From 4c6c714275f857e9c81582df67b8935eb166f255 Mon Sep 17 00:00:00 2001 From: gjmzj Date: Mon, 23 Jul 2018 16:59:44 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E9=9B=86=E7=BE=A4=E6=81=A2?= =?UTF-8?q?=E5=A4=8D=E5=8A=9F=E8=83=BD=E8=84=9A=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- 24.restore.yml | 76 +++++++++++++++++++++++++ roles/cluster-restore/defaults/main.yml | 2 + roles/cluster-restore/tasks/main.yml | 30 ++++++++++ 3 files changed, 108 insertions(+) create mode 100644 24.restore.yml create mode 100644 roles/cluster-restore/defaults/main.yml create mode 100644 roles/cluster-restore/tasks/main.yml diff --git a/24.restore.yml b/24.restore.yml new file mode 100644 index 0000000..c518902 --- /dev/null +++ b/24.restore.yml @@ -0,0 +1,76 @@ +# 集群从备份恢复的脚本,使用请参阅文档 docs/op/cluster_restore.md + +# 在deploy节点恢复CA相关证书 +- hosts: deploy + tasks: + - name: 恢复CA 文件夹 + file: name=/etc/kubernetes/ssl/ state=directory + + - name: 恢复CA 相关文件 + copy: + src: "{{ base_dir }}/roles/cluster-backup/files/ca/{{ item }}" + dest: "{{ ca_dir }}/{{ item }}" + with_items: + - ca.pem + - ca-key.pem + - ca.csr + - ca-csr.json + - ca-config.json + +- hosts: deploy + roles: + - deploy + +# 集群节点的公共配置任务 +- hosts: all + roles: + - prepare + +# [可选]多master部署时的负载均衡配置 +- hosts: lb + roles: + - lb + +# 创建etcd集群 +- hosts: etcd + roles: + - etcd + +# docker服务安装 +- hosts: + - kube-master + - kube-node + - new-master + - new-node + roles: + - docker + +- hosts: + - kube-master + - new-master + roles: + - kube-master + - kube-node + # 禁止业务 pod调度到 master节点 + tasks: + - name: 禁止业务 pod调度到 master节点 + shell: "{{ bin_dir }}/kubectl cordon {{ inventory_hostname }} " + when: DEPLOY_MODE != "allinone" + ignore_errors: true + + - name: 设置master节点role + shell: "{{ bin_dir }}/kubectl label node {{ inventory_hostname }} kubernetes.io/role=master --overwrite" + ignore_errors: true + +# node 节点部署 +- hosts: + - kube-node + - new-node + roles: + - kube-node + +# etcd 集群进行数据恢复 +- hosts: etcd + roles: + - cluster-restore + diff --git a/roles/cluster-restore/defaults/main.yml b/roles/cluster-restore/defaults/main.yml new file mode 100644 index 0000000..6fae495 --- /dev/null +++ b/roles/cluster-restore/defaults/main.yml @@ -0,0 +1,2 @@ +# 指定需要恢复的 etcd 数据备份,默认使用最近的一次备份 +db_to_restore: "snapshot.db" diff --git a/roles/cluster-restore/tasks/main.yml b/roles/cluster-restore/tasks/main.yml new file mode 100644 index 0000000..498f11d --- /dev/null +++ b/roles/cluster-restore/tasks/main.yml @@ -0,0 +1,30 @@ +- name: 停止ectd 服务 + service: name=etcd state=stopped + +- name: 清除etcd 数据目录 + file: name=/var/lib/etcd/member state=absent + +- name: 生成备份目录 + file: name=/backup/k8s state=directory + +- name: 准备指定的备份etcd 数据 + copy: + src: "{{ base_dir }}/roles/cluster-backup/files/snapshot/{{ db_to_restore }}" + dest: "/backup/k8s/snapshot.db" + +- name: 清理原备份出来数据 + file: name=/backup/k8s/{{ NODE_NAME }}.etcd state=absent + +- name: etcd 数据恢复 + shell: "cd /backup/k8s && \ + ETCDCTL_API=3 {{ bin_dir }}/etcdctl snapshot restore snapshot.db \ + --name {{ NODE_NAME }} \ + --initial-cluster {{ ETCD_NODES }} \ + --initial-cluster-token etcd-cluster-0 \ + --initial-advertise-peer-urls https://{{ inventory_hostname }}:2380" + +- name: 恢复数据至etcd 数据目录 + shell: "cp -rf /backup/k8s/{{ NODE_NAME }}.etcd/member /var/lib/etcd/" + +- name: 重启etcd 服务 + service: name=etcd state=restarted