Lework Study hard, improve every day.

Kubernetes 集群资源数据的备份

2020-11-20
lework
kubernetes
本文 21832 字,阅读全文约需 63 分钟

背景

我们常常对 k8s 集群的元数据进行定时备份,也就是备份 etcd kv存储。etcd的快照备份通常相隔时间较长, 如果我们在某一时刻误操作删除了一个资源,在有etcd快照的时候,可以通过恢复快照找到这个删除的资源,这样太费精力,且通过etcd仓库不易找到删除的内容。这时我们就需要一个备份间隔时间短,且针对每个资源生成对应的 manifest 文件,这样就很容易的找到删除对应的资源描述文件进行恢复了。

脚本使用

脚本运行在 Linux/Unix 操作系统,使用 BASH 解释器。请确保 kubectl 客户端正常连接到 k8s 集群并具有资源获取的相应权限

下载

wget https://cdn.jsdelivr.net/gh/lework/script@master/shell/k8s/k8s-backup.sh
chmod +x k8s-backup.sh

脚本参数

#  ./k8s-backup.sh -h   

backup k8s resource.

Usage:
  k8s-backup.sh [flag]
  
Flag:
  -ns,--namespace  namespace, default: all
  -r,--resource    resource, default: all
  -h,--help        help info.
  • -ns,–namespace 指定命名空间, 多个以空格隔开。默认所有
  • -r,–resource 指定资源名称, 多个以空格隔开。默认所有
  • -h,–help 帮助信息

