The Horizontal Pod Autoscaler cannot retrieve CPU/memory metrics from the metrics-server. This blocks all autoscaling decisions and typically indicates the metrics-server is not installed or not running.
The Horizontal Pod Autoscaler (HPA) relies on the Kubernetes Metrics Server to provide real-time CPU and memory usage data. When HPA reports 'unable to fetch metrics from API', it means the metrics-server component is either not installed, not running, or unable to communicate with the HPA controller. This completely blocks autoscaling decisions. The Metrics Server is a cluster add-on that collects resource metrics from kubelets and exposes them through the Kubernetes API aggregation layer (metrics.k8s.io). The HPA controller queries this API to get current CPU/memory usage, then compares it against target utilization to calculate the desired replica count. This error is common in self-hosted Kubernetes clusters where metrics-server must be manually installed, or when network policies block communication between the HPA controller and metrics-server.
Check if metrics-server exists and is healthy:
kubectl get deployment metrics-server -n kube-system
kubectl get pods -n kube-system -l k8s-app=metrics-serverIf metrics-server is not found or in CrashLoopBackOff:
kubectl logs -n kube-system -l k8s-app=metrics-server | head -50Common log errors include TLS failures or API server connectivity issues.
If metrics-server is missing, install it from the official release:
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yamlWait for the deployment to be ready:
kubectl wait deployment metrics-server -n kube-system --for=condition=Available --timeout=120sFor clusters with self-signed certificates or insecure kubelets, add the --kubelet-insecure-tls flag:
kubectl patch deployment metrics-server -n kube-system --type='json' -p='[{"op":"add","path":"/spec/template/spec/containers/0/args/-","value":"--kubelet-insecure-tls"}]'Verify the metrics API is registered and responding:
kubectl get --raw /apis/metrics.k8s.io/v1beta1/nodes
kubectl get --raw /apis/metrics.k8s.io/v1beta1/podsIf these return errors, check the APIService registration:
kubectl get apiservice v1beta1.metrics.k8s.io -o yamlLook for conditions showing "Available: True". If False, the metrics-server service is not reachable.
Test that metrics collection is functioning:
kubectl top nodes
kubectl top pods -n <namespace>If nodes work but pods don't, check kubelet configuration. If both fail, metrics-server is not properly connected.
Wait 60-90 seconds after installing metrics-server before testing, as initial metrics collection takes time.
Verify metrics-server has proper RBAC:
kubectl get clusterrolebinding | grep metrics
kubectl describe clusterrolebinding system:metrics-serverCheck if network policies are blocking traffic:
kubectl get networkpolicies -AIf you have restrictive network policies, ensure metrics-server can reach kubelets on port 10250 and the HPA controller can reach metrics-server.
After fixing metrics-server, verify HPA is working:
kubectl describe hpa <hpa-name> -n <namespace>Look for events without 'FailedGetResourceMetric' errors. The TARGETS column should show actual percentages instead of '<unknown>':
kubectl get hpa -n <namespace>Allow 30-60 seconds for metrics to propagate before checking HPA status.
The Metrics Server architecture involves: HPA Controller → Metrics Aggregator API (metrics.k8s.io) → Metrics Server → kubelet summary endpoint. A failure at any level breaks the chain.
On managed Kubernetes (EKS, GKE, AKS), metrics-server is typically pre-installed. On EKS, verify the add-on is enabled. On GKE, it's enabled by default. On AKS, check the monitoring add-on.
TLS issues are common: metrics-server needs to validate kubelet certificates. Use --kubelet-insecure-tls for testing, but properly configure kubelet TLS for production.
HPA v2 (autoscaling/v2) supports container-level resource metrics, allowing more granular scaling decisions. This requires Kubernetes 1.30+ and metrics-server v0.6+.
Known issue: metrics-server v0.8.0 had compatibility problems with some cluster configurations. If experiencing issues, try v0.7.2 or the latest stable release.
For high-availability, deploy metrics-server with multiple replicas and pod anti-affinity to spread across nodes.
Failed to connect to server: connection refused (HTTP/2)
How to fix "HTTP/2 connection refused" error in Kubernetes
missing request for cpu in container
How to fix "missing request for cpu in container" in Kubernetes HPA
error: invalid configuration
How to fix "error: invalid configuration" in Kubernetes
etcdserver: cluster ID mismatch
How to fix "etcdserver: cluster ID mismatch" in Kubernetes
running with swap on is not supported
How to fix "running with swap on is not supported" in kubeadm