From 77cafaf0a1b9c305bfae6e86d32e08b51979c5aa Mon Sep 17 00:00:00 2001 From: zeaslity Date: Wed, 5 Mar 2025 17:34:09 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E4=BB=A3=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .vscode/settings.json | 6 + 20-吉林移动/nginx-ssl-20250304.conf | 69 +++++++ 34-202408-重庆二级平台/端口转发-202502.sh | 8 + .../cluster-20250221-security.yml | 178 ++++++++++++++++++ 53-202501-江西扩容/环境信息记录.txt | 10 + 54-202501-深圳规自-ARM/信息备份.tx | 5 + .../OctopusAgent运行/bastion模式运行基础环境.sh | 36 ---- .../a-AgentWdd-基础依赖.ps1} | 0 .../啊-Agent-WDD运行/a-AgentWdd-基础依赖.sh | 26 +++ .../octopus-agent-run.sh | 0 .../z-同步资料-废弃.sh} | 0 998-常用脚本/啊-Agent-WDD运行/啊-批量命令.sh | 59 ++++++ 998-常用脚本/备份脚本/关停全部的服务.sh | 21 +++ 998-常用脚本/备份脚本/备份命名空间.sh | 8 +- .../故障恢复脚本/重启cmii的前端后端Pod.sh | 5 +- 998-常用脚本/部署脚本/编辑calico状态.sh | 2 +- 999-部署模板/rke更新问题解决.txt | 24 +++ 17 files changed, 414 insertions(+), 43 deletions(-) create mode 100644 .vscode/settings.json create mode 100644 20-吉林移动/nginx-ssl-20250304.conf create mode 100644 34-202408-重庆二级平台/端口转发-202502.sh create mode 100644 47-202412-甘肃移动/cluster-20250221-security.yml create mode 100644 53-202501-江西扩容/环境信息记录.txt delete mode 100644 998-常用脚本/OctopusAgent运行/bastion模式运行基础环境.sh rename 998-常用脚本/{OctopusAgent运行/bastion运行基础依赖文件.ps1 => 啊-Agent-WDD运行/a-AgentWdd-基础依赖.ps1} (100%) create mode 100644 998-常用脚本/啊-Agent-WDD运行/a-AgentWdd-基础依赖.sh rename 998-常用脚本/{OctopusAgent运行 => 啊-Agent-WDD运行}/octopus-agent-run.sh (100%) rename 998-常用脚本/{OctopusAgent运行/同步资料.sh => 啊-Agent-WDD运行/z-同步资料-废弃.sh} (100%) create mode 100644 998-常用脚本/啊-Agent-WDD运行/啊-批量命令.sh create mode 100644 998-常用脚本/备份脚本/关停全部的服务.sh create mode 100644 999-部署模板/rke更新问题解决.txt diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..4bfc5b3 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,6 @@ +{ + "marscode.codeCompletionPro": { + "enableCodeCompletionPro": true + }, + "marscode.enableInlineCommand": true +} \ No newline at end of file diff --git a/20-吉林移动/nginx-ssl-20250304.conf b/20-吉林移动/nginx-ssl-20250304.conf new file mode 100644 index 0000000..1dd3545 --- /dev/null +++ b/20-吉林移动/nginx-ssl-20250304.conf @@ -0,0 +1,69 @@ +server { + listen 8888; + + server_name lingyun.jlsxwkj.com; + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_prefer_server_ciphers on; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + + ssl_certificate /etc/nginx/conf.d/ssl.d/jlsxwkj.com.pem; + ssl_certificate_key /etc/nginx/conf.d/ssl.d/jlsxwkj.com.key; + + location / { + proxy_pass http://localhost:30500; + client_max_body_size 5120m; + client_body_buffer_size 5120m; + client_body_timeout 6000s; + proxy_send_timeout 10000s; + proxy_read_timeout 10000s; + proxy_connect_timeout 600s; + proxy_max_temp_file_size 5120m; + proxy_request_buffering on; + proxy_buffering off; + proxy_buffer_size 4k; + proxy_buffers 4 12k; + proxy_set_header Host fake-domain.jlyd.io; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /sense/ { + proxy_pass http://localhost:8888/api/adapter/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + rewrite ^/sense/(.