备份资源

备份所有资源

# ./k8s-backup.sh
Namespace: default
Resource: configmaps
Resource: controllerrevisions.apps
Resource: cronjobs.batch
Resource: daemonsets.apps
Resource: deployments.apps
Resource: endpoints
Resource: endpointslices.discovery.k8s.io
Resource: horizontalpodautoscalers.autoscaling
Resource: ingresses.extensions
Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
Resource: ingresses.networking.k8s.io
Resource: jobs.batch
Resource: leases.coordination.k8s.io
Resource: limitranges
Resource: networkpolicies.crd.projectcalico.org
Resource: networkpolicies.networking.k8s.io
Resource: networksets.crd.projectcalico.org
Resource: persistentvolumeclaims
Resource: poddisruptionbudgets.policy
Resource: pods
Resource: pods.metrics.k8s.io
Resource: podtemplates
Resource: replicasets.apps
Resource: replicationcontrollers
Resource: resourcequotas
Resource: rolebindings.rbac.authorization.k8s.io
Resource: roles.rbac.authorization.k8s.io
Resource: secrets
Resource: serviceaccounts
Resource: services
Resource: statefulsets.apps
Namespace: ingress-nginx
Resource: configmaps
Resource: controllerrevisions.apps
Resource: cronjobs.batch
Resource: daemonsets.apps
Resource: deployments.apps
Resource: endpoints
Resource: endpointslices.discovery.k8s.io
Resource: horizontalpodautoscalers.autoscaling
Resource: ingresses.extensions
Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
Resource: ingresses.networking.k8s.io
Resource: jobs.batch
Resource: leases.coordination.k8s.io
Resource: limitranges
Resource: networkpolicies.crd.projectcalico.org
Resource: networkpolicies.networking.k8s.io
Resource: networksets.crd.projectcalico.org
Resource: persistentvolumeclaims
Resource: poddisruptionbudgets.policy
Resource: pods
Resource: pods.metrics.k8s.io
Resource: podtemplates
Resource: replicasets.apps
Resource: replicationcontrollers
Resource: resourcequotas
Resource: rolebindings.rbac.authorization.k8s.io
Resource: roles.rbac.authorization.k8s.io
Resource: secrets
Resource: serviceaccounts
Resource: services
Resource: statefulsets.apps
Namespace: kube-node-lease
Resource: configmaps
Resource: controllerrevisions.apps
Resource: cronjobs.batch
Resource: daemonsets.apps
Resource: deployments.apps
Resource: endpoints
Resource: endpointslices.discovery.k8s.io
Resource: horizontalpodautoscalers.autoscaling
Resource: ingresses.extensions
Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
Resource: ingresses.networking.k8s.io
Resource: jobs.batch
Resource: leases.coordination.k8s.io
Resource: limitranges
Resource: networkpolicies.crd.projectcalico.org
Resource: networkpolicies.networking.k8s.io
Resource: networksets.crd.projectcalico.org
Resource: persistentvolumeclaims
Resource: poddisruptionbudgets.policy
Resource: pods
Resource: pods.metrics.k8s.io
Resource: podtemplates
Resource: replicasets.apps
Resource: replicationcontrollers
Resource: resourcequotas
Resource: rolebindings.rbac.authorization.k8s.io
Resource: roles.rbac.authorization.k8s.io
Resource: secrets
Resource: serviceaccounts
Resource: services
Resource: statefulsets.apps
Namespace: kube-public
Resource: configmaps
Resource: controllerrevisions.apps
Resource: cronjobs.batch
Resource: daemonsets.apps
Resource: deployments.apps
Resource: endpoints
Resource: endpointslices.discovery.k8s.io
Resource: horizontalpodautoscalers.autoscaling
Resource: ingresses.extensions
Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
Resource: ingresses.networking.k8s.io
Resource: jobs.batch
Resource: leases.coordination.k8s.io
Resource: limitranges
Resource: networkpolicies.crd.projectcalico.org
Resource: networkpolicies.networking.k8s.io
Resource: networksets.crd.projectcalico.org
Resource: persistentvolumeclaims
Resource: poddisruptionbudgets.policy
Resource: pods
Resource: pods.metrics.k8s.io
Resource: podtemplates
Resource: replicasets.apps
Resource: replicationcontrollers
Resource: resourcequotas
Resource: rolebindings.rbac.authorization.k8s.io
Resource: roles.rbac.authorization.k8s.io
Resource: secrets
Resource: serviceaccounts
Resource: services
Resource: statefulsets.apps
Namespace: kube-system
Resource: configmaps
Resource: controllerrevisions.apps
Resource: cronjobs.batch
Resource: daemonsets.apps
Resource: deployments.apps
Resource: endpoints
Resource: endpointslices.discovery.k8s.io
Resource: horizontalpodautoscalers.autoscaling
Resource: ingresses.extensions
Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
Resource: ingresses.networking.k8s.io
Resource: jobs.batch
Resource: leases.coordination.k8s.io
Resource: limitranges
Resource: networkpolicies.crd.projectcalico.org
Resource: networkpolicies.networking.k8s.io
Resource: networksets.crd.projectcalico.org
Resource: persistentvolumeclaims
Resource: poddisruptionbudgets.policy
Resource: pods
Resource: pods.metrics.k8s.io
Resource: podtemplates
Resource: replicasets.apps
Resource: replicationcontrollers
  source: resourcequotas
Resource: rolebindings.rbac.authorization.k8s.io
Resource: roles.rbac.authorization.k8s.io
Resource: secrets
Resource: serviceaccounts
Resource: services
Resource: statefulsets.apps
Namespace: kubernetes-dashboard
Resource: configmaps
Resource: controllerrevisions.apps
Resource: cronjobs.batch
Resource: daemonsets.apps
Resource: deployments.apps
Resource: endpoints
Resource: endpointslices.discovery.k8s.io
Resource: horizontalpodautoscalers.autoscaling
Resource: ingresses.extensions
Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
Resource: ingresses.networking.k8s.io
Resource: jobs.batch
Resource: leases.coordination.k8s.io
Resource: limitranges
Resource: networkpolicies.crd.projectcalico.org
Resource: networkpolicies.networking.k8s.io
Resource: networksets.crd.projectcalico.org
Resource: persistentvolumeclaims
Resource: poddisruptionbudgets.policy
Resource: pods
Resource: pods.metrics.k8s.io
Resource: podtemplates
Resource: replicasets.apps
Resource: replicationcontrollers
Resource: resourcequotas
Resource: rolebindings.rbac.authorization.k8s.io
Resource: roles.rbac.authorization.k8s.io
Resource: secrets
Resource: serviceaccounts
Resource: services
Resource: statefulsets.apps
File: /opt/k8s-backup_1606895317

