【镜像制作】制作k8s的yaml配置的备份镜像

文章目录

简介

通过shell脚本写一个定期备份k8syaml配置的镜像,然后通过cronjob来实现定期执行,将备份文件上传到ceph存储或者是存放到NAS存储上。

一.备份代码

通过kubectl导出yaml配置文件,然后进行压缩并上传到ceph存储。

bash 复制代码
#!/bin/bash

bucket="yt-k8s-yamlbak"
key_access="864XMJ0U9BDFBUI8OOxxxx"
key_secret="bNzAXe8DzGGshi23aKoykfYiy2XeFR1U2Oxxxxx"
host="192.168.12.158:8000" #endpoint

Root="/data/yaml"
clusterName="yt-k8s"
nameSpaces=$(kubectl get ns|grep -v "NAME"|awk '{print $1}'|xargs)
types="deploy service cronjob ing cm secret serviceAccount sts pvc hpa"

#判断是否存在bucket,不存在就创建bucket
scode=$(curl -o /dev/null --max-time 60 --connect-timeout 60 -w "%{http_code}" http://$host/$bucket/ --silent)
if [ $scode == "404" ];then
        acl="x-amz-acl:public-read"
        relativePath="/${bucket}"
        current=`TZ=GMT LANG=en_US date "+%a, %d %b %Y %H:%M:%S GMT"`
        stringToSign="PUT\n\n\n${current}\n${acl}\n${relativePath}"
        signature=`echo -en ${stringToSign} | openssl sha1 -hmac ${key_secret} -binary | base64`
        curl -A "CreateBucket" -s -v -X PUT --max-time 60 --connect-timeout 60 "http://${host}${relativePath}" -H "Authorization: AWS ${key_access}:${signature}" -H "Date: ${current}" -H "Host: ${host}" -H "${acl}"
        if [ $? -ne 0 ];then
                echo "`date +%Y-%m-%dT%H:%M:%S` bucket create fail"
        fi
        echo "`date +%Y-%m-%dT%H:%M:%S` bucket create ok"
fi

#循环命名空间,并将命名空间下的资源导出成yaml配置文件。
for ns in ${nameSpaces[@]}
do
        for tps in ${types[@]}
        do
                mkdir $Root/$clusterName/$ns/$tps -p
                for name in $(kubectl get $tps -n $ns|awk '{print $1}'|grep -v NAME)
                do
                        kubectl get $tps $name -n $ns -o yaml > $Root/$clusterName/$ns/$tps/${name}.yaml
                done
        done
done

#将导出的yaml文件进行压缩成zip文件,然后上传到ceph对象存储
dh=$(date +%Y%m%d%H%M%S)
cd $Root
zip -r ${dh}.zip $clusterName
rm -rf $Root/${clusterName}
dt=$(date +%Y/%m/%d)
BakRoot="/data/$clusterName/$dt"
relativePath="/${bucket}/$dt/${dh}.zip"
contentType="application/x-zip-compressed"
acl="x-amz-acl:public-read"
current=`TZ=GMT LANG=en_US date "+%a, %d %b %Y %H:%M:%S GMT"`
stringToSign="PUT\n\n${contentType}\n${current}\n${acl}\n${relativePath}"
signature=`echo -en ${stringToSign} | openssl sha1 -hmac ${key_secret} -binary | base64`
curl -A "UploadLog" -s -v --max-time 1800 --connect-timeout 60 -X PUT -T "$Root/${dh}.zip" -H "Host: ${host}" -H "Date: ${current}" -H "${acl}" -H "Content-Type: ${contentType}" -H "Authorization: AWS ${key_access}:${signature}" "http://${host}${relativePath}" -v >/tmp/t.log 2>&1
cat /tmp/t.log
cat /tmp/t.log|grep "HTTP/1.1 200 OK"
if [ $? -eq 0 ];then
        echo "`date +%Y-%m-%dT%H:%M:%S` upload $Root/${dh}.zip success"
        [ -d $BakRoot ] || mkdir -p $BakRoot
        mv -fv $Root/${dh}.zip $BakRoot/ 
else
        echo "`date +%Y-%m-%dT%H:%M:%S` upload $Root/${dh}.zip fail"
fi
rm -fv /tmp/t.log

二.dockerfile代码

需要将kubectl和config配置文件拷贝到root下。

bash 复制代码
# VERSION 1 - EDITION 1
# # # Author: wangbikang

FROM alpine:3.18 

MAINTAINER docker_user [email protected]

COPY run.sh /data/
COPY kubectl /bin/
RUN mkdir -p /root/.kube
COPY config /root/.kube/
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
RUN apk add --no-cache curl coreutils  openssl zip bash

CMD ["/data/run.sh"]

三.cronjob配置

cronjob配置,每小时只想能够一次,然后将文件压缩备份一份到nas

yaml 复制代码
apiVersion: batch/v1
kind: CronJob
metadata:
  labels:
    app: yt-k8s-yamlbak 
  name: yt-k8s-yamlbak
  namespace: auto-public 
spec:
  schedule: "2 * * * *"
  suspend: false
  jobTemplate:
    spec:
      activeDeadlineSeconds: 3600
      backoffLimit: 1
      template:
        spec:
          containers:
          - name: task 
            image: pcgroup-registry-vpc.cn-shenzhen.cr.aliyuncs.com/public/k8s-yaml-backup:20240607154517 
            imagePullPolicy: IfNotPresent
            command: ["bash","/data/run.sh"]
            volumeMounts:
            - mountPath: /data/yt-k8s-yamlbak
              name: static-html
              readOnly: false
          restartPolicy: Never
          volumes:
            - name: static-html
              nfs:
                server: 2e347xxx-mfg89.cn-shenzhen.nas.aliyuncs.com
                path: /yt-k8s-yamlbak/
相关推荐
诡异森林。37 分钟前
Docker--Docker网络原理
网络·docker·容器
ALex_zry1 小时前
Docker Macvlan网络配置实战:解决“network already exists“错误
网络·docker·php
IT小辉同学1 小时前
Docker如何更换镜像源提高拉取速度
spring cloud·docker·eureka
matrixlzp2 小时前
K8S Service 原理、案例
云原生·容器·kubernetes
GnixAij3 小时前
Docker SSH端口转发
docker·ssh
angushine3 小时前
让Docker端口映射受Firewall管理而非iptables
运维·docker·容器
玄明Hanko4 小时前
生产环境到底能用Docker部署MySQL吗?
后端·mysql·docker
玄明Hanko4 小时前
Quarkus+Docker最全面完整教程:手把手搞定Java云原生
后端·docker·云原生
SimonLiu0095 小时前
清理HiNas(海纳斯) Docker日志并限制日志大小
java·docker·容器
coder_copy6 小时前
IDEA 2024 使用总结,踩坑
docker·intellij-idea