*)$ /api/adapter/$1 break; + } + + location /_AMapService/v4/map/styles { + set $args "$args&jscode=cf66cea95bdcdfcf8048456b36f357a1"; + #proxy_pass https://webapi.amap.com/v4/ap/styles; + } + + location /_AMapService/ { + set $args "$args&jscode=cf66cea95bdcdfcf8048456b36f357a1"; + #proxy_pass https://restapi.amap.com/; + } + + location /rtc/v1/ { + add_header Access-Control-Allow-Headers X-Requested-With; + add_header Access-Control-Allow-Methods GET,POST,OPTIONS; + proxy_pass http://127.0.0.1:30985/rtc/v1/; + } + location /live/ { + add_header Access-Control-Allow-Headers X-Requested-With; + add_header Access-Control-Allow-Methods GET,POST,OPTIONS; + proxy_pass http://127.0.0.1:30558/live/; + } + + location ~ ^/\w*/actuator/ { + return 403; + } +} \ No newline at end of file diff --git a/34-202408-重庆二级平台/端口转发-202502.sh b/34-202408-重庆二级平台/端口转发-202502.sh new file mode 100644 index 0000000..735ec3e --- /dev/null +++ b/34-202408-重庆二级平台/端口转发-202502.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +cd /root/wdd/ + +echo ""> nohup.out + + +nohup ./port_forward_linux_amd64 tcp listen:192.168.9.11:6006 conn:120.26.107.230:6006 & nohup ./port_forward_linux_amd64 tcp listen:192.168.9.11:6005 conn:120.26.107.230:6005 \ No newline at end of file diff --git a/47-202412-甘肃移动/cluster-20250221-security.yml b/47-202412-甘肃移动/cluster-20250221-security.yml new file mode 100644 index 0000000..8e5c7bc --- /dev/null +++ b/47-202412-甘肃移动/cluster-20250221-security.yml @@ -0,0 +1,178 @@ +nodes: +#masternode配置 + - address: 10.215.66.85 + user: rke-installer + role: + - controlplane + - etcd + - worker + internal_address: 10.215.66.85 + labels: + ingress-deploy: true + #worker-1到worker-5加入集群 + - address: 10.215.66.86 + user: rke-installer + role: + - worker + internal_address: 10.215.66.86 + - address: 10.215.66.87 + user: rke-installer + role: + - worker + internal_address: 10.215.66.87 + - address: 10.215.66.88 + user: rke-installer + role: + - worker + internal_address: 10.215.66.88 + - address: 10.215.66.90 + user: rke-installer + role: + - worker + internal_address: 10.215.66.90 + #worker-5资源低,用于跑mysql + - address: 10.215.66.91 + user: rke-installer + role: + - worker + internal_address: 10.215.66.91 + labels: + mysql-deploy: true + + +# 默认值为false,如果设置为true,当发现不支持的Docker版本时,RKE不会报错 +ignore_docker_version: true + +# Set the name of the Kubernetes cluster +cluster_name: rke-cluster + +#kubernetes_version: v1.18.16-rancher1-1 +kubernetes_version: v1.20.4-rancher1-1 + +ssh_key_path: /home/rke-installer/.ssh/id_rsa + +services: + etcd: + backup_config: + enabled: false + interval_hours: 72 + retention: 3 + safe_timestamp: false + timeout: 300 + creation: 12h + extra_args: + election-timeout: 5000 + heartbeat-interval: 500 + cipher-suites: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA + gid: 0 + retention: 72h + snapshot: false + uid: 0 + + kube-api: + # IP range for any services created on Kubernetes + # This must match the service_cluster_ip_range in kube-controller + service_cluster_ip_range: 10.74.0.0/16 + # Expose a different