# tree  /opt/k8s-backup_1606895317
/opt/k8s-backup_1606895317
├── default
│   ├── alpine.pods.metrics.k8s.io.yaml
│   ├── alpine.pods.yaml
│   ├── default.serviceaccounts.yaml
│   ├── default-token-6xcn8.secrets.yaml
│   ├── ingress-demo-app-78ccc7c466-9kfdb.pods.metrics.k8s.io.yaml
│   ├── ingress-demo-app-78ccc7c466-9kfdb.pods.yaml
│   ├── ingress-demo-app-78ccc7c466.replicasets.apps.yaml
│   ├── ingress-demo-app-78ccc7c466-tmq6v.pods.metrics.k8s.io.yaml
│   ├── ingress-demo-app-78ccc7c466-tmq6v.pods.yaml
│   ├── ingress-demo-app.deployments.apps.yaml
│   ├── ingress-demo-app.endpoints.yaml
│   ├── ingress-demo-app.ingresses.extensions.yaml
│   ├── ingress-demo-app.ingresses.networking.k8s.io.yaml
│   ├── ingress-demo-app.services.yaml
│   ├── ingress-demo-app-xzmzp.endpointslices.discovery.k8s.io.yaml
│   ├── kubernetes.endpointslices.discovery.k8s.io.yaml
│   ├── kubernetes.endpoints.yaml
│   ├── kubernetes.services.yaml
│   └── namespace.yaml
├── ingress-nginx
│   ├── default.serviceaccounts.yaml
│   ├── default-token-8jz5h.secrets.yaml
│   ├── ingress-controller-leader-nginx.configmaps.yaml
│   ├── ingress-nginx-admission-create-cndzp.pods.yaml
│   ├── ingress-nginx-admission-create.jobs.batch.yaml
│   ├── ingress-nginx-admission-patch.jobs.batch.yaml
│   ├── ingress-nginx-admission-patch-nk2jk.pods.yaml
│   ├── ingress-nginx-admission.rolebindings.rbac.authorization.k8s.io.yaml
│   ├── ingress-nginx-admission.roles.rbac.authorization.k8s.io.yaml
│   ├── ingress-nginx-admission.secrets.yaml
│   ├── ingress-nginx-admission.serviceaccounts.yaml
│   ├── ingress-nginx-admission-token-qjz6h.secrets.yaml
│   ├── ingress-nginx-controller-85cd9f58bb-8gns8.pods.metrics.k8s.io.yaml
│   ├── ingress-nginx-controller-85cd9f58bb-8gns8.pods.yaml
│   ├── ingress-nginx-controller-85cd9f58bb.replicasets.apps.yaml
│   ├── ingress-nginx-controller-9l64v.endpointslices.discovery.k8s.io.yaml
│   ├── ingress-nginx-controller-admission-2ppgp.endpointslices.discovery.k8s.io.yaml
│   ├── ingress-nginx-controller-admission.endpoints.yaml
│   ├── ingress-nginx-controller-admission.services.yaml
│   ├── ingress-nginx-controller.configmaps.yaml
│   ├── ingress-nginx-controller.deployments.apps.yaml
│   ├── ingress-nginx-controller.endpoints.yaml
│   ├── ingress-nginx-controller.services.yaml
│   ├── ingress-nginx.rolebindings.rbac.authorization.k8s.io.yaml
│   ├── ingress-nginx.roles.rbac.authorization.k8s.io.yaml
│   ├── ingress-nginx.serviceaccounts.yaml
│   ├── ingress-nginx-token-2lltz.secrets.yaml
│   └── namespace.yaml
├── kube-node-lease
│   ├── default.serviceaccounts.yaml
│   ├── default-token-lv5zj.secrets.yaml
│   ├── k8s-master-node1.leases.coordination.k8s.io.yaml
│   ├── k8s-master-node2.leases.coordination.k8s.io.yaml
