jack/Deploy-Laboratory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
de1be1dbe52adbd07e38834b004ade00218b9af2
Deploy-Laboratory/scripts
History
jack de1be1dbe5 基本框架
2026-03-21 04:36:06 +08:00
..
diag
基本框架
2026-03-21 04:36:06 +08:00
ssh
基本框架
2026-03-21 04:36:06 +08:00
README.md
基本框架
2026-03-21 04:36:06 +08:00

README.md

Scripts 总览

本目录集中维护 K3s 排障与恢复脚本。统一约定:在仓库根目录执行,使用 ./scripts/... 路径调用。

目录

  • scripts/ssh/setup-k3s-workers-ssh.sh
    • 为 Ansible 自动化准备 SSH为所有 k3s 节点配置 jack + root 公钥及每节点私钥(配合 docs/01-07-节点初始化-ansible-实践.md
  • scripts/diag/entrypath/entrypath.sh
    • K3s 入口到 Traefik 回包链路诊断主命令
  • scripts/diag/netpol/check-net.sh
    • NetworkPolicy/连通性快速检查脚本(交互模式,自动输出日志)
  • scripts/diag/recovery/k3s-recovery-reset.sh
    • K3s 排障场景重置与恢复脚本
  • scripts/diag/firewalld/setup-k3s-firewalld-interfaces.sh
    • 一键写入 flannel.1 / cni0 到 firewalld trusted(含持久化)
  • scripts/diag/ssh/setup-ssh-keys.sh
    • 交互式生成并下发 SSH 排障密钥
  • scripts/diag/ssh/test-ssh.sh
    • 验证 worker/client SSH key 登录与 sudo 可用性

从仓库根执行示例

`bas\1

\21) 初始化排障 SSH 密钥(可选) ./scripts/diag/ssh/setup-ssh-keys.sh

2) 验证 SSH建议

./scripts/diag/ssh/test-ssh.sh

3) 写入 firewalld 接口基线推荐Fedora/FCOS

./scripts/diag/firewalld/setup-k3s-firewalld-interfaces.sh

4) 快速检查(交互)

./scripts/diag/netpol/check-net.sh

5) 执行完整入口链路诊断

./scripts/diag/entrypath/entrypath.sh run
--worker-host root@192.168.2.62
--client-host root@192.168.2.63
--worker-ssh-key ~/.ssh/id_ed25519_k3s_diag_worker
--client-ssh-key ~/.ssh/id_ed25519_k3s_diag_client
--client-ip 192.168.2.63
--lb-ip 192.168.2.62
--remote-check y
--capture-mode y
--capture-seconds 15
--nft-trace-mode y
--nft-trace-seconds 10
--return-trace-mode y
--return-trace-seconds 12
--pod-netns-trace-mode y
--pod-netns-trace-seconds 12
--non-interactive `

说明文档

  • 入口链路诊断详见 scripts/diag/entrypath/README.md
  • 主文档入口详见 docs/00-00-构建总览.md
Reference in New Issue View Git Blame Copy Permalink