Shulou(Shulou.com)05/31 Report--

This article introduces Rancher K8S cluster how to recover the lost kubeconfig configuration files, the content is very detailed, interested friends can refer to, hope to be helpful to you.

By analyzing the kubeconfig file generated by Rancher UI, you can find that the first server corresponds to the url or IP of Rancher Server. When kubectl accesses K8S API SERVER, the request is first sent to Rancher and then forwarded to K8S API SERVER via cluster agent.

In versions prior to Rancher v2.2.2, only one server was set in the kubecfg file generated by Rancher UI. Starting with Rancher v2.2.2, clusters created from Rancher UI enable authorized cluster access addresses by default. After the cluster is created, the kubecfg file generated by Rancher UI will display the server corresponding to multiple master node IP.

Therefore, for clusters created by Rancher UI in Rancher v2.2.2 and later, if Rancher Server is not accessible, you can switch server through kubectl-- kubeconfig=xxx-- context=xxx, but only if you need to save the kubeconfig file from Rancher UI in advance.

If Rancher Server is not accessible, for versions prior to Rancher v2.2.2 or if kubeconfig is not saved in advance, you can retrieve the kube-admin configuration file through the following script.

Note: the following script needs to be executed on the business cluster, either node. Save the following text as restore-kube-config.sh

#! / bin/bash

Help ()

{

Echo'=

Echo'--master-ip: specify the Master node IP, and any K8S Master node IP is fine.

Echo 'use example: bash restore-kube-config.sh-- master-ip=1.1.1.1'

Echo'=

}

Case "$1" in

-h |-- help) help; exit

Esac

If [[$1 = =']]; then

Help

Exit

Fi

CMDOPTS= "$*"

For OPTS in $CMDOPTS

Do

Key=$ (echo ${OPTS} | awk-F "="'{print $1}')

Value=$ (echo ${OPTS} | awk-F "="'{print $2}')

Case "$key" in

-- master-ip) K8S_MASTER_NODE_IP=$value

Esac

Done

# obtain Rancher Agent image

RANCHER_IMAGE=$ (docker images-- filter=label=io.cattle.agent=true | grep 'v2.' |\

Grep-v-E'rc | alpha |'| head-n 1 | awk'{print $3}')

If [[- d / etc/kubernetes/ssl]]; then

K8S_SSLDIR=/etc/kubernetes/ssl

Else

The echo'/ etc/kubernetes/ssl directory does not exist'

Exit 1

Fi

CHECK_CLUSTER_STATE_CONFIGMAP=$ (docker run-rm-entrypoint bash-net=host\

-v $K8S_SSLDIR:/etc/kubernetes/ssl:ro $RANCHER_IMAGE-c'\

If kubectl-- kubeconfig / etc/kubernetes/ssl/kubecfg-kube-node.yaml\

-n kube-system get configmap full-cluster-state | grep full-cluster-state > / dev/null; then\

Echo 'yes'; else echo' no'; fi')

If [[$CHECK_CLUSTER_STATE_CONFIGMAP! = 'yes']]; then

Docker run-rm-net=host\

-- entrypoint bash\

-e K8S_MASTER_NODE_IP=$K8S_MASTER_NODE_IP\

-v $K8S_SSLDIR:/etc/kubernetes/ssl:ro\

$RANCHER_IMAGE\

-c'\

Kubectl-- kubeconfig / etc/kubernetes/ssl/kubecfg-kube-node.yaml\

-n kube-system\

Get secret kube-admin-o jsonpath= {.data.Config} | base64-- decode |\

Sed-e "/ ^ [[: space:]] * server:/ slots kubeconfig_admin.yaml.

If [[- s kubeconfig_admin.yaml]]; then

Echo 'restored successfully, execute the following command to test:'

Echo''

Echo "kubectl-kubeconfig kubeconfig_admin.yaml get nodes"

Else

Echo "kubeconfig restore failed."

Fi

Else

Docker run-rm-entrypoint bash-net=host\

-e K8S_MASTER_NODE_IP=$K8S_MASTER_NODE_IP\

-v $K8S_SSLDIR:/etc/kubernetes/ssl:ro\

$RANCHER_IMAGE\

-c'\

Kubectl-- kubeconfig / etc/kubernetes/ssl/kubecfg-kube-node.yaml\

-n kube-system\

Get configmap full-cluster-state-o json |\

Jq-r. Data.\ "full-cluster-state\" |\

Jq-r. CurrentState.certificatesBundle.\ "kube-admin\" .config |\

Sed-e "/ ^ [[: space:]] * server:/ slots kubeconfig_admin.yaml.

If [[- s kubeconfig_admin.yaml]]; then

Echo 'restored successfully, execute the following command to test:'

Echo''

Echo "kubectl-kubeconfig kubeconfig_admin.yaml get nodes"

Else

Echo "kubeconfig restore failed."

Fi

Fi

On the Rancher K8S cluster how to recover the lost kubeconfig configuration files to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.