│   ├── k8s-master-node3.leases.coordination.k8s.io.yaml
│   ├── k8s-worker-node1.leases.coordination.k8s.io.yaml
│   ├── k8s-worker-node2.leases.coordination.k8s.io.yaml
│   └── namespace.yaml
├── kube-public
│   ├── cluster-info.configmaps.yaml
│   ├── default.serviceaccounts.yaml
│   ├── default-token-pd86k.secrets.yaml
│   ├── kubeadm:bootstrap-signer-clusterinfo.rolebindings.rbac.authorization.k8s.io.yaml
│   ├── kubeadm:bootstrap-signer-clusterinfo.roles.rbac.authorization.k8s.io.yaml
│   ├── namespace.yaml
│   ├── system:controller:bootstrap-signer.rolebindings.rbac.authorization.k8s.io.yaml
│   └── system:controller:bootstrap-signer.roles.rbac.authorization.k8s.io.yaml
├── kubernetes-dashboard
│   ├── dashboard-metrics-scraper-7b59f7d4df.replicasets.apps.yaml
│   ├── dashboard-metrics-scraper-7b59f7d4df-znfdb.pods.metrics.k8s.io.yaml
│   ├── dashboard-metrics-scraper-7b59f7d4df-znfdb.pods.yaml
│   ├── dashboard-metrics-scraper.deployments.apps.yaml
│   ├── dashboard-metrics-scraper.endpoints.yaml
│   ├── dashboard-metrics-scraper.services.yaml
│   ├── dashboard-metrics-scraper-t9nb7.endpointslices.discovery.k8s.io.yaml
│   ├── default.serviceaccounts.yaml
│   ├── default-token-dkxq7.secrets.yaml
│   ├── kubernetes-dashboard-665f4c5ff-gl9c9.pods.metrics.k8s.io.yaml
│   ├── kubernetes-dashboard-665f4c5ff-gl9c9.pods.yaml
│   ├── kubernetes-dashboard-665f4c5ff.replicasets.apps.yaml
│   ├── kubernetes-dashboard-admin-sa.serviceaccounts.yaml
│   ├── kubernetes-dashboard-admin-sa-token-6kl8n.secrets.yaml
│   ├── kubernetes-dashboard-certs.secrets.yaml
│   ├── kubernetes-dashboard-csrf.secrets.yaml
│   ├── kubernetes-dashboard.deployments.apps.yaml
│   ├── kubernetes-dashboard.endpoints.yaml
│   ├── kubernetes-dashboard.ingresses.extensions.yaml
│   ├── kubernetes-dashboard.ingresses.networking.k8s.io.yaml
│   ├── kubernetes-dashboard-key-holder.secrets.yaml
│   ├── kubernetes-dashboard-mznnc.endpointslices.discovery.k8s.io.yaml
│   ├── kubernetes-dashboard.rolebindings.rbac.authorization.k8s.io.yaml
│   ├── kubernetes-dashboard.roles.rbac.authorization.k8s.io.yaml
│   ├── kubernetes-dashboard.serviceaccounts.yaml
│   ├── kubernetes-dashboard.services.yaml
│   ├── kubernetes-dashboard-settings.configmaps.yaml
│   ├── kubernetes-dashboard-token-lstf8.secrets.yaml
│   └── namespace.yaml
└── kube-system
    ├── attachdetach-controller.serviceaccounts.yaml
    ├── attachdetach-controller-token-bhxxf.secrets.yaml
    ├── bootstrap-signer.serviceaccounts.yaml
    ├── bootstrap-signer-token-9n2gw.secrets.yaml
    ├── calico-config.configmaps.yaml
    ├── calicoctl.pods.metrics.k8s.io.yaml
    ├── calicoctl.pods.yaml
    ├── calicoctl.serviceaccounts.yaml
    ├── calicoctl-token-7vs2w.secrets.yaml
    ├── calico-kube-controllers-5c6f6b67db.replicasets.apps.yaml
