diff --git a/builtin/roles/init/init-os/tasks/init_repository.yaml b/builtin/roles/init/init-os/tasks/init_repository.yaml index 2f70037c..103f5991 100644 --- a/builtin/roles/init/init-os/tasks/init_repository.yaml +++ b/builtin/roles/init/init-os/tasks/init_repository.yaml @@ -39,7 +39,7 @@ mv /etc/apt/sources.list.kubekey.bak /etc/apt/sources.list mv /etc/apt/sources.list.d.kubekey.bak /etc/apt/sources.list.d else - apt install -y socat conntrack ipset ebtables chrony ipvsadm + apt-get update && apt install -y socat conntrack ipset ebtables chrony ipvsadm fi when: os.release.ID_LIKE == "debian" - name: Init rhel repository diff --git a/builtin/roles/install/etcd/defaults/main.yaml b/builtin/roles/install/etcd/defaults/main.yaml index bae4b727..b331ca3d 100644 --- a/builtin/roles/install/etcd/defaults/main.yaml +++ b/builtin/roles/install/etcd/defaults/main.yaml @@ -9,6 +9,7 @@ etcd: compaction_retention: 8 snapshot_count: 10000 data_dir: /var/lib/etcd + token: k8s_etcd # metrics: basic # quota_backend_bytes: 100 # max_request_bytes: 100 diff --git a/builtin/roles/install/etcd/templates/etcd.env b/builtin/roles/install/etcd/templates/etcd.env index e817b7a9..d7965828 100644 --- a/builtin/roles/install/etcd/templates/etcd.env +++ b/builtin/roles/install/etcd/templates/etcd.env @@ -3,7 +3,7 @@ ETCD_ADVERTISE_CLIENT_URLS={{ internal_ipv4|stringformat:"https://%s:2379" }} ETCD_INITIAL_ADVERTISE_PEER_URLS={{ internal_ipv4|stringformat:"https://%s:2380" }} ETCD_INITIAL_CLUSTER_STATE={{ etcd.state }} ETCD_LISTEN_CLIENT_URLS={{ internal_ipv4|stringformat:"https://%s:2379" }},https://127.0.0.1:2379 -ETCD_INITIAL_CLUSTER_TOKEN=k8s_etcd +ETCD_INITIAL_CLUSTER_TOKEN={{ etcd.env.token }} ETCD_LISTEN_PEER_URLS={{ internal_ipv4|stringformat:"https://%s:2380" }} ETCD_NAME={{ inventory_name }} ETCD_PROXY=off diff --git a/pkg/project/local.go b/pkg/project/local.go index bb69b6a3..3b269f44 100644 --- a/pkg/project/local.go +++ b/pkg/project/local.go @@ -27,8 +27,6 @@ import ( _const "github.com/kubesphere/kubekey/v4/pkg/const" ) -var builtinProjectFS fs.FS - func newLocalProject(pipeline kubekeyv1.Pipeline) (Project, error) { if !filepath.IsAbs(pipeline.Spec.Playbook) { if pipeline.Spec.Project.Addr == "" { diff --git a/plugins/playbooks/backup.yaml b/plugins/playbooks/backup.yaml new file mode 100644 index 00000000..04f6fe58 --- /dev/null +++ b/plugins/playbooks/backup.yaml @@ -0,0 +1,5 @@ +--- +- hosts: + - etcd|random + roles: + - etcd/backup diff --git a/plugins/playbooks/restore.yaml b/plugins/playbooks/restore.yaml new file mode 100644 index 00000000..842adf5a --- /dev/null +++ b/plugins/playbooks/restore.yaml @@ -0,0 +1,15 @@ +--- +- hosts: + - kube_control_plane + roles: + - kubernetes/stop + +- hosts: + - etcd + roles: + - etcd/restore + +- hosts: + - kube_control_plane + roles: + - kubernetes/start diff --git a/plugins/roles/etcd/backup/defaults/main.yaml b/plugins/roles/etcd/backup/defaults/main.yaml new file mode 100644 index 00000000..ff31fc0d --- /dev/null +++ b/plugins/roles/etcd/backup/defaults/main.yaml @@ -0,0 +1,4 @@ +etcd: + env: + data_dir: /var/lib/etcd + token: k8s_etcd diff --git a/plugins/roles/etcd/backup/tasks/main.yaml b/plugins/roles/etcd/backup/tasks/main.yaml new file mode 100644 index 00000000..273fe6b4 --- /dev/null +++ b/plugins/roles/etcd/backup/tasks/main.yaml @@ -0,0 +1,15 @@ +--- +- name: Generate backup from etcd + command: | + if [ ! -d /tmp/kubekey/etcd/ ]; then + mkdir -p /tmp/kubekey/etcd/ + fi + export $(cat /etc/etcd.env | grep ETCDCTL_CACERT) + export $(cat /etc/etcd.env | grep ETCDCTL_CERT) + export $(cat /etc/etcd.env | grep ETCDCTL_KEY) + ETCDCTL_API=3 etcdctl --endpoints=https://{{ internal_ipv4 }}:2379 snapshot save /tmp/kubekey/etcd/snapshot.db + +- name: Fetch backup to local + fetch: + src: /tmp/kubekey/etcd/snapshot.db + dest: "{{ work_dir }}/kubekey/etcd/snapshot.db" diff --git a/plugins/roles/etcd/restore/defaults/main.yaml b/plugins/roles/etcd/restore/defaults/main.yaml new file mode 100644 index 00000000..ff31fc0d --- /dev/null +++ b/plugins/roles/etcd/restore/defaults/main.yaml @@ -0,0 +1,4 @@ +etcd: + env: + data_dir: /var/lib/etcd + token: k8s_etcd diff --git a/plugins/roles/etcd/restore/tasks/main.yaml b/plugins/roles/etcd/restore/tasks/main.yaml new file mode 100644 index 00000000..2947ce10 --- /dev/null +++ b/plugins/roles/etcd/restore/tasks/main.yaml @@ -0,0 +1,27 @@ +--- +- name: Sync etcd snapshot to remote + copy: + src: "{{ work_dir }}/kubekey/etcd/snapshot.db" + dest: /tmp/kubekey/etcd/snapshot.db + +- name: Stop etcd + command: systemctl stop etcd + +- name: Remove etcd data dir + command: | + rm -rf /var/lib/etcd/* + +- name: Restore etcd by snapshot + command: | + export $(cat /etc/etcd.env | grep ETCDCTL_CACERT) + export $(cat /etc/etcd.env | grep ETCDCTL_CERT) + export $(cat /etc/etcd.env | grep ETCDCTL_KEY) + etcdctl snapshot restore /tmp/kubekey/etcd/snapshot.db \ + --name={{ inventory_name }} --endpoints=https://{{ internal_ipv4 }}:2379 \ + --initial-cluster={% for h in groups['etcd'] %}{% set hv=inventory_hosts[h] %}{{ hv.inventory_name }}={{ hv.internal_ipv4|stringformat:"https://%s:2380" }}{% if (not forloop.Last) %},{% endif %}{% endfor %} \ + --initial-advertise-peer-urls=https://{{ internal_ipv4 }}:2380\ + --initial-cluster-token={{ etcd.env.token }} \ + --data-dir={{ etcd.env.data_dir }} + +- name: Start etcd + command: systemctl start etcd diff --git a/plugins/roles/kubernetes/start/defaults/main.yaml b/plugins/roles/kubernetes/start/defaults/main.yaml new file mode 100644 index 00000000..4c9d1966 --- /dev/null +++ b/plugins/roles/kubernetes/start/defaults/main.yaml @@ -0,0 +1,2 @@ +cri: + container_manager: docker diff --git a/plugins/roles/kubernetes/start/tasks/main.yaml b/plugins/roles/kubernetes/start/tasks/main.yaml new file mode 100644 index 00000000..80766a4b --- /dev/null +++ b/plugins/roles/kubernetes/start/tasks/main.yaml @@ -0,0 +1,14 @@ +--- +- name: Start cri in kubernetes + block: + - name: Stop docker in kubernetes + command: | + systemctl start docker + when: cri.container_manager == 'docker' + - name: Start containerd in kubernetes + command: | + systemctl start containerd + when: cri.container_manager == 'containerd' + +- name: Start kubelet in kubernetes + command: systemctl start kubelet diff --git a/plugins/roles/kubernetes/stop/defaults/main.yaml b/plugins/roles/kubernetes/stop/defaults/main.yaml new file mode 100644 index 00000000..4c9d1966 --- /dev/null +++ b/plugins/roles/kubernetes/stop/defaults/main.yaml @@ -0,0 +1,2 @@ +cri: + container_manager: docker diff --git a/plugins/roles/kubernetes/stop/tasks/main.yaml b/plugins/roles/kubernetes/stop/tasks/main.yaml new file mode 100644 index 00000000..0813d8f9 --- /dev/null +++ b/plugins/roles/kubernetes/stop/tasks/main.yaml @@ -0,0 +1,14 @@ +--- +- name: Stop kubelet in kubernetes + command: systemctl stop kubelet + +- name: Stop cri in kubernetes + block: + - name: Stop docker in kubernetes + command: | + systemctl stop docker + when: cri.container_manager == 'docker' + - name: Stop containerd in kubernetes + command: | + systemctl stop containerd + when: cri.container_manager == 'containerd'