port range for NodePort services + service_node_port_range: 30000-40000 + always_pull_images: true + pod_security_policy: false + # Add additional arguments to the kubernetes API server + # This WILL OVERRIDE any existing defaults + extra_args: + # Enable audit log to stdout + audit-log-path: "-" + # Increase number of delete workers + delete-collection-workers: 3 + # Set the level of log output to debug-level + v: 1 + kube-controller: + # CIDR pool used to assign IP addresses to pods in the cluster + cluster_cidr: 10.100.0.0/16 + # IP range for any services created on Kubernetes + # This must match the service_cluster_ip_range in kube-api + service_cluster_ip_range: 10.74.0.0/16 + kubelet: + # Base domain for the cluster + cluster_domain: cluster.local + # IP address for the DNS service endpoint + cluster_dns_server: 10.74.0.10 + # Fail if swap is on + fail_swap_on: true + # Set max pods to 250 instead of default 110 + extra_args: + max-pods: 122 + # Optionally define additional volume binds to a service + scheduler: + extra_args: + # Set the level of log output to warning-level + v: 0 + tls-cipher-suites: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA + + +authentication: + strategy: x509 + sans: + - "10.215.66.85" + +authorization: + mode: rbac + +addon_job_timeout: 30 + +# Specify network plugin-in (canal, calico, flannel, weave, or none) +network: + mtu: 1440 + options: + flannel_backend_type: vxlan + plugin: calico + #add by zxc@241129 + # calico_network_provider: + # ipip: + # mode: cross-subnet + # interface: ens160 + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationseconds: 300 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationseconds: 300 + +# Specify DNS provider (coredns or kube-dns) +dns: + provider: coredns + nodelocal: {} + tolerations: + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationseconds: 300 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationseconds: 300 + +ingress: + provider: nginx + default_backend: true + http_port: 0 + https_port: 0 + extra_envs: + - name: TZ + value: Asia/Shanghai + node_selector: + ingress-deploy: true + options: + use-forwarded-headers: "true" + +private_registries: + - url: 10.215.66.85:8033 # 私有镜像库地址 + user: admin + password: "Test@2" + is_default: true +#注:nodes:ip改为master及worker的ip +#authentication:ip改为master的ip +#private_registries:ip改为master的ip diff --git a/53-202501-江西扩容/环境信息记录.txt b/53-202501-江西扩容/环境信息记录.txt new file mode 100644 index 0000000..4d05e04 --- /dev/null +++ b/53-202501-江西扩容/环境信息记录.txt @@ -0,0 +1,10 @@ + + +https://36.138.132.240:30554/ +eyJhbGciOiJSUzI1NiIsImtpZCI6IjlPX3VXRndkOEVvbHg1OF9pVmlBbmlYUXEzdmEybW9KQ2s0dVl0ZmRxZXMifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWRucXc5Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJkYmY2MzM5Ni00MTA5LTQ5MGEtOWE2MS02ZmQ0YTA1NWNkNDQiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.Ksh_Cd_C_f5IjKA2ZWv9u4JVkHlxM-PhfEdtt6g2NC87SMsidKkkQ3uSaj4Egnf0dOuRZIsVj67fVrarnsTl5Hy2N8zrgXP1o53YsauALBsqO_ShmdYMHYgFvJ5U_3Ig54tRm2nLsDpeai-6gEcoVvmuMm8GneiGiiLJI4BN2n9hbLrwKE5BG6L3TIUd_baGD0Oy0y-BY4JZ6Lboc3J7fNKgUrcsBc0q5mw_XtW61gInnnPuhlQ2No4PLgKMZK0yq-9j8lfAE9RtfMqvllIyzjZ0LwlRwD1cHwaVeY-sydl4mGNamGx9YnfpnxeIi5_U67uNIXW893UzH6yRyTqdKw + +http://36.138.132.240:38989/ +admin +nYcRN91r._hj + +RabbitMQ的界面 \ No newline at end of file diff --git a/54-202501-深圳规自-ARM/信息备份.tx b/54-202501-深圳规自-ARM/信息备份.tx index 3e56b89..7084b16 100644 --- a/54-202501-深圳规自-ARM/信息备份.tx +++ b/54-202501-深圳规自-ARM/信息备份.tx @@ -2,6 +2,11 @@ https://172.31.2.7:39999 eyJhbGciOiJSUzI1NiIsImtpZCI6IkQ2SExTeWxObkxTMllFQ0Z5ZTMwakpaS01FbHFnSzc5RWY0cVJVVXNfOGcifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWxrNjRnIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJkZmM1YWE4NC05NWRlLTRjOTUtYmVmNi1jOWNlYjdjMzc3ZjQiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.JOyeNRJHdOMeP1PRfi6x0LMfu6XiuSEIXTVRF0T2xNzv9thdEzjbFZA9j6GI4fWyKZb4IO0xABzjVbkYRW_KIUSosDT0QzngqIq6L1O3gGBgzDKlGpBNFvrbxZgwxcJir_piSP23uvOlMSW9uv4GMLEZixcwNmy_zVVwPbEtrBLSGWwZK9nfa2tYpWesUO70OdWXdP7lW6MRN4i_8RD37-85RY_YD_pYAYGiJtf9cIW6ao630a9RO7nuCDdUuNa9REjYUQqt9ksS_PL277k27e1UBV0yBxKYMxpwhqD4QshfXBMHw56K5F9syGdP7NosBmFmtcHCblEb5nNTHzatJw +http://172.31.2.7:8088/pangu/ + +szgzadmin +Szgz_admin.123 + journalctl -u nfs-server -n 100 -f journalctl -u nfs-idmapd.service -n 100 -f diff --git a/998-常用脚本/OctopusAgent运行/bastion模式运行基础环境.sh b/998-常用脚本/OctopusAgent运行/bastion模式运行基础环境.sh deleted file mode 100644 index 1103095..0000000 --- a/998-常用脚本/OctopusAgent运行/bastion模式运行基础环境.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash - -# 下载agent -wget http://42.192.52.227:9000/octopus/octopus-agent_linux_amd64 -mv ./octopus-agent_linux_amd64 /usr/local/bin/octopus-agent -chmod +x /usr/local/bin/octopus-agent - - -# 下载依赖文件 -mkdir /root/wdd/ -cd /root/wdd - -export oss_url_prefix=https://oss.demo.uavcmlc.com/cmlc-installation/downloadfile/amd -# export oss_url_prefix=http://42.192.52.227:9000/octopus - -wget ${oss_url_prefix}/docker-amd64-20.10.15.tgz -wget ${oss_url_prefix}/docker-compose-linux-x86_64-v2.18.0 - -wget ${oss_url_prefix/harbor-offline-installer-v2.9.0.tgz -wget ${oss_url_prefix}/rke_linux-amd64 - -wget ${oss_url_prefix}/mysql-8.0.27-linux-glibc2.17-x86_64-minimal.zip - - - -mc.exe get uav-demo/cmlc-installation/downloadfile/amd/docker-amd64-20.10.15.tgz "D:\CmiiDeployOffline\" -mc.exe get uav-demo/cmlc-installation/downloadfile/amd/docker-compose-linux-x86_64-v2.18.0 "D:\CmiiDeployOffline\" - - -mv /root/octopus-agent_linux_amd64 /usr/local/bin/octopus-agent -chmod +x /usr/local/bin/octopus-agent - -printf 'help\n' | octopus-agent --mode=bastion - -file_list=(docker-amd64-20.10.15.tgz harbor-offline-installer-v2.9.0 docker-compose-linux-x86_64-v2.18.0) - diff --git a/998-常用脚本/OctopusAgent运行/bastion运行基础依赖文件.ps1 b/998-常用脚本/啊-Agent-WDD运行/a-AgentWdd-基础依赖.ps1 similarity index 100% rename from 998-常用脚本/OctopusAgent运行/bastion运行基础依赖文件.ps1 rename to 998-常用脚本/啊-Agent-WDD运行/a-AgentWdd-基础依赖.ps1 diff --git a/998-常用脚本/啊-Agent-WDD运行/a-AgentWdd-基础依赖.sh b/998-常用脚本/啊-Agent-WDD运行/a-AgentWdd-基础依赖.sh new file mode 100644 index 0000000..5c7029b --- /dev/null +++ b/998-常用脚本/啊-Agent-WDD运行/a-AgentWdd-基础依赖.