    ├── calico-kube-controllers-5c6f6b67db-wng98.pods.metrics.k8s.io.yaml
    ├── calico-kube-controllers-5c6f6b67db-wng98.pods.yaml
    ├── calico-kube-controllers.deployments.apps.yaml
    ├── calico-kube-controllers.serviceaccounts.yaml
    ├── calico-kube-controllers-token-7hhvt.secrets.yaml
    ├── calico-node-5f678767.controllerrevisions.apps.yaml
    ├── calico-node-8b5b57b67.controllerrevisions.apps.yaml
    ├── calico-node-8xclc.pods.metrics.k8s.io.yaml
    ├── calico-node-8xclc.pods.yaml
    ├── calico-node.daemonsets.apps.yaml
    ├── calico-node-j4dkc.pods.metrics.k8s.io.yaml
    ├── calico-node-j4dkc.pods.yaml
    ├── calico-node-mjprr.pods.metrics.k8s.io.yaml
    ├── calico-node-mjprr.pods.yaml
    ├── calico-node-ptqq7.pods.metrics.k8s.io.yaml
    ├── calico-node-ptqq7.pods.yaml
    ├── calico-node.serviceaccounts.yaml
    ├── calico-node-token-57wsj.secrets.yaml
    ├── calico-node-z2kzd.pods.metrics.k8s.io.yaml
    ├── calico-node-z2kzd.pods.yaml
    ├── certificate-controller.serviceaccounts.yaml
    ├── certificate-controller-token-px229.secrets.yaml
    ├── clusterrole-aggregation-controller.serviceaccounts.yaml
    ├── clusterrole-aggregation-controller-token-pcgrz.secrets.yaml
    ├── coredns-59c898cd69-mw778.pods.metrics.k8s.io.yaml
    ├── coredns-59c898cd69-mw778.pods.yaml
    ├── coredns-59c898cd69.replicasets.apps.yaml
    ├── coredns-59c898cd69-sbjkg.pods.metrics.k8s.io.yaml
    ├── coredns-59c898cd69-sbjkg.pods.yaml
    ├── coredns.configmaps.yaml
    ├── coredns.deployments.apps.yaml
    ├── coredns.serviceaccounts.yaml
    ├── coredns-token-j5vww.secrets.yaml
    ├── cronjob-controller.serviceaccounts.yaml
    ├── cronjob-controller-token-zhxn8.secrets.yaml
    ├── daemon-set-controller.serviceaccounts.yaml
    ├── daemon-set-controller-token-btq98.secrets.yaml
    ├── default-http-backend-78894999d9-pdzk7.pods.metrics.k8s.io.yaml
    ├── default-http-backend-78894999d9-pdzk7.pods.yaml
    ├── default-http-backend-78894999d9.replicasets.apps.yaml
    ├── default-http-backend-8nrc9.endpointslices.discovery.k8s.io.yaml
    ├── default-http-backend.deployments.apps.yaml
    ├── default-http-backend.endpoints.yaml
    ├── default-http-backend.services.yaml
    ├── default.serviceaccounts.yaml
    ├── default-token-b859b.secrets.yaml
    ├── deployment-controller.serviceaccounts.yaml
    ├── deployment-controller-token-7cbxj.secrets.yaml
    ├── disruption-controller.serviceaccounts.yaml
    ├── disruption-controller-token-cs4bl.secrets.yaml
    ├── endpoint-controller.serviceaccounts.yaml
    ├── endpoint-controller-token-8p7zh.secrets.yaml
    ├── endpointslice-controller.serviceaccounts.yaml
    ├── endpointslice-controller-token-2r8q7.secrets.yaml
    ├── endpointslicemirroring-controller.serviceaccounts.yaml
