区-腾讯云
VPA 的工作原理
VPA 主要由三个核心组件组成:
-
VPA Recommender:
- 分析历史资源使用数据(来自 Metrics Server 或其他监控系统)。
- 根据分析结果,计算出推荐的资源请求(requests)和限制(limits)。
-
VPA Updater:
- 监控 Pod 的资源设置。
- 当推荐的资源与当前设置不一致时,更新 Pod 的资源请求和限制(可能需要重建 Pod)。
-
VPA Admission Controller(可选):
- 在 Pod 创建时,自动应用推荐的资源设置,避免手动配置。
VPA 通常与 Metrics Server(或 Prometheus + Kube-state-metrics)配合使用,以获取容器的资源使用数据。
VPA 的更新策略
VPA 支持三种更新策略,用于控制如何应用资源更新:
-
Auto(自动):
- VPA 会自动删除并重新创建 Pod,以应用新的资源设置。
- 适用于无状态应用,因为 Pod 会被重建。
-
Initial:
- 只在 Pod 创建时应用推荐的资源设置,之后不再更新。
- 适用于希望初始资源设置合理,但不希望后续自动调整的场景。
-
Off:
- VPA 仅提供资源推荐,不进行任何自动更新。
- 适用于需要人工审核后再调整资源的场景。