diff --git a/conf/config.json b/conf/config.json index b0f692e..7b8bd6b 100644 --- a/conf/config.json +++ b/conf/config.json @@ -5,7 +5,7 @@ "logfile":"$[workdir]$/logs/pcapi.log" }, "authentication":{ - "user":"root", + "user":"ysh", "password":"Kyy@123456", "iplist":[ "47.93.12.75", diff --git a/script/k8s_uninstall.sh b/script/k8s_uninstall.sh index b1884c8..7ded2b6 100644 --- a/script/k8s_uninstall.sh +++ b/script/k8s_uninstall.sh @@ -1,117 +1,267 @@ #!/bin/bash set -euo pipefail -# 定义颜色输出函数 -red_echo() { - echo -e "\033[31m$1\033[0m" -} -green_echo() { - echo -e "\033[32m$1\033[0m" -} -yellow_echo() { - echo -e "\033[33m$1\033[0m" -} +# 颜色输出函数 +red_echo() { echo -e "\033[31m$1\033[0m"; } +green_echo() { echo -e "\033[32m$1\033[0m"; } +yellow_echo() { echo -e "\033[33m$1\033[0m"; } -# ======================== -# 清理流程 -# ======================== -cleanup_steps() { - # 1. 停止服务 - green_echo "1. 停止K8s及容器运行时服务..." - systemctl stop kubelet kube-apiserver kube-controller-manager kube-scheduler kube-proxy etcd nfs-kernel-server containerd docker &> /dev/null || true - systemctl disable kubelet kube-apiserver kube-controller-manager kube-scheduler kube-proxy etcd nfs-kernel-server containerd docker &> /dev/null || true - - # 2. 清理进程 - green_echo "2. 清理K8s相关进程..." - ps -aux | grep -E 'kube|etcd|containerd|docker' | grep -v grep | awk '{print $2}' | xargs -r kill -9 &> /dev/null || true - - # 3. 清理网络资源 - green_echo "3. 清理CNI网络资源..." - ip link delete cni0 &> /dev/null || true - ip link delete flannel.1 &> /dev/null || true - rm -rf /var/lib/cni/networks/* /var/lib/cni/loader/* /etc/cni/net.d/* &> /dev/null || true - - # 4. kubeadm reset - green_echo "4. 执行kubeadm reset..." - kubeadm reset -f &> /dev/null || true - - # 5. 卸载软件包 - green_echo "5. 卸载K8s及容器运行时软件包..." - apt-get purge -y kubelet kubectl kubeadm kubernetes-cni cri-tools containerd.io docker-ce docker-ce-cli &> /dev/null || true - apt-get autoremove -y &> /dev/null || true - - # 6. 清理配置和数据目录 - green_echo "6. 清理配置和数据目录..." - rm -rf /etc/kubernetes /var/lib/kubelet /var/lib/kubernetes /var/lib/etcd /var/lib/kubeadm /var/lib/kube-proxy /var/lib/containerd /var/lib/docker &> /dev/null || true - - # 7. 清理systemd服务残留 - green_echo "7. 清理systemd服务残留..." - rm -f /lib/systemd/system/{containerd,docker,kubelet}.service &> /dev/null || true - rm -f /etc/systemd/system/multi-user.target.wants/{containerd,docker,kubelet}.service &> /dev/null || true - systemctl daemon-reload &> /dev/null || true - - # 8. 清理网络规则 - green_echo "8. 清理iptables和ipvs规则..." - iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X &> /dev/null || true - ipvsadm --clear &> /dev/null || true - - # 9. 清理源和kubeconfig - green_echo "9. 清理软件源和kubeconfig..." - rm -rf /etc/apt/sources.list.d/{docker,kubernetes,kuboard}* &> /dev/null || true - rm -rf $HOME/.kube/config &> /dev/null || true - - # 10. 更新软件包缓存 - green_echo "10. 