    ├── endpointslicemirroring-controller-token-lzhlx.secrets.yaml
    ├── etcd-k8s-master-node1.pods.metrics.k8s.io.yaml
    ├── etcd-k8s-master-node1.pods.yaml
    ├── etcd-k8s-master-node2.pods.metrics.k8s.io.yaml
    ├── etcd-k8s-master-node2.pods.yaml
    ├── etcd-k8s-master-node3.pods.metrics.k8s.io.yaml
    ├── etcd-k8s-master-node3.pods.yaml
    ├── etcd-snapshot-1606796482-8wms6.pods.yaml
    ├── etcd-snapshot-1606796482-9xr28.pods.yaml
    ├── etcd-snapshot-1606796482-dqv2n.pods.yaml
    ├── etcd-snapshot-1606796482.jobs.batch.yaml
    ├── etcd-snapshot-1606838400-bts82.pods.yaml
    ├── etcd-snapshot-1606838400-hkwzk.pods.yaml
    ├── etcd-snapshot-1606838400.jobs.batch.yaml
    ├── etcd-snapshot-1606838400-ph88t.pods.yaml
    ├── etcd-snapshot-1606860000-b2jgl.pods.yaml
    ├── etcd-snapshot-1606860000.jobs.batch.yaml
    ├── etcd-snapshot-1606860000-kjzl5.pods.yaml
    ├── etcd-snapshot-1606860000-nnrlh.pods.yaml
    ├── etcd-snapshot-1606881600-dklpc.pods.yaml
    ├── etcd-snapshot-1606881600.jobs.batch.yaml
    ├── etcd-snapshot-1606881600-lrpqt.pods.yaml
    ├── etcd-snapshot-1606881600-z4p87.pods.yaml
    ├── etcd-snapshot.cronjobs.batch.yaml
    ├── expand-controller.serviceaccounts.yaml
    ├── expand-controller-token-2fhb2.secrets.yaml
    ├── extension-apiserver-authentication.configmaps.yaml
    ├── extension-apiserver-authentication-reader.roles.rbac.authorization.k8s.io.yaml
    ├── generic-garbage-collector.serviceaccounts.yaml
    ├── generic-garbage-collector-token-r2qz8.secrets.yaml
    ├── horizontal-pod-autoscaler.serviceaccounts.yaml
    ├── horizontal-pod-autoscaler-token-hx5kt.secrets.yaml
    ├── job-controller.serviceaccounts.yaml
    ├── job-controller-token-jgw4b.secrets.yaml
    ├── kubeadm-config.configmaps.yaml
    ├── kubeadm:kubeadm-certs.rolebindings.rbac.authorization.k8s.io.yaml
    ├── kubeadm:kubeadm-certs.roles.rbac.authorization.k8s.io.yaml
    ├── kubeadm:kubelet-config-1.19.rolebindings.rbac.authorization.k8s.io.yaml
    ├── kubeadm:kubelet-config-1.19.roles.rbac.authorization.k8s.io.yaml
    ├── kubeadm:nodes-kubeadm-config.rolebindings.rbac.authorization.k8s.io.yaml
    ├── kubeadm:nodes-kubeadm-config.roles.rbac.authorization.k8s.io.yaml
    ├── kube-apiserver-k8s-master-node1.pods.metrics.k8s.io.yaml
    ├── kube-apiserver-k8s-master-node1.pods.yaml
    ├── kube-apiserver-k8s-master-node2.pods.metrics.k8s.io.yaml
    ├── kube-apiserver-k8s-master-node2.pods.yaml
    ├── kube-apiserver-k8s-master-node3.pods.metrics.k8s.io.yaml
    ├── kube-apiserver-k8s-master-node3.pods.yaml
    ├── kube-controller-manager.endpoints.yaml
    ├── kube-controller-manager-k8s-master-node1.pods.metrics.k8s.io.yaml
    ├── kube-controller-manager-k8s-master-node1.pods.yaml
