k8s集群yaml文件方式迁移
一、安装依赖工具
实际就是导出数据为json,通过jq删除一些不需要的字段,然后再通过yq转换为yaml格式(不安装直接使用json格式也可以安装,这里主要为例方便查看),这么麻烦主要是不知道导出yaml文件时如何过滤一些不需要的字段,如果哪位知道可以指教一下。
[root@k8s-master test]# yum install jq -y #解析json
[root@k8s-master ~]# wget https://github.com/mikefarah/yq/releases/download/v4.16.2/yq_linux_amd64 #将json转换为yaml 最新下载地址:https://github.com/mikefarah/yq/releases
[root@k8s-master ~]# chmod +x yq_linux_amd64
[root@k8s-master ~]# mv yq_linux_amd64 /usr/bin/yq
[root@k8s-master ~]# yq --version
yq (https://github.com/mikefarah/yq/) version 4.16.2
二、创建脚本
V1.13
#!/bin/bash
DATA_TIME=`date +%Y%m%d%H%M%S` #每次创建根据时间创建
BACKUP_DIR=/tmp/k8s-backup-restore #备份的目录
NS_LIST='change-battery-demo nginx-ingress-port tools tsp' # 指定需要备份的namespaces,也可以使用kubectl获取所有,按需
#CONFIG_TYPE="service deploy configmap secret job cronjob replicaset daemonset statefulset"
CONFIG_TYPE="service deploy ingress" # 指定namespaces下需要备份的资源类型,按需
for ns in ${NS_LIST};do
BACKUP_DIR_DATE=${BACKUP_DIR}/${ns}/${DATA_TIME} #备份目录,按namespace根据时间分别创建
mkdir -p ${BACKUP_DIR_DATE} && cd ${BACKUP_DIR_DATE} #创建备份目录
for type in ${CONFIG_TYPE};do
item_num=$(kubectl -n ${ns} get ${type} 2>/dev/null|wc -l) #过滤资源类型为空
if [ ${item_num} -lt 1 ];then continue;fi #包含NAME行,所以如果存在资源item_num不小于2
ITEM_LIST=$(kubectl -n ${ns} get ${type} | awk '{print $1}' | grep -v 'NAME')
for item in ${ITEM_LIST};do
file_name=${BACKUP_DIR_DATE}/${type}_${item}.yaml
kubectl -n ${ns} get ${type} ${item} -o=json | jq '. |
del(
.spec.clusterIP,
.metadata.uid,
.metadata.selfLink,
.metadata.resourceVersion,
.metadata.creationTimestamp,
.metadata.generation,
.metadata.annotations,
.spec.cephfs,
.spec.volumeName,
.status,
.spec.template.metadata.creationTimestamp,
.spec.template.spec.securityContext,
.spec.template.spec.dnsPolicy,
.spec.template.spec.terminationGracePeriodSeconds,
.spec.template.spec.restartPolicy
)'|yq eval -P > ${file_name} #del中是要删除的字段
done
done
done
V1.22
#!/bin/bash
DATA_TIME=`date +%Y-%m-%d-%H-%M-%S` #每次创建根据时间创建
BACKUP_DIR_BASE=/mnt/k8s-backup-restore #备份的目录
CURRENT_BACKUP_DIR=${BACKUP_DIR_BASE}/${DATA_TIME} #备份的目录
NS_LIST=$(kubectl get ns|grep 'Active'|egrep -v 'ahas|ahas-sentinel-pilot|arms-pilot|arms-prom|edas-oam-system|kube-public|kube-node-lease|kube-system'|awk '{print $1}') # 指定需要备份的namespaces,也可以使用kubectl获取所有,按需
#NS_LIST="tools"
#CONFIG_TYPE="service deploy configmap secret job cronjob replicaset daemonset statefulset"
CONFIG_TYPE="svc deploy ingress cm secret statefulsets" # 指定namespaces下需要备份的资源类型,按需
CURRENT_DIR=$(cd $(dirname $0); pwd)
ingress_set="
del(
.metadata.uid,
.metadata.resourceVersion,
.metadata.creationTimestamp,
.metadata.generation,
.status
)
"
cm_set="
del(
.metadata.uid,
.metadata.annotations,
.metadata.resourceVersion,
.metadata.creationTimestamp
)
"
secret_set="
del(
.metadata.uid,
.metadata.annotations,
.metadata.resourceVersion,
.metadata.creationTimestamp
)
"
svc_set="
del(
.metadata.uid,