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +# 下载agent +rm -f /usr/local/bin/agent-wdd +rm -f /usr/local/bin/test-shell.sh + +wget https://pan.107421.xyz/d/oracle-seoul-2/agent-wdd_linux_amd64 -qO /usr/local/bin/agent-wdd + +chmod +x /usr/local/bin/agent-wdd + + +# 下载依赖文件 +mkdir /root/wdd/ +cd /root/wdd + +export oss_url_prefix=https://oss.demo.uavcmlc.com/cmlc-installation/downloadfile/amd +# export oss_url_prefix=http://42.192.52.227:9000/octopus + +wget ${oss_url_prefix}/docker-amd64-20.10.15.tgz +wget ${oss_url_prefix}/docker-compose-linux-x86_64-v2.18.0 + +wget ${oss_url_prefix/harbor-offline-installer-v2.9.0.tgz +wget ${oss_url_prefix}/rke_linux-amd64 +wget ${oss_url_prefix}/kubectl-1.20.4-amd64 + + diff --git a/998-常用脚本/OctopusAgent运行/octopus-agent-run.sh b/998-常用脚本/啊-Agent-WDD运行/octopus-agent-run.sh similarity index 100% rename from 998-常用脚本/OctopusAgent运行/octopus-agent-run.sh rename to 998-常用脚本/啊-Agent-WDD运行/octopus-agent-run.sh diff --git a/998-常用脚本/OctopusAgent运行/同步资料.sh b/998-常用脚本/啊-Agent-WDD运行/z-同步资料-废弃.sh similarity index 100% rename from 998-常用脚本/OctopusAgent运行/同步资料.sh rename to 998-常用脚本/啊-Agent-WDD运行/z-同步资料-废弃.sh diff --git a/998-常用脚本/啊-Agent-WDD运行/啊-批量命令.sh b/998-常用脚本/啊-Agent-WDD运行/啊-批量命令.sh new file mode 100644 index 0000000..059ac39 --- /dev/null +++ b/998-常用脚本/啊-Agent-WDD运行/啊-批量命令.sh @@ -0,0 +1,59 @@ +#!/bin/bash + + +# 获取环境信息 +/usr/local/bin/agent-wdd info all +cat /usr/local/etc/wdd/agent-wdd-config.yaml + +# 手动执行全部的命令 +/usr/local/bin/agent-wdd base ssh key +/usr/local/bin/agent-wdd base ssh config + +/usr/local/bin/agent-wdd base tools +/usr/local/bin/agent-wdd base swap +/usr/local/bin/agent-wdd base firewall +/usr/local/bin/agent-wdd base selinux +/usr/local/bin/agent-wdd base sysconfig + + +/usr/local/bin/agent-wdd base docker local +/usr/local/bin/agent-wdd base dockercompose local + +# 仅在主节点执行 +/usr/local/bin/agent-wdd base docker config + + +# 批量执行命令 + +host_list=( + 172.16.100.50 + 172.16.100.51 + 172.16.100.52 + 172.16.100.53 + 172.16.100.54 + 172.16.100.56 + 172.16.100.57 + 172.16.100.58 + 172.16.100.59 + 172.16.100.60 + 172.16.100.61 +) +for server in "${host_list[@]}";do + echo "current ip is $server" + # ssh root@${server} "echo yes" + + scp /usr/local/bin/agent-wdd root@${server}:/usr/local/bin/agent-wdd + ssh root@${server} "/usr/local/bin/agent-wdd base ssh config" + ssh root@${server} "/usr/local/bin/agent-wdd base ssh key" +done + +# 复制 同步文件 + +scp /usr/local/bin/agent-wdd root@${server}:/usr/local/bin/agent-wdd +ssh root@${server} "/usr/local/bin/agent-wdd base ssh config" +ssh root@${server} "/usr/local/bin/agent-wdd base ssh key" + +ssh root@${server} "mkdir /root/wdd" +scp /root/wdd/docker-amd64-20.10.15.tgz root@${server}:/root/wdd/docker-amd64-20.10.15.tgz +scp /root/wdd/docker-compose-linux-x86_64-v2.18.0 root@${server}:/root/wdd/ + diff --git a/998-常用脚本/备份脚本/关停全部的服务.sh b/998-常用脚本/备份脚本/关停全部的服务.sh new file mode 100644 index 0000000..9158074 --- /dev/null +++ b/998-常用脚本/备份脚本/关停全部的服务.