• ETCD数据迁移

    ETCD数据迁移

    本文阅读对象为想要将Rainbond平台rbd-etcd切换至外部etcd的相关人员。

    • 在k8s master节点创建secret

    本文中将要切换的ETCD为根据Rainbond官方文档安装的k8s集群ETCD,需要TLS认证,所以在这里将相关证书创建为k8s集群secret资源供Rainbond组件连接时使用;其他方式搭建的k8s集群请根据自身需要进行创建。

    kubectl create secret generic etcd-tls-secret --from-file=/etc/kubernetes/ssl/kubernetes.pem   --from-file=/etc/kubernetes/ssl/kubernetes-key.pem    --from-file=/etc/kubernetes/ssl/ca.pem   -n rbd-system

    修改ETCD连接地址

    修改Rainbond各组件连接ETCD的地址。

    • rbd-api
    $ kubectl edit deploy rbd-api -n rbd-system
    spec:
      containers:
      - args:
        - --etcd=https://172.24.206.76:2379
        - --etcd-ca=/etc/kubernetes/ssl/ca.pem
        - --etcd-cert=/etc/kubernetes/ssl/kubernetes.pem
        - --etcd-key=/etc/kubernetes/ssl/kubernetes-key.pem
        
        volumeMounts:
        - mountPath: /etc/kubernetes/ssl
          readOnly: true
          name: etcd-tls
          
      volumes:
      - name: etcd-tls
        secret:
          secretName: etcd-tls-secret

    相关解释:

    将启动参数 --etcd 地址修改为要切换的ETCD地址,其他参数为指定ETCD的TLS证书文件地址,并且挂载使用上面创建好的sercret;以下组件都与之类似。

    • rbd-mq
    $ kubectl edit deploy rbd-mq -n rbd-system
    spec:
      containers:
      - args:
        - --etcd-endpoints=https://172.24.206.76:2379
        - --etcd-ca=/etc/kubernetes/ssl/ca.pem
        - --etcd-cert=/etc/kubernetes/ssl/kubernetes.pem
        - --etcd-key=/etc/kubernetes/ssl/kubernetes-key.pem
  
        volumeMounts:
        - mountPath: /etc/kubernetes/ssl
          readOnly: true
          name: etcd-tls
          
      volumes:
      - name: etcd-tls
        secret:
          secretName: etcd-tls-secret
    • rbd-webcli
    $ kubectl edit deploy rbd-webcli  -n rbd-system
    spec:
      containers:
      - args:
        - --etcd-endpoints=https://172.24.206.76:2379
        - --etcd-ca=/etc/kubernetes/ssl/ca.pem
        - --etcd-cert=/etc/kubernetes/ssl/kubernetes.pem
        - --etcd-key=/etc/kubernetes/ssl/kubernetes-key.pem

        volumeMounts:
        - mountPath: /etc/kubernetes/ssl
          readOnly: true
          name: etcd-tls
          
      volumes:
      - name: etcd-tls
        secret:
          secretName: etcd-tls-secret
    • rbd-worker
     $ kubectl edit deploy rbd-worker  -n rbd-system
     spec:
      containers:
      - args:
        - --etcd-endpoints=https://172.24.206.76:2379
        - --etcd-ca=/etc/kubernetes/ssl/ca.pem
        - --etcd-cert=/etc/kubernetes/ssl/kubernetes.pem
        - --etcd-key=/etc/kubernetes/ssl/kubernetes-key.pem

        volumeMounts:
        - mountPath: /etc/kubernetes/ssl
          readOnly: true
          name: etcd-tls
          
      volumes:
      - name: etcd-tls
        secret:
          secretName: etcd-tls-secret
    • rbd-chaos
    $ kubectl edit ds rbd-chaos  -n rbd-system
    spec:
      containers:
      - args:
        - --etcd-endpoints=https://172.24.206.76:2379
        - --etcd-ca=/etc/kubernetes/ssl/ca.pem
        - --etcd-cert=/etc/kubernetes/ssl/kubernetes.pem
        - --etcd-key=/etc/kubernetes/ssl/kubernetes-key.pem
        
        volumeMounts:
        - mountPath: /etc/kubernetes/ssl
          readOnly: true
          name: etcd-tls
          
      volumes:
      - name: etcd-tls
        secret:
          secretName: etcd-tls-secret
    • rbd-gateway
    $ kubectl edit ds rbd-gateway  -n rbd-system
    spec:
      containers:
      - args:
        - --etcd-endpoints=https://172.24.206.76:2379
        - --etcd-ca=/etc/kubernetes/ssl/ca.pem
        - --etcd-cert=/etc/kubernetes/ssl/kubernetes.pem
        - --etcd-key=/etc/kubernetes/ssl/kubernetes-key.pem

