kubeasz/tools/change_k8s_network.yml

116 lines
3.2 KiB
YAML
Raw Permalink Normal View History

2018-07-23 17:32:36 +08:00
# 重置k8s pod网络脚本使用请仔细阅读 docs/op/change_k8s_network.md
- hosts:
- kube-master
- kube-node
tasks:
- name: 获取所有已经创建的POD信息
command: "{{ bin_dir }}/kubectl get daemonset -n kube-system"
register: pod_info
2018-09-25 10:28:54 +08:00
delegate_to: "{{ groups.deploy[0] }}"
run_once: true
2018-09-25 10:28:54 +08:00
- name: 删除原network插件部署
shell: "{{ bin_dir }}/kubectl delete -f /opt/kube/kube-system/{{ item }}/"
with_items:
- calico
- cilium
- flannel
- kube-router
when: 'item in pod_info.stdout'
delegate_to: "{{ groups.deploy[0] }}"
run_once: true
ignore_errors: true
- name: 清理kube-router相关
shell: "{{ bin_dir }}/docker run --privileged --net=host cloudnativelabs/kube-router --cleanup-config"
ignore_errors: true
when: '"kube-router" in pod_info.stdout'
- name: 停止 kube-node 相关服务
service: name={{ item }} state=stopped
with_items:
- kubelet
- kube-proxy
ignore_errors: true
- name: 清理calico残留路由
shell: "for rt in `ip route|grep bird|sed 's/blackhole//'|awk '{print $1}'`;do ip route del $rt;done;"
when: '"calico" in pod_info.stdout'
ignore_errors: true
- name: 清理 kube-proxy产生的iptables规则
shell: "{{ bin_dir }}/kube-proxy --cleanup"
ignore_errors: true
- name: 清理目录和文件
file: name={{ item }} state=absent
with_items:
- "/etc/cni/"
- "/run/flannel/"
- "/etc/calico/"
- "/var/run/calico/"
2018-08-11 22:37:57 +08:00
- "/var/lib/calico/"
- "/var/log/calico/"
2018-08-11 22:37:57 +08:00
- "/etc/cilium/"
- "/var/run/cilium/"
- "/sys/fs/bpf/tc/"
- "/var/lib/cni/"
- "/var/lib/kube-router/"
- "/opt/kube/kube-system/"
- name: 清理网络
shell: "ip link del tunl0; \
ip link del flannel.1; \
ip link del cni0; \
ip link del mynet0; \
ip link del kube-bridge; \
ip link del dummy0; \
2018-08-11 22:37:57 +08:00
ip link del kube-ipvs0; \
ip link del cilium_net; \
ip link del cilium_vxlan; \
systemctl restart networking; \
systemctl restart network"
ignore_errors: true
- name: 开启 kube-node 相关服务
service: name={{ item }} state=started enabled=yes
with_items:
- kubelet
- kube-proxy
ignore_errors: true
- hosts:
- lb
tasks:
- name: 重启lb的keepalived服务
service: name=keepalived state=restarted
2018-08-11 22:37:57 +08:00
- name: 轮询等待apiserver服务恢复
command: "{{ bin_dir }}/kubectl get node"
register: result
until: result.rc == 0
retries: 5
delay: 6
delegate_to: "{{ groups.deploy[0] }}"
run_once: true
- hosts:
- kube-master
- kube-node
# 安装新的网络插件
roles:
- { role: calico, when: "CLUSTER_NETWORK == 'calico'" }
2018-08-05 16:12:32 +08:00
- { role: cilium, when: "CLUSTER_NETWORK == 'cilium'" }
- { role: flannel, when: "CLUSTER_NETWORK == 'flannel'" }
- { role: kube-router, when: "CLUSTER_NETWORK == 'kube-router'" }
- hosts: deploy
tasks:
# 删除所有运行pod由controller自动重建
- name: 重启所有pod
shell: "for NS in $({{ bin_dir }}/kubectl get ns|awk 'NR>1{print $1}'); \
do {{ bin_dir }}/kubectl delete pod --all -n $NS; done;"
ignore_errors: true
run_once: true