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +namespace=jxyd + +# 优雅地处理Deployment缩容 +scale_deployments() { + + echo "Scaling Deployments in namespace: $namespace" + kubectl get deployments -n "$namespace" -o name | + xargs -I {} kubectl scale --replicas=0 -n "$namespace" {} +} + +# 高效处理StatefulSet缩容 +scale_statefulsets() { + echo "Scaling StatefulSets in namespace: $namespace" + kubectl get statefulsets -n "$namespace" -o name | + xargs -I {} kubectl scale --replicas=0 -n "$namespace" {} +} + +scale_deployments +scale_statefulsets diff --git a/998-常用脚本/备份脚本/备份命名空间.sh b/998-常用脚本/备份脚本/备份命名空间.sh index d3c6301..bec5c6d 100644 --- a/998-常用脚本/备份脚本/备份命名空间.sh +++ b/998-常用脚本/备份脚本/备份命名空间.sh @@ -1,6 +1,6 @@ #!/bin/bash -namespace=jxyd +namespace=jlyd install_yq() { wget https://oss.demo.uavcmlc.com/cmlc-installation/downloadfile/amd/yq_linux_amd64 -O /usr/local/bin/yq @@ -44,9 +44,9 @@ backup_all_stateful_sets() { } install_yq -backup_all_deployment -backup_all_service -backup_all_stateful_sets +# backup_all_deployment +# backup_all_service +# backup_all_stateful_sets backup_all_configmap # https://github.com/mikefarah/yq/releases/download/v4.44.1/yq_linux_amd64 diff --git a/998-常用脚本/故障恢复脚本/重启cmii的前端后端Pod.sh b/998-常用脚本/故障恢复脚本/重启cmii的前端后端Pod.sh index eca6bfc..530dbb0 100644 --- a/998-常用脚本/故障恢复脚本/重启cmii的前端后端Pod.sh +++ b/998-常用脚本/故障恢复脚本/重启cmii的前端后端Pod.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash -name_space=uavcloud-demo +name_space=jlyd delete_all_fronted_cmii_pod(){ @@ -26,4 +26,5 @@ delete_all_backend_cmii_pod(){ done } -delete_all_backend_cmii_pod \ No newline at end of file +delete_all_backend_cmii_pod +delete_all_fronted_cmii_pod \ No newline at end of file diff --git a/998-常用脚本/部署脚本/编辑calico状态.sh b/998-常用脚本/部署脚本/编辑calico状态.sh index bc29458..8bc35e4 100644 --- a/998-常用脚本/部署脚本/编辑calico状态.sh +++ b/998-常用脚本/部署脚本/编辑calico状态.sh @@ -8,7 +8,7 @@ env: value: "eth0" # 更加保险 -kubectl set env daemonset/calico-node -n kube-system IP_AUTODETECTION_METHOD=interface=ens3 +kubectl set env daemonset/calico-node -n kube-system IP_AUTODETECTION_METHOD=interface=ens160 # 删除所有的calico pod diff --git a/999-部署模板/rke更新问题解决.txt b/999-部署模板/rke更新问题解决.txt new file mode 100644 index 0000000..2cda33a --- /dev/null +++ b/999-部署模板/rke更新问题解决.txt @@ -0,0 +1,24 @@ + + +# +https://stackoverflow.com/questions/71603038/rancher-rke-up-errors-on-etcd-host-health-checks-remote-error-tls-bad-certific + +rke up --update-only + +# 出现问题,报证书错误 +DEBU[0281] [etcd] failed to check health for etcd host [x.x.x.x]: failed to get /health for host [x.x.x.x]: Get "https://x.x.x.x:2379/health": remote error: tls: bad certificate + + + +rm -f /etc/kubernetes/ssl/kube-service-account-token-key.pem +rm -f /etc/kubernetes/ssl/kube-service-account-token.pem +cp /etc/kubernetes/ssl/kube-apiserver-key.pem /etc/kubernetes/ssl/kube-service-account-token-key.pem +cp /etc/kubernetes/ssl/kube-apiserver.pem /etc/kubernetes/ssl/kube-service-account-token.pem + +rke util get-state-file + +rm kube_config_cluster.yml cluster.rkestate + +rke up + +rke cert rotate \ No newline at end of file