随笔- 380 文章- 21 评论- 152 阅读- 149万

k8s集群yaml文件方式迁移

一、安装依赖工具

实际就是导出数据为json，通过jq删除一些不需要的字段，然后再通过yq转换为yaml格式(不安装直接使用json格式也可以安装，这里主要为例方便查看)，这么麻烦主要是不知道导出yaml文件时如何过滤一些不需要的字段，如果哪位知道可以指教一下。

[root@k8s-master test]# yum install jq -y  #解析json
[root@k8s-master ~]# wget https://github.com/mikefarah/yq/releases/download/v4.16.2/yq_linux_amd64 #将json转换为yaml  最新下载地址：https://github.com/mikefarah/yq/releases
[root@k8s-master ~]# chmod +x yq_linux_amd64
[root@k8s-master ~]# mv yq_linux_amd64 /usr/bin/yq
[root@k8s-master ~]# yq --version
yq (https://github.com/mikefarah/yq/) version 4.16.2

二、创建脚本　　

V1.13

#!/bin/bash
 
DATA_TIME=`date +%Y%m%d%H%M%S`  #每次创建根据时间创建
BACKUP_DIR=/tmp/k8s-backup-restore  #备份的目录
 
NS_LIST='change-battery-demo nginx-ingress-port tools tsp'  # 指定需要备份的namespaces，也可以使用kubectl获取所有，按需
#CONFIG_TYPE="service deploy configmap secret job cronjob replicaset daemonset statefulset"
CONFIG_TYPE="service deploy ingress"  # 指定namespaces下需要备份的资源类型，按需
 
for ns in ${NS_LIST};do
  BACKUP_DIR_DATE=${BACKUP_DIR}/${ns}/${DATA_TIME}  #备份目录，按namespace根据时间分别创建
  mkdir -p ${BACKUP_DIR_DATE} && cd ${BACKUP_DIR_DATE}  #创建备份目录 
  for type in ${CONFIG_TYPE};do
    item_num=$(kubectl -n ${ns} get ${type} 2>/dev/null|wc -l)  #过滤资源类型为空
    if [ ${item_num} -lt 1 ];then continue;fi #包含NAME行，所以如果存在资源item_num不小于2
    ITEM_LIST=$(kubectl -n ${ns} get ${type} | awk '{print $1}' | grep -v 'NAME') 
    for item in ${ITEM_LIST};do
       file_name=${BACKUP_DIR_DATE}/${type}_${item}.yaml  
       kubectl -n ${ns} get ${type} ${item} -o=json | jq '. | 
    del(
        .spec.clusterIP,
        .metadata.uid,
        .metadata.selfLink,
        .metadata.resourceVersion,
        .metadata.creationTimestamp,
        .metadata.generation,
        .metadata.annotations,
        .spec.cephfs,
        .spec.volumeName,
        .status,
        .spec.template.metadata.creationTimestamp,
        .spec.template.spec.securityContext,
        .spec.template.spec.dnsPolicy,
        .spec.template.spec.terminationGracePeriodSeconds,
        .spec.template.spec.restartPolicy
    )'|yq eval -P > ${file_name}  #del中是要删除的字段
 
    done  
  done
done

V1.22

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

#!/bin/bash
  
DATA_TIME=`date +%Y-%m-%d-%H-%M-%S`  #每次创建根据时间创建
BACKUP_DIR_BASE=/mnt/k8s-backup-restore  #备份的目录
CURRENT_BACKUP_DIR=${BACKUP_DIR_BASE}/${DATA_TIME}  #备份的目录
  
NS_LIST=$(kubectl get ns|grep 'Active'|egrep -v 'ahas|ahas-sentinel-pilot|arms-pilot|arms-prom|edas-oam-system|kube-public|kube-node-lease|kube-system'|awk '{print $1}')  # 指定需要备份的namespaces，也可以使用kubectl获取所有，按需
#NS_LIST="tools"
#CONFIG_TYPE="service deploy configmap secret job cronjob replicaset daemonset statefulset"
CONFIG_TYPE="svc deploy ingress cm secret statefulsets"   # 指定namespaces下需要备份的资源类型，按需
CURRENT_DIR=$(cd $(dirname $0); pwd)
 
 
ingress_set="
    del(
        .metadata.uid,
        .metadata.resourceVersion,
        .metadata.creationTimestamp,
        .metadata.generation,
        .status
    )
"
 