    ├── kube-controller-manager-k8s-master-node2.pods.metrics.k8s.io.yaml
    ├── kube-controller-manager-k8s-master-node2.pods.yaml
    ├── kube-controller-manager-k8s-master-node3.pods.metrics.k8s.io.yaml
    ├── kube-controller-manager-k8s-master-node3.pods.yaml
    ├── kube-controller-manager.leases.coordination.k8s.io.yaml
    ├── kube-dns-5twhj.endpointslices.discovery.k8s.io.yaml
    ├── kube-dns.endpoints.yaml
    ├── kube-dns.services.yaml
    ├── kubelet-config-1.19.configmaps.yaml
    ├── kube-proxy-5b5cf67f67.controllerrevisions.apps.yaml
    ├── kube-proxy.configmaps.yaml
    ├── kube-proxy.daemonsets.apps.yaml
    ├── kube-proxy-krc48.pods.metrics.k8s.io.yaml
    ├── kube-proxy-krc48.pods.yaml
    ├── kube-proxy.rolebindings.rbac.authorization.k8s.io.yaml
    ├── kube-proxy.roles.rbac.authorization.k8s.io.yaml
    ├── kube-proxy-s995r.pods.metrics.k8s.io.yaml
    ├── kube-proxy-s995r.pods.yaml
    ├── kube-proxy.serviceaccounts.yaml
    ├── kube-proxy-token-4svdq.secrets.yaml
    ├── kube-proxy-tvxd5.pods.metrics.k8s.io.yaml
    ├── kube-proxy-tvxd5.pods.yaml
    ├── kube-proxy-x5dsd.pods.metrics.k8s.io.yaml
    ├── kube-proxy-x5dsd.pods.yaml
    ├── kube-proxy-zq4mb.pods.metrics.k8s.io.yaml
    ├── kube-proxy-zq4mb.pods.yaml
    ├── kube-scheduler.endpoints.yaml
    ├── kube-scheduler-k8s-master-node1.pods.metrics.k8s.io.yaml
    ├── kube-scheduler-k8s-master-node1.pods.yaml
    ├── kube-scheduler-k8s-master-node2.pods.metrics.k8s.io.yaml
    ├── kube-scheduler-k8s-master-node2.pods.yaml
    ├── kube-scheduler-k8s-master-node3.pods.metrics.k8s.io.yaml
    ├── kube-scheduler-k8s-master-node3.pods.yaml
    ├── kube-scheduler.leases.coordination.k8s.io.yaml
    ├── metrics-server-7d75f98dd9-rch6z.pods.metrics.k8s.io.yaml
    ├── metrics-server-7d75f98dd9-rch6z.pods.yaml
    ├── metrics-server-7d75f98dd9.replicasets.apps.yaml
    ├── metrics-server-auth-reader.rolebindings.rbac.authorization.k8s.io.yaml
    ├── metrics-server.deployments.apps.yaml
    ├── metrics-server.endpoints.yaml
    ├── metrics-server-pf9rq.endpointslices.discovery.k8s.io.yaml
    ├── metrics-server.serviceaccounts.yaml
    ├── metrics-server.services.yaml
    ├── metrics-server-token-49vtm.secrets.yaml
    ├── namespace-controller.serviceaccounts.yaml
    ├── namespace-controller-token-rtvxp.secrets.yaml
    ├── namespace.yaml
    ├── node-controller.serviceaccounts.yaml
    ├── node-controller-token-v52q5.secrets.yaml
    ├── persistent-volume-binder.serviceaccounts.yaml
    ├── persistent-volume-binder-token-zzbzx.secrets.yaml
    ├── pod-garbage-collector.serviceaccounts.yaml
    ├── pod-garbage-collector-token-56jrn.secrets.yaml
    ├── pvc-protection-controller.serviceaccounts.yaml
    ├── pvc-protection-controller-token-5sfgz.secrets.yaml