更新软件包缓存..." - apt-get update &> /dev/null || true -} - -# ======================== -# 验证清理结果 -# ======================== -verify_cleanup() { - green_echo "\n开始验证清理结果..." - local is_clean=true - - # 检查关键服务状态 - for service in kubelet docker containerd; do - if systemctl is-active "$service" &> /dev/null; then - red_echo " ❌ 服务 $service 仍在运行" - is_clean=false - else - green_echo " ✔️ 服务 $service 已停止" - fi - done - - # 检查关键命令是否残留 - for cmd in kubectl kubeadm docker containerd; do - if command -v "$cmd" &> /dev/null; then - red_echo " ❌ 命令 $cmd 仍存在" - is_clean=false - else - green_echo " ✔️ 命令 $cmd 已移除" - fi - done - - # 检查关键目录是否残留 - for dir in /etc/kubernetes /var/lib/kubelet /var/lib/containerd /var/lib/docker; do - if [ -d "$dir" ]; then - red_echo " ❌ 目录 $dir 未完全清理" - is_clean=false - else - green_echo " ✔️ 目录 $dir 已删除" - fi - done - - # 最终结果 - if $is_clean; then - green_echo "\n🎉 清理成功!环境已准备好重新安装K8s。" +# 强制清理函数 +force_clean() { + local cmd=$* + if eval "$cmd"; then + green_echo " 执行成功: $cmd" else - red_echo "\n❌ 清理不彻底,请手动检查残留项!" + yellow_echo " 执行失败,但继续: $cmd" fi } # ======================== -# 执行清理和验证 +# 核心函数:彻底清理tunl0接口 # ======================== -cleanup_steps -verify_cleanup \ No newline at end of file +clean_tunl0() { + green_echo " 专项清理tunl0接口..." + # 尝试1:常规停用+删除 + force_clean "ip link set tunl0 down || true" + force_clean "ip link delete tunl0 || true" + + # 尝试2:卸载ipip模块后删除(tunl0依赖的内核模块) + force_clean "rmmod ipip || true" + force_clean "ip link delete tunl0 || true" + + # 尝试3:检查是否有残留的tunl0配置并删除 + if ip link show tunl0 &> /dev/null; then + force_clean "ip link set tunl0 nomaster || true" # 移除主接口关联 + force_clean "ip link delete tunl0 || true" + fi +} + +# ======================== +# 第一阶段:强制清理核心组件 +# ======================== +cleanup_core() { + green_echo "===== 第一阶段:清理核心K8s组件 =====" + + # 1. 强制终止所有相关进程 + green_echo "1. 强制终止K8s/容器相关进程..." + force_clean "ps -aux | grep -E 'kube|etcd|containerd|docker|cni|flannel|tunl0' | grep -v grep | awk '{print \$2}' | xargs -r kill -9" + force_clean "pkill -f 'kube|etcd|containerd|docker|cni|flannel' || true" + + # 2. 强制清理网络资源(优先处理tunl0) + green_echo "2. 强制清理网络资源..." + clean_tunl0 # 调用专项清理函数 + + # 清理其他网络接口 + force_clean "ip link set flannel.1 down || true" + force_clean "ip link delete flannel.1 || true" + force_clean "ip link set cni0 down || true" + force_clean "ip link delete cni0 || true" + force_clean "ip link set docker0 down || true" + force_clean "ip link delete docker0 || true" + + # 清理路由和规则 + force_clean "ip route flush proto bird || true" + force_clean "rm -rf /var/lib/cni/* /etc/cni/net.d/* || true" + force_clean "iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X || true" + force_clean "ip6tables -F && ip6tables -t nat -F && ip6tables -t mangle -F && ip6tables -X || true" + force_clean "ipvsadm --clear || true" + + # 3. 强制重置K8s配置 + green_echo "3. 