【镜像制作】制作k8s的yaml配置的备份镜像

文章目录

简介

通过shell脚本写一个定期备份k8syaml配置的镜像,然后通过cronjob来实现定期执行,将备份文件上传到ceph存储或者是存放到NAS存储上。

一.备份代码

通过kubectl导出yaml配置文件,然后进行压缩并上传到ceph存储。

bash 复制代码
#!/bin/bash

bucket="yt-k8s-yamlbak"
key_access="864XMJ0U9BDFBUI8OOxxxx"
key_secret="bNzAXe8DzGGshi23aKoykfYiy2XeFR1U2Oxxxxx"
host="192.168.12.158:8000" #endpoint

Root="/data/yaml"
clusterName="yt-k8s"
nameSpaces=$(kubectl get ns|grep -v "NAME"|awk '{print $1}'|xargs)
types="deploy service cronjob ing cm secret serviceAccount sts pvc hpa"

#判断是否存在bucket,不存在就创建bucket
scode=$(curl -o /dev/null --max-time 60 --connect-timeout 60 -w "%{http_code}" http://$host/$bucket/ --silent)
if [ $scode == "404" ];then
        acl="x-amz-acl:public-read"
        relativePath="/${bucket}"
        current=`TZ=GMT LANG=en_US date "+%a, %d %b %Y %H:%M:%S GMT"`
        stringToSign="PUT\n\n\n${current}\n${acl}\n${relativePath}"
        signature=`echo -en ${stringToSign} | openssl sha1 -hmac ${key_secret} -binary | base64`
        curl -A "CreateBucket" -s -v -X PUT --max-time 60 --connect-timeout 60 "http://${host}${relativePath}" -H "Authorization: AWS ${key_access}:${signature}" -H "Date: ${current}" -H "Host: ${host}" -H "${acl}"
        if [ $? -ne 0 ];then
                echo "`date +%Y-%m-%dT%H:%M:%S` bucket create fail"
        fi
        echo "`date +%Y-%m-%dT%H:%M:%S` bucket create ok"
fi

#循环命名空间,并将命名空间下的资源导出成yaml配置文件。
for ns in ${nameSpaces[@]}
do
        for tps in ${types[@]}
        do
                mkdir $Root/$clusterName/$ns/$tps -p
                for name in $(kubectl get $tps -n $ns|awk '{print $1}'|grep -v NAME)
                do
                        kubectl get $tps $name -n $ns -o yaml > $Root/$clusterName/$ns/$tps/${name}.yaml
                done
        done
done

#将导出的yaml文件进行压缩成zip文件,然后上传到ceph对象存储
dh=$(date +%Y%m%d%H%M%S)
cd $Root
zip -r ${dh}.zip $clusterName
rm -rf $Root/${clusterName}
dt=$(date +%Y/%m/%d)
BakRoot="/data/$clusterName/$dt"
relativePath="/${bucket}/$dt/${dh}.zip"
contentType="application/x-zip-compressed"
acl="x-amz-acl:public-read"
current=`TZ=GMT LANG=en_US date "+%a, %d %b %Y %H:%M:%S GMT"`
stringToSign="PUT\n\n${contentType}\n${current}\n${acl}\n${relativePath}"
signature=`echo -en ${stringToSign} | openssl sha1 -hmac ${key_secret} -binary | base64`
curl -A "UploadLog" -s -v --max-time 1800 --connect-timeout 60 -X PUT -T "$Root/${dh}.zip" -H "Host: ${host}" -H "Date: ${current}" -H "${acl}" -H "Content-Type: ${contentType}" -H "Authorization: AWS ${key_access}:${signature}" "http://${host}${relativePath}" -v >/tmp/t.log 2>&1
cat /tmp/t.log
cat /tmp/t.log|grep "HTTP/1.1 200 OK"
if [ $? -eq 0 ];then
        echo "`date +%Y-%m-%dT%H:%M:%S` upload $Root/${dh}.zip success"
        [ -d $BakRoot ] || mkdir -p $BakRoot
        mv -fv $Root/${dh}.zip $BakRoot/ 
else
        echo "`date +%Y-%m-%dT%H:%M:%S` upload $Root/${dh}.zip fail"
fi
rm -fv /tmp/t.log

二.dockerfile代码

需要将kubectl和config配置文件拷贝到root下。

bash 复制代码
# VERSION 1 - EDITION 1
# # # Author: wangbikang

FROM alpine:3.18 

MAINTAINER docker_user wangbikang@pconline.com.cn

COPY run.sh /data/
COPY kubectl /bin/
RUN mkdir -p /root/.kube
COPY config /root/.kube/
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
RUN apk add --no-cache curl coreutils  openssl zip bash

CMD ["/data/run.sh"]

三.cronjob配置

cronjob配置,每小时只想能够一次,然后将文件压缩备份一份到nas

yaml 复制代码
apiVersion: batch/v1
kind: CronJob
metadata:
  labels:
    app: yt-k8s-yamlbak 
  name: yt-k8s-yamlbak
  namespace: auto-public 
spec:
  schedule: "2 * * * *"
  suspend: false
  jobTemplate:
    spec:
      activeDeadlineSeconds: 3600
      backoffLimit: 1
      template:
        spec:
          containers:
          - name: task 
            image: pcgroup-registry-vpc.cn-shenzhen.cr.aliyuncs.com/public/k8s-yaml-backup:20240607154517 
            imagePullPolicy: IfNotPresent
            command: ["bash","/data/run.sh"]
            volumeMounts:
            - mountPath: /data/yt-k8s-yamlbak
              name: static-html
              readOnly: false
          restartPolicy: Never
          volumes:
            - name: static-html
              nfs:
                server: 2e347xxx-mfg89.cn-shenzhen.nas.aliyuncs.com
                path: /yt-k8s-yamlbak/
相关推荐
老司机张师傅21 分钟前
【微服务实战之Docker容器】第七章-Dockerfile解析
容器·dockerfile·虚悬镜像·docker学习
微信-since8119228 分钟前
[ruby on rails] 安装docker
后端·docker·ruby on rails
登云时刻1 小时前
Kubernetes集群外连接redis集群和使用redis-shake工具迁移数据(一)
redis·kubernetes·bootstrap
吴半杯2 小时前
gateway漏洞(CVE-2022-22947)
docker·kubernetes·gateway
今天我刷leetcode了吗2 小时前
docker 配置同宿主机共同网段的IP 同时通过通网段的另一个电脑实现远程连接docker
tcp/ip·docker·电脑
lwprain3 小时前
常用docker应用部署,wordpress、mysql、tomcat、nginx、redis
mysql·docker·tomcat
Code_Artist4 小时前
使用Portainer来管理并编排Docker容器
docker·云原生·容器
mengao12344 小时前
centos 服务器 docker 使用代理
服务器·docker·centos
Eternal-Student5 小时前
【docker 保存】将Docker镜像保存为一个离线的tar归档文件
运维·docker·容器
不是二师兄的八戒5 小时前
本地 PHP 和 Java 开发环境 Docker 化与配置开机自启
java·docker·php