cm_set="
    del(
        .metadata.uid,
        .metadata.annotations,
        .metadata.resourceVersion,
        .metadata.creationTimestamp
    )
"
secret_set="
    del(
        .metadata.uid,
        .metadata.annotations,
        .metadata.resourceVersion,
        .metadata.creationTimestamp
    )
"
svc_set="
    del(
        .metadata.uid,
        .metadata.resourceVersion,
        .metadata.creationTimestamp,
        .metadata.annotations,
        .status,
        .spec.clusterIP,
        .spec.clusterIPs,
        .spec.internalTrafficPolicy,
        .spec.ipFamilies,
        .spec.ipFamilyPolicy,
        .spec.sessionAffinity
    )
"
 
deploy_set="
    del(
        .metadata.uid,
        .metadata.generation,
        .metadata.resourceVersion,
        .metadata.creationTimestamp,
        .metadata.annotations,
        .status,
        .spec.progressDeadlineSeconds,
        .spec.revisionHistoryLimit,
        .spec.strategy,
        .spec.template.metadata.annotations,
        .spec.template.metadata.creationTimestamp
    )
"
statefulset_set="
    del(
        .metadata.generation,
        .metadata.uid,
        .metadata.resourceVersion,
        .metadata.creationTimestamp,
        .spec.podManagementPolicy,
        .spec.revisionHistoryLimit,
        .spec.template.metadata.creationTimestamp,
        .spec.template.metadata.annotations,
        .spec.template.spec.restartPolicy,
        .spec.template.spec.schedulerName,
        .spec.template.spec.securityContext,
        .spec.updateStrategy,
        .status
    )
"
 
function backup_k8s_to_yaml(){ 
for ns in ${NS_LIST};do
  BACKUP_DIR_DATE=${CURRENT_BACKUP_DIR}/${ns}  #备份目录，按namespace根据时间分别创建
  mkdir -p ${BACKUP_DIR_DATE} && cd ${BACKUP_DIR_DATE}  #创建备份目录
  for type in ${CONFIG_TYPE};do
    item_num=$(kubectl -n ${ns} get ${type} 2>/dev/null|wc -l)  #过滤资源类型为空
    if [ ${item_num} -lt 1 ];then continue;fi #包含NAME行，所以如果存在资源item_num不小于2
    ITEM_LIST=$(kubectl -n ${ns} get ${type} | awk '{print $1}' | grep -v 'NAME')
    for item in ${ITEM_LIST};do
       file_name=${BACKUP_DIR_DATE}/${type}_${item}.yaml 
       case ${type} in
         "cm")
             set_info=${cm_set}
             ;;
         "svc")
             set_info=${svc_set}
             ;;
         "secret")
             set_info=${secret_set}
             ;;
         "ingress")
         set_info=${ingress_set}
             ;;
           #kubectl -n ${ns} get ${type} ${item} -o=json | jq '. |${ingress_set}'|yq eval -P > ${file_name};;
         "deploy")
            set_info=${deploy_set}
            ;;
         "statefulsets")
            set_info=${statefulset_set}
            ;;
      esac
       kubectl -n ${ns} get ${type} ${item} -o=json | jq --args "${set_info}" '.|${set_info}'| yq eval -P > ${file_name}
       [[ $? -ne 0 ]] && exit
    done 
  done
done
}
 
 
function archive_and_upload(){
 
archive_file_name=k8s-backup-${DATA_TIME}.tar.gz
cd ${BACKUP_DIR_BASE} && tar  -jcf ${archive_file_name}  ${DATA_TIME} &> /dev/null
if [[ -s ${archive_file_name} ]];then
   /usr/bin/python3 ${CURRENT_DIR}/oss_uoload.py  k8s_backup/${archive_file_name}  ${BACKUP_DIR_BASE}/${archive_file_name}
fi
}
 
 
function main(){
  backup_k8s_to_yaml;
  archive_and_upload;
}
 
main;

上传到OSS

#!/usr/bin/python3
# -*- coding: utf-8 -*-
import oss2
import os
import sys
oss_file_name=sys.argv[1]
local_file_name=sys.argv[2]
auth = oss2.Auth('LTAI5tKDLc6S2pkrcqyZHEh8', 'OJybPiQpyeS22tlKpmgaex1xxxxxx')
bucket = oss2.Bucket(auth, 'https://oss-cn-hangzhou.aliyuncs.com', 'mqops-backup')
 
bucket.put_object_from_file(filename=local_file_name,key=oss_file_name)

脚本生成的路径树如下

root@tsp-prod-ansible:~/script_dir# tree -L 3  /mnt
/mnt/
└── k8s-backup-restore
    ├── 2022-11-10-14-24-01
    │   ├── bmp-prd
    │   ├── change-battery-demo
    │   ├── default
    │   ├── mk1-prod
    │   ├── mk1-website