强制重置K8s配置..." + force_clean "kubeadm reset -f --cri-socket unix:///var/run/containerd/containerd.sock || true" + force_clean "kubeadm reset -f --cri-socket unix:///var/run/docker.sock || true" + force_clean "rm -f /etc/kubernetes/flannel/* || true" +} + +# ======================== +# 第二阶段:彻底卸载软件包 +# ======================== +cleanup_packages() { + green_echo "\n===== 第二阶段:彻底卸载软件包 =====" + force_clean "apt-get purge -y kubelet kubectl kubeadm kubernetes-cni cri-tools --allow-change-held-packages || true" + force_clean "dpkg -P kubelet kubectl kubeadm kubernetes-cni cri-tools || true" + force_clean "apt-get purge -y containerd containerd.io docker-ce docker-ce-cli docker-buildx-plugin docker-compose-plugin --allow-change-held-packages || true" + force_clean "dpkg -P containerd containerd.io docker-ce docker-ce-cli || true" + force_clean "apt-get autoremove -y --purge || true" + force_clean "apt-get autoclean || true" +} + +# ======================== +# 第三阶段:删除所有相关目录 +# ======================== +cleanup_directories() { + green_echo "\n===== 第三阶段:删除所有相关目录 =====" + + # 卸载containerd挂载点 + green_echo " 卸载containerd挂载点..." + local containerd_mounts=$(mount | grep "containerd" | awk '{print $3}') + if [ -n "$containerd_mounts" ]; then + force_clean "echo '$containerd_mounts' | xargs -I {} umount -l {} || true" + else + green_echo " 无containerd挂载点需要卸载" + fi + + # 卸载SHM挂载点 + green_echo " 卸载共享内存(SHM)挂载点..." + local shm_mounts=$(mount | grep "tmpfs.*type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k,mode=700)" | awk '{print $3}') + if [ -n "$shm_mounts" ]; then + force_clean "echo '$shm_mounts' | xargs -I {} umount -l {} || true" + else + green_echo " 无SHM挂载点需要卸载" + fi + + # 处理活跃的SHM文件(临时关闭set -e避免退出) + green_echo " 删除所有活跃的SHM文件..." + set +e + for pid in $(ls -1 /proc/ 2>/dev/null | grep -E '^[0-9]+$' || true); do + if [ -f "/proc/$pid/mounts" ] && [ -r "/proc/$pid/mounts" ]; then + grep "shm" "/proc/$pid/mounts" 2>/dev/null | grep "containerd" 2>/dev/null | while read -r line; do + shm_path=$(echo "$line" | awk '{print $2}') + if [ -n "$shm_path" ] && [ -d "$shm_path" ]; then + umount -l "$shm_path" 2>/dev/null || true + echo " 已尝试卸载SHM: $shm_path" + fi + done + fi + done + set -e + + # 清理/k8sdata目录内容 + green_echo " 清理/k8sdata目录内容..." + force_clean "rm -rf /k8sdata/* /k8sdata/.* || true" + + # 清理containerd残留目录 + green_echo " 清理containerd容器残留..." + force_clean "rm -rf /run/containerd/io.containerd.grpc.v1.cri/sandboxes/* || true" + force_clean "rm -rf /run/containerd/io.containerd.runtime.v2.task/k8s.io/* || true" + + # 清理其他目录 + local dirs=( + /etc/kubernetes /var/lib/kubelet /var/lib/kubernetes /var/lib/etcd + /var/lib/kube-proxy /var/lib/kubeadm /var/lib/cni + /var/lib/containerd /var/lib/docker /run/containerd /run/docker + /etc/containerd /etc/docker /usr/local/bin/kube* /usr/local/bin/etcd* + $HOME/.kube /root/.kube /var/lib/flannel /etc/flannel + ) + for dir in "${dirs[@]}"; do + force_clean "rm -rf $dir || true" + if [ -d "$dir" ]; then + force_clean "rm -rf --one-file-system $dir || true" + fi + done +} + +# ======================== +# 第四阶段:清理系统服务 +# ======================== +cleanup_services() { + green_echo "\n===== 第四阶段:清理系统服务 =====" + local services=(kubelet kube-apiserver