.metadata.resourceVersion,
.metadata.creationTimestamp,
.metadata.annotations,
.status,
.spec.clusterIP,
.spec.clusterIPs,
.spec.internalTrafficPolicy,
.spec.ipFamilies,
.spec.ipFamilyPolicy,
.spec.sessionAffinity
)
"
deploy_set="
del(
.metadata.uid,
.metadata.generation,
.metadata.resourceVersion,
.metadata.creationTimestamp,
.metadata.annotations,
.status,
.spec.progressDeadlineSeconds,
.spec.revisionHistoryLimit,
.spec.strategy,
.spec.template.metadata.annotations,
.spec.template.metadata.creationTimestamp
)
"
statefulset_set="
del(
.metadata.generation,
.metadata.uid,
.metadata.resourceVersion,
.metadata.creationTimestamp,
.spec.podManagementPolicy,
.spec.revisionHistoryLimit,
.spec.template.metadata.creationTimestamp,
.spec.template.metadata.annotations,
.spec.template.spec.restartPolicy,
.spec.template.spec.schedulerName,
.spec.template.spec.securityContext,
.spec.updateStrategy,
.status
)
"
function backup_k8s_to_yaml(){
for ns in ${NS_LIST};do
BACKUP_DIR_DATE=${CURRENT_BACKUP_DIR}/${ns} #备份目录,按namespace根据时间分别创建
mkdir -p ${BACKUP_DIR_DATE} && cd ${BACKUP_DIR_DATE} #创建备份目录
for type in ${CONFIG_TYPE};do
item_num=$(kubectl -n ${ns} get ${type} 2>/dev/null|wc -l) #过滤资源类型为空
if [ ${item_num} -lt 1 ];then continue;fi #包含NAME行,所以如果存在资源item_num不小于2
ITEM_LIST=$(kubectl -n ${ns} get ${type} | awk '{print $1}' | grep -v 'NAME')
for item in ${ITEM_LIST};do
file_name=${BACKUP_DIR_DATE}/${type}_${item}.yaml
case ${type} in
"cm")
set_info=${cm_set}
;;
"svc")
set_info=${svc_set}
;;
"secret")
set_info=${secret_set}
;;
"ingress")
set_info=${ingress_set}
;;
#kubectl -n ${ns} get ${type} ${item} -o=json | jq '. |${ingress_set}'|yq eval -P > ${file_name};;
"deploy")
set_info=${deploy_set}
;;
"statefulsets")
set_info=${statefulset_set}
;;
esac
kubectl -n ${ns} get ${type} ${item} -o=json | jq --args "${set_info}" '.|${set_info}'| yq eval -P > ${file_name}
[[ $? -ne 0 ]] && exit
done
done
done
}
function archive_and_upload(){
archive_file_name=k8s-backup-${DATA_TIME}.tar.gz
cd ${BACKUP_DIR_BASE} && tar -jcf ${archive_file_name} ${DATA_TIME} &> /dev/null
if [[ -s ${archive_file_name} ]];then
/usr/bin/python3 ${CURRENT_DIR}/oss_uoload.py k8s_backup/${archive_file_name} ${BACKUP_DIR_BASE}/${archive_file_name}
fi
}
function main(){
backup_k8s_to_yaml;
archive_and_upload;
}
main;
上传到OSS
#!/usr/bin/python3
# -*- coding: utf-8 -*-
import oss2
import os
import sys
oss_file_name=sys.argv[1]
local_file_name=sys.argv[2]
auth = oss2.Auth('LTAI5tKDLc6S2pkrcqyZHEh8', 'OJybPiQpyeS22tlKpmgaex1xxxxxx')
bucket = oss2.Bucket(auth, 'https://oss-cn-hangzhou.aliyuncs.com', 'mqops-backup')
bucket.put_object_from_file(filename=local_file_name,key=oss_file_name)
脚本生成的路径树如下
root@tsp-prod-ansible:~/script_dir# tree -L 3 /mnt
/mnt/
└── k8s-backup-restore
├── 2022-11-10-14-24-01
│ ├── bmp-prd
│ ├── change-battery-demo
│ ├── default
│ ├── mk1-prod
│ ├── mk1-website
"一劳永逸" 的话,有是有的,而 "一劳永逸" 的事却极少