    ├── pv-protection-controller.serviceaccounts.yaml
    ├── pv-protection-controller-token-phgk7.secrets.yaml
    ├── replicaset-controller.serviceaccounts.yaml
    ├── replicaset-controller-token-lrwpl.secrets.yaml
    ├── replication-controller.serviceaccounts.yaml
    ├── replication-controller-token-v8fsb.secrets.yaml
    ├── resourcequota-controller.serviceaccounts.yaml
    ├── resourcequota-controller-token-5kp67.secrets.yaml
    ├── service-account-controller.serviceaccounts.yaml
    ├── service-account-controller-token-ws2qn.secrets.yaml
    ├── service-controller.serviceaccounts.yaml
    ├── service-controller-token-hz29k.secrets.yaml
    ├── statefulset-controller.serviceaccounts.yaml
    ├── statefulset-controller-token-slsfc.secrets.yaml
    ├── system:controller:bootstrap-signer.rolebindings.rbac.authorization.k8s.io.yaml
    ├── system:controller:bootstrap-signer.roles.rbac.authorization.k8s.io.yaml
    ├── system:controller:cloud-provider.rolebindings.rbac.authorization.k8s.io.yaml
    ├── system:controller:cloud-provider.roles.rbac.authorization.k8s.io.yaml
    ├── system:controller:token-cleaner.rolebindings.rbac.authorization.k8s.io.yaml
    ├── system:controller:token-cleaner.roles.rbac.authorization.k8s.io.yaml
    ├── system::extension-apiserver-authentication-reader.rolebindings.rbac.authorization.k8s.io.yaml
    ├── system::leader-locking-kube-controller-manager.rolebindings.rbac.authorization.k8s.io.yaml
    ├── system::leader-locking-kube-controller-manager.roles.rbac.authorization.k8s.io.yaml
    ├── system::leader-locking-kube-scheduler.rolebindings.rbac.authorization.k8s.io.yaml
    ├── system::leader-locking-kube-scheduler.roles.rbac.authorization.k8s.io.yaml
    ├── token-cleaner.serviceaccounts.yaml
    ├── token-cleaner-token-vbb2r.secrets.yaml
    ├── ttl-controller.serviceaccounts.yaml
    └── ttl-controller-token-x5dwb.secrets.yaml

6 directories, 291 files

指定资源备份

# ./k8s-backup.sh -ns default -r "service deploy configmap secret job cronjob replicaset daemonset statefulset"
Namespace: default
Resource: service
Resource: deploy
Resource: configmap
Resource: secret
Resource: job
Resource: cronjob
Resource: replicaset
Resource: daemonset
Resource: statefulset
File: /opt/k8s-backup_1606896112

# tree /opt/k8s-backup_1606896112/
/opt/k8s-backup_1606896112/
└── default
    ├── default-token-6xcn8.secret.yaml
    ├── ingress-demo-app-78ccc7c466.replicaset.yaml
    ├── ingress-demo-app.deploy.yaml
    ├── ingress-demo-app.service.yaml
    ├── kubernetes.service.yaml
    └── namespace.yaml

1 directory, 6 files

定时备份

# 5分钟备份一次
*/5 * * * * bash /opt/k8s-backup.sh
原文地址 https://lework.github.io/2020/11/20/k8s-backup/

上一篇 快速保存 Kubernetes 集群容器运行环境

下一篇 学习周报「2021」

Comments

Content