        volumeMounts:
        - mountPath: /etc/kubernetes/ssl
          readOnly: true
          name: etcd-tls
          
      volumes:
      - name: etcd-tls
        secret:
          secretName: etcd-tls-secret
    • rbd-node
     $ kubectl edit ds rbd-node  -n rbd-system
     spec:
      containers:
      - args:
        - --etcd-endpoints=https://172.24.206.76:2379
        - --etcd-ca=/etc/kubernetes/ssl/ca.pem
        - --etcd-cert=/etc/kubernetes/ssl/kubernetes.pem
        - --etcd-key=/etc/kubernetes/ssl/kubernetes-key.pem

        volumeMounts:
        - mountPath: /etc/kubernetes/ssl
          readOnly: true
          name: etcd-tls
          
      volumes:
      - name: etcd-tls
        secret:
          secretName: etcd-tls-secret
    • rbd-eventlog
    $ kubectl edit sts rbd-eventlog   -n rbd-system
    spec:
      containers:
      - args:
        - --discover.etcd.addr=https://172.24.206.76:2379
        - --discover.etcd.ca=/etc/kubernetes/ssl/ca.pem
        - --discover.etcd.cert=/etc/kubernetes/ssl/kubernetes.pem
        - --discover.etcd.key=/etc/kubernetes/ssl/kubernetes-key.pem

        volumeMounts:
        - mountPath: /etc/kubernetes/ssl
          readOnly: true
          name: etcd-tls
          
      volumes:
      - name: etcd-tls
        secret:
          secretName: etcd-tls-secret
    • rbd-monitor
    $ kubectl edit sts rbd-monitor   -n rbd-system
    spec:
      containers:
      - args:
        - --etcd-endpoints=https://172.24.206.76:2379
        - --etcd-ca=/etc/kubernetes/ssl/ca.pem
        - --etcd-cert=/etc/kubernetes/ssl/kubernetes.pem
        - --etcd-key=/etc/kubernetes/ssl/kubernetes-key.pem

        volumeMounts:
        - mountPath: /etc/kubernetes/ssl
          readOnly: true
          name: etcd-tls
          
      volumes:
      - name: etcd-tls
        secret:
          secretName: etcd-tls-secret

    验证

    1.查看Rainbond各组件是否处于Running状态

    $  kubectl get po -n rbd-system
NAME                                         READY   STATUS      RESTARTS   AGE
dashboard-metrics-scraper-754cdcbbb6-pckfj   1/1     Running     1          2d3h
kubernetes-dashboard-57b897f8df-8hkrv        1/1     Running     1          2d3h
nfs-provisioner-0                            1/1     Running     1          2d3h
rbd-api-5c4c5d6487-bxqgr                     1/1     Running     0          20m
rbd-app-ui-64c7c55995-svg56                  1/1     Running     1          2d3h
rbd-app-ui-migrations-k5jwd                  0/1     Completed   0          2d3h
rbd-chaos-7qjq6                              1/1     Running     0          15m
rbd-db-0                                     2/2     Running     2          2d3h
rbd-eventlog-0                               1/1     Running     0          77s
rbd-gateway-hmxp7                            1/1     Running     0          14m
rbd-hub-85b7b94846-kbffc                     1/1     Running     1          2d3h
rbd-monitor-0                                1/1     Running     0          11m
rbd-mq-5dcfcd9948-wbgrr                      1/1     Running     0          19m
rbd-node-2ctjp                               1/1     Running     0          13m
rbd-node-8pnql                               1/1     Running     0          13m
rbd-node-wpzhd                               1/1     Running     0          13m
rbd-repo-0                                   1/1     Running     1          2d3h
rbd-webcli-6ccd564d98-9kgxd                  1/1     Running     0          18m
rbd-worker-6d79d8d5f5-hbt5l                  1/1     Running     0          17m

    2.在平台基于源码创建组件,测试此过程是否可正常创建组件

    验证没有问题后删除rbd-etcd组件

    kubectl delete  rbdcomponents.rainbond.io rbd-etcd -n rbd-system
  • 相关阅读:
    sys、os 模块
    sh 了解
    TCP协议的3次握手与4次挥手过程详解
    python argparse(参数解析)模块学习(二)
    python argparse(参数解析)模块学习(一)
    Day17--Python--面向对象--成员
    Day16--Python--初识面向对象
    Day14--Python--函数二,lambda,sorted,filter,map,递归,二分法
    Day013--Python--内置函数一
    Day12--Python--生成器,生成器函数,推导式,生成器表达式
  • 原文地址:https://www.cnblogs.com/Aaron-23/p/14121570.html
Copyright © 2020-2023  润新知