kube-controller-manager kube-scheduler kube-proxy etcd containerd docker) + for service in "${services[@]}"; do + force_clean "systemctl stop $service || true" + force_clean "systemctl disable $service || true" + force_clean "rm -f /lib/systemd/system/$service.service || true" + force_clean "rm -f /etc/systemd/system/$service.service || true" + force_clean "rm -f /etc/systemd/system/multi-user.target.wants/$service.service || true" + done + force_clean "systemctl daemon-reload || true" + force_clean "systemctl reset-failed || true" +} + +# ======================== +# 最终验证:确保无残留(含tunl0专项检查) +# ======================== +verify_perfect_cleanup() { + green_echo "\n===== 最终验证:确保无残留 =====" + local is_perfect=true + + # 1. 验证进程无残留 + green_echo "1. 验证进程无残留..." + local processes=$(ps -aux | grep -E 'kube|etcd|containerd|docker|cni|flannel' | grep -v grep) + if [ -n "$processes" ]; then + red_echo " ❌ 发现残留进程:" + echo "$processes" + is_perfect=false + else + green_echo " ✔️ 无残留进程" + fi + + # 2. 验证命令无残留 + green_echo "2. 验证命令无残留..." + local cmds=(kubectl kubeadm kubelet containerd docker etcd) + for cmd in "${cmds[@]}"; do + if command -v "$cmd" &> /dev/null; then + red_echo " ❌ 命令 $cmd 仍存在" + is_perfect=false + fi + done + if [ "$is_perfect" = true ]; then + green_echo " ✔️ 无残留命令" + fi + + # 3. 验证目录无残留 + green_echo "3. 验证目录无残留..." + # 验证/k8sdata是否为空 + if [ "$(ls -A /k8sdata 2>/dev/null)" ]; then + red_echo " ❌ 目录/k8sdata不为空" + is_perfect=false + else + green_echo " ✔️ 目录/k8sdata为空" + fi + # 验证containerd目录是否为空 + if [ "$(ls -A /run/containerd/io.containerd.grpc.v1.cri/sandboxes 2>/dev/null)" ]; then + red_echo " ❌ containerd沙箱目录不为空" + is_perfect=false + else + green_echo " ✔️ containerd沙箱目录为空" + fi + if [ "$(ls -A /run/containerd/io.containerd.runtime.v2.task/k8s.io 2>/dev/null)" ]; then + red_echo " ❌ containerd运行时目录不为空" + is_perfect=false + else + green_echo " ✔️ containerd运行时目录为空" + fi + # 验证其他目录 + local other_dirs=( + /etc/kubernetes /var/lib/kubelet /var/lib/etcd /var/lib/cni + /var/lib/containerd /var/lib/docker $HOME/.kube /var/lib/flannel + ) + for dir in "${other_dirs[@]}"; do + if [ -d "$dir" ] || [ -f "$dir" ]; then + red_echo " ❌ 目录/文件 $dir 仍存在" + is_perfect=false + fi + done + + # 4. 验证网络无残留(核心:tunl0专项检查+最后清理) + green_echo "4. 验证网络无残留..." + # 最后一次尝试清理tunl0(防止验证前重新出现) + clean_tunl0 + # 检查残留接口 + local interfaces=$(ip link show | grep -E 'cni0|flannel.1|docker0|tunl0' | awk '{print $2}' | sed 's/://') + if [ -n "$interfaces" ]; then + red_echo " ❌ 发现残留网络接口: $interfaces (如果是tunl0请忽略)" + is_perfect=false + else + green_echo " ✔️ 无残留网络接口" + fi + + # 最终结果 + if [ "$is_perfect" = true ]; then + green_echo "\n🎉 完美清理!系统中已无任何K8s相关残留,可安全重新安装。" + else + red_echo "\n❌ 清理不彻底!以上残留项需手动处理。" + exit 1 + fi +} + +# ======================== +# 执行完整流程 +# ======================== +green_echo "===== 开始K8s彻底清理流程 =====" +cleanup_core +cleanup_packages +cleanup_directories +cleanup_services +sleep 20 # 延长等待,确保内核释放所有资源 +verify_perfect_cleanup \ No newline at end of file