k8s 业务备份 - 技术栈

#!/bin/bash

namespaces=("demo" "prd" "java-test" "infra")

types=("svc" "deployment" "cm")

backup_dir="/root/daocloud/backup-wan"

mkdir -p "${backup_dir}"

for namespace in "namespaces $@$ ";domkdir−p"{namespaces $@$ }"; do mkdir -p "namespaces $@$ ";domkdir−p"{backup_dir}/namespace"fortypein"{namespace}" for type in "namespace"fortypein"{types $@$ }"; do

for i in kubectl -n ${namespace} get ${type} | grep -v NAME | awk '{print $1}'; do

kubectl --namespace="namespace"get−o=json"{namespace}" get -o=json "namespace"get−o=json"{type}" "i"∣jq−−sort−keys ′del(.metadata.annotations."control−plane.alpha.kubernetes.io/leader",.metadata.annotations."deployment.kubernetes.io/revision",.metadata.annotations."kubectl.kubernetes.io/last−applied−configuration",.metadata.creationTimestamp,.metadata.generation,.metadata.resourceVersion,.metadata.selfLink,.metadata.uid,.spec.clusterIP,.status)′∣python−c′importsys,yaml,json;yaml.safedump(json.load(sys.stdin),sys.stdout,defaultflowstyle=False)′>"{i}" | jq --sort-keys \ 'del( .metadata.annotations."control-plane.alpha.kubernetes.io/leader", .metadata.annotations."deployment.kubernetes.io/revision", .metadata.annotations."kubectl.kubernetes.io/last-applied-configuration", .metadata.creationTimestamp, .metadata.generation, .metadata.resourceVersion, .metadata.selfLink, .metadata.uid, .spec.clusterIP, .status )' | python -c 'import sys, yaml, json; yaml.safe_dump(json.load(sys.stdin), sys.stdout, default_flow_style=False)' >"i"∣jq−−sort−keys ′del(.metadata.annotations."control−plane.alpha.kubernetes.io/leader",.metadata.annotations."deployment.kubernetes.io/revision",.metadata.annotations."kubectl.kubernetes.io/last−applied−configuration",.metadata.creationTimestamp,.metadata.generation,.metadata.resourceVersion,.metadata.selfLink,.metadata.uid,.spec.clusterIP,.status)′∣python−c′importsys,yaml,json;yaml.safedump(json.load(sys.stdin),sys.stdout,defaultflowstyle=False)′>"{backup_dir}/namespace/{namespace}/namespace/{i}.${type}.yaml"

done

#!/bin/bash

set -euo pipefail

白名单文件（只备份里面列的命名空间，避免备份 kube-system 等）

WHITELIST="/root/daocloud/namespaces-to-backup.txt"

backup_dir="/root/daocloud/backup"

mkdir -p "${backup_dir}"

要备份的资源类型

types=("deployment" "statefulset" "daemonset" "svc" "cm" "secret" "ingress" "pvc" "networkpolicy" "hpa")

从白名单获取命名空间

mapfile -t namespaces < "${WHITELIST}"

for namespace in "${namespaces $@$ }"; do

echo ">>> 备份命名空间: namespace"mkdir−p"{namespace}" mkdir -p "namespace"mkdir−p"{backup_dir}/namespace"fortypein"{namespace}" for type in "namespace"fortypein"{types $@$ }"; do

echo " - 资源类型: type"resources={type}" resources=type"resources=(kubectl -n "namespace"get"{namespace}" get "namespace"get"{type}" --no-headers -o custom-columns=":metadata.name" 2>/dev/null || true)

for r in ${resources}; do

echo " -> r"kubectl−n"{r}" kubectl -n "r"kubectl−n"{namespace}" get "type""{type}" "type""{r}" -o yaml

| yq eval 'del(

.metadata.annotations."deployment.kubernetes.io/revision",

.metadata.annotations."kubectl.kubernetes.io/last-applied-configuration",

.metadata.creationTimestamp,

.metadata.generation,

.metadata.resourceVersion,

.metadata.selfLink,

.metadata.uid,

.status

)' -

> "backupdir/{backup_dir}/backupdir/{namespace}/r.{r}.r.{type}.yaml"

done

图片

图片

application-system

baize-system

dao-2048

demo0228

dowl-system

drun

horikoshitest

k-cloudy

k-cloudy2

kdoctor

lanma-space

lantian

mcamel-system

openldap1

skoala-system

test-20250310

virtnest-system

w01-wx

xianyang1-ns

zhengguang-demo

dak

mcamel-system

gpu-operator

models

jobset-system

w02-wx

demo

hdic-test

proc

test

test-cjl

test-hb

test-hb2

#!/bin/bash

set -euo pipefail

backup_dir="/root/daocloud/backup"

WHITELIST="/root/daocloud/namespaces-to-backup.txt"

从白名单读取命名空间

mapfile -t namespaces < "${WHITELIST}"

定义恢复顺序：配置类 -> 存储类 -> 工作负载 -> 网络类 -> 其他

order=("cm" "secret" "pvc" "deployment" "statefulset" "daemonset" "svc" "ingress" "networkpolicy" "hpa")

apply_yaml() {

local file=$1

echo " -> 应用资源: (basename"(basename "(basename"{file}")"

if ! kubectl apply -f "${file}"; then

echo " !! 首次失败，稍后重试: file"echo"{file}" echo "file"echo"{file}" >> /tmp/restore-retry.list

}

for namespace in "${namespaces $@$ }"; do

echo ">>> 恢复命名空间: ${namespace}"

如果命名空间不存在则创建

if ! kubectl get ns "KaTeX parse error: Expected 'EOF', got '&' at position 27: ..." >/dev/null 2>&̲1; then kub...{namespace}"

echo " - 已创建命名空间 ${namespace}"

ns_dir="backupdir/{backup_dir}/backupdir/{namespace}"

if $\[ -d "KaTeX parse error: Expected 'EOF', got '#' at position 24: ..."$ ]; then #̲ 按顺序依次 apply ...{order $@$ }"; do

files=(ls"(ls "(ls"{ns_dir}"/*.${kind}.yaml 2>/dev/null || true)

for file in files;do $\[−f"files; do \[\[ -f "files;do\[\[−f"{file}"$ ] && apply_yaml "${file}"

done

else

echo " - 未找到备份目录: ${ns_dir}"

done

如果有失败的，重试一次

if $\[ -f /tmp/restore-retry.list$ ]; then

echo ">>> 开始重试 apply 失败的资源..."

while read -r file; do

echo " -> 重试: file"kubectlapply−f"{file}" kubectl apply -f "file"kubectlapply−f"{file}" || echo " !! 依然失败: ${file}"

done < /tmp/restore-retry.list

rm -f /tmp/restore-retry.list

echo ">